| www.googletagmanager.com/gtag/js?id=G-BL9163LYG1 | 142.250.74.168 | 200 OK | 101 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-BL9163LYG1 IP142.250.74.168:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (5945) Size101 kB (101001 bytes) Hashf0792b981ec368538b0b688e000c0a7a d6c30190139efe3d7b65b48b4d1b343662e0a1e2 0768109683a32548f0b461c188de13424c81528435ad69ffe84f0dc069662c1a
GET /gtag/js?id=G-BL9163LYG1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 11:32:31 GMT
expires: Wed, 24 Apr 2024 11:32:31 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101001
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/js/jquery.validate.js | 91.226.124.106 | 200 OK | 38 kB |
URL GET HTTP/2static.depositfiles.com/js/jquery.validate.js IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (1238) Hashd5231b6378847ebdb55f64c77d5a234f eed97aa0b2aa9486b6f6831ed8a85dc729ad6b9c 95434a8a2568a6481a1fbcf5808a75dd58e77348ed6d70b4f7aeda8842e8f0c7
GET /js/jquery.validate.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=300
content-type: application/javascript
date: Wed, 24 Apr 2024 11:32:32 GMT
etag: "651c240d-957d"
expires: Wed, 24 Apr 2024 11:37:32 GMT
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 38269
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/js/function.js | 91.226.124.106 | 200 OK | 35 kB |
URL GET HTTP/2static.depositfiles.com/js/function.js IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeJavaScript source, ASCII text, with very long lines (4240) Hasha5779d2f560cd50376dbba372b0fd15b 07b08e35b9254288c1372e37577db8b9e4da01b4 51d26403861d61a7842bc73f518d4a4351a7027c40c9f0347f61421226950b84
GET /js/function.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=300
content-type: application/javascript
date: Wed, 24 Apr 2024 11:32:32 GMT
etag: "651c240d-8863"
expires: Wed, 24 Apr 2024 11:37:32 GMT
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 34915
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/js/gold_offer.js | 91.226.124.106 | 200 OK | 9.9 kB |
URL GET HTTP/2static.depositfiles.com/js/gold_offer.js IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeJavaScript source, ASCII text Hash041bdbbe3ac15bc57b14933e164b55f8 790f921426d0b602424fb3077ca900af94b5ad9e a86d8d81e5c254822628c578c40d2d62956ab3060632d1884b5080093365b97b
GET /js/gold_offer.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=300
content-type: application/javascript
date: Wed, 24 Apr 2024 11:32:32 GMT
etag: "651c240d-269f"
expires: Wed, 24 Apr 2024 11:37:32 GMT
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 9887
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/images/no.png | 91.226.124.106 | 200 OK | 3.1 kB |
URL GET HTTP/2static.depositfiles.com/images/no.png IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typePNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced Hash1724ae7b4437c460dafe40dfe9f96d41 8dc80d5b802f180254a8ee1bf1edf0b843205f1e 9b95b8f24b2b0808d611f4fd9bf5f3c548b352ae6100ab7b298b99a86905db79
GET /images/no.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
date: Wed, 24 Apr 2024 11:32:32 GMT
etag: "651c240d-c4a"
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 3146
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/images/speed_small_gold.gif | 91.226.124.106 | 200 OK | 14 kB |
URL GET HTTP/2static.depositfiles.com/images/speed_small_gold.gif IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeGIF image data, version 89a, 200 x 200 Hashc5f8f0e9ecd16637e267912376c24bed 324567a641d318ecfafe6374dfba86ccb2f90dd7 13678b229b6c4224bcb9578a2f29bc3686958f4bea73af7645eb39af4246e6a9
GET /images/speed_small_gold.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=432000
content-type: image/gif
date: Wed, 24 Apr 2024 11:32:32 GMT
etag: "651c240d-389c"
expires: Mon, 29 Apr 2024 11:32:32 GMT
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 14492
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/js/download_utils.js | 91.226.124.106 | 200 OK | 13 kB |
URL GET HTTP/2static.depositfiles.com/js/download_utils.js IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeJavaScript source, ASCII text, with very long lines (2250) Hash90a706006bc709cdc974ff3e0e01b34f 89585d2c7cac44c9c03c118bbb38aefba1d8a1e4 16f1515b9938fc7de086c504fe214484d97e237647a5d7fa2cb742a93f00c1ea
GET /js/download_utils.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=300
content-type: application/javascript
date: Wed, 24 Apr 2024 11:32:32 GMT
etag: "651c240d-3447"
expires: Wed, 24 Apr 2024 11:37:32 GMT
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 13383
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/images/yes.png | 91.226.124.106 | 200 OK | 3.3 kB |
URL GET HTTP/2static.depositfiles.com/images/yes.png IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typePNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced Hash3055b8489aeb385fb40b27f0bf0a5ae7 4cfbe45a0ba393ab8ad535cc04af30debef0a1ab b325d6cb153b02050e59230e2abfb01e05f4bda708ad54bd8f6d9693fa9c2dac
GET /images/yes.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
date: Wed, 24 Apr 2024 11:32:32 GMT
etag: "651c240d-ccb"
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 3275
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/js/962e36ace9b4601f1f51f3e2010e41b9.js | 91.226.124.106 | 200 OK | 166 kB |
URL GET HTTP/2static.depositfiles.com/js/962e36ace9b4601f1f51f3e2010e41b9.js IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeJavaScript source, ASCII text, with very long lines (60311) Size166 kB (165612 bytes) Hash02d50bb775f981faf5ad7b6c2a58399d 65d9757b4467a6199f61f2c2bfa71ba23600e8be 0fd67704d0e0d7480f58a5596d37f5e63b752a083c4e8540b24800d1adb93965
GET /js/962e36ace9b4601f1f51f3e2010e41b9.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=300
content-type: application/javascript
date: Wed, 24 Apr 2024 11:32:32 GMT
etag: "660a8714-286ec"
expires: Wed, 24 Apr 2024 11:37:32 GMT
last-modified: Mon, 01 Apr 2024 10:06:12 GMT
server: nginx
content-length: 165612
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/js/base2.js | 91.226.124.106 | 200 OK | 399 kB |
URL GET HTTP/2static.depositfiles.com/js/base2.js IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65481) Size399 kB (398927 bytes) Hash2fcae8126c3fd9a626370a701f0bd887 f3496fb7bbe122a9774d7dcfcd68da03a24dc285 d29ab86f64b4fcfbc45b9ef806c147f1e42e37e37d44a559147232288063badc
GET /js/base2.js HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=300
content-type: application/javascript
date: Wed, 24 Apr 2024 11:32:32 GMT
etag: "651c240d-6164f"
expires: Wed, 24 Apr 2024 11:37:32 GMT
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 398927
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/images/speed_small.gif | 91.226.124.106 | 200 OK | 24 kB |
URL GET HTTP/2static.depositfiles.com/images/speed_small.gif IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeGIF image data, version 89a, 200 x 200 Hash5cbc96bbb7230dd17ed38b5dd6e3271c 6ee1f0b9e29ac3e824cccd6e5135d51c8d3aaea1 01edcbb65e514def555b1e999d3a72f118f67e572f628293b91893b3758c6991
GET /images/speed_small.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=432000
content-type: image/gif
date: Wed, 24 Apr 2024 11:32:32 GMT
etag: "651c240d-5dac"
expires: Mon, 29 Apr 2024 11:32:32 GMT
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 23980
X-Firefox-Spdy: h2
|
|
| js.wpadmngr.com/static/adManager.js | 45.133.44.53 | 200 OK | 4.9 kB |
URL GET HTTP/2js.wpadmngr.com/static/adManager.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectjs.wpadmngr.com Fingerprint60:8B:32:7F:ED:77:26:33:0E:F0:C1:0F:02:66:F5:DB:C6:0D:1F:70 ValidityMon, 11 Mar 2024 04:00:58 GMT - Sun, 09 Jun 2024 04:00:57 GMT
File typegzip compressed data, from Unix Hash3822d5ba6b45ae665fef69e2595d5990 dd60c59bcebcdc05143a5ae2c80713495ef13caa dce431c680a9d206b8fcb9747b1030c9e25497fcdabb6f0621e384d5717b33b3
GET /static/adManager.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 11:32:31 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 23 Apr 2024 09:45:14 GMT
etag: W/"6627832a-6c7"
content-encoding: gzip
expires: Wed, 24 Apr 2024 11:37:31 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js | 142.250.74.35 | 200 OK | 206 kB |
URL GET HTTP/2www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js IP142.250.74.35:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeJavaScript source, ASCII text, with very long lines (597) Size206 kB (206057 bytes) Hash8326c23d6b3eed35bc3e62f3294587fd edda17e74e53e85073e5eac9cb6be2163dbfa23c 57f03d3ba66117edc152646341120dd3a1d7d71b9a98a3723af5a8ae61bcb3ab
GET /recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 206057
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 21 Apr 2024 20:38:39 GMT
expires: Mon, 21 Apr 2025 20:38:39 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Apr 2024 02:01:04 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 226434
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| subqueriesendedgrounds.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js | 192.243.59.20 | 200 OK | 16 kB |
URL GET HTTP/1.1subqueriesendedgrounds.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectsubqueriesendedgrounds.com Fingerprint5A:B5:1B:3C:B2:E3:E3:20:C8:E4:69:56:9D:59:91:B2:90:31:11:5F ValidityTue, 16 Apr 2024 20:35:30 GMT - Mon, 15 Jul 2024 20:35:29 GMT
File typeJavaScript source, ASCII text, with very long lines (44134), with no line terminators Hash693798dd367fb178bd50e3a6dc1f3fbd 29ad18f6d99cae03a236bfb946ce53b14e16e4d6 453046f313153752a9b45d4d7ba18cba5092acb390af51d0c303b9c25da027ba
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js HTTP/1.1
Host: subqueriesendedgrounds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 Apr 2024 11:32:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 39ec0f28cb328284504ad9c024950cce
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| static.depositfiles.com/images/member_menu_bg.gif | 91.226.124.106 | 200 OK | 78 B |
URL GET HTTP/2static.depositfiles.com/images/member_menu_bg.gif IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeGIF image data, version 89a, 1 x 48 Hash20a24b56dcedf6a71a71ebec771e1f7d d7bed493d5d4eeaed5dbbf7d30d45107840790a0 6f57f29224d8e9e51ed0839e329055426fba7dcd97ef31e93ed495f93a6063df
GET /images/member_menu_bg.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=432000
content-type: image/gif
date: Wed, 24 Apr 2024 11:32:35 GMT
etag: "651c240d-4e"
expires: Mon, 29 Apr 2024 11:32:35 GMT
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 78
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/images/logo.png | 91.226.124.106 | 200 OK | 3.6 kB |
URL GET HTTP/2static.depositfiles.com/images/logo.png IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typePNG image data, 176 x 43, 8-bit/color RGBA, non-interlaced Hashc41fdd84b04e45a91cb17cfdeccb1b38 fec7fffe104c7e169aeb159032078c4b71ff2cdc 7f89eb8ab03684f4db282ca30eb231b1e254bca10c7b511950df5e0eab0a68a0
GET /images/logo.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
date: Wed, 24 Apr 2024 11:32:35 GMT
etag: "651c240d-e27"
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 3623
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 35.158.46.84 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP35.158.46.84:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashe665334f7cca61439432053886c0cdca 42f89e88e35fac2ad7c6a8220755e48bf47b6172 cb71459346ae014935bf7ad84713566bade33d5771ce2c8bbb2af90c51fd3137
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 11:32:35 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://dfiles.eu
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=28307be5-733c-46b0-8c7d-3b3c48e617f4:3:1; expires=Sat, 22 Apr 2034 11:32:35 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/images/sprite.png | 91.226.124.106 | 200 OK | 37 kB |
URL GET HTTP/2static.depositfiles.com/images/sprite.png IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typePNG image data, 102 x 630, 8-bit/color RGBA, non-interlaced Hash2333675d7e431d5313c6dbb5230a14cd 93c4032e5b8b85793a9cda7167804445d950dd96 b287134a60667ce8e2c3fa1603e3a8f2ffa59c64e746d026d1a13ef19f3f38a0
GET /images/sprite.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
date: Wed, 24 Apr 2024 11:32:35 GMT
etag: "651c240d-8fc2"
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 36802
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/images/sprite64.png | 91.226.124.106 | 200 OK | 29 kB |
URL GET HTTP/2static.depositfiles.com/images/sprite64.png IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typePNG image data, 64 x 1088, 8-bit/color RGBA, non-interlaced Hashe50649ecf6a2094c25da755ea0ea7bd1 e1c3e229a62f049442fa16cf43ec07f384b27362 a9ed59ab3bbcfdf66224664aeb14fa0f0e8f034d8472a58dadcf65cfff17685d
GET /images/sprite64.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
date: Wed, 24 Apr 2024 11:32:35 GMT
etag: "651c240d-704b"
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 28747
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/images/upload_btn_bg.gif | 91.226.124.106 | 200 OK | 9.0 kB |
URL GET HTTP/2static.depositfiles.com/images/upload_btn_bg.gif IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeGIF image data, version 89a, 209 x 75 Hash6f312f0f4ff138758bae76420f6efd78 b40a28f162140fedff9ee5ce0d687868b1f73d17 c667d75c7f916bf8b140b0e1f7ab0c996f76d4642faed85bd9fef3c738f0912b
GET /images/upload_btn_bg.gif HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=432000
content-type: image/gif
date: Wed, 24 Apr 2024 11:32:35 GMT
etag: "651c240d-2332"
expires: Mon, 29 Apr 2024 11:32:35 GMT
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 9010
X-Firefox-Spdy: h2
|
|
| static.depositfiles.com/images/flags/lang24.png | 91.226.124.106 | 200 OK | 9.2 kB |
URL GET HTTP/2static.depositfiles.com/images/flags/lang24.png IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typePNG image data, 24 x 552, 8-bit/color RGBA, non-interlaced Hashefdcd1ca23d564ddd811f41152a2b83c 0b5aa064e7f8f241363c55fa17eb448f42a5f8df ce23be242e34c5b420f8ba0390aef20fa50ffc69f700091029616eff524e8f9b
GET /images/flags/lang24.png HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.depositfiles.com/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
date: Wed, 24 Apr 2024 11:32:35 GMT
etag: "651c240d-23d4"
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 9172
X-Firefox-Spdy: h2
|
|
| dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe | 91.226.124.125 | 200 OK | 53 kB |
URL User Request GET HTTP/2dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe IP91.226.124.125:443
CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
File typegzip compressed data, max speed, from Unix Hash32ead8b7a4a17e050d632e2979c41c6d b8d137a498da8693902e80cb8553487817502aa1 088c4240dd91ddfcef25f32fa324c2e12577ffe60aa2b344a22c1730b251269b
GET /files/rd6fzioy1/Kingdom-CD_patch_125-h.exe HTTP/1.1
Host: dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 24 Apr 2024 11:32:31 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
set-cookie: PHPSESSID=f1c068bab56b28579c8f0f853010c89c; path=/
last_file=rd6fzioy1; path=/; domain=.dfiles.eu
lang_current=en; expires=Thu, 24-Apr-2025 11:32:31 GMT; Max-Age=31536000; path=/; domain=.dfiles.eu; secure
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| na.nawpush.com/tags/46445?version_name=d | 45.133.44.24 | 200 OK | 907 B |
URL GET HTTP/2na.nawpush.com/tags/46445?version_name=d IP45.133.44.24:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectna.nawpush.com FingerprintE4:8A:6D:1E:95:BA:50:33:94:D3:16:FE:4C:61:AA:DE:72:B1:70:87 ValidityThu, 28 Mar 2024 03:00:38 GMT - Wed, 26 Jun 2024 03:00:37 GMT
Hashe103f9dae53065927262ad600db3a969 ec360857ba3732d1652e969d517a8959d5bbbdb5 f852c91d16df788f06269b04b89600f0ac40b8207b180f6324ec9bcbad368adc
GET /tags/46445?version_name=d HTTP/1.1
Host: na.nawpush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 11:32:35 GMT
content-type: application/json
content-length: 907
server: nginx/1.24.0
cache-control: max-age=300, public
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| js.capndr.com/advertising.js | 45.133.44.53 | 200 OK | 0 B |
URL GET HTTP/2js.capndr.com/advertising.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectjs.capndr.com Fingerprint0D:30:A1:FB:7E:A0:EC:89:85:17:27:67:37:21:DA:E0:CB:E3:26:06 ValiditySun, 21 Apr 2024 03:00:41 GMT - Sat, 20 Jul 2024 03:00:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertising.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 11:32:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
etag: "64b105fd-0"
expires: Wed, 24 Apr 2024 11:37:35 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js | 91.226.124.125 | | 85 kB |
URL adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js IP91.226.124.125:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65168) Hashb04a3bccd23ddeb7982143707a63ccf9 4a5dc1389aad050a44ee5e81408238a317ab3413 764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
GET /static/js/jquery-1.5.1.min.js HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: last_file=rd6fzioy1; _nf58=1; _nf56=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: no-cache, private, no-cache, no-store, must-revalidate
content-type: application/javascript
date: Wed, 24 Apr 2024 11:32:35 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
pragma: no-cache
server: nginx
content-length: 85260
X-Firefox-Spdy: h2
|
|
| pubtrky.com/ut/hb.php?cb=0.3696969008919583&v=1 | 104.21.8.108 | 204 No Content | 0 B |
URL POST HTTP/2pubtrky.com/ut/hb.php?cb=0.3696969008919583&v=1 IP104.21.8.108:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerGoogle Trust Services LLC Subjectpubtrky.com Fingerprint1F:C3:3C:5C:C7:6F:56:DF:E4:18:22:98:6F:C2:B3:96:B2:B4:A6:30 ValidityMon, 18 Mar 2024 09:15:33 GMT - Sun, 16 Jun 2024 09:15:32 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ut/hb.php?cb=0.3696969008919583&v=1 HTTP/1.1
Host: pubtrky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 1602
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 24 Apr 2024 11:32:35 GMT
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8FoGD9cwbQI%2B9JaJ%2FUQ4Ly8g5c%2BFwHS8myIZd1U4JHT0bLRDBpRLE86PUmvKxSMDZgUPZm8ah6eEpQz%2BoZCRzI5H4F86DaedbclMn7GoLcyH26u%2BHkFDfOab69Vn6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8795c60a3fbd7129-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js | 91.226.124.125 | | 85 kB |
URL adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js IP91.226.124.125:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65168) Hashb04a3bccd23ddeb7982143707a63ccf9 4a5dc1389aad050a44ee5e81408238a317ab3413 764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
GET /static/js/jquery-1.5.1.min.js HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
Cookie: last_file=rd6fzioy1; _nf58=1; _nf56=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: no-cache, private, no-cache, no-store, must-revalidate
content-type: application/javascript
date: Wed, 24 Apr 2024 11:32:35 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
pragma: no-cache
server: nginx
content-length: 85260
X-Firefox-Spdy: h2
|
|
| jsc.mgid.com/d/e/depositfiles.com.7998.js | 104.19.130.76 | | 2.7 kB |
URL jsc.mgid.com/d/e/depositfiles.com.7998.js IP104.19.130.76:0
File typeJavaScript source, ASCII text, with very long lines (6015), with no line terminators Hashee8a64bccca46985837c0efbee795671 105f24b14f2dbec00375702decd7c4884aeb2168 201a429f275c2df31c22e585d91d13cc07b069f6ca4b08aaaaeba8491223b100
GET /d/e/depositfiles.com.7998.js HTTP/1.1
Host: jsc.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adsbb.dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 11:32:35 GMT
content-type: text/javascript
cf-bgj: minify
cf-polished: origSize=6016
etag: W/"d68cc3bbb5e640d3f8a560392421b87e"
last-modified: Fri, 05 Apr 2024 10:32:28 GMT
x-amz-id-2: 9THrfrCZfviibPEdmRMthvhzMZ9LvDfDETK+NENv2m+aqF3SQtUH39xZYR4/WvDyrXuy+vTweps=
x-amz-request-id: 2T2TN84937T11QTC
x-amz-server-side-encryption: AES256
x-amz-version-id: ZSCpTWrDU8L.RQJS5SrFnAM5krqrpg5t
cf-cache-status: HIT
age: 4343
expires: Wed, 24 Apr 2024 14:32:35 GMT
cache-control: public, max-age=10800
set-cookie: __cf_bm=tT21NLksXpsgLxZAnVTRHw65gsE0kn4s6lr5tXxJYmA-1713958355-1.0.1.1-nR9znHgdwN2ADboXEU4va8TbIGA.Ui3oDXD7DiZhES_MobsLd1OMmuvh8GA2kaJP9yRx28KbZHWaFKsNYP4D2Q; path=/; expires=Wed, 24-Apr-24 12:02:35 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-origin: *
server: cloudflare
cf-ray: 8795c60aecbf5695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| adsbb.dfiles.eu/upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 | 91.226.124.125 | 200 OK | 55 kB |
URL GET HTTP/2adsbb.dfiles.eu/upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 IP91.226.124.125:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
File typegzip compressed data, max speed, from Unix Hashd4b6b2119c0b0907aadefeef4a34cb0c 03e6ad900b2ea6b12709f3e6a7c62e24c13deca8 b8c319289df27158f976b965c40d1b31384748a97076b6354806ccc759339fcd
GET /upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
DNT: 1
Connection: keep-alive
Cookie: last_file=rd6fzioy1; _nf58=1; _nf56=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-security-policy: frame-ancestors depositfiles.com depositfiles.org dfiles.eu dfiles.com web-301.dfiles.eu web-302.dfiles.eu web-303.dfiles.eu web-304.dfiles.eu
content-type: text/html
date: Wed, 24 Apr 2024 11:32:35 GMT
last-modified: Wed, 24 Apr 2024 11:30:00 GMT
server: nginx
X-Firefox-Spdy: h2
|
|
| acscdn.com/script/aclib.js | 104.21.11.26 | 200 OK | 76 kB |
URL GET HTTP/2acscdn.com/script/aclib.js IP104.21.11.26:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerGoogle Trust Services LLC Subjectacscdn.com FingerprintC2:6C:14:F0:34:12:76:91:EB:3A:02:AC:4F:41:CA:11:17:6F:F0:01 ValidityWed, 28 Feb 2024 11:34:54 GMT - Tue, 28 May 2024 11:34:53 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65499), with no line terminators Hasha1b67148c49ae07fa6a4a0af692ed660 54fce3ca7072093c48dd2d33beae82da004a9aa3 a20812819f60245264de234dceae2ba7428e2e5be318ce84331f8045f3fd8c0d
GET /script/aclib.js HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 11:32:31 GMT
content-type: text/javascript
x-guploader-uploadid: ABPtcPoNiMUl_P7u4tEmDM60u8gdfhBbPznSjCcFYEqSic5OmsLmcYqMjl3GuEKbnEzpe4Ir9Ls_BAb7VA
x-goog-generation: 1713947997012715
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 125575
x-goog-hash: crc32c=qek0kg==, md5=obZxSMSa4H+mpKCvaS7WYA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Wed, 24 Apr 2024 11:40:49 GMT
cache-control: public, max-age=3600
last-modified: Wed, 24 Apr 2024 08:39:57 GMT
etag: W/"a1b67148c49ae07fa6a4a0af692ed660"
age: 1190
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RDtUhnboiAGnbfkO%2FHS2hnF%2F6saTYSCNT%2F4XWQ76js4gZS6RAEFf21II5Sr%2FaTbe%2FWR4WHZoSGtslWZyvVgt%2FBj8p5ak1QqzQMGXj28uRuknr9zZ6G4Ka2nyY3si"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8795c5f35c70569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| t.unblockia.com/?sid=140&o=3&b=2&p=1&t=1 | 143.204.55.91 | 200 OK | 0 B |
URL POST HTTP/2t.unblockia.com/?sid=140&o=3&b=2&p=1&t=1 IP143.204.55.91:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerAmazon Subject*.unblockia.com Fingerprint79:E4:56:24:64:EB:7C:C0:1E:E3:61:D0:BE:07:4D:34:89:8B:5E:BD ValidityTue, 23 Jan 2024 00:00:00 GMT - Thu, 20 Feb 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?sid=140&o=3&b=2&p=1&t=1 HTTP/1.1
Host: t.unblockia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
content-type: application/json
content-length: 0
server: nginx/1.20.0
date: Wed, 24 Apr 2024 11:32:35 GMT
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZULcCUvSccSlSTSP2CmO0EgGQVXL9diAdeIWN5N4RDJ1dcQGmbJlGQ==
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
|
|
| fp.metricswpsh.com/fp?tag_id=46445 | 157.90.84.242 | 200 OK | 0 B |
URL POST HTTP/1.1fp.metricswpsh.com/fp?tag_id=46445 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=46445 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Wed, 24 Apr 2024 11:32:35 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://dfiles.eu
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
|
|
| e3b00aa283.973652004b.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI3MTgzNTY3MDc5NDM2MDIyMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTIxLjAiLCJ0YWdfaWQiOjQ2NDQ1LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuMzcsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MH0= | 45.133.44.53 | 200 OK | 0 B |
URL GET HTTP/2e3b00aa283.973652004b.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI3MTgzNTY3MDc5NDM2MDIyMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTIxLjAiLCJ0YWdfaWQiOjQ2NDQ1LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuMzcsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MH0= IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjecte3b00aa283.973652004b.com FingerprintC1:17:FE:31:82:D9:B1:53:B3:4C:0C:0F:6A:22:A1:F5:E8:2E:6B:89 ValiditySun, 21 Apr 2024 02:50:34 GMT - Sat, 20 Jul 2024 02:50:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI3MTgzNTY3MDc5NDM2MDIyMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTIxLjAiLCJ0YWdfaWQiOjQ2NDQ1LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuMzcsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MH0= HTTP/1.1
Host: e3b00aa283.973652004b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 11:32:36 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| fp.metricswpsh.com/fp?tag_id=46445 | 157.90.84.242 | 200 OK | 58 B |
URL POST HTTP/1.1fp.metricswpsh.com/fp?tag_id=46445 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hash87385fcd2a67fc74d2fa67366ba68ea2 a604cdbb1d31ce257e8643eee9219c9c724c200c 9307cbb21345500294eae459b18a8ffb2bd2fcccd928a09efbc1e324fa9c9995
POST /fp?tag_id=46445 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1837
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 24 Apr 2024 11:32:36 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 58
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://dfiles.eu
Set-Cookie: id=3609833638419971906; Expires=Thu, 24 Apr 2025 11:32:36 GMT; Secure; SameSite=None
Vary: Origin
|
|
| ultimatumrelaxconvince.com/c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js | 192.243.59.12 | 200 OK | 31 kB |
URL GET HTTP/1.1ultimatumrelaxconvince.com/c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectultimatumrelaxconvince.com FingerprintED:7E:CD:40:05:B3:70:C3:C7:CF:3A:82:20:FE:24:2D:C6:55:33:F3 ValidityTue, 23 Apr 2024 10:50:54 GMT - Mon, 22 Jul 2024 10:50:53 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashe0cbae2fc2c1ce4c4faf3ba6b0b2b965 b1b78fceedaccc958baab527c5efe2f0c15c6fa8 96cf4f27c3cc6e0a2f9a2f0fac6623c61a75960afcd6b41b2beccc7a8109425f
GET /c2/2d/c5/c22dc50dc2bbe4422c7f68d26ab95eb9.js HTTP/1.1
Host: ultimatumrelaxconvince.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 Apr 2024 11:32:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 279abca21adc90239ab2a4dca7aa3492
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| www.google.com/recaptcha/api.js | 142.250.74.164 | 200 OK | 8.3 kB |
URL GET HTTP/2www.google.com/recaptcha/api.js IP142.250.74.164:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintCD:48:2A:0C:60:1D:37:5A:D4:D5:A9:F7:DE:A0:2B:5E:2F:29:76:73 ValidityMon, 18 Mar 2024 20:38:49 GMT - Mon, 10 Jun 2024 20:38:48 GMT
File typeJavaScript source, ASCII text, with very long lines (12326), with no line terminators Hashb624c475eb914176e935c0f8a0d21c15 7044fdb459f104e40eb846a59ff3fbe8d85d69de 062b16424dde3b24265dd784af792bc7158ec6846f4da87766d01d1b7a8b0f3d
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Wed, 24 Apr 2024 11:32:31 GMT
date: Wed, 24 Apr 2024 11:32:31 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ultimatumrelaxconvince.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSwW%2FcxBsdp9Hv8kNIhd4AaQ8cCiIb2%2Bu1N%2FSAKCEoamiqFgSc0HhmvBky9lgz9nqTU0Ql1OMqEuLqvE0aARUqF25UyKnEoRJSll5yIP8BJ1DPaJeIhe%2Fg773vfZbevJkvDspz4qOkZ6vv612pFF3utt3W1Y8971prQ2blsDXshZ%2BGwbWWGby5Erbd11rvCbatl33Xc13P9Vpr0ohED5enImT%2BYMVrr7jtwG973QBD819uSweWOuCDc%2FICJJ8sPnauQLIGWfpwVdjtQudvvJuWihbaYMCPP8y2M11lSOcwMQ6S7PhiG9qerj2Czo5mdqEH%2FyzGckKcnx8hzo4vTCIeHM58xgoiQ8z%2Fj2rQQKgGkjZg%2Bi4kPyUA47i5iSy9f1Obiu78rdKpOiGLz%2F6ArCZk8bcryNLvris5bN3RqiykziyGSQ05bCD7DfLyBMXuAmR1AlZ8Dsl%2FIcvPNpClh5tWaUh%2B9qrf67hRLLpLUafDloIwdpd6LOJLnbjDgp4IvSgJZgFJ2UAmDZQYgdpLKK2DUjooEwdl7iDlZy3meV7kckbd3gpjHR6JOOSuR6PEo54b9lCy6RlGKPIRmBqBmT3kZg%2FbcgRT%2FgS7VcNyB7YgGPAalSCoLEFFCSpJUBUE1aA%2B4sr6tr7PlS1j76L7F71Tj3XRP6BHuuiLjICaEQyvD%2FJzcnkW4J%2BhxrY4a%2Fl%2BQHlAvSAOYq%2FLvMgPkyRyu4KFkS9oCCtrSLsAah3sytMXc%2BTy9LmXEdMTWHUCJi%2BDlq%2BAVjXoVo3d7CEXubaySKQSts10Cq5r5MUiih3nQJ2Tl2YObny1D8GekIsCMzVyU%2BMz%2BZigr%2B6Nb%2BuKHN7WlSXfb%2BaFTOUunV7vnYIW4n%2Ff3BA7lTZ8fdWOvn6bTYUpfPCBsMUGzbjM%2BpZ8e11yLsyaNkyQH9ftRyK%2BVdqt66XJynzj1jtr62luhLVSZw2oPP1kH0xOyPM%2FbMze7eutp5CmgSlrpOXcqdQNWL4Hm89nVhMYNedx7qAq67Hx4%2FlQSQIl5pzGNey%2FeDzHY0Onf1NZH9h76JsF0OIusrTGwNQYqBpUjWDLS%2BMiN0%2Fe%2BrUzK8RqYRwrs3AYK6P2ZyFPP1%2FCyrNW1Om4NFzpelFERRQHfi8JPU6pH4R%2BGNIOCjtJrv7%2B9C8AAAD%2F%2FwEAAP%2F%2Fm9FdNpEEAAA%3D | 192.243.59.12 | 200 OK | 7 B |
URL GET HTTP/1.1ultimatumrelaxconvince.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSwW%2FcxBsdp9Hv8kNIhd4AaQ8cCiIb2%2Bu1N%2FSAKCEoamiqFgSc0HhmvBky9lgz9nqTU0Ql1OMqEuLqvE0aARUqF25UyKnEoRJSll5yIP8BJ1DPaJeIhe%2Fg773vfZbevJkvDspz4qOkZ6vv612pFF3utt3W1Y8971prQ2blsDXshZ%2BGwbWWGby5Erbd11rvCbatl33Xc13P9Vpr0ohED5enImT%2BYMVrr7jtwG973QBD819uSweWOuCDc%2FICJJ8sPnauQLIGWfpwVdjtQudvvJuWihbaYMCPP8y2M11lSOcwMQ6S7PhiG9qerj2Czo5mdqEH%2FyzGckKcnx8hzo4vTCIeHM58xgoiQ8z%2Fj2rQQKgGkjZg%2Bi4kPyUA47i5iSy9f1Obiu78rdKpOiGLz%2F6ArCZk8bcryNLvris5bN3RqiykziyGSQ05bCD7DfLyBMXuAmR1AlZ8Dsl%2FIcvPNpClh5tWaUh%2B9qrf67hRLLpLUafDloIwdpd6LOJLnbjDgp4IvSgJZgFJ2UAmDZQYgdpLKK2DUjooEwdl7iDlZy3meV7kckbd3gpjHR6JOOSuR6PEo54b9lCy6RlGKPIRmBqBmT3kZg%2FbcgRT%2FgS7VcNyB7YgGPAalSCoLEFFCSpJUBUE1aA%2B4sr6tr7PlS1j76L7F71Tj3XRP6BHuuiLjICaEQyvD%2FJzcnkW4J%2BhxrY4a%2Fl%2BQHlAvSAOYq%2FLvMgPkyRyu4KFkS9oCCtrSLsAah3sytMXc%2BTy9LmXEdMTWHUCJi%2BDlq%2BAVjXoVo3d7CEXubaySKQSts10Cq5r5MUiih3nQJ2Tl2YObny1D8GekIsCMzVyU%2BMz%2BZigr%2B6Nb%2BuKHN7WlSXfb%2BaFTOUunV7vnYIW4n%2Ff3BA7lTZ8fdWOvn6bTYUpfPCBsMUGzbjM%2BpZ8e11yLsyaNkyQH9ftRyK%2BVdqt66XJynzj1jtr62luhLVSZw2oPP1kH0xOyPM%2FbMze7eutp5CmgSlrpOXcqdQNWL4Hm89nVhMYNedx7qAq67Hx4%2FlQSQIl5pzGNey%2FeDzHY0Onf1NZH9h76JsF0OIusrTGwNQYqBpUjWDLS%2BMiN0%2Fe%2BrUzK8RqYRwrs3AYK6P2ZyFPP1%2FCyrNW1Om4NFzpelFERRQHfi8JPU6pH4R%2BGNIOCjtJrv7%2B9C8AAAD%2F%2FwEAAP%2F%2Fm9FdNpEEAAA%3D IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectultimatumrelaxconvince.com FingerprintED:7E:CD:40:05:B3:70:C3:C7:CF:3A:82:20:FE:24:2D:C6:55:33:F3 ValidityTue, 23 Apr 2024 10:50:54 GMT - Mon, 22 Jul 2024 10:50:53 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSwW%2FcxBsdp9Hv8kNIhd4AaQ8cCiIb2%2Bu1N%2FSAKCEoamiqFgSc0HhmvBky9lgz9nqTU0Ql1OMqEuLqvE0aARUqF25UyKnEoRJSll5yIP8BJ1DPaJeIhe%2Fg773vfZbevJkvDspz4qOkZ6vv612pFF3utt3W1Y8971prQ2blsDXshZ%2BGwbWWGby5Erbd11rvCbatl33Xc13P9Vpr0ohED5enImT%2BYMVrr7jtwG973QBD819uSweWOuCDc%2FICJJ8sPnauQLIGWfpwVdjtQudvvJuWihbaYMCPP8y2M11lSOcwMQ6S7PhiG9qerj2Czo5mdqEH%2FyzGckKcnx8hzo4vTCIeHM58xgoiQ8z%2Fj2rQQKgGkjZg%2Bi4kPyUA47i5iSy9f1Obiu78rdKpOiGLz%2F6ArCZk8bcryNLvris5bN3RqiykziyGSQ05bCD7DfLyBMXuAmR1AlZ8Dsl%2FIcvPNpClh5tWaUh%2B9qrf67hRLLpLUafDloIwdpd6LOJLnbjDgp4IvSgJZgFJ2UAmDZQYgdpLKK2DUjooEwdl7iDlZy3meV7kckbd3gpjHR6JOOSuR6PEo54b9lCy6RlGKPIRmBqBmT3kZg%2FbcgRT%2FgS7VcNyB7YgGPAalSCoLEFFCSpJUBUE1aA%2B4sr6tr7PlS1j76L7F71Tj3XRP6BHuuiLjICaEQyvD%2FJzcnkW4J%2BhxrY4a%2Fl%2BQHlAvSAOYq%2FLvMgPkyRyu4KFkS9oCCtrSLsAah3sytMXc%2BTy9LmXEdMTWHUCJi%2BDlq%2BAVjXoVo3d7CEXubaySKQSts10Cq5r5MUiih3nQJ2Tl2YObny1D8GekIsCMzVyU%2BMz%2BZigr%2B6Nb%2BuKHN7WlSXfb%2BaFTOUunV7vnYIW4n%2Ff3BA7lTZ8fdWOvn6bTYUpfPCBsMUGzbjM%2BpZ8e11yLsyaNkyQH9ftRyK%2BVdqt66XJynzj1jtr62luhLVSZw2oPP1kH0xOyPM%2FbMze7eutp5CmgSlrpOXcqdQNWL4Hm89nVhMYNedx7qAq67Hx4%2FlQSQIl5pzGNey%2FeDzHY0Onf1NZH9h76JsF0OIusrTGwNQYqBpUjWDLS%2BMiN0%2Fe%2BrUzK8RqYRwrs3AYK6P2ZyFPP1%2FCyrNW1Om4NFzpelFERRQHfi8JPU6pH4R%2BGNIOCjtJrv7%2B9C8AAAD%2F%2FwEAAP%2F%2Fm9FdNpEEAAA%3D HTTP/1.1
Host: ultimatumrelaxconvince.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; uid_id2=28307be5-733c-46b0-8c7d-3b3c48e617f4:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 Apr 2024 11:32:36 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e4a9417c33f305d08d19d029c18e2c19
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| static.depositfiles.com/images/favicon.ico | 91.226.124.106 | 200 OK | 318 B |
URL GET HTTP/2static.depositfiles.com/images/favicon.ico IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel Hash0f0b975ee529197ec75780ebc2de5907 59688c6aafca5606e388ba9a44fc9dc25fc32cd3 28a0b52229f05b66354ca38b6b813d2281af3efb7e8b0a424ef8b4c68b9e583c
GET /images/favicon.ico HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/x-icon
date: Wed, 24 Apr 2024 11:32:36 GMT
etag: "651c240d-13e"
last-modified: Tue, 03 Oct 2023 14:24:13 GMT
server: nginx
content-length: 318
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/img/1.jpg | 188.114.97.1 | 200 OK | 36 kB |
URL GET HTTP/3cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/img/1.jpg IP188.114.97.1:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x320, components 3 Hashfc90b66d3831faf345c0a6173f02746f 4f5310e4fb903bdd4dceaa5d4095e48a83673a69 a2b1cc40143d3a9c13f5ffb5040a72ad972bc7d285c7eceef8708efe369fdeb4
GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/img/1.jpg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 11:32:37 GMT
content-type: image/jpeg
content-length: 36061
last-modified: Thu, 01 Feb 2024 14:48:15 GMT
etag: "65bbaf2f-8cdd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 6041451
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AIBW6%2Bn32%2F7R9aL3Z9ifssSIDHnbecXRvfaV2%2BE6tCx0Hc%2B%2BWEaDhMuR3knXQ354aWSQUJGq9VgxPEdumRfh76iEJq2mqSqxbCy%2F1gRXxZH3znxB%2BovPPH256BhRDfLM8ZRKq9nmU7og"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8795c6142b80568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ultimatumrelaxconvince.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Findex.html&l=1553&fd=623 | 192.243.59.12 | 200 OK | 0 B |
URL GET HTTP/1.1ultimatumrelaxconvince.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Findex.html&l=1553&fd=623 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectultimatumrelaxconvince.com FingerprintED:7E:CD:40:05:B3:70:C3:C7:CF:3A:82:20:FE:24:2D:C6:55:33:F3 ValidityTue, 23 Apr 2024 10:50:54 GMT - Mon, 22 Jul 2024 10:50:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Findex.html&l=1553&fd=623 HTTP/1.1
Host: ultimatumrelaxconvince.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; uid_id2=28307be5-733c-46b0-8c7d-3b3c48e617f4:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 Apr 2024 11:32:37 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| ultimatumrelaxconvince.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Fcss%2Fstyle.css&l=3630&fd=92 | 192.243.59.12 | 200 OK | 0 B |
URL GET HTTP/1.1ultimatumrelaxconvince.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Fcss%2Fstyle.css&l=3630&fd=92 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectultimatumrelaxconvince.com FingerprintED:7E:CD:40:05:B3:70:C3:C7:CF:3A:82:20:FE:24:2D:C6:55:33:F3 ValidityTue, 23 Apr 2024 10:50:54 GMT - Mon, 22 Jul 2024 10:50:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Fcss%2Fstyle.css&l=3630&fd=92 HTTP/1.1
Host: ultimatumrelaxconvince.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; uid_id2=28307be5-733c-46b0-8c7d-3b3c48e617f4:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 Apr 2024 11:32:37 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/js/script.js | 188.114.97.1 | 200 OK | 189 B |
URL GET HTTP/2cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/js/script.js IP188.114.97.1:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash5ca8c1679ba9453cfa512e01d6fec9c5 45628341eb20e4acee5e812d3b2dfc8f23962daf 520a0196a18cbe656f7382a02ec828125e68bdac511b9ebe2bf27f31e262d037
GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 11:32:37 GMT
content-type: application/javascript
last-modified: Thu, 01 Feb 2024 14:48:15 GMT
etag: W/"65bbaf2f-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 658817
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kBF4RtTZnklMmFqvtOZ4Y2ARL1kuajZx08PXve9upFj7po8o9n1toLhNEi6EgIximBLvpujRJXLZJZ5M5tjR71q0SbTgqS2TS3%2Fmm4pjnxyQuxhBQ6Q%2BL7rySuAtOYZQmmY2C5QbsY0D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8795c613a876569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 16:27:38 GMT
expires: Wed, 23 Apr 2025 16:27:38 GMT
cache-control: public, max-age=31536000
age: 68699
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 01:54:31 GMT
expires: Wed, 23 Apr 2025 01:54:31 GMT
cache-control: public, max-age=31536000
age: 121086
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ultimatumrelaxconvince.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Fjs%2Fscript.js&l=386&fd=86 | 192.243.59.12 | 200 OK | 0 B |
URL GET HTTP/1.1ultimatumrelaxconvince.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Fjs%2Fscript.js&l=386&fd=86 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectultimatumrelaxconvince.com FingerprintED:7E:CD:40:05:B3:70:C3:C7:CF:3A:82:20:FE:24:2D:C6:55:33:F3 ValidityTue, 23 Apr 2024 10:50:54 GMT - Mon, 22 Jul 2024 10:50:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Fjs%2Fscript.js&l=386&fd=86 HTTP/1.1
Host: ultimatumrelaxconvince.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; uid_id2=28307be5-733c-46b0-8c7d-3b3c48e617f4:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 Apr 2024 11:32:37 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| ultimatumrelaxconvince.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skxR%2Btzobv5SvC6t5UmIOHVcyke6ZneuIexDVGwsbNsquoJ6lfPSlT3dVUdU9PcgouyB6HgHjtvEk2qIusF28u0lnwsCBk3EsO5j%2FwpOxZZgyOfg79ee%2FzPg2vXtUXB8U5aaGgZ6vvm12lNV3uNP3G1Y%2BD4FpjQ6XFsDHsdT%2FthtcadvDmSrfpv9Z4T%2FJts9zyA98P%2FKCxpqyMzXB5KkJlD1aC5orfDFvNoBNiaP%2FLXeHBUQ9icE5egBKTxcfeFSheI00erkq3nZvsjXeTQtPcWAzE8YfpdmrKFMkcxtZDnB5fbMO407VHMOnRzC7M4J9FpibE%2B%2FkRWHp8YRJscDjzyTRkCib%2Bj3JQQ%2Boaitbg5i6UOCUAF7i5iTS5f9PYku78rdKpOiGLz%2F6AKidk8bcrSJPvrms1bNwxusiVSR2GcQU1rKH6NbLiBPnuAlR5Ap5%2FDiV%2BIcvPNpAmh5tOGyhx9mqr1%2FYjJjtLUbvNl8Iu85d6PBJLbdbmYU92gygOZwEpVUPFNbQcgbpLKJyHQnkoYg9F5iERZw0eBEHkC0793grnbRFJ1hV%2BQKM4oIHf7aHg0zOMkGcjcD0Ct3vI7B621Qi2%2BAluq4ITHlxOMBAVSklQOoKSEpSKoMwJykF1JLRrueq%2B0K5gwUVvXfR2NTZ5%2F4AembwvUwJqR7CiOsjOyeVZgH92DbblWaPVCqkIaRCykAUdHkStbhxHfkfybtSStAunKii3AOo87KrTFzNk6vS5l8HoCZw%2BAVeXQYtXQMsKdKvCbvpQyMw4lcdKS9fkJoEwFbJ8EfmOd6DPyUszBze%2B2ofkT8hFgdsKma3wmXpM0Nf3xrdNSQ5vm9KR7zezXCVql06v905Oc%2Fm%2Fb27IndJYsb7qRl%2B%2FzafCFD74QLp8g6ZCpX1Hvr2uhJB2zVguyY%2Fr7iPJbhVu63ph0yLbuPXO2nqSWemcMmkNqk4%2F2QdXE%2FL8Dxuzd%2Ft64ymUrWGLCkkxd6pMDZ7twWXzmTMEVs85yzyURTW2LTYfakWg5ZxTVsH9i7M5Hls6%2FZuq6sDdQ98ugOZ3kSYVBrbCQFegegRXXBrnmX3y1q%2FtWYHphTHTduGQaav3ZyFPP1%2FCqbNG2xcRk7GMmAw7YSy5YJ0O83nMWVv0ehy5m8RXf3%2F6FwAAAP%2F%2FAQAA%2F%2F8bBYjekQQAAA%3D%3D | 192.243.59.12 | 200 OK | 7 B |
URL GET HTTP/1.1ultimatumrelaxconvince.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skxR%2Btzobv5SvC6t5UmIOHVcyke6ZneuIexDVGwsbNsquoJ6lfPSlT3dVUdU9PcgouyB6HgHjtvEk2qIusF28u0lnwsCBk3EsO5j%2FwpOxZZgyOfg79ee%2FzPg2vXtUXB8U5aaGgZ6vvm12lNV3uNP3G1Y%2BD4FpjQ6XFsDHsdT%2FthtcadvDmSrfpv9Z4T%2FJts9zyA98P%2FKCxpqyMzXB5KkJlD1aC5orfDFvNoBNiaP%2FLXeHBUQ9icE5egBKTxcfeFSheI00erkq3nZvsjXeTQtPcWAzE8YfpdmrKFMkcxtZDnB5fbMO407VHMOnRzC7M4J9FpibE%2B%2FkRWHp8YRJscDjzyTRkCib%2Bj3JQQ%2Boaitbg5i6UOCUAF7i5iTS5f9PYku78rdKpOiGLz%2F6AKidk8bcrSJPvrms1bNwxusiVSR2GcQU1rKH6NbLiBPnuAlR5Ap5%2FDiV%2BIcvPNpAmh5tOGyhx9mqr1%2FYjJjtLUbvNl8Iu85d6PBJLbdbmYU92gygOZwEpVUPFNbQcgbpLKJyHQnkoYg9F5iERZw0eBEHkC0793grnbRFJ1hV%2BQKM4oIHf7aHg0zOMkGcjcD0Ct3vI7B621Qi2%2BAluq4ITHlxOMBAVSklQOoKSEpSKoMwJykF1JLRrueq%2B0K5gwUVvXfR2NTZ5%2F4AembwvUwJqR7CiOsjOyeVZgH92DbblWaPVCqkIaRCykAUdHkStbhxHfkfybtSStAunKii3AOo87KrTFzNk6vS5l8HoCZw%2BAVeXQYtXQMsKdKvCbvpQyMw4lcdKS9fkJoEwFbJ8EfmOd6DPyUszBze%2B2ofkT8hFgdsKma3wmXpM0Nf3xrdNSQ5vm9KR7zezXCVql06v905Oc%2Fm%2Fb27IndJYsb7qRl%2B%2FzafCFD74QLp8g6ZCpX1Hvr2uhJB2zVguyY%2Fr7iPJbhVu63ph0yLbuPXO2nqSWemcMmkNqk4%2F2QdXE%2FL8Dxuzd%2Ft64ymUrWGLCkkxd6pMDZ7twWXzmTMEVs85yzyURTW2LTYfakWg5ZxTVsH9i7M5Hls6%2FZuq6sDdQ98ugOZ3kSYVBrbCQFegegRXXBrnmX3y1q%2FtWYHphTHTduGQaav3ZyFPP1%2FCqbNG2xcRk7GMmAw7YSy5YJ0O83nMWVv0ehy5m8RXf3%2F6FwAAAP%2F%2FAQAA%2F%2F8bBYjekQQAAA%3D%3D IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectultimatumrelaxconvince.com FingerprintED:7E:CD:40:05:B3:70:C3:C7:CF:3A:82:20:FE:24:2D:C6:55:33:F3 ValidityTue, 23 Apr 2024 10:50:54 GMT - Mon, 22 Jul 2024 10:50:53 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skxR%2Btzobv5SvC6t5UmIOHVcyke6ZneuIexDVGwsbNsquoJ6lfPSlT3dVUdU9PcgouyB6HgHjtvEk2qIusF28u0lnwsCBk3EsO5j%2FwpOxZZgyOfg79ee%2FzPg2vXtUXB8U5aaGgZ6vvm12lNV3uNP3G1Y%2BD4FpjQ6XFsDHsdT%2FthtcadvDmSrfpv9Z4T%2FJts9zyA98P%2FKCxpqyMzXB5KkJlD1aC5orfDFvNoBNiaP%2FLXeHBUQ9icE5egBKTxcfeFSheI00erkq3nZvsjXeTQtPcWAzE8YfpdmrKFMkcxtZDnB5fbMO407VHMOnRzC7M4J9FpibE%2B%2FkRWHp8YRJscDjzyTRkCib%2Bj3JQQ%2Boaitbg5i6UOCUAF7i5iTS5f9PYku78rdKpOiGLz%2F6AKidk8bcrSJPvrms1bNwxusiVSR2GcQU1rKH6NbLiBPnuAlR5Ap5%2FDiV%2BIcvPNpAmh5tOGyhx9mqr1%2FYjJjtLUbvNl8Iu85d6PBJLbdbmYU92gygOZwEpVUPFNbQcgbpLKJyHQnkoYg9F5iERZw0eBEHkC0793grnbRFJ1hV%2BQKM4oIHf7aHg0zOMkGcjcD0Ct3vI7B621Qi2%2BAluq4ITHlxOMBAVSklQOoKSEpSKoMwJykF1JLRrueq%2B0K5gwUVvXfR2NTZ5%2F4AembwvUwJqR7CiOsjOyeVZgH92DbblWaPVCqkIaRCykAUdHkStbhxHfkfybtSStAunKii3AOo87KrTFzNk6vS5l8HoCZw%2BAVeXQYtXQMsKdKvCbvpQyMw4lcdKS9fkJoEwFbJ8EfmOd6DPyUszBze%2B2ofkT8hFgdsKma3wmXpM0Nf3xrdNSQ5vm9KR7zezXCVql06v905Oc%2Fm%2Fb27IndJYsb7qRl%2B%2FzafCFD74QLp8g6ZCpX1Hvr2uhJB2zVguyY%2Fr7iPJbhVu63ph0yLbuPXO2nqSWemcMmkNqk4%2F2QdXE%2FL8Dxuzd%2Ft64ymUrWGLCkkxd6pMDZ7twWXzmTMEVs85yzyURTW2LTYfakWg5ZxTVsH9i7M5Hls6%2FZuq6sDdQ98ugOZ3kSYVBrbCQFegegRXXBrnmX3y1q%2FtWYHphTHTduGQaav3ZyFPP1%2FCqbNG2xcRk7GMmAw7YSy5YJ0O83nMWVv0ehy5m8RXf3%2F6FwAAAP%2F%2FAQAA%2F%2F8bBYjekQQAAA%3D%3D HTTP/1.1
Host: ultimatumrelaxconvince.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; uid_id2=28307be5-733c-46b0-8c7d-3b3c48e617f4:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 Apr 2024 11:32:37 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ded8ab568891012ea1b9b0b8f762fddc
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| ultimatumrelaxconvince.com/pixel/sbs?c=1 | 192.243.59.12 | 200 OK | 0 B |
URL GET HTTP/1.1ultimatumrelaxconvince.com/pixel/sbs?c=1 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectultimatumrelaxconvince.com FingerprintED:7E:CD:40:05:B3:70:C3:C7:CF:3A:82:20:FE:24:2D:C6:55:33:F3 ValidityTue, 23 Apr 2024 10:50:54 GMT - Mon, 22 Jul 2024 10:50:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbs?c=1 HTTP/1.1
Host: ultimatumrelaxconvince.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; uid_id2=28307be5-733c-46b0-8c7d-3b3c48e617f4:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 Apr 2024 11:32:37 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| chroniclesugar.com/pixel/purst?dl=0&th=0&sc=0&rs=4824&rd=4824&fd=1135&bv=24.4.4887&tmpl=136 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1chroniclesugar.com/pixel/purst?dl=0&th=0&sc=0&rs=4824&rd=4824&fd=1135&bv=24.4.4887&tmpl=136 IP172.240.108.68:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectchroniclesugar.com Fingerprint10:4E:AB:21:CE:9D:B4:D1:EE:98:F9:04:AD:CE:0E:B1:15:57:C1:E2 ValidityTue, 23 Apr 2024 10:51:42 GMT - Mon, 22 Jul 2024 10:51:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/purst?dl=0&th=0&sc=0&rs=4824&rd=4824&fd=1135&bv=24.4.4887&tmpl=136 HTTP/1.1
Host: chroniclesugar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 11:32:37 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.cookie-script.com/iabtcf/2.2/sdk_cmp.js | 146.185.171.19 | 200 OK | 24 kB |
URL GET HTTP/2cdn.cookie-script.com/iabtcf/2.2/sdk_cmp.js IP146.185.171.19:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerSectigo Limited Subject*.cookie-script.com FingerprintEC:4C:BD:45:07:39:A8:24:AD:C5:44:8F:4B:DF:0B:40:79:EA:44:77 ValidityMon, 11 Sep 2023 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (46293) Hasha52fe84a5a57b5981cc7d19cd24b64c6 69915dc265632d4e4d6c2f01f9ea67e60500b813 beee6e020b6c3413c6076356f52645e21d8cf9edb19b1b3ed37def946f8f0132
GET /iabtcf/2.2/sdk_cmp.js HTTP/1.1
Host: cdn.cookie-script.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 11:32:38 GMT
content-type: text/javascript
content-length: 24064
last-modified: Mon, 22 Apr 2024 20:49:59 GMT
etag: "172ce-616b594ac287f-gzip"
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
x-cache-status: HIT
x-server: n3
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| consent.cookie-script.com/analytics?action=firstshown&time=1713958358359&script=962e36ace9b4601f1f51f3e2010e41b9&category= | 116.203.90.127 | 200 OK | 47 B |
URL GET HTTP/2consent.cookie-script.com/analytics?action=firstshown&time=1713958358359&script=962e36ace9b4601f1f51f3e2010e41b9&category= IP116.203.90.127:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerSectigo Limited Subject*.cookie-script.com FingerprintEC:4C:BD:45:07:39:A8:24:AD:C5:44:8F:4B:DF:0B:40:79:EA:44:77 ValidityMon, 11 Sep 2023 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT
Hash5a73bba367acbe422448fce32be81de5 ab84ec98cdab331568710194243b60a0677e4e2d b435ac3658f026c401a3a5de288fe26e5c7569c6ab88eb8b8c3b48548107b928
GET /analytics?action=firstshown&time=1713958358359&script=962e36ace9b4601f1f51f3e2010e41b9&category= HTTP/1.1
Host: consent.cookie-script.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 11:32:38 GMT
content-type: application/json
content-length: 47
x-amzn-requestid: 2dc2e3d8-c617-4e13-a655-d1bd1ac4a637
access-control-allow-origin: *
x-amz-apigw-id: WuoZkEppjoEEBeA=
x-amzn-trace-id: Root=1-6628edd6-303045a67a1df9a654ea4a05;Parent=128d19efe93b23aa;Sampled=0;lineage=a8669a4e:0
x-cache: Miss from cloudfront
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: 4MQF-S_rsJQsRY0JvZitnfhPiBFedAUxrlG03QD_o9EUodY6oh4nSw==
X-Firefox-Spdy: h2
|
|
| cdn.cookie-script.com/iabtcf/2.2/vendor-list.json | 146.185.171.19 | 200 OK | 91 kB |
URL GET HTTP/2cdn.cookie-script.com/iabtcf/2.2/vendor-list.json IP146.185.171.19:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerSectigo Limited Subject*.cookie-script.com FingerprintEC:4C:BD:45:07:39:A8:24:AD:C5:44:8F:4B:DF:0B:40:79:EA:44:77 ValidityMon, 11 Sep 2023 00:00:00 GMT - Thu, 25 Jul 2024 23:59:59 GMT
File typegzip compressed data, from Unix Hash25281687ba4307d7116e685bfcfd35e1 851124da36b37271054a247739b050573639e32e b76edd7fd034b02ac3876c2c64f613a25f6bd923b5e62c01770b0af37b1c2c08
GET /iabtcf/2.2/vendor-list.json HTTP/1.1
Host: cdn.cookie-script.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 11:32:38 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Mon, 22 Apr 2024 14:25:07 GMT
etag: W/"94f50-616b0344305f8"
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
x-cache-status: HIT
x-server: n3
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| unseenreport.com/pxf.gif?uuid=28307be5-733c-46b0-8c7d-3b3c48e617f4&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=c22dc50dc2bbe4422c7f68d26ab95eb9&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=11 | 192.243.61.227 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=28307be5-733c-46b0-8c7d-3b3c48e617f4&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=c22dc50dc2bbe4422c7f68d26ab95eb9&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=11 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=28307be5-733c-46b0-8c7d-3b3c48e617f4&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=c22dc50dc2bbe4422c7f68d26ab95eb9&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=11 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 11:32:40 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 51527f449154ed9cae4568781b9e75b3
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=28307be5-733c-46b0-8c7d-3b3c48e617f4&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=224ad4a14b4b15c1726ff705ec672ea6&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=11 | 192.243.61.227 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=28307be5-733c-46b0-8c7d-3b3c48e617f4&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=224ad4a14b4b15c1726ff705ec672ea6&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=11 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=28307be5-733c-46b0-8c7d-3b3c48e617f4&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=224ad4a14b4b15c1726ff705ec672ea6&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=11 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 11:32:40 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0bb14087bcb3c82c4a4ea52ecbeb9d92
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| storage.multstorage.com/log/count.html | 172.67.174.51 | 200 OK | 882 B |
URL GET HTTP/2storage.multstorage.com/log/count.html IP172.67.174.51:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerGoogle Trust Services LLC Subjectmultstorage.com Fingerprint63:F0:24:29:21:22:E5:42:33:61:B5:20:05:1B:EF:36:81:F5:7B:0A ValiditySun, 17 Mar 2024 08:38:54 GMT - Sat, 15 Jun 2024 08:38:53 GMT
File typeHTML document, ASCII text, with very long lines (919), with no line terminators Hash053b1fe641da8057571d40ebaf1624ab 09b2648b7d08c84621298f0b939cea5170a65022 6606334874a3edb8295831f41d3684433e4553ffe0a72e58c90926e00f39c6a4
GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 11:32:35 GMT
content-type: text/html
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
vary: Accept-Encoding
x-request-id: fd74ec99385d79cf458973141b5e464c
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8lBfKuBJiTLg0KljIS598NCi%2BPUP093EEfsPP5EvjfcxPXy7KJB8cK8P6RkiKPKxpqFQllQnHvft6e1r7ccooclSqkUx%2FO0zGsbiSz46nIieo01%2BZfFH4O0BFM94tote7Us9cGcqKMcJZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8795c60c1fceb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/css/animate.css | 188.114.97.1 | 200 OK | 79 kB |
URL GET HTTP/2cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/css/animate.css IP188.114.97.1:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash80047eaa13ebd50c50e8a9753621e430 9c503e07d130572a0eaf51f7c02cbd4cf6213fe3 3f831a59615f8d5d40b4340b2836f91438c876f8dbce75f78e38360d6fe0f429
GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 11:32:37 GMT
content-type: text/css
last-modified: Thu, 01 Feb 2024 14:48:12 GMT
etag: W/"65bbaf2c-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 658817
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4vEiA6nj%2BmuRk5yk0mEwuVq2uWUo9xd7rqwLnxwhDMsmhD21utPUB9f2i6ItKNzpltYe9rXhgKQpvqQC5NSDoCka7NpHdlcq%2FLR%2B%2BxJPau2Vs0owa8OqffR%2FmIK%2B7xlH2DjItL3N8nca"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8795c613986f569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.unblockia.com/autopromos/unicef3.jpg?unblockia=true | 143.204.55.84 | 200 OK | 54 kB |
URL GET HTTP/2cdn.unblockia.com/autopromos/unicef3.jpg?unblockia=true IP143.204.55.84:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerAmazon Subject*.unblockia.com Fingerprint79:E4:56:24:64:EB:7C:C0:1E:E3:61:D0:BE:07:4D:34:89:8B:5E:BD ValidityTue, 23 Jan 2024 00:00:00 GMT - Thu, 20 Feb 2025 23:59:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 160x600, components 3 Hash5dcf47442fc7fbb8d0263bbf4869537e 2c8232ac93448bbc06b5464f1839a5cdb2ed3e07 81804a1b2b20350ec009ba6429a4f58124c16ca30683af0af255544cd98c8fa6
GET /autopromos/unicef3.jpg?unblockia=true HTTP/1.1
Host: cdn.unblockia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
content-length: 54292
last-modified: Tue, 12 Apr 2022 08:41:27 GMT
x-amz-version-id: iA22.ytP0i4dmuIhnc0eyNVgJlt2K4fl
accept-ranges: bytes
server: AmazonS3
date: Wed, 24 Apr 2024 06:49:43 GMT
etag: "5dcf47442fc7fbb8d0263bbf4869537e"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: c1u3PBSZ4qX5MkRgNG5iJrPawwDGn2oQZARjQUHd81d5qpEpmAni1g==
age: 16973
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
|
|
| adsbb.dfiles.eu//ad.php?z=56&c=NO | 91.226.124.125 | 303 See Other | 1.5 kB |
URL GET HTTP/2adsbb.dfiles.eu//ad.php?z=56&c=NO IP91.226.124.125:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET //ad.php?z=56&c=NO HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: last_file=rd6fzioy1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 303 See Other
content-security-policy: frame-ancestors depositfiles.com depositfiles.org dfiles.eu dfiles.com web-301.dfiles.eu web-302.dfiles.eu web-303.dfiles.eu web-304.dfiles.eu
content-type: text/html; charset=UTF-8
date: Wed, 24 Apr 2024 11:32:35 GMT
location: /upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
server: nginx
set-cookie: _nf56=1; expires=Thu, 25-Apr-2024 11:32:35 GMT; Max-Age=86400
x-powered-by: PHP/5.6.40
X-Firefox-Spdy: h2
|
|
| adsbb.dfiles.eu//ad.php?z=58&c=NO&g=gateway | 91.226.124.125 | 303 See Other | 1.5 kB |
URL GET HTTP/2adsbb.dfiles.eu//ad.php?z=58&c=NO&g=gateway IP91.226.124.125:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET //ad.php?z=58&c=NO&g=gateway HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: last_file=rd6fzioy1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 303 See Other
content-security-policy: frame-ancestors depositfiles.com depositfiles.org dfiles.eu dfiles.com web-301.dfiles.eu web-302.dfiles.eu web-303.dfiles.eu web-304.dfiles.eu
content-type: text/html; charset=UTF-8
date: Wed, 24 Apr 2024 11:32:35 GMT
location: /upload/2303/ad2775297311915a.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
server: nginx
set-cookie: _nf58=1; expires=Thu, 25-Apr-2024 11:32:35 GMT; Max-Age=86400
x-powered-by: PHP/5.6.40
X-Firefox-Spdy: h2
|
|
| adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 | 91.226.124.125 | 200 OK | 1.5 kB |
URL GET HTTP/2adsbb.dfiles.eu/upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 IP91.226.124.125:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectdfiles.eu Fingerprint34:45:DB:EC:84:73:5D:D5:39:2A:00:C7:2F:21:5C:B1:2D:0E:14:42 ValidityMon, 04 Mar 2024 13:34:43 GMT - Sun, 02 Jun 2024 13:34:42 GMT
File typeHTML document, ASCII text, with very long lines (1534), with no line terminators Hash2024d66d62f2b82a156f6fe891d268fa b2e88de944de10c776afdf44b893711b54142225 6029c1e0f725f387231828bc0fafe390e7234bc9a9245d81010421d5c3dd8ec2
GET /upload/2112/ad27582685f5c72c.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 HTTP/1.1
Host: adsbb.dfiles.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
DNT: 1
Connection: keep-alive
Cookie: last_file=rd6fzioy1; _nf58=1; _nf56=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
content-security-policy: frame-ancestors depositfiles.com depositfiles.org dfiles.eu dfiles.com web-301.dfiles.eu web-302.dfiles.eu web-303.dfiles.eu web-304.dfiles.eu
content-type: text/html
date: Wed, 24 Apr 2024 11:32:35 GMT
last-modified: Wed, 24 Apr 2024 11:30:00 GMT
server: nginx
X-Firefox-Spdy: h2
|
|
| js.wpshsdk.com/npc/sdk/push.m.js?v=1 | 45.133.44.53 | 200 OK | 34 kB |
URL GET HTTP/2js.wpshsdk.com/npc/sdk/push.m.js?v=1 IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectjs.wpshsdk.com Fingerprint7C:0A:CB:08:AD:6F:60:55:9E:07:7C:F7:07:AC:DD:CF:DF:AB:01:FD ValidityWed, 20 Mar 2024 05:01:38 GMT - Tue, 18 Jun 2024 05:01:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npc/sdk/push.m.js?v=1 HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 11:32:35 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Mon, 22 Apr 2024 13:08:51 GMT
etag: W/"66266163-845a"
content-encoding: gzip
expires: Wed, 24 Apr 2024 11:37:35 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/css/style.css | 188.114.97.1 | 200 OK | 3.6 kB |
URL GET HTTP/2cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/css/style.css IP188.114.97.1:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeASCII text, with very long lines (3854), with no line terminators Hash1ef6c40dc9237f64e46f930e4b26d112 7e94a725845a7101b17bfc0ff488e27c12060c1d e23167c1f14d771e6eb40f86085c2f04f52010a5e934cff3f9e214aab984f4b4
GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 11:32:37 GMT
content-type: text/css
last-modified: Thu, 01 Feb 2024 14:48:12 GMT
etag: W/"65bbaf2c-e2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 658817
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ewB2TgJjmA0HfbRCz6h5cktazGVeW5v2KuHrw8joldsDLiAUiyOmx3AZhqoKfMFmpXZQtLSRN3TUSaxUx%2FMwATXWmVgp9qpsUNYCNlMuMaKUgZ9T8b5M98JQNzMosCF3%2FNjM8yL4Kz62"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8795c613a879569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| js.wpadmngr.com/static/adManager.m.js | 45.133.44.53 | 200 OK | 109 kB |
URL GET HTTP/2js.wpadmngr.com/static/adManager.m.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectjs.wpadmngr.com Fingerprint60:8B:32:7F:ED:77:26:33:0E:F0:C1:0F:02:66:F5:DB:C6:0D:1F:70 ValidityMon, 11 Mar 2024 04:00:58 GMT - Sun, 09 Jun 2024 04:00:57 GMT
Size109 kB (109340 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/adManager.m.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 11:32:35 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 23 Apr 2024 09:45:19 GMT
etag: W/"6627832f-1ab1c"
content-encoding: gzip
expires: Wed, 24 Apr 2024 11:37:35 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| loader.unblockia.com/c/dfiles.eu/config.json | 143.204.55.94 | 200 OK | 47 kB |
URL GET HTTP/2loader.unblockia.com/c/dfiles.eu/config.json IP143.204.55.94:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerAmazon Subject*.unblockia.com Fingerprint79:E4:56:24:64:EB:7C:C0:1E:E3:61:D0:BE:07:4D:34:89:8B:5E:BD ValidityTue, 23 Jan 2024 00:00:00 GMT - Thu, 20 Feb 2025 23:59:59 GMT
Hashf365c1e4619a90bbadadacf55598fe90 1623c939b72aecd3831e1da35e4c0a5229383e91 23e2e4d868bb2652b97e9e13d36df1dfeeba338d4e9c4d1d737fba6b2b2b2d52
GET /c/dfiles.eu/config.json HTTP/1.1
Host: loader.unblockia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfiles.eu/
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 46747
last-modified: Fri, 09 Jun 2023 09:20:17 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: trENJHq0I9QxpCJnwtrkDFWJYsxIhjKV
accept-ranges: bytes
server: AmazonS3
date: Wed, 24 Apr 2024 10:44:05 GMT
etag: "f365c1e4619a90bbadadacf55598fe90"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NEMMwIxJzZ-rtZZAoUY48T7xMaW-IeB46Zo6R4u_k5syapgV4TR76g==
age: 15236
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
|
|
| ultimatumrelaxconvince.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Fcss%2Fanimate.css&l=79245&fd=93 | 192.243.59.12 | 200 OK | 0 B |
URL GET HTTP/1.1ultimatumrelaxconvince.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Fcss%2Fanimate.css&l=79245&fd=93 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectultimatumrelaxconvince.com FingerprintED:7E:CD:40:05:B3:70:C3:C7:CF:3A:82:20:FE:24:2D:C6:55:33:F3 ValidityTue, 23 Apr 2024 10:50:54 GMT - Mon, 22 Jul 2024 10:50:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Fcss%2Fanimate.css&l=79245&fd=93 HTTP/1.1
Host: ultimatumrelaxconvince.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Cookie: u_pl=16004719; uid_id2=28307be5-733c-46b0-8c7d-3b3c48e617f4:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 Apr 2024 11:32:37 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.106 | 200 OK | 7.0 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.106:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (7193), with no line terminators Hash16b49a99486594c0b42d9bd7821deb2c 2fb46e5e86d6b37d4497cc04bfd89b3cb33a276a 3f3540952441e06ef81189cf63d46bac242804e386779dbb0cdd78ed10025c21
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 Apr 2024 11:32:37 GMT
date: Wed, 24 Apr 2024 11:32:37 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.unblockia.com/autopromos/unicef2.jpg?unblockia=true | 143.204.55.84 | 200 OK | 37 kB |
URL GET HTTP/2cdn.unblockia.com/autopromos/unicef2.jpg?unblockia=true IP143.204.55.84:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerAmazon Subject*.unblockia.com Fingerprint79:E4:56:24:64:EB:7C:C0:1E:E3:61:D0:BE:07:4D:34:89:8B:5E:BD ValidityTue, 23 Jan 2024 00:00:00 GMT - Thu, 20 Feb 2025 23:59:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 728x90, components 3 Hash58fbb6ffe72ac0c1aa468de39ee18e13 d25230f1ef89aecc6048b0ceb09dd0af609ee7b6 e8ff7f3a8926e5b5497d2ab7a1bf47c5655e287a51045f11846f426ac6c7d180
GET /autopromos/unicef2.jpg?unblockia=true HTTP/1.1
Host: cdn.unblockia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
content-length: 36773
last-modified: Tue, 12 Apr 2022 08:41:28 GMT
x-amz-version-id: xUurxjfnscsyJn430NFsrgfbabIFowSl
accept-ranges: bytes
server: AmazonS3
date: Wed, 24 Apr 2024 07:33:24 GMT
etag: "58fbb6ffe72ac0c1aa468de39ee18e13"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JsGsqhGgScZvEo5-lcdG6_UgS5LTZqX4EBayJtkAgxghiyVqJC-VoA==
age: 26858
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.97.1 | 200 OK | 86 kB |
URL GET HTTP/3downstairsnegotiatebarren.com/sfp.js IP188.114.97.1:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44 ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 11:32:36 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 32436cf74c3a978cb76fce516007e81e
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 24 Apr 2024 11:32:36 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gn8%2BGg3VLLaeYWJgIlR47uy9AOLZ%2BLzvYLJRRxtc%2FZdlGXnpCY7mTex2NIfgcUgeNfikaviT3Kch7edcf2yd%2BqZ6t9IbGGp0k9TiEnpK8r2ihC%2Fi3DINFkKcKgyIvwwRIW1Y1AbqWZqlNttph7Cenw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8795c60ed961b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| static.depositfiles.com/css/main.css | 91.226.124.106 | 200 OK | 194 kB |
URL GET HTTP/2static.depositfiles.com/css/main.css IP91.226.124.106:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectdepositfiles.com Fingerprint8D:3C:74:0A:57:29:55:E0:60:A5:AF:60:66:DD:1F:ED:7A:ED:F7:A6 ValidityTue, 05 Mar 2024 13:34:49 GMT - Mon, 03 Jun 2024 13:34:48 GMT
Size194 kB (194436 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /css/main.css HTTP/1.1
Host: static.depositfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=300
content-encoding: gzip
content-type: text/css
date: Wed, 24 Apr 2024 11:32:32 GMT
etag: W/"6545effd-2f784"
expires: Wed, 24 Apr 2024 11:37:32 GMT
last-modified: Sat, 04 Nov 2023 07:17:17 GMT
server: nginx
X-Firefox-Spdy: h2
|
|
| cdn.unblockia.com/h.js | 143.204.55.84 | 200 OK | 168 kB |
IP143.204.55.84:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerAmazon Subject*.unblockia.com Fingerprint79:E4:56:24:64:EB:7C:C0:1E:E3:61:D0:BE:07:4D:34:89:8B:5E:BD ValidityTue, 23 Jan 2024 00:00:00 GMT - Thu, 20 Feb 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size168 kB (168079 bytes) Hashbc5af0220c4116294c4e9c72ae4e244c f03f6753bcdfdedf4475b83022003b01a02fbde0 b7d2974070cf9f476d97e4401209a440e8fee787781d9084655cca366dad4d21
GET /h.js HTTP/1.1
Host: cdn.unblockia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Tue, 20 Jun 2023 10:06:46 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-content-sha256: 02f1ef29ead1d705cce351046cded37a79615ae12624547bfa0e8307765c8765
x-amz-version-id: m8vKRZ4OANVjVfMIKL3cKYiXKt6EM9QQ
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:987257285531:build/unblockia-loader-codebuild-project:4e52eb3f-761b-4c10-a85a-162fb4fa3980
x-amz-meta-codebuild-content-md5: fb4d4b7b1d35720e2d2481016ef4369b
server: AmazonS3
content-encoding: gzip
date: Wed, 24 Apr 2024 01:28:42 GMT
etag: W/"bc5af0220c4116294c4e9c72ae4e244c"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JFHXa09XsBsvefuo_OK8R19LxVzmXCADvDSvw1GCSkmmM79-d2M45Q==
age: 36233
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.97.1 | 200 OK | 86 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP188.114.97.1:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44 ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 11:32:35 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 18efda2aeb6307e89140efa254c07f93
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 24 Apr 2024 11:32:35 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QM6bYK8Ti5g%2BfjyTklsdkKi0ca%2BesZWcJoBsPoqFB3LLTi%2B6HqDjUN52rg3a3t24y6IC%2Fe3uysJ7jsdQmFrJq37QhJARwLAI9UcktueR%2FdKmZaArlp9S2V5UcLTX8aYgSYaKb15UFRecQUzEtbtoaw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8795c607d8ca5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| acscdn.com/script/ut.js?cb=1713958355378 | 104.21.11.26 | 200 OK | 64 kB |
URL GET HTTP/3acscdn.com/script/ut.js?cb=1713958355378 IP104.21.11.26:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerGoogle Trust Services LLC Subjectacscdn.com FingerprintC2:6C:14:F0:34:12:76:91:EB:3A:02:AC:4F:41:CA:11:17:6F:F0:01 ValidityWed, 28 Feb 2024 11:34:54 GMT - Tue, 28 May 2024 11:34:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script/ut.js?cb=1713958355378 HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 11:32:35 GMT
content-type: text/javascript
x-guploader-uploadid: ABPtcPpZvtO7KbQmrxDq00bOMfw4sO4xFsKuqcUD9K3z1snE83duKwJqMZfV7d2xx8BjQRLph4s
x-goog-generation: 1713948453577113
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 63909
x-goog-hash: crc32c=kq4lSA==, md5=CnxkqCwRPyiC+kSqpDwTPA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Wed, 24 Apr 2024 11:28:54 GMT
cache-control: public, max-age=3600
last-modified: Wed, 24 Apr 2024 08:47:33 GMT
etag: W/"0a7c64a82c113f2882fa44aaa43c133c"
age: 1269
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FOgtji0R71pXzB13oDwXfykB8nB8WcBugb5BcYDQDuvt6YpEnr12bjabPc952f9Lwr03zwcwvpcrmSCoWrV9n4AVHOZpu6TodxscPHmOrFPwu0C9VnPHLrhVQq5d"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8795c6094cb6b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ultimatumrelaxconvince.com/sbar.json?key=224ad4a14b4b15c1726ff705ec672ea6&uuid=28307be5-733c-46b0-8c7d-3b3c48e617f4%3A3%3A1 | 192.243.59.12 | 200 OK | 12 kB |
URL GET HTTP/1.1ultimatumrelaxconvince.com/sbar.json?key=224ad4a14b4b15c1726ff705ec672ea6&uuid=28307be5-733c-46b0-8c7d-3b3c48e617f4%3A3%3A1 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerLet's Encrypt Subjectultimatumrelaxconvince.com FingerprintED:7E:CD:40:05:B3:70:C3:C7:CF:3A:82:20:FE:24:2D:C6:55:33:F3 ValidityTue, 23 Apr 2024 10:50:54 GMT - Mon, 22 Jul 2024 10:50:53 GMT
Hash71251edb954d10ca21806519692b6b1a bf117d3795b5c60329bcd86d8d86fa3a9eb5f0b0 6e4e72df337ed89b3e4e564899ea215be6da20edae61b6a0238ddcf4e6b34f9e
GET /sbar.json?key=224ad4a14b4b15c1726ff705ec672ea6&uuid=28307be5-733c-46b0-8c7d-3b3c48e617f4%3A3%3A1 HTTP/1.1
Host: ultimatumrelaxconvince.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 Apr 2024 11:32:36 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://dfiles.eu
Access-Control-Allow-Origin: https://dfiles.eu
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16004719; expires=Thu, 25 Apr 2024 11:32:36 GMT; secure; SameSite=None
uid_id2=28307be5-733c-46b0-8c7d-3b3c48e617f4:3:1; expires=Wed, 01 May 2024 11:32:36 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 25 Apr 2024 11:32:36 GMT; secure; SameSite=None
uncs=1; expires=Thu, 25 Apr 2024 11:32:36 GMT; secure; SameSite=None
pdhtkv29=true; expires=Thu, 25 Apr 2024 11:32:36 GMT; secure; SameSite=None
uncs29=1; expires=Thu, 25 Apr 2024 11:32:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f5ebe5794182693d9540b1da2c5f077a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| ctrtrk.com/ut/ctr.php | 104.21.85.92 | 200 OK | 166 B |
IP104.21.85.92:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerGoogle Trust Services LLC Subjectctrtrk.com Fingerprint58:E6:48:48:DD:46:49:F1:8C:B7:7C:F4:88:92:84:58:15:D5:01:AD ValiditySat, 16 Mar 2024 06:41:09 GMT - Fri, 14 Jun 2024 06:41:08 GMT
File typeHTML document, ASCII text, with no line terminators Hash1eb14cde74de8333ef7e76f3391c4f21 ae6f8a02fbf9ed876bc42d9b1b9c33c0635585ca 554af71b39baddf5cde39c03b83f7a969bef3427f7c1ffc42bd14069be46de60
GET /ut/ctr.php HTTP/1.1
Host: ctrtrk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 11:32:35 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
set-cookie: uniqid=0e7b3260-0530-4bc5-95fa-6a5d05d951a6; path=/; SameSite=None; Secure; Max-Age=1745494355; HttpOnly
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pZozxfwNa0zJtXk%2Bv7qqoOuJT2aPsrqfPq8MUZbuNtcclQK2mQicSgv8iCB1OWmv9N4VztGmC3MfLoObV6h9IKkpaD7phd2yFEo9UHntCflihFcVmm6ttH%2FeLJsB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8795c60a39907130-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/index.html | 172.67.74.218 | 200 OK | 1.6 kB |
URL GET HTTP/2cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/index.html IP172.67.74.218:443
Requested byhttps://dfiles.eu/files/rd6fzioy1/Kingdom-CD_patch_125-h.exe CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint84:82:6E:35:03:D4:C4:FC:BA:08:CD:C8:E6:A3:97:A9:20:2F:F5:49 ValiditySun, 23 Jul 2023 00:00:00 GMT - Mon, 22 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (1642), with no line terminators Hashd086ac98379bfeb8250336ab371ad609 92031b5a736cd9ccd82410e38f51e9931b63cd2d ce2f2bb21f09fde1d48a137d2982c497595fae100b1258328b839a713340e6b9
GET /sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfiles.eu
DNT: 1
Connection: keep-alive
Referer: https://dfiles.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 11:32:36 GMT
content-type: text/html
last-modified: Thu, 01 Feb 2024 14:48:10 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rM1vXoRaARTN6%2FrmnjyQ8CG9P8Ao6CkPm%2FHDmrlnPozIr2s%2FOgFVgy2RE2Dx9DZmDoy89YKdOIAlrhk7F05lXB0Gfnfv9zYe8n7vcy6PWmYo4SMWLk1pRjiIWhLsOdRlxnCUtC0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8795c60f785ab51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|