| constantclients.cc/wp-content/plugins/popup-builder/public/css/theme.css?ver=4.2.7 | 66.235.200.147 | | 15 kB |
URL constantclients.cc/wp-content/plugins/popup-builder/public/css/theme.css?ver=4.2.7 IP66.235.200.147:0
File typeASCII text, with very long lines (4774) Hashe6fa0ab1e511473032e374f0ec4fc1ec 002f24a50270e1c847d21b8530db933dcbdc499f 96344c48276b6477946734dfa6f60c187fa33d371c0f4bc2156edc0e2868617c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/popup-builder/public/css/theme.css?ver=4.2.7 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: text/css
content-length: 15343
last-modified: Tue, 20 Feb 2024 20:09:49 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: HIT
age: 26877
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531b48b6b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/document-emberdder/dist/public.css?ver=1.8.6 | 66.235.200.147 | | 545 B |
URL constantclients.cc/wp-content/plugins/document-emberdder/dist/public.css?ver=1.8.6 IP66.235.200.147:0
File typeASCII text, with very long lines (1289) Hashfd70481184bb5db0628a2457c7614c50 c17d20bb7878723585f0e393b16b5151d9d2c0dc 294c91a9d8e5a19c67cc03c6c2865cbe637773d6e2137f5b4c8b2f5566ae1ee3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/document-emberdder/dist/public.css?ver=1.8.6 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: text/css
content-length: 545
last-modified: Sat, 09 Mar 2024 08:07:00 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: HIT
age: 26877
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531b38b1b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=1.1 | 66.235.200.147 | | 124 B |
URL constantclients.cc/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=1.1 IP66.235.200.147:0
File typeASCII text, with CRLF, CR line terminators Hash9730086eefb28d971b315173f579b3b0 a9845ea261aef600305f310c15d83232ee33460d 9c0647c53dde19cd56b2dfd0626db41f3db20c92984e1e6a4d469c19e4823adf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=1.1 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: text/css
content-length: 124
last-modified: Mon, 25 Dec 2023 20:13:33 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: HIT
age: 26877
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531b48bbb518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/New/Auth/sf_rand_string_lowercase6/aXp6eUBrYXlha2xhc3ZlZ2FzLmNvbQ== | 66.235.200.147 | | 4.1 kB |
URL constantclients.cc/New/Auth/sf_rand_string_lowercase6/aXp6eUBrYXlha2xhc3ZlZ2FzLmNvbQ== IP66.235.200.147:0
File typegzip compressed data, from Unix Hashbcf4615335416ffed318275574b13b4b 3ba04b1fe337e2369c7dcb4c2e32e9b6dd7be35f db165aded81d36196894eba80a721e8282f9ca1662afb700b02fdd83b2d12f1f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /New/Auth/sf_rand_string_lowercase6/aXp6eUBrYXlha2xhc3ZlZ2FzLmNvbQ== HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: text/html; charset=UTF-8
location: https://constantclients.cc
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
vary: Accept-Encoding
set-cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000; path=/; domain=.constantclients.cc; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87645310898bb518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/uploads/elementor/css/post-999.css?ver=1708890611 | 66.235.200.147 | | 4.9 kB |
URL constantclients.cc/wp-content/uploads/elementor/css/post-999.css?ver=1708890611 IP66.235.200.147:0
File typeASCII text, with very long lines (22576), with no line terminators Hash05f67e1594bf828a7fc28cb5804ce3dd 1e76805190ce70d64f2930b1fda33f46e8deb62a ab659952ddbb016fa6a2ca12bba964321c4a7e0e4f0585288eb54708e0d76f6d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/elementor/css/post-999.css?ver=1708890611 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: text/css
content-length: 4861
last-modified: Sun, 25 Feb 2024 19:50:11 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: HIT
age: 26877
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531b58dbb518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/uploads/elementor/css/post-7.css?ver=1708890610 | 66.235.200.147 | | 384 B |
URL constantclients.cc/wp-content/uploads/elementor/css/post-7.css?ver=1708890610 IP66.235.200.147:0
File typeASCII text, with very long lines (1142), with no line terminators Hash09b474b74635adffa3e25525863d8151 b3c4d1017333f8c5962491c1777210d9d72511fb c1f94714293d0da750d2780ad7abf13fd88508fafa0bec27aa9dc4e9065bcf32
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/elementor/css/post-7.css?ver=1708890610 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: text/css
content-length: 384
last-modified: Sun, 25 Feb 2024 19:50:10 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: HIT
age: 26877
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531b58d5b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.28 | 66.235.200.147 | 200 OK | 323 B |
URL GET HTTP/2constantclients.cc/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.28 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
Hasha5bf64d5859ee94a3e8e93d592d6d2a0 049eb63b42dbb820b06870a430f523bf06880721 25825611ade7ceaed7df3862ec56dc91ad1d2be539966ef7bbe84306e51cfb08
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.28 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: text/css
content-length: 323
last-modified: Tue, 16 Apr 2024 20:09:04 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: HIT
age: 26877
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531b48beb518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/uploads/elementor/css/post-1192.css?ver=1708890611 | 66.235.200.147 | | 680 B |
URL constantclients.cc/wp-content/uploads/elementor/css/post-1192.css?ver=1708890611 IP66.235.200.147:0
File typeASCII text, with very long lines (2923), with no line terminators Hash6fec0d84a5bcded957c5e244c3e200cb 5697b9e9d68020e02ccee4f056c51c910a2d8488 b5e9c30e3e3a5d064d2d8d2db6bbd6b3fcb055498a95fffbbc72c60150a3f372
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/elementor/css/post-1192.css?ver=1708890611 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: text/css
content-length: 680
last-modified: Sun, 25 Feb 2024 19:50:11 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: HIT
age: 26877
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531b58e1b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/uploads/pum/pum-site-styles.css?generated=1710878638&ver=1.18.5 | 66.235.200.147 | 200 OK | 5.1 kB |
URL GET HTTP/2constantclients.cc/wp-content/uploads/pum/pum-site-styles.css?generated=1710878638&ver=1.18.5 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (7454), with CRLF, LF line terminators Hash63beb8f6214c4ea3b2ce5873fdd2688e 161298749ae6dd16d5ce225dbbb0275dd5506368 0571bed0897b2a51c345eb29b6c9cf935ff7b67e788cd20b3bbafd1e0524f14b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/pum/pum-site-styles.css?generated=1710878638&ver=1.18.5 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: text/css
content-length: 5105
last-modified: Tue, 19 Mar 2024 20:03:58 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:49 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: HIT
age: 26876
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531b68e9b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/uploads/elementor/css/global.css?ver=1708890611 | 66.235.200.147 | 200 OK | 3.5 kB |
URL GET HTTP/2constantclients.cc/wp-content/uploads/elementor/css/global.css?ver=1708890611 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (21216) Hashfb46c36a0e1370c14602c354a01ae0cb 2d7e31c67202b2cb67d9af9bde7524375e98f050 c30246b474bb2bfa1f801efb85462ed4bfeaaa649ec50289ff5c35fc05132e95
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/elementor/css/global.css?ver=1708890611 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: text/css
content-length: 3455
last-modified: Sun, 25 Feb 2024 19:50:11 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: HIT
age: 26877
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531b58d7b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16 | 66.235.200.147 | | 544 B |
URL constantclients.cc/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16 IP66.235.200.147:0
File typeASCII text, with very long lines (1604), with no line terminators Hash2a489d28e2fc2088b3fe0bcda8417525 af48dd19c11ceac12d2473b2b8e216da9d9d432c c19e3e4151ea4933fa9ba9703c51fe20ad469237771214b1c5001d1b107ddef5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: text/css
content-length: 544
last-modified: Tue, 16 Apr 2024 08:03:52 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: HIT
age: 26877
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531b68ecb518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/ubermenu/pro/assets/css/skins/white.css?ver=6.5.2 | 66.235.200.147 | | 808 B |
URL constantclients.cc/wp-content/plugins/ubermenu/pro/assets/css/skins/white.css?ver=6.5.2 IP66.235.200.147:0
Hash58311224f456f95332c7c1b360ab72b4 7854653d128ca318ab757bf62c1ede84261f12ea b37971ae4f66c84263ac0bd6541163c4ab5d1b82132610e727cdee5051b39481
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ubermenu/pro/assets/css/skins/white.css?ver=6.5.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: text/css
content-length: 808
last-modified: Sat, 27 May 2023 14:54:44 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:49 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: HIT
age: 26876
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531b68f4b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min.css?ver=8.4.5 | 66.235.200.147 | | 5.4 kB |
URL constantclients.cc/wp-content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min.css?ver=8.4.5 IP66.235.200.147:0
File typeASCII text, with very long lines (16214) Hasha2431bc290cf34e330e11ec4cfce1247 32a53342901fef5f4f4dbb26a555e730f84437a4 c57e64fcb72bddafa9c38de574441c3e69ac6c961df96b0cad34da83658bd196
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min.css?ver=8.4.5 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: text/css
content-length: 5361
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: HIT
age: 26877
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531b58d3b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.9.15 | 66.235.200.147 | 200 OK | 1.0 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.9.15 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (3757) Hash328ebfd01781de6fe0f18f59ca04861c 334fea12d6d0d4de5f19f0f1db467b444b0d67c3 0bc32c16a963f587d3d0d69da37f1ddf1269221fc7df0907f420624614ab2963
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.9.15 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: text/css
content-length: 1028
last-modified: Tue, 09 Apr 2024 12:13:51 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: HIT
age: 26877
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531b68f8b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/ubermenu/pro/assets/css/ubermenu.min.css?ver=3.7.4 | 66.235.200.147 | | 13 kB |
URL constantclients.cc/wp-content/plugins/ubermenu/pro/assets/css/ubermenu.min.css?ver=3.7.4 IP66.235.200.147:0
File typeASCII text, with very long lines (65536), with no line terminators Hash30d4da1b06f620d981ebf7f1cfdebe7a 5be661ca056df76e26b16fe85c72378010fb2ad3 f7ba7e664816f88dde2f3f9b789e427087a5deb8986f708dd02bcfe1c0d8ff55
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ubermenu/pro/assets/css/ubermenu.min.css?ver=3.7.4 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: text/css
content-length: 12707
last-modified: Sat, 27 May 2023 14:54:44 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: HIT
age: 26877
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531b68f2b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/themes/mesmerize/assets/css/theme.bundle.min.css?ver=1.6.109 | 66.235.200.147 | | 18 kB |
URL constantclients.cc/wp-content/themes/mesmerize/assets/css/theme.bundle.min.css?ver=1.6.109 IP66.235.200.147:0
File typeASCII text, with very long lines (34446) Hashbb0c62f3cc6d9060171af6f42e68c296 6809ceee753cf8c1dd823b4dc565bf232e0a52a5 4122023e5f7e22cd0d2dc7bb99cf441cb2ba32b7b3b1b6dbc6cf23e1afe7c699
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/mesmerize/assets/css/theme.bundle.min.css?ver=1.6.109 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: text/css
content-length: 17766
last-modified: Sat, 27 May 2023 14:54:47 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: HIT
age: 26877
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531b68e6b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/ubermenu/assets/fontawesome/css/all.min.css?ver=6.5.2 | 66.235.200.147 | 200 OK | 13 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/ubermenu/assets/fontawesome/css/all.min.css?ver=6.5.2 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (58392) Hash76cb46c10b6c0293433b371bae2414b2 0038dc97c79451578b7bd48af60ba62282b4082b 876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ubermenu/assets/fontawesome/css/all.min.css?ver=6.5.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: text/css
content-length: 12646
last-modified: Sat, 27 May 2023 14:54:44 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: HIT
age: 26877
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531b68f7b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 | 66.235.200.147 | 200 OK | 13 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (57884) Hashf4af7e5ec05ebb0f08d43e2384266abc a1869e155e92fa178b9c3ae6dff787df57f195c6 fafc4160788beca657ec3e3041976281fb6d54a0e82bb4d22a433f7c6bb8b1d6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: text/css
content-length: 12618
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: HIT
age: 26877
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531b68fab518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/uploads/2021/08/menu-04-150x150.png | 66.235.200.147 | | 3.3 kB |
URL constantclients.cc/wp-content/uploads/2021/08/menu-04-150x150.png IP66.235.200.147:0
File typePNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced Hashb22da683e8599d7f8c458a6b0146d678 a287c6e75a6bcad356eb7962dda80604818ff74d 39964261d7bd055965eb0c4eb3bcc8fd47322720c14ee1f96b900c7f52d46b1f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2021/08/menu-04-150x150.png HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: image/png
content-length: 3335
x-webp-convert-log: Serving original (it is smaller)
vary: Accept,Accept-Encoding
last-modified: Sat, 27 May 2023 14:54:54 GMT
cache-control: max-age=31536000
expires: Fri, 18 Apr 2025 04:02:49 GMT
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: HIT
age: 26876
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531b994db518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 | 66.235.200.147 | | 308 B |
URL constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 IP66.235.200.147:0
File typeASCII text, with very long lines (489) Hash144e43c3b3d8ea5b278c062c202c92f2 3c037057a419245849747b4762d09d88cab66fc1 9cd63b8cea25045c14623c538d26752518a58c0c682795ce6ad3078976c65a37
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: text/css
content-length: 308
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: HIT
age: 26877
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531b9936b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 | 66.235.200.147 | 200 OK | 309 B |
URL GET HTTP/2constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (483) Hash9eb2d3c87feb6bb2ffa63b70532b1477 38f226335a05ab0e30497bc7419eb5e243a9e26c 37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: text/css
content-length: 309
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: HIT
age: 26877
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531b9933b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.28 | 66.235.200.147 | | 12 kB |
URL constantclients.cc/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.28 IP66.235.200.147:0
File typeUnicode text, UTF-8 text, with very long lines (1646) Hashb46c6c561749d353ded2332c13a5e8eb 4c5ad91ccb661a5e48f9c502c06b326878f4f715 6f708315ec1e5f14fcf831768764aad338d6507ac1e5f11c155c820487052544
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.28 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: text/css
content-length: 11708
last-modified: Tue, 16 Apr 2024 20:09:04 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: HIT
age: 26877
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531b9955b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/strong-testimonials/public/css/slider-controls-sides-outside-buttons.css?ver=3.1.12 | 66.235.200.147 | | 1.1 kB |
URL constantclients.cc/wp-content/plugins/strong-testimonials/public/css/slider-controls-sides-outside-buttons.css?ver=3.1.12 IP66.235.200.147:0
Hash372079cd65a278dc054c18eb721453a1 0f3d344abc3c648a3b1818d96c3125b2e6419199 709515b4bd2ec01218234daa7fc5ee63dcf3a375ca975f36886c3d029204f140
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/strong-testimonials/public/css/slider-controls-sides-outside-buttons.css?ver=3.1.12 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: text/css
content-length: 1097
last-modified: Fri, 22 Mar 2024 20:03:55 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: HIT
age: 26877
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531b995ab518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/uploads/2021/08/menu-02-150x150.png | 66.235.200.147 | | 2.2 kB |
URL constantclients.cc/wp-content/uploads/2021/08/menu-02-150x150.png IP66.235.200.147:0
File typePNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced Hashf8836a5ca15b4253bb3da24b40d74826 2c2ef93e4e3658d69ee5c5f08f15ba77f0050f3a b20b0cb7ea04a40b6ec1bd37b1567010ac1290b93e618698108429bd18c419f2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2021/08/menu-02-150x150.png HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: image/png
content-length: 2195
x-webp-convert-log: Serving original (it is smaller)
vary: Accept,Accept-Encoding
last-modified: Sat, 27 May 2023 14:54:54 GMT
cache-control: max-age=31536000
expires: Fri, 18 Apr 2025 04:02:48 GMT
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: HIT
age: 26877
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531b994cb518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/strong-testimonials/public/css/rating-display.css?ver=3.1.12 | 66.235.200.147 | | 1.1 kB |
URL constantclients.cc/wp-content/plugins/strong-testimonials/public/css/rating-display.css?ver=3.1.12 IP66.235.200.147:0
Hashe19642eec532b12a9638e63700ca0d54 9cff83f0f1c3efcd7bf2f97d3f3d8d0362d83174 3fab82fbed146cb073c78172db4a86d9eda3da79d385d97a425cd826d6bb084e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/strong-testimonials/public/css/rating-display.css?ver=3.1.12 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: text/css
content-length: 1056
last-modified: Fri, 22 Mar 2024 20:03:55 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: HIT
age: 26877
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531bb98fb518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/strong-testimonials/templates/simple/content.css?ver=3.1.12 | 66.235.200.147 | | 1.7 kB |
URL constantclients.cc/wp-content/plugins/strong-testimonials/templates/simple/content.css?ver=3.1.12 IP66.235.200.147:0
Hash287179058185b5be1e67111fd491578c 9312d120ff41751d4984f11007ce52f3b890a1f5 af187b40e5f20639aaf376e860774c52606fbbfbab325da83d87ff7e6a434e8e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/strong-testimonials/templates/simple/content.css?ver=3.1.12 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: text/css
content-length: 1726
last-modified: Fri, 22 Mar 2024 20:03:55 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: HIT
age: 26877
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531b9958b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/strong-testimonials/public/css/animate.min.css?ver=6.5.2 | 66.235.200.147 | 200 OK | 5.6 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/strong-testimonials/public/css/animate.min.css?ver=6.5.2 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (57790) Hashc78e4003414fbf2814dc097a5e1c784a de9d5645ef10c5362ec1f893bb83995594eadf99 1ed082521f47921ffff14d4ec1c6c3f1ea55114741bee23cc23d4ab6a3213642
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/strong-testimonials/public/css/animate.min.css?ver=6.5.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: text/css
content-length: 5582
last-modified: Fri, 22 Mar 2024 20:03:55 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: HIT
age: 26877
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531bb990b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.21.0 | 66.235.200.147 | | 3.0 kB |
URL constantclients.cc/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.21.0 IP66.235.200.147:0
File typeASCII text, with very long lines (10019) Hash4601ba55044413706c2022cb6c1c3d05 5103ec2fbb389568ebf5cfe4fd721f3df2ff7aec fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.21.0 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: text/css
content-length: 2997
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: HIT
age: 26877
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531bb993b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/icon-01-1024x702.png.webp | 66.235.200.147 | | 46 kB |
URL constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/icon-01-1024x702.png.webp IP66.235.200.147:0
File typeRIFF (little-endian) data, Web/P image Hash3026f217746be77a99b964ab371f1e54 ba579b141f3213e7f8811e74bc7a262133ac4b14 9fc6c1246f52f6c0d3fdd633ba9369330f34f72b81d410978fe9fd35badf2fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/webp-express/webp-images/uploads/2021/08/icon-01-1024x702.png.webp HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: image/webp
content-length: 46548
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764531b9952b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/menu-01-150x150.png.webp | 66.235.200.147 | | 5.7 kB |
URL constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/menu-01-150x150.png.webp IP66.235.200.147:0
File typeRIFF (little-endian) data, Web/P image Hash9b484c028543cac0d4a89f8d2e91c0a9 a86917d94755622d2074b182b146a2040e3cd006 9f581de3fb14633e90e44fe419e8970f1e6eb93d3f43db5dd0b85eefc637d7f8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/webp-express/webp-images/uploads/2021/08/menu-01-150x150.png.webp HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: image/webp
content-length: 5718
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764531b994bb518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/analytics-talk-content-tracking.js?ver=1.20.2 | 66.235.200.147 | | 624 B |
URL constantclients.cc/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/analytics-talk-content-tracking.js?ver=1.20.2 IP66.235.200.147:0
File typeJavaScript source, ASCII text, with very long lines (1685), with no line terminators Hash070a12458ed43e10ecdc3c90ed286af5 ccb5fb60d9153cea396224a484f1984afb29503f a2a6f3d68cab390cc94906f0122540b73d23c164f2c26b356d10e620059135f1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/duracelltomi-google-tag-manager/dist/js/analytics-talk-content-tracking.js?ver=1.20.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: application/javascript
content-length: 624
last-modified: Fri, 05 Apr 2024 14:04:35 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531b9941b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/Logo-New-1.png.webp | 66.235.200.147 | | 15 kB |
URL constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/Logo-New-1.png.webp IP66.235.200.147:0
File typeRIFF (little-endian) data, Web/P image Hash31e0b53ba82b874173ee64e436693d2c a9cd55675f5112377f297920300a74c5bc761ef7 56fe4fe88acd6126c4390e49505042e965ef8fb2cc8aa2bf7e996624e09cb52e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/webp-express/webp-images/uploads/2021/08/Logo-New-1.png.webp HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: image/webp
content-length: 15244
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764531b9945b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/menu-06-150x150.png.webp | 66.235.200.147 | | 5.3 kB |
URL constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/menu-06-150x150.png.webp IP66.235.200.147:0
File typeRIFF (little-endian) data, Web/P image Hash4ffd1646ecdab1cd611bf69edd506086 72413c7466e6526282f25a99c434dc4b4129ca43 328ef997d7204c93f847ee19465dc054520ceae0cb92d82629a05ae1db170127
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/webp-express/webp-images/uploads/2021/08/menu-06-150x150.png.webp HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: image/webp
content-length: 5274
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764531b9949b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/gabrielle-henderson-HJckKnwCXxQ-unsplash-1024x683.jpg.webp | 66.235.200.147 | | 50 kB |
URL constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/gabrielle-henderson-HJckKnwCXxQ-unsplash-1024x683.jpg.webp IP66.235.200.147:0
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1024x683, Scaling: [none]x[none], YUV color, decoders should clamp Hash9630779c0704b4842acf7ca959055124 40efbdd3a6ef2f2c15921f77bbd434daeeb0c3c5 004ff3426ed84301ffa4f8cda28982386f2162ea69d041391cdeef3c731fd8dd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/webp-express/webp-images/uploads/2021/08/gabrielle-henderson-HJckKnwCXxQ-unsplash-1024x683.jpg.webp HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: image/webp
content-length: 49708
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764531b994fb518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 | 66.235.200.147 | | 5.4 kB |
URL constantclients.cc/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP66.235.200.147:0
File typeJavaScript source, ASCII text, with very long lines (13479) Hash9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: application/javascript
content-length: 5422
last-modified: Tue, 08 Aug 2023 20:05:49 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531b9938b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 | 66.235.200.147 | | 8.3 kB |
URL constantclients.cc/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 IP66.235.200.147:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (8189) Hashc4e68a0f3463c0bd3c39eab38815e881 0ce58644e9f3c5063a11453ff287c5ec096465a7 ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: application/javascript
content-length: 8343
last-modified: Sat, 27 May 2023 14:55:03 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531bc9aeb518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/12/Signature-Black-cropped-300x110.png.webp | 66.235.200.147 | | 7.0 kB |
URL constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/12/Signature-Black-cropped-300x110.png.webp IP66.235.200.147:0
File typeRIFF (little-endian) data, Web/P image Hash17bafbce1d3d92316c87a5320d0fe570 a239941ef6521d2e6c012bab5dbc29dbcdbf9eda 63880aa06cb4060255e87752eb0bddc8b704a8dbd8df008156190f920b64069a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/webp-express/webp-images/uploads/2021/12/Signature-Black-cropped-300x110.png.webp HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: image/webp
content-length: 6972
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764531b9953b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/popup-builder/public/js/Popup.js?ver=4.2.7 | 66.235.200.147 | | 11 kB |
URL constantclients.cc/wp-content/plugins/popup-builder/public/js/Popup.js?ver=4.2.7 IP66.235.200.147:0
File typeJavaScript source, ASCII text, with very long lines (5515) Hashaad76345b176f2bdea7082ce27717aba 1f3c44bf0b8169741bc5b3e71e83e05d07b59338 113500b83a965388babfdb15b9740741f750db1890f6fa3677cf1bcaddd96089
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/popup-builder/public/js/Popup.js?ver=4.2.7 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: application/javascript
content-length: 10592
last-modified: Tue, 20 Feb 2024 20:09:50 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531b993bb518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1 | 66.235.200.147 | | 126 B |
URL constantclients.cc/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1 IP66.235.200.147:0
File typeJavaScript source, ASCII text, with no line terminators Hash5ef26b5e47e6951f43ecf2b1fc645222 081afb52577f6f3bb044fdea6d34a632c3cce7e8 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: application/javascript
content-length: 126
last-modified: Tue, 16 Apr 2024 08:03:52 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531b9939b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/gtm4wp-form-move-tracker.js?ver=1.20.2 | 66.235.200.147 | | 313 B |
URL constantclients.cc/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/gtm4wp-form-move-tracker.js?ver=1.20.2 IP66.235.200.147:0
File typeJavaScript source, ASCII text, with very long lines (1138), with no line terminators Hash416f52248a7f5b988d66f1ea80a196ce 06e2618030ffe16fe210c55bb60d42bb77d7b8c6 8b851243dfb01d421b9ad1b062622a23f230c32184a70c07b6e75908bf682961
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/duracelltomi-google-tag-manager/dist/js/gtm4wp-form-move-tracker.js?ver=1.20.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: application/javascript
content-length: 313
last-modified: Fri, 05 Apr 2024 14:04:35 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531bb9a2b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/document-emberdder/dist/public.js?ver=1.8.6 | 66.235.200.147 | | 367 B |
URL constantclients.cc/wp-content/plugins/document-emberdder/dist/public.js?ver=1.8.6 IP66.235.200.147:0
File typeJavaScript source, ASCII text, with very long lines (679), with no line terminators Hash08e2f72feea4e7869318e95199bb7d57 153ebed062f5d87ef13306b6bbe4ebf7f08bda0e b299df1915daab7dc0e6cf895daa21e9d85230335b52edbf6f993c93fae712ac
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/document-emberdder/dist/public.js?ver=1.8.6 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: application/javascript
content-length: 367
last-modified: Sat, 09 Mar 2024 08:07:00 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531b993ab518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1 | 66.235.200.147 | | 2.0 kB |
URL constantclients.cc/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1 IP66.235.200.147:0
File typeJavaScript source, Unicode text, UTF-8 text Hashe3317d55ad904d30ea400a2da2a56686 b998595f2c96f76ba65a808ac4029d66021195b4 ecac4fc801141ce552220be4bb12969e2ee625e2cf08cf0edbac579a279b28f1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: application/javascript
content-length: 1987
last-modified: Mon, 25 Dec 2023 20:13:33 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531bb99db518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/Logo-New-2.png.webp | 66.235.200.147 | | 17 kB |
URL constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/Logo-New-2.png.webp IP66.235.200.147:0
File typeRIFF (little-endian) data, Web/P image Hash365659e2ee3dbbacb90695e65a432595 c842cf95aea83dc2fcc04c1e502afafa9cd69335 0178c88fb747b80c3faa02c63ddf3f56d6e578801cc0b050dc2b2802a1146522
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/webp-express/webp-images/uploads/2021/08/Logo-New-2.png.webp HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: image/webp
content-length: 16556
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764531b9942b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/wp-pdf-generator/assets/js/es6-promise.auto.min.js?ver=1.2.3 | 66.235.200.147 | | 2.7 kB |
URL constantclients.cc/wp-content/plugins/wp-pdf-generator/assets/js/es6-promise.auto.min.js?ver=1.2.3 IP66.235.200.147:0
File typeJavaScript source, ASCII text, with very long lines (6601), with no line terminators Hash7850f75032813dc5c0e9eb75eba880bf 8e298e92961b97e21fce70a681992550f455b2de f2a14fbc03102e3f6139790da043b488e5d0c76b47c80f175a4ca6e4edddc6a3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/wp-pdf-generator/assets/js/es6-promise.auto.min.js?ver=1.2.3 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: application/javascript
content-length: 2719
last-modified: Mon, 05 Jun 2023 08:06:04 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531c1a28b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-includes/js/masonry.min.js?ver=4.2.2 | 66.235.200.147 | | 9.2 kB |
URL constantclients.cc/wp-includes/js/masonry.min.js?ver=4.2.2 IP66.235.200.147:0
File typeJavaScript source, ASCII text, with very long lines (23966) Hash3b3fc826e58fc554108e4a651c9c7848 76778fd446e2ff2377588a7b4ac4d79f258427c9 e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/masonry.min.js?ver=4.2.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: application/javascript
content-length: 9216
last-modified: Sat, 27 May 2023 14:55:04 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531bc9abb518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/wp-pdf-generator/assets/js/html2pdf.min.js?ver=1.2.3 | 66.235.200.147 | 200 OK | 4.8 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/wp-pdf-generator/assets/js/html2pdf.min.js?ver=1.2.3 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (12131), with CRLF line terminators Hash577ec05b87bab1bed79b597059a1fc5e 0e4178ee22cf1711c5ae7c5dfe9f6627152b4c76 660ddb72ebec44a4561b1a7ce4de9855fead2bed538e9350b878a2c2dcff49c4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/wp-pdf-generator/assets/js/html2pdf.min.js?ver=1.2.3 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:46 GMT
content-type: application/javascript
content-length: 4804
last-modified: Mon, 05 Jun 2023 08:06:04 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531c5a72b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.9.15 | 66.235.200.147 | | 4.0 kB |
URL constantclients.cc/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.9.15 IP66.235.200.147:0
File typeJavaScript source, ASCII text, with very long lines (10287), with no line terminators Hash8456ff924afc1c7b79f8e9c61d4edb50 69381f72090b4a2b76385dcbe86a5ce33a042820 bc9ce60ecd8ad81f4255baec05cee96d4a32f484f1cc6975e11ac87a5de667f2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.9.15 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:46 GMT
content-type: application/javascript
content-length: 4001
last-modified: Tue, 09 Apr 2024 12:13:51 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531c1a27b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/uploads/2021/08/menu-03-150x150.png | 66.235.200.147 | | 2.9 kB |
URL constantclients.cc/wp-content/uploads/2021/08/menu-03-150x150.png IP66.235.200.147:0
File typeRIFF (little-endian) data, Web/P image Hash687cae38bd7eee664ac9e4777800b413 4ac9e7015a249928a6a4a46590ecfe74679e2b47 eb86759a697d1d1213ac42344b16564dacea6726b3a8ec61569e7776cd5c74eb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2021/08/menu-03-150x150.png HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:46 GMT
content-type: image/webp
content-length: 2938
x-webp-convert-log: Serving converted file
vary: Accept,Accept-Encoding
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531b9946b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/ubermenu/assets/js/ubermenu.min.js?ver=3.7.4 | 66.235.200.147 | | 12 kB |
URL constantclients.cc/wp-content/plugins/ubermenu/assets/js/ubermenu.min.js?ver=3.7.4 IP66.235.200.147:0
File typeJavaScript source, ASCII text, with very long lines (698) Hash273b37618af3db6db671d2d1c8f0d168 f4d735f4c27b110cc2499e03a8e4854ea7511641 58415d97eb0b5745ccfa6e5e2f996581ec39f6c4af80627d3dd3c06bc5977ca6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ubermenu/assets/js/ubermenu.min.js?ver=3.7.4 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:46 GMT
content-type: application/javascript
content-length: 12333
last-modified: Sat, 27 May 2023 14:54:44 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531c1a25b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/strong-testimonials/public/js/lib/actual/jquery-actual.min.js?ver=1.0.16 | 66.235.200.147 | | 683 B |
URL constantclients.cc/wp-content/plugins/strong-testimonials/public/js/lib/actual/jquery-actual.min.js?ver=1.0.16 IP66.235.200.147:0
File typeJavaScript source, ASCII text Hashcd156e40fd815ff532b6dd8dbb5ffaa1 74ac7fb54741055f249f4237b14ef20d0c7e60d0 93a90efcdb00f1a394d7c9e04fcdc9b7c3589d24ad20046dc4e25553a5672c34
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/strong-testimonials/public/js/lib/actual/jquery-actual.min.js?ver=1.0.16 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:46 GMT
content-type: application/javascript
content-length: 683
last-modified: Fri, 22 Mar 2024 20:03:55 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531c5a77b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 | 66.235.200.147 | | 3.0 kB |
URL constantclients.cc/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 IP66.235.200.147:0
File typeJavaScript source, ASCII text, with very long lines (8171), with no line terminators Hashdda652db133fddb9b80a05c6d1b5c540 60c8514c57a5db2980c4b046b0dd479bd427357b c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:46 GMT
content-type: application/javascript
content-length: 2977
last-modified: Sat, 27 May 2023 14:55:03 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531c6a99b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/strong-testimonials/public/js/lib/strongslider/jquery-strongslider.min.js?ver=3.1.12 | 66.235.200.147 | | 8.5 kB |
URL constantclients.cc/wp-content/plugins/strong-testimonials/public/js/lib/strongslider/jquery-strongslider.min.js?ver=3.1.12 IP66.235.200.147:0
File typeJavaScript source, ASCII text, with very long lines (24588), with no line terminators Hash1895c85b5b2e67091f05c6fab4aab057 9aaa6a3ce5add87efb65c183d0ad3af3eb96561b a7044cbdee5f47cb5450b0315e0efbb606b80db33aa39106d21237bd1e30da71
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/strong-testimonials/public/js/lib/strongslider/jquery-strongslider.min.js?ver=3.1.12 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:46 GMT
content-type: application/javascript
content-length: 8454
last-modified: Fri, 22 Mar 2024 20:03:55 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531c7aabb518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/strong-testimonials/public/js/lib/verge/verge.min.js?ver=1.10.2 | 66.235.200.147 | | 605 B |
URL constantclients.cc/wp-content/plugins/strong-testimonials/public/js/lib/verge/verge.min.js?ver=1.10.2 IP66.235.200.147:0
File typeJavaScript source, ASCII text, with very long lines (1382), with no line terminators Hashd55b2094ba7726bfecc91dbd573aa096 8be6dfaf3a0044f920cc23f882bb5573b2f77b46 f24d6b3320defba731e6dd055dc838a98dbce7f64d1fff9eaacb501113d6b11a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/strong-testimonials/public/js/lib/verge/verge.min.js?ver=1.10.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:46 GMT
content-type: application/javascript
content-length: 605
last-modified: Fri, 22 Mar 2024 20:03:55 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531c6a97b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/strong-testimonials/public/js/controller.min.js?ver=3.1.12 | 66.235.200.147 | | 1.8 kB |
URL constantclients.cc/wp-content/plugins/strong-testimonials/public/js/controller.min.js?ver=3.1.12 IP66.235.200.147:0
File typeJavaScript source, ASCII text, with very long lines (5154), with no line terminators Hash8be478d960c1631768caccadb401d3de 474ed4aed08c7bd6a520b0e62b0bb9bf8bb10267 23e87ea207c2004ed8cde1032e7e0419a52b0ede6848d7ecc0a68f5ceb3fb728
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/strong-testimonials/public/js/controller.min.js?ver=3.1.12 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:46 GMT
content-type: application/javascript
content-length: 1753
last-modified: Fri, 22 Mar 2024 20:03:55 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531c7aaeb518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-includes/js/underscore.min.js?ver=1.13.4 | 66.235.200.147 | | 8.3 kB |
URL constantclients.cc/wp-includes/js/underscore.min.js?ver=1.13.4 IP66.235.200.147:0
File typeJavaScript source, ASCII text, with very long lines (18798) Hashf88d5720bb454ed5d204cbdb56901f6b f1952292fde4b15936e9aac16b2b9896684db95b 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:46 GMT
content-type: application/javascript
content-length: 8305
last-modified: Sat, 27 May 2023 14:55:04 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531c5a78b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 | 66.235.200.147 | | 17 kB |
URL constantclients.cc/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 IP66.235.200.147:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (38582), with no line terminators Hash92f8c01350c630f414f5d0b015ad6864 eab40ab4e77f92f2fb17684aaf44b579a51b8034 17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:46 GMT
content-type: application/javascript
content-length: 16635
last-modified: Tue, 02 Apr 2024 20:04:39 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531c7aa2b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 | 66.235.200.147 | | 3.7 kB |
URL constantclients.cc/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 IP66.235.200.147:0
File typeJavaScript source, ASCII text, with very long lines (12198), with no line terminators Hash3819c3569da71daec283a75483735f7e ecd40a5cc6f0b76200c454ca880210dc301cfab8 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:46 GMT
content-type: application/javascript
content-length: 3747
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531c9adeb518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.21.0 | 66.235.200.147 | | 2.3 kB |
URL constantclients.cc/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.21.0 IP66.235.200.147:0
File typeJavaScript source, ASCII text, with very long lines (4957) Hashd4611b146b41aa47d51076a0d3798082 6bb95b45dfc5379953c39fe6c56322350be95411 25ca7abf6b5b9becd0676818fde2d3b374badcff7867f95dbcbfebeac59a24c0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.21.0 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:46 GMT
content-type: application/javascript
content-length: 2341
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531c9adbb518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.21.0 | 66.235.200.147 | | 16 kB |
URL constantclients.cc/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.21.0 IP66.235.200.147:0
File typeJavaScript source, ASCII text, with very long lines (39932) Hashe89cb5dd5e3b9e2abe2170cc33b94f3f c2b27aae073c0c6beab34f829b3b2615a2b0d56b ebd07e134eaa69ff679725da56a465facafc8a09c61ef8bf42ceead8f79f6562
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.21.0 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:46 GMT
content-type: application/javascript
content-length: 16119
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531c9ae1b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18 | 66.235.200.147 | | 1.6 kB |
URL constantclients.cc/wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18 IP66.235.200.147:0
File typeJavaScript source, ASCII text, with very long lines (4272) Hash072d3f6e5c446f57d5c544f9931860e2 ee6aa3d65b474309376468b24bb6f829a4514809 2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:46 GMT
content-type: application/javascript
content-length: 1589
last-modified: Tue, 02 Apr 2024 20:04:39 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531c7aa5b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0 | 66.235.200.147 | | 2.7 kB |
URL constantclients.cc/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0 IP66.235.200.147:0
File typeJavaScript source, ASCII text, with very long lines (6625), with no line terminators Hashfd7ef2e4737acd74fd0dcdc3b515e304 0d792b33f12a48ee8aaaf2560a63a5682470645b 1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:46 GMT
content-type: application/javascript
content-length: 2746
last-modified: Tue, 07 Nov 2023 20:03:53 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531c6a9ab518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/strong-testimonials/public/js/lib/readmore/readmore.min.js?ver=3.1.12 | 66.235.200.147 | | 596 B |
URL constantclients.cc/wp-content/plugins/strong-testimonials/public/js/lib/readmore/readmore.min.js?ver=3.1.12 IP66.235.200.147:0
File typeASCII text, with very long lines (1567), with no line terminators Hashdc1043230b64324918212e00103a6218 76f877c39fea92ab78ff12c89defa3d8b6bc82db f6588d639bce56904c74e0cc06dcb91976a4d42b18be27afd2207c7c831a3cad
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/strong-testimonials/public/js/lib/readmore/readmore.min.js?ver=3.1.12 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:46 GMT
content-type: application/javascript
content-length: 596
last-modified: Fri, 22 Mar 2024 20:03:55 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531c9ad8b518-OSL
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Montserrat:100 | 142.250.74.138 | | 1.0 kB |
URL fonts.googleapis.com/css?family=Montserrat:100 IP142.250.74.138:0
File typegzip compressed data, max compression Hash52507655523f5a82a7ec97910d0d4c5d f8264bc4ba01050234bd9f572b57cb8a910ba1fa 9e6633318a289526d462a0bc252c2b0dabb06d27b4e820a77927cac3f1c3f106
GET /css?family=Montserrat:100 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 11:30:46 GMT
date: Thu, 18 Apr 2024 11:30:46 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-includes/js/imagesloaded.min.js?ver=5.0.0 | 66.235.200.147 | | 2.1 kB |
URL constantclients.cc/wp-includes/js/imagesloaded.min.js?ver=5.0.0 IP66.235.200.147:0
File typeJavaScript source, ASCII text, with very long lines (4358) Hash6823120876c9afc8929418c9a6f8e343 90b0adb37d70ffec5f9189c36bb0027c310c9502 b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/imagesloaded.min.js?ver=5.0.0 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:46 GMT
content-type: application/javascript
content-length: 2112
last-modified: Tue, 07 Nov 2023 20:03:53 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:46 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531bb9a5b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/popup-builder/public/js/PopupConfig.js?ver=4.2.7 | 66.235.200.147 | | 1.9 kB |
URL constantclients.cc/wp-content/plugins/popup-builder/public/js/PopupConfig.js?ver=4.2.7 IP66.235.200.147:0
File typeJavaScript source, ASCII text, with very long lines (2826) Hashc7a493f7e281b7a2c5fe182a44ba8367 11c971b79a4c8ea2dd1b6b4d7b33192275054f44 3fe8c79d67b21039a5d059ef40761950fb76e1d17933d61509f7eb3c68f5aeeb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/popup-builder/public/js/PopupConfig.js?ver=4.2.7 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:46 GMT
content-type: application/javascript
content-length: 1922
last-modified: Tue, 20 Feb 2024 20:09:50 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:46 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531b993db518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/menu-05-150x150.png.webp | 66.235.200.147 | 200 OK | 4.1 kB |
URL GET HTTP/2constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/menu-05-150x150.png.webp IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash2e75fec5bf9c36e406ff0486160e10d0 272f81d765c86c1777d8a30f95b52e6950c54140 14a962fbf3930509f7035e9f2e1584a108586ecfe08ff2ea188a92c5af1b1d5d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/webp-express/webp-images/uploads/2021/08/menu-05-150x150.png.webp HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:46 GMT
content-type: image/webp
content-length: 4108
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:46 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764531b9948b518-OSL
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-KVRPFLS | 142.250.74.168 | | 73 kB |
URL www.googletagmanager.com/gtm.js?id=GTM-KVRPFLS IP142.250.74.168:0
File typeJavaScript source, ASCII text, with very long lines (5027) Hash703c86f8472b0b40a487c7a581bfa3a4 3d94b89e96f441213a4c42db14bdc6ea46dded4a f7d80704e0b7df528eb66b423a86961d52da96badaa1bb7a57c1ec56b3d3ba70
GET /gtm.js?id=GTM-KVRPFLS HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 11:30:46 GMT
expires: Thu, 18 Apr 2024 11:30:46 GMT
cache-control: private, max-age=900
last-modified: Thu, 18 Apr 2024 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73300
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6 | 66.235.200.147 | | 3.9 kB |
URL constantclients.cc/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6 IP66.235.200.147:0
Hasha8127c1a87bb4f99edbeec7c37311dcd 9997a1745f48bdd233dbe9bd8164daa53eba105b f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:46 GMT
content-type: application/javascript
content-length: 3937
last-modified: Tue, 02 Apr 2024 20:04:39 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:46 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531c7aa8b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 | 66.235.200.147 | | 78 kB |
URL constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 IP66.235.200.147:0
File typeWeb Open Font Format (Version 2), TrueType, length 78196, version 331.-31261 Hashe8a427e15cc502bef99cfd722b37ea98 a9922842a120a7f1eaced667480c5e185a106d69 d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:46 GMT
content-type: font/woff2
content-length: 78196
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:46 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764531faeddb518-OSL
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-MR4VREK4MN&l=dataLayer&cx=c | 142.250.74.168 | | 92 kB |
URL www.googletagmanager.com/gtag/js?id=G-MR4VREK4MN&l=dataLayer&cx=c IP142.250.74.168:0
File typeJavaScript source, ASCII text, with very long lines (3034) Hashe4bd22b3c837174ab5b128033bf37976 b2449cc0a0937be5fa8df9f6d3838a731d9348e1 9b02fbb2b2ee1730c352c341e45a441709331956f1261fc4d8f360f009a6ed88
GET /gtag/js?id=G-MR4VREK4MN&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 11:30:46 GMT
expires: Thu, 18 Apr 2024 11:30:46 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 92497
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.googleapis.com/css?family=Roboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.5.2 | 142.250.74.138 | | 2.1 kB |
URL fonts.googleapis.com/css?family=Roboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.5.2 IP142.250.74.138:0
File typegzip compressed data, max compression Hashc0dc9227b90ca81fdfcf60027caf7b5f 2de599cf70ea1833ba36cc5d323f2dc3d136866a f613341f294d68f913c525b59eda78c2ff870c11c4de0a3c22332d71e659a7a0
GET /css?family=Roboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.5.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 11:30:46 GMT
date: Thu, 18 Apr 2024 11:30:46 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| constantclients.cc/wp-content/uploads/2021/08/rodeo-project-management-software-ONe-snuCaqQ-unsplash.jpg | 66.235.200.147 | | 88 kB |
URL constantclients.cc/wp-content/uploads/2021/08/rodeo-project-management-software-ONe-snuCaqQ-unsplash.jpg IP66.235.200.147:0
File typegzip compressed data, from Unix Hash6b1208c4631138868cc618ef735b8a1c 338575f7b63e4be0eea8f55e3ef43dc49a9a2cc5 e66bcfe53c8791430179c2af5ca7d6dad904d2c3bc0f78039b8089f084e58105
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2021/08/rodeo-project-management-software-ONe-snuCaqQ-unsplash.jpg HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/wp-content/uploads/elementor/css/post-999.css?ver=1708890611
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:46 GMT
content-type: image/webp
x-webp-convert-log: Serving converted file
vary: Accept,Accept-Encoding
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:46 GMT
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 8764531f7e95b518-OSL
X-Firefox-Spdy: h2
|
|
| docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf | 142.250.74.14 | | 0 B |
URL docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf IP142.250.74.14:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 11:30:46 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-VpyGGDVgNNcK35qG-GXQMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
server: GSE
set-cookie: NID=513=aS4GOF-UyuOtK2iJcujiggbTWMlyJKyqGq_OqfAKhsKnMMt1SMLdgsBG_J9_3cT4hNRJqllPActGzupLGf8R-DcUPzdSFLnHgrhwzfKyU8Oz8fa_6p9OIDo5ZHPZ4ymaExX5kYuCqpEfk2q_ENNmIB5A14Ob19OIfahIDdnf_Hg; expires=Fri, 18-Oct-2024 11:30:46 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 | 66.235.200.147 | | 82 kB |
URL constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 IP66.235.200.147:0
File typeWeb Open Font Format (Version 2), TrueType, length 81612, version 1.0 Hashb4d6b90f14c0441aac364e194978408e 142696d43851c8eba0f54c7b94c5f6ebd09703e6 6b2680fab784d245cbb23d3b51e8d18740e8fc1c7c1c8eadcf0b2b7612125ff8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:46 GMT
content-type: font/woff2
content-length: 81612
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:46 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87645320b893b518-OSL
X-Firefox-Spdy: h2
|
|
| docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf | 142.250.74.14 | | 0 B |
URL GET docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf IP142.250.74.14:0
Requested byhttps://constantclients.cc/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 11:30:46 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-security-policy: script-src 'nonce-5rpdnnIXBm99_l23Wat8lw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
server: GSE
set-cookie: NID=513=QzOEbfPKJUiHIu7Di6gGuhgBaeFncQKYPUsHYijCCVF1z0SfZC42OE1BpdhARy8YANmclhlu10ld3pW5O9QqPb0Yg6YXI8dpTMUwjfiN94nDk6I6O9XloWcCLoHzbIleQoncO2RuWhD_355JVsl_nqXparRPtc7a8TZ8XiGSM0g; expires=Fri, 18-Oct-2024 11:30:46 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 142.250.74.163 | | 16 kB |
URL fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://constantclients.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 10:46:32 GMT
expires: Wed, 16 Apr 2025 10:46:32 GMT
cache-control: public, max-age=31536000
age: 175454
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| player.vimeo.com/video/662404108?h=24abf7b0dc&dnt=1&app_id=122963 | 162.159.138.60 | | 5.7 kB |
URL player.vimeo.com/video/662404108?h=24abf7b0dc&dnt=1&app_id=122963 IP162.159.138.60:0
File typeHTML document, ASCII text, with very long lines (9732) Hashd96d1ffb831dee10ebbec53c74080e6f 46d9c85d05e50a4eb3341e8d238fee25fc90fa4b 41678c81bf9e2f6dbce8677a29789058b19409032bd025a03b4a84b1acdfa2aa
GET /video/662404108?h=24abf7b0dc&dnt=1&app_id=122963 HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 11:30:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
expires: Fri, 15 Dec 1985 19:30:00 GMT
link: <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin, <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-host: player-backend-66b7887c5c-np6bl
x-player-backend: g
x-xss-protection: 1; mode=block
x-backend-server: player-backend-edge-entry
x-bapp-server: player-backend-66b7887c5c-np6bl
via: 1.1 varnish
x-served-by: cache-osl6541-OSL
x-cache: MISS
x-cache-hits: 0
x-timer: S1713439846.333456,VS0,VE413
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=SmIofphQnvOLKPrzh2hcUIjoUjM_JAOAoSh0Ag32law-1713439846-1.0.1.1-VhgUw0wIQTAt5w50cKDMLbak3eIUE.JDNZm74uubQnPb9Pt8ejd2hPE_xNPDKvU7JmEjkt1XQd8_owLusS79ig; path=/; expires=Thu, 18-Apr-24 12:00:46 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
_cfuvid=l5h7CQBXlcF5FgGosbAeYfRi7GALZ1gKttb0XYNsk90-1713439846748-0.0.1.1-604800000; path=/; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 8764531f7e9a56cb-OSL
Content-Encoding: gzip
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.163 | | 48 kB |
URL fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://constantclients.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 08:04:32 GMT
expires: Wed, 16 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 185174
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.21.0 | 66.235.200.147 | | 40 kB |
URL constantclients.cc/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.21.0 IP66.235.200.147:0
File typegzip compressed data, from Unix Hash9d2ade421ed3c8dbf3a46d10f88e4b28 4d048144381200e52485050f59d27702ac230806 4d01cc919cfb04653b7f2677e93d1f9632f17a2c4ba019d69d6f34e385bab0a2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.21.0 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:46 GMT
content-type: application/javascript
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:45 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 8764531c9adcb518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/uploads/2021/08/redd-PTRzqc_h1r4-unsplash.jpg | 66.235.200.147 | | 164 kB |
URL constantclients.cc/wp-content/uploads/2021/08/redd-PTRzqc_h1r4-unsplash.jpg IP66.235.200.147:0
File typegzip compressed data, from Unix Size164 kB (163756 bytes) Hash9d87d3a6e54f7ba49870cb119ac10dac b8277d095423bb3a8cecefde8f62dcc349ea43f2 a7eb01634a99fae6f9bf2b5972ccce74bd429b7ab9be604beea5663ee5e87017
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2021/08/redd-PTRzqc_h1r4-unsplash.jpg HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/wp-content/uploads/elementor/css/post-999.css?ver=1708890611
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:46 GMT
content-type: image/webp
x-webp-convert-log: Serving converted file
vary: Accept,Accept-Encoding
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:46 GMT
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 8764531f8eafb518-OSL
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2 | 142.250.74.163 | | 33 kB |
URL fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 32796, version 1.0 Hashb2a264e3e87b58b54b76483238805a40 169d6f17c82024fe0cfc2d19884a14dae2ec0bdb f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929
GET /s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://constantclients.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32796
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 20:20:35 GMT
expires: Tue, 15 Apr 2025 20:20:35 GMT
cache-control: public, max-age=31536000
age: 227411
last-modified: Wed, 13 Sep 2023 22:41:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 | 142.250.74.163 | | 16 kB |
URL fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 15752, version 1.0 Hashb20371a6daf29d4a1f2e85dbbf40fb20 0355a01c1ccb45cb728e7e07c41c8ebf456f70bb 7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://constantclients.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:54:44 GMT
expires: Fri, 18 Apr 2025 02:54:44 GMT
cache-control: public, max-age=31536000
age: 30962
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.163 | | 48 kB |
URL fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://constantclients.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 08:04:32 GMT
expires: Wed, 16 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 185174
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| f.vimeocdn.com/p/4.29.7/css/player.css | 151.101.238.109 | | 22 kB |
URL f.vimeocdn.com/p/4.29.7/css/player.css IP151.101.238.109:0
File typeASCII text, with very long lines (65495) Hash2e4a9443fd858c2ffd20da076d4b266d a47f270e29164f38b31e0262808b7ddf0211a584 c548b66fb01afbc6b8dd54081e76f284dd6daaa12e4a5e8e331c9299bc10c87e
GET /p/4.29.7/css/player.css HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 18 Apr 2024 11:30:47 GMT
age: 61626
x-served-by: cache-iad-kjyo7100091-IAD, cache-osl6545-OSL
x-cache: HIT, HIT
x-cache-hits: 44, 11546
x-timer: S1713439847.426286,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 21772
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.khNBx8_Cbh4.L.F4.O/am=wA/d=0/rs=AC2dHMIvFHbG72CWiW98wYQsYhImXrAZeQ | 142.250.74.35 | | 92 kB |
URL GET www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.khNBx8_Cbh4.L.F4.O/am=wA/d=0/rs=AC2dHMIvFHbG72CWiW98wYQsYhImXrAZeQ IP142.250.74.35:0
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash51bd712308407b2de2b907d0016c01ec c37d535a2198523f78b950c55150de00c61aa011 3259a90d2810b5baa5d4a5d97ceb3fa2d9e83604b1a2d72f5033c0c940be8b72
GET /_/apps-viewer/_/ss/k=apps-viewer.standalone.khNBx8_Cbh4.L.F4.O/am=wA/d=0/rs=AC2dHMIvFHbG72CWiW98wYQsYhImXrAZeQ HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-length: 91670
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 19:18:22 GMT
expires: Thu, 17 Apr 2025 19:18:22 GMT
cache-control: public, max-age=31536000
age: 58345
last-modified: Thu, 04 Apr 2024 07:01:39 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.en_US.cdJChLL3Kzs.O/am=wA/d=1/rs=AC2dHMJ-UPcpj1TrAIHbwPz2NVftQIDTdQ/m=main | 142.250.74.35 | | 490 kB |
URL www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.en_US.cdJChLL3Kzs.O/am=wA/d=1/rs=AC2dHMJ-UPcpj1TrAIHbwPz2NVftQIDTdQ/m=main IP142.250.74.35:0
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (2432) Size490 kB (489997 bytes) Hash2d7af759a51cdc70b1f2f67ddbb117da 59f9c8e902ffe372c0d092830e0da74c88061925 0bc52c2beb6072968767ee6838cd66ec678be1a043ef3de66e2b047ecc8cbeff
GET /_/apps-viewer/_/js/k=apps-viewer.standalone.en_US.cdJChLL3Kzs.O/am=wA/d=1/rs=AC2dHMJ-UPcpj1TrAIHbwPz2NVftQIDTdQ/m=main HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-length: 489997
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 18:11:41 GMT
expires: Thu, 17 Apr 2025 18:11:41 GMT
cache-control: public, max-age=31536000
age: 62346
last-modified: Thu, 04 Apr 2024 11:03:01 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| apis.google.com/js/client.js | 142.250.74.110 | 200 OK | 5.9 kB |
URL GET HTTP/2apis.google.com/js/client.js IP142.250.74.110:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.apis.google.com FingerprintE3:82:77:FB:12:E7:1E:09:41:8D:12:01:82:E8:DB:CC:47:EB:3F:57 ValidityMon, 04 Mar 2024 07:19:24 GMT - Mon, 27 May 2024 07:19:23 GMT
File typeJavaScript source, ASCII text, with very long lines (2054) Hash956abd1c4d33686ed078e1fc2a208e70 adf181b4ffe9f884d1523a9e9055b3c975c22c2f 7ad5b3ae2e3d70b78dcb34e7809635ab483d6f56f8bb224c1660c2385a3157a9
GET /js/client.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 5905
date: Thu, 18 Apr 2024 11:30:47 GMT
expires: Thu, 18 Apr 2024 11:30:47 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "3c0b77da4dd83ef7"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| f.vimeocdn.com/p/4.29.7/js/player.module.js | 151.101.238.109 | | 141 kB |
URL f.vimeocdn.com/p/4.29.7/js/player.module.js IP151.101.238.109:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65447) Size141 kB (141256 bytes) Hash2296fb574aa5763e0de8d692aacc8fc9 bfd743aa1ef5d70b43f5a06c6d71245117c3cbbe da286f7ddc94da3f6fd6453fd5b05d463e31e9f3a64d8eb1caf44f36627a12c0
GET /p/4.29.7/js/player.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
DNT: 1
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 18 Apr 2024 11:30:47 GMT
age: 61627
x-served-by: cache-iad-kcgs7200104-IAD, cache-osl6521-OSL
x-cache: HIT, HIT
x-cache-hits: 41, 10872
x-timer: S1713439848.928908,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 141256
X-Firefox-Spdy: h2
|
|
| i.vimeocdn.com/video/1340250125-d9bf020c04ff83b092ef1d6187adecc9c70cde2a8aee65e3beaec1286637401c-d?mw=80&q=85 | 151.101.128.217 | | 1.9 kB |
URL i.vimeocdn.com/video/1340250125-d9bf020c04ff83b092ef1d6187adecc9c70cde2a8aee65e3beaec1286637401c-d?mw=80&q=85 IP151.101.128.217:0
Hash495da0573fa0c5f6ca053ebd8f7a5677 6320f5c3a15589005981eaadc0b1bec609844e0d 4722f83c07d7e96a439825af0d61982ae6dab1922800a7aa13da1007d65a9aaf
GET /video/1340250125-d9bf020c04ff83b092ef1d6187adecc9c70cde2a8aee65e3beaec1286637401c-d?mw=80&q=85 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/avif
etag: "495da0573fa0c5f6ca053ebd8f7a5677"
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-glb-prod
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
age: 1019937
date: Thu, 18 Apr 2024 11:30:48 GMT
x-served-by: cache-dfw-kdfw8210048-DFW, cache-hel1410034-HEL
x-cache: miss, HIT, HIT
x-cache-hits: 47, 0
x-timer: S1713439848.004404,VS0,VE1
vary: Accept
content-length: 1858
X-Firefox-Spdy: h2
|
|
| f.vimeocdn.com/p/4.29.7/js/vendor.module.js | 151.101.238.109 | | 104 kB |
URL f.vimeocdn.com/p/4.29.7/js/vendor.module.js IP151.101.238.109:0
File typeJavaScript source, ASCII text, with very long lines (65457) Size104 kB (103578 bytes) Hashdaaf0cef21d261fdb059dc53a1e7b610 144556c0102d239542a6ff66e18af23ef8833b3a 4cc5fdc2315043b6059e25fc11d246e71c17049221d468bfb1b17852e53d9311
GET /p/4.29.7/js/vendor.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
DNT: 1
Connection: keep-alive
Referer: https://f.vimeocdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 18 Apr 2024 11:30:48 GMT
age: 61627
x-served-by: cache-iad-kiad7000097-IAD, cache-osl6521-OSL
x-cache: HIT, HIT
x-cache-hits: 43, 10931
x-timer: S1713439848.145514,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 103578
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/feedback/js/help/prod/service/lazy.min.js | 142.250.74.35 | | 37 kB |
URL GET www.gstatic.com/feedback/js/help/prod/service/lazy.min.js IP142.250.74.35:0
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (3383) Hash4d95791a35ae95bd11b6f6d7e880ff93 23f70202a367d2b280f2560bbec29b1c9eee5e66 15ce60ae9fdb72f42e3c0baf6010b4b1c55cb5f80f22e430d21bfc1d6886ec7a
GET /feedback/js/help/prod/service/lazy.min.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="product-feedback-gathering"
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-length: 36935
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 11:27:37 GMT
expires: Thu, 18 Apr 2024 12:17:37 GMT
cache-control: public, max-age=3000
last-modified: Tue, 16 Apr 2024 14:54:38 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| constantclients.cc/wp-content/uploads/2021/09/gif-nathan-one-small.gif | 66.235.200.147 | | 26 MB |
URL constantclients.cc/wp-content/uploads/2021/09/gif-nathan-one-small.gif IP66.235.200.147:0
File typeGIF image data, version 89a, 800 x 450 Size26 MB (25826397 bytes) Hashff9cbf550acbe064120cf44e878439c3 4b204427b01975d64999eb3759c5f171d176843a 8dedb3ac31f717a8a2b426479e0840d76c418b13ca6beb2a314d43b52ba197fc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2021/09/gif-nathan-one-small.gif HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/wp-content/uploads/elementor/css/post-999.css?ver=1708890611
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:46 GMT
content-type: image/gif
content-length: 25826397
last-modified: Sat, 27 May 2023 14:54:55 GMT
cache-control: max-age=31536000
expires: Fri, 18 Apr 2025 04:02:49 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: HIT
age: 26877
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764531f9ebbb518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/uploads/2021/08/cropped-icon-01-192x192.png | 66.235.200.147 | | 9.9 kB |
URL constantclients.cc/wp-content/uploads/2021/08/cropped-icon-01-192x192.png IP66.235.200.147:0
File typeRIFF (little-endian) data, Web/P image Hashe8a5b5a146bd8e4ffdc0a8c5bbb7adf5 c58b5cee35352bf22613c15cf10ceb36b9bc0b52 75cb6d31cc1ecad7a66b631b88bb4f66450ab3bfa8e87115a7ade2ff8e828be7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2021/08/cropped-icon-01-192x192.png HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000; _ga_MR4VREK4MN=GS1.1.1713439846.1.0.1713439846.0.0.1016182287; _ga=GA1.1.546344179.1713439847
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:55 GMT
content-type: image/webp
content-length: 9853
x-webp-convert-log: Serving converted file
vary: Accept,Accept-Encoding
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:55 GMT
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 87645359bcc6b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/uploads/2021/08/cropped-icon-01-32x32.png | 66.235.200.147 | | 1.1 kB |
URL constantclients.cc/wp-content/uploads/2021/08/cropped-icon-01-32x32.png IP66.235.200.147:0
File typeRIFF (little-endian) data, Web/P image Hash8c7b026aec5b1315fee8fd74a60ff598 b30b3d3a9bb3dd916d855d6ae615ffeae5e9bf62 e43810348920bf7d26653e32727554d60ea1ce7b6acf6db3e56f69a0e314e9e0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2021/08/cropped-icon-01-32x32.png HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000; _ga_MR4VREK4MN=GS1.1.1713439846.1.0.1713439846.0.0.1016182287; _ga=GA1.1.546344179.1713439847
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:55 GMT
content-type: image/webp
content-length: 1059
x-webp-convert-log: Serving converted file
vary: Accept,Accept-Encoding
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:55 GMT
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 87645359bcc8b518-OSL
X-Firefox-Spdy: h2
|
|
| i.vimeocdn.com/video/1340250125-d9bf020c04ff83b092ef1d6187adecc9c70cde2a8aee65e3beaec1286637401c-d | 151.101.128.217 | | 120 kB |
URL i.vimeocdn.com/video/1340250125-d9bf020c04ff83b092ef1d6187adecc9c70cde2a8aee65e3beaec1286637401c-d IP151.101.128.217:0
Size120 kB (120021 bytes) Hash0e8d537171164d7c4f039f86ff8a1f63 899a7fb43fcea3ea10840f98cb097a5f770eaf76 00533374d7b8f15e4bfa017685e5a147fe68862d1387d4831bde2ce1b4fbe4b1
GET /video/1340250125-d9bf020c04ff83b092ef1d6187adecc9c70cde2a8aee65e3beaec1286637401c-d HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=2592000
content-type: image/avif
etag: "0e8d537171164d7c4f039f86ff8a1f63"
x-viewmaster-lossless-format: automatic
via: 1.1 google, 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
age: 1001807
date: Thu, 18 Apr 2024 11:30:55 GMT
x-served-by: cache-dfw-kdal2120100-DFW, cache-hel1410034-HEL
x-cache: HIT, HIT
x-cache-hits: 38, 0
x-timer: S1713439856.652030,VS0,VE1
vary: Accept
content-length: 120021
X-Firefox-Spdy: h2
|
|
| ssl.gstatic.com/docs/common/viewer/v3/v-sprite56.svg | 142.250.74.35 | 200 OK | 50 kB |
URL GET HTTP/3ssl.gstatic.com/docs/common/viewer/v3/v-sprite56.svg IP142.250.74.35:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeSVG Scalable Vector Graphics image Hashba7ab7044d6c6c0240c3917858948cff 3b840b104cb3d74d5a35fbd193aca32d27815d3e 0189f7c6ed35a7be5e51a30366fbc54c9c9e27d2511db44895d85a1458f83ab5
GET /docs/common/viewer/v3/v-sprite56.svg HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-length: 50079
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 15:15:27 GMT
expires: Tue, 15 Apr 2025 15:15:27 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 15 Feb 2024 22:18:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
age: 245732
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| constantclients.cc/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 | 66.235.200.147 | | 5.4 kB |
URL constantclients.cc/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 IP66.235.200.147:0
File typeJavaScript source, ASCII text, with very long lines (15752) Hashb976b651932bfd25b9ddb5b7693d88a7 7fcb7cb5c11227f9213b1e08a07d0212209e1432 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000; _ga_MR4VREK4MN=GS1.1.1713439846.1.0.1713439846.0.0.1016182287; _ga=GA1.1.546344179.1713439847
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:59 GMT
content-type: application/javascript
content-length: 5365
last-modified: Tue, 02 Apr 2024 20:04:39 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:59 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 87645370f958b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.3 | 66.235.200.147 | | 755 B |
URL constantclients.cc/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.3 IP66.235.200.147:0
Hashab101e2dafb1e9074546e38658e68e5b 8a8158456227eb8b88b618dae1b951cb0c32edd9 9fb082f10b0f4f7fb4a11bfbe1c8cdc2eaeb5d865c1654aa2cd35168f8c7a19f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.3 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 409 Conflict
date: Thu, 18 Apr 2024 11:30:46 GMT
content-type: text/html; charset=iso-8859-1
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 87645320d8cab518-OSL
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment.min.js | 104.17.24.14 | 200 OK | 16 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment.min.js IP104.17.24.14:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (53324), with no line terminators Hash761502841c035afcf6a9bdc5d0a20d11 69ab16ba8ca68431ab59eff286c7ed1e520bca30 e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
GET /ajax/libs/moment.js/2.24.0/moment.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:59 GMT
content-type: application/javascript; charset=utf-8
content-length: 15508
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f26-d04c"
last-modified: Mon, 04 May 2020 16:13:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 234489
expires: Tue, 08 Apr 2025 11:30:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jhvsTJzDVkfq%2FBbfFfNFBCoR04D6XPiXUIQQgA77ZYlIb5pXKQgKYaCj5edAGqcKJsDeveWpIyRL5AVZRSlmb9SeYlzzfgN7XFl5T65LgiwuN9HTBsb7ZQGCcq68%2F0n%2BW4YsArpb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 876453728e201bfe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/uploads/2021/11/magnet-me-315vPGsAFUk-unsplash.jpg | 66.235.200.147 | 200 OK | 108 kB |
URL GET HTTP/2constantclients.cc/wp-content/uploads/2021/11/magnet-me-315vPGsAFUk-unsplash.jpg IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typegzip compressed data, from Unix Size108 kB (107955 bytes) Hash92d30ceb8962e771b50fb47baa53ee73 852cd40420cb67ceb9b76c425b4fc230a47cd287 dd71f2f2156ec0d88cd048c719cab3e9492d5056bf7e12d868f5076bead06f74
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2021/11/magnet-me-315vPGsAFUk-unsplash.jpg HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/wp-content/uploads/elementor/css/post-999.css?ver=1708890611
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:46 GMT
content-type: image/webp
x-webp-convert-log: Serving converted file
vary: Accept,Accept-Encoding
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:46 GMT
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 8764531f8ea8b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/ | 66.235.200.147 | | 412 B |
IP66.235.200.147:0
Hash8a6d979e3ee20c321603ed4d565b7c14 e8b3e3bb275d9a22aac3e5f5e5bbdcb3d997c6ea f4a101d9e96933adecbfabf132bb682d3b64f2a060514790543c30902affe1f0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: text/html; charset=UTF-8
link: <https://constantclients.cc/wp-json/>; rel="https://api.w.org/", <https://constantclients.cc/wp-json/wp/v2/pages/999>; rel="alternate"; type="application/json", <https://constantclients.cc/>; rel=shortlink
cache-control: max-age=7200
expires: Thu, 18 Apr 2024 13:07:10 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
last-modified: Thu, 18 Apr 2024 11:07:13 GMT
cf-cache-status: HIT
server: cloudflare
cf-ray: 87645319ae3bb518-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.78 | 200 OK | 0 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.78:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://docs.google.com/
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://docs.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 18 Apr 2024 11:30:59 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| docs.google.com/viewerng/thumb?ds=AON1mFxNBAUYCp7qcaMFPmfZz9cX6b5dO938sLzUHiYOWbPDWTZTwGJbcYF_V-w8JjhvUiaIC7vh9laHUmA9y3zHETiLvNSOxewcvo7cgu7qPbwBOm4kcY_qYj72E-MDQf9wFl8BzcK2IKyv1CWtOp93dGpYgR8n-aLmejKgJryPg7_OctcVe5WjLvCeDWdLdX1bG8FlenHgEbryazsb7x2PBhSQ43lCmXs6ePBavn9U_Y9zb-vVy-VwETBdWQcXa2ZA8n05EdJLfNajZ848hHEMLNhxCAJ_oTQWwVso60aji90S5IWDuG5XnpVvzGFKiAkubfpA1m6v&ck=lantern&authuser&w=800&webp=true&p=proj | 142.250.74.14 | | 451 kB |
URL docs.google.com/viewerng/thumb?ds=AON1mFxNBAUYCp7qcaMFPmfZz9cX6b5dO938sLzUHiYOWbPDWTZTwGJbcYF_V-w8JjhvUiaIC7vh9laHUmA9y3zHETiLvNSOxewcvo7cgu7qPbwBOm4kcY_qYj72E-MDQf9wFl8BzcK2IKyv1CWtOp93dGpYgR8n-aLmejKgJryPg7_OctcVe5WjLvCeDWdLdX1bG8FlenHgEbryazsb7x2PBhSQ43lCmXs6ePBavn9U_Y9zb-vVy-VwETBdWQcXa2ZA8n05EdJLfNajZ848hHEMLNhxCAJ_oTQWwVso60aji90S5IWDuG5XnpVvzGFKiAkubfpA1m6v&ck=lantern&authuser&w=800&webp=true&p=proj IP142.250.74.14:0
File typeRIFF (little-endian) data, Web/P image Size451 kB (450727 bytes) Hash5305933be681cddbb7aeb89a6a25f507 46c048d2b8cf99c067d7f75eeeb5430d06c29dde ba13f4a0179d8b1eec97e61727b1ee5b6d056dfc5271b163497849957a05b5db
GET /viewerng/thumb?ds=AON1mFxNBAUYCp7qcaMFPmfZz9cX6b5dO938sLzUHiYOWbPDWTZTwGJbcYF_V-w8JjhvUiaIC7vh9laHUmA9y3zHETiLvNSOxewcvo7cgu7qPbwBOm4kcY_qYj72E-MDQf9wFl8BzcK2IKyv1CWtOp93dGpYgR8n-aLmejKgJryPg7_OctcVe5WjLvCeDWdLdX1bG8FlenHgEbryazsb7x2PBhSQ43lCmXs6ePBavn9U_Y9zb-vVy-VwETBdWQcXa2ZA8n05EdJLfNajZ848hHEMLNhxCAJ_oTQWwVso60aji90S5IWDuG5XnpVvzGFKiAkubfpA1m6v&ck=lantern&authuser&w=800&webp=true&p=proj HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
Alt-Used: 0
HTTP/2 200 OK
content-type: image/webp
expires: Thu, 18 Apr 2024 11:30:59 GMT
date: Thu, 18 Apr 2024 11:30:59 GMT
cache-control: private, max-age=300
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
content-security-policy: script-src 'nonce-CMcEnwZbexqowEck-IoefA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=LHWAD23oKIsOmn1ZI-SRfAIS_Ws_6LQi2Ru_7RJbah4eEF7KRtzOi0Hp4Dzv_UOoWgFVUFnfQtdw0CWBXt6ts_moebvOF8dkkXIgNzu2GVLB4bupRANncp6pYE0i71h8YC5L5-W4UF5lZF9f3My72bg8hl5RqfvI4VtIz11c53M; expires=Fri, 18-Oct-2024 11:30:59 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.78 | 200 OK | 131 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.78:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 2252
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://docs.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 18 Apr 2024 11:30:59 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/gtm4wp-contact-form-7-tracker.js?ver=1.20.2 | 66.235.200.147 | | 16 kB |
URL constantclients.cc/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/gtm4wp-contact-form-7-tracker.js?ver=1.20.2 IP66.235.200.147:0
Hash9e38bf1570d98812e7c02f6d09af28f5 827951cd5cf5ce0db5f0ae99186ea45ef7656025 110e9b1340f0cdd7e0dab82d6875fbd576cdee57e11c384b3cca9eac13db66e0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/duracelltomi-google-tag-manager/dist/js/gtm4wp-contact-form-7-tracker.js?ver=1.20.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000; _ga_MR4VREK4MN=GS1.1.1713439846.1.0.1713439846.0.0.1016182287; _ga=GA1.1.546344179.1713439847
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 409 Conflict
date: Thu, 18 Apr 2024 11:30:48 GMT
content-type: text/html; charset=iso-8859-1
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 87645329eacfb518-OSL
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.28/moment-timezone-with-data-1970-2030.min.js | 104.17.24.14 | | 16 kB |
URL cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.28/moment-timezone-with-data-1970-2030.min.js IP104.17.24.14:0
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash2254f17a3f253430a1e53e0eb421702a 446e6f427e47e99c4b964fe961dc274f602c6be6 a1bf4661317a1c9154c95b655a2bd4e3b9e06ba79e451dcbb62f557d47858412
GET /ajax/libs/moment-timezone/0.5.28/moment-timezone-with-data-1970-2030.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 11:30:59 GMT
content-type: application/javascript; charset=utf-8
content-length: 16247
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f26-224f9"
last-modified: Mon, 04 May 2020 16:13:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2303915
expires: Tue, 08 Apr 2025 11:30:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z%2FrQtvfL8A4KnVt3ZrsR4QSxUG4JKUQ%2FgqjqSowj8MzcPM2HGyieYy20PuJd2Ek%2FvIOM2pNmXOzJDL%2BFbyFaP2MzmXebhgyqrWSiyaiFkwRxlULwa4SmfZxdUkcdYuO%2FfQHN3mNv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87645373acbe5694-OSL
alt-svc: h3=":443"; ma=86400
|
|
| apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs | 142.250.74.110 | | 108 kB |
URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs IP142.250.74.110:0
CertificateIssuerGoogle Trust Services LLC Subject*.apis.google.com FingerprintE3:82:77:FB:12:E7:1E:09:41:8D:12:01:82:E8:DB:CC:47:EB:3F:57 ValidityMon, 04 Mar 2024 07:19:24 GMT - Mon, 27 May 2024 07:19:23 GMT
Size108 kB (108142 bytes) Hash46a0ba2b62105927da8855f2b6965aa3 b98ca6db98588d66f25af3f3d63e2a1e9941fcde 2f0fbafffc24b29a0663e992099ed004efc4abfb7e007993cda8c789329eba7b
GET /_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 111004
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:06:23 GMT
expires: Fri, 11 Apr 2025 17:06:23 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 31 Mar 2024 15:20:31 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 584665
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.78 | 200 OK | 131 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.78:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 2066
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 18 Apr 2024 11:30:59 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| docs.google.com/viewerng/presspage?id=ACFrOgCwvcBpt8DSo422TzymMRtNfRL75a6gD6fnKp2-9wNe4WFsMAQVphdxjRsVFNiX5O1AdnfMAGKt3hujSZYKnuxegAjNcrN35BZjrxx5xRXbHb2m1bjaR9JCZ9Ce-sBKNEJV0QQflvIUskuq&page=0 | 142.250.74.14 | | 915 B |
URL docs.google.com/viewerng/presspage?id=ACFrOgCwvcBpt8DSo422TzymMRtNfRL75a6gD6fnKp2-9wNe4WFsMAQVphdxjRsVFNiX5O1AdnfMAGKt3hujSZYKnuxegAjNcrN35BZjrxx5xRXbHb2m1bjaR9JCZ9Ce-sBKNEJV0QQflvIUskuq&page=0 IP142.250.74.14:0
File typeUnicode text, UTF-8 text, with very long lines (2429) Hash331cb8f66d7363aa2aca72e2d8de2232 e04bfe4c994d4e5c6e9aaa5a086afddc804c3237 91a08ba9fe5f0f4061269bb43c87542bffdc76cf31ed5a0513ecadfcd654b492
GET /viewerng/presspage?id=ACFrOgCwvcBpt8DSo422TzymMRtNfRL75a6gD6fnKp2-9wNe4WFsMAQVphdxjRsVFNiX5O1AdnfMAGKt3hujSZYKnuxegAjNcrN35BZjrxx5xRXbHb2m1bjaR9JCZ9Ce-sBKNEJV0QQflvIUskuq&page=0 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 11:30:59 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
content-security-policy: script-src 'nonce-5CSw1CxeZVBtAWEvGOzE_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=irEn0RzUYAS1zETRz347XBzYBlTAFbwMQZ0GnbXaYxVBQ_SduYpcE2sUNYSktaIfMCX2k0SiBhHGclHJLQrK7XYImF51cS7q7uhHIhmqlVF-G1J7p41_5kJzzbclOhFUoz1QIjLlPCh7jCSi6-WTPO1Wpoc4StVXBf9Zm_JsDrk; expires=Fri, 18-Oct-2024 11:30:59 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf | 142.250.74.14 | | 0 B |
URL docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf IP142.250.74.14:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 11:31:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-security-policy: script-src 'nonce-9z3dHWwIC8UN0GdcyyKavQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
server: GSE
set-cookie: NID=513=c9GQOAz806yCSwV-FFzmDws1gkixG56DPZljRODlZgst6iMHhApQ_h_Hrh6joOiFy21E7cF71b4Z2ZpRpBtBZyLRTlD7lJy-_nrg7PwOLP-99Nk3dpHIBmVIXVrK2g4X9RE-a2nDO2YHd3IvvC4vZ4R08FcJ_hKm85jirpQXTmE; expires=Fri, 18-Oct-2024 11:31:00 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| app.convertobot.com/get_chatbot_info/cvOfPC | 172.67.145.237 | | 1.4 kB |
URL app.convertobot.com/get_chatbot_info/cvOfPC IP172.67.145.237:0
Hash3a6fe679a34bacbc010ab4393706a5c1 292560bc34441fb63e6960ce4980d51f97428974 c9d3ea298b827746f6937910fc9129ca9aa091954d121ceb08b49bd707619fff
GET /get_chatbot_info/cvOfPC HTTP/1.1
Host: app.convertobot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://constantclients.cc
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:31:00 GMT
content-type: application/json
cache-control: no-cache, max-age=172800
access-control-allow-origin: *
expires: Sat, 20 Apr 2024 11:30:59 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F69mLij8e2LRxkMDlGPfpZkuaedDhwJnbNbRAoKQGaE%2B9k7jHPOHNNO7SrnSPKBNxIOr4u93%2BNqfJ00uqmNDWLCTFGHg%2FvPbQIbVcjSu2siZieQ%2FARp%2BMXmQjsa1cHpDC7qVJ7eJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876453744a36b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| conv-avatar.s3.amazonaws.com/avatars/06.png | 3.5.28.235 | | 23 kB |
URL conv-avatar.s3.amazonaws.com/avatars/06.png IP3.5.28.235:0
File typePNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced Hash8b025d1010ad60ad70e06448b50598d3 925d5ed88aece2a5072090958bcfb38c007b4514 fa382ab24a81b1f68b44d4c96dacaf74e1c71b8d6fb00b8423e41286915c73e3
GET /avatars/06.png HTTP/1.1
Host: conv-avatar.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: SXKd9mhIMNq3q4n/ZpKLarm+WV9P6NmYkckKUB8+qK5G8/HEcPVq1J0Q9GyJ7iH+3xhahj+X+btWqbjSwHpBzuG25FEE3MOaZZmnDjQNO5s=
x-amz-request-id: MCBH23BQDE2DEH2W
Date: Thu, 18 Apr 2024 11:31:02 GMT
Last-Modified: Wed, 30 Sep 2020 12:16:27 GMT
ETag: "8b025d1010ad60ad70e06448b50598d3"
x-amz-meta-sha256: fa382ab24a81b1f68b44d4c96dacaf74e1c71b8d6fb00b8423e41286915c73e3
x-amz-meta-s3b-last-modified: 20190124T164417Z
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 23160
|
|
| docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf | 142.250.74.14 | | 0 B |
URL docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf IP142.250.74.14:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 11:31:01 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
content-security-policy: script-src 'nonce-Ml1z_eeu6lwZKl8a8BqLcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
server: GSE
set-cookie: NID=513=ixiIvswJEsG3M_gxCZmkWWUZF9ymzKdHnBoG-zCS9FmQoMb47WK9-mFOWak7YEJ8sUzwmNxA-hd15_Ae6f1B--UWTjVkgLZMroca0i_UjIRM6QCq6ce2OS1cRoI8IxS07T5I8pa8zWExyr0z6sJYtqhVNNRillSbmR2Ptye6bfk; expires=Fri, 18-Oct-2024 11:31:01 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf | 142.250.74.14 | | 0 B |
URL GET docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf IP142.250.74.14:0
Requested byhttps://constantclients.cc/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 11:31:01 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
content-security-policy: script-src 'nonce-o9wcz2rznYlDREQmBh746Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
server: GSE
set-cookie: NID=513=M7WsN7DyP56s6CLw9u-dHrqhjOdARNMgNZwsLb6ZAHCv6hlI3ZjSOHxgWtHOxlXe-Y0LKIFwTQPQCRP-njJ1JY3xToJH9o-RggzlHuQ6Vi6vQBWWb5y7GANOzC9MDL3zvGvjRxM8bxrVwp51Obrr3qzxd08E47I5MB2P-Yf5wPA; expires=Fri, 18-Oct-2024 11:31:01 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.78 | 200 OK | 0 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.78:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://docs.google.com/
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 18 Apr 2024 11:31:02 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf | 142.250.74.14 | | 0 B |
URL GET docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf IP142.250.74.14:0
Requested byhttps://constantclients.cc/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 11:31:02 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
content-security-policy: script-src 'nonce-9sVznJKSxjSIwLloadJ8AA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
server: GSE
set-cookie: NID=513=Ev4-uWxqPTwEamUHDwtx4H6sHiBE-C9rRbGfsMKuCe2eKg6xBzehUWCtfW8mEMhfsKKoOkmeN3_ul5dCo84gL2T36pQn0n7rXRotl5zlJlDaOLZUOcGczBv7_lSMZfjahfdCgZ82NUz0wFEIeYD0n5svhYnTafjJXu_PzUdaQYw; expires=Fri, 18-Oct-2024 11:31:02 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| docs.google.com/viewerng/img?id=ACFrOgCwvcBpt8DSo422TzymMRtNfRL75a6gD6fnKp2-9wNe4WFsMAQVphdxjRsVFNiX5O1AdnfMAGKt3hujSZYKnuxegAjNcrN35BZjrxx5xRXbHb2m1bjaR9JCZ9Ce-sBKNEJV0QQflvIUskuq&page=3&w=800 | 142.250.74.14 | | 224 kB |
URL docs.google.com/viewerng/img?id=ACFrOgCwvcBpt8DSo422TzymMRtNfRL75a6gD6fnKp2-9wNe4WFsMAQVphdxjRsVFNiX5O1AdnfMAGKt3hujSZYKnuxegAjNcrN35BZjrxx5xRXbHb2m1bjaR9JCZ9Ce-sBKNEJV0QQflvIUskuq&page=3&w=800 IP142.250.74.14:0
File typePNG image data, 800 x 1131, 8-bit/color RGB, non-interlaced Size224 kB (224043 bytes) Hash32462fb28cc7e63f5071968dfcc64bea 9022437de3b5114b6e2556a36f227f3914c770aa 14efd614d18cb7e1bbbf7b5322e6420a61ac627f4d8a2ad35450d77866fa56a6
GET /viewerng/img?id=ACFrOgCwvcBpt8DSo422TzymMRtNfRL75a6gD6fnKp2-9wNe4WFsMAQVphdxjRsVFNiX5O1AdnfMAGKt3hujSZYKnuxegAjNcrN35BZjrxx5xRXbHb2m1bjaR9JCZ9Ce-sBKNEJV0QQflvIUskuq&page=3&w=800 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 11:31:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
content-security-policy: script-src 'nonce-yXGNinRdwKTOMQPPj1H0WA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=Dl7hBh0QMvYmais0XeKhJhO6-7Q8t2Ms1nIaXPUleduqK1Hsc3RQ6-7rn_eBcNOdnPJlGi1p3MvAvF9CxTbQTQAM2fRq079sUKdvy1r-laxFamfKKbcgOUuv8IGqnZxw_i3CxWKB1HU0g7QgEYOCjQTFp5-djN9HcHVsKl9ay5s; expires=Fri, 18-Oct-2024 11:30:59 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.78 | 200 OK | 131 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.78:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 7639
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 18 Apr 2024 11:31:02 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 | 142.250.74.163 | | 15 kB |
URL fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 14940, version 1.0 Hasha46fb7aae99225fdfd9d64b2b8b1063f 1ee50bf5985c1956dde1c06d9b1cec4645ddb92b 4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
GET /s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://constantclients.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14940
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:59:57 GMT
expires: Fri, 18 Apr 2025 02:59:57 GMT
cache-control: public, max-age=31536000
age: 30666
last-modified: Wed, 13 Sep 2023 22:46:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| docs.google.com/viewerng/img?id=ACFrOgCwvcBpt8DSo422TzymMRtNfRL75a6gD6fnKp2-9wNe4WFsMAQVphdxjRsVFNiX5O1AdnfMAGKt3hujSZYKnuxegAjNcrN35BZjrxx5xRXbHb2m1bjaR9JCZ9Ce-sBKNEJV0QQflvIUskuq&page=0&w=800 | 142.250.74.14 | 200 OK | 633 kB |
URL GET HTTP/3docs.google.com/viewerng/img?id=ACFrOgCwvcBpt8DSo422TzymMRtNfRL75a6gD6fnKp2-9wNe4WFsMAQVphdxjRsVFNiX5O1AdnfMAGKt3hujSZYKnuxegAjNcrN35BZjrxx5xRXbHb2m1bjaR9JCZ9Ce-sBKNEJV0QQflvIUskuq&page=0&w=800 IP142.250.74.14:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typePNG image data, 800 x 1131, 8-bit/color RGB, non-interlaced Size633 kB (633411 bytes) Hashaae3f9ac79320b961eb2f8796b5d5527 b69b3dc95bce7538a57d82bdeea8b4f62e47cdcd 6c51003be18264410edf33d49e53f056fbc72591dc2b3fadeb41ee90da4d0a06
GET /viewerng/img?id=ACFrOgCwvcBpt8DSo422TzymMRtNfRL75a6gD6fnKp2-9wNe4WFsMAQVphdxjRsVFNiX5O1AdnfMAGKt3hujSZYKnuxegAjNcrN35BZjrxx5xRXbHb2m1bjaR9JCZ9Ce-sBKNEJV0QQflvIUskuq&page=0&w=800 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 11:31:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-security-policy: script-src 'nonce-9cBEEH7fK3vfo5srvQqpSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=PNsTtPmZrvLNkeH203c3TNF5HwPVl66NSzlsk6F0rSHPAQZdLbMYRfqQgU_ITR1ZDBruQV8lx9X3Mj04CeatxcnxP3XeLj-mxEvGXff4UVZgc4PM3H0s9lWWcM8C_3UDQ-bIu5sUDrkVdiiShnQJsp7nC1mnBjfARkwlMRx5LcQ; expires=Fri, 18-Oct-2024 11:30:59 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.khNBx8_Cbh4.L.F4.O/am=wA/d=0/rs=AC2dHMIvFHbG72CWiW98wYQsYhImXrAZeQ | 142.250.74.35 | | 92 kB |
URL GET www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.khNBx8_Cbh4.L.F4.O/am=wA/d=0/rs=AC2dHMIvFHbG72CWiW98wYQsYhImXrAZeQ IP142.250.74.35:0
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash51bd712308407b2de2b907d0016c01ec c37d535a2198523f78b950c55150de00c61aa011 3259a90d2810b5baa5d4a5d97ceb3fa2d9e83604b1a2d72f5033c0c940be8b72
GET /_/apps-viewer/_/ss/k=apps-viewer.standalone.khNBx8_Cbh4.L.F4.O/am=wA/d=0/rs=AC2dHMIvFHbG72CWiW98wYQsYhImXrAZeQ HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-length: 91670
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 19:18:22 GMT
expires: Thu, 17 Apr 2025 19:18:22 GMT
cache-control: public, max-age=31536000
age: 58361
last-modified: Thu, 04 Apr 2024 07:01:39 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.en_US.cdJChLL3Kzs.O/am=wA/d=1/rs=AC2dHMJ-UPcpj1TrAIHbwPz2NVftQIDTdQ/m=main | 142.250.74.35 | | 490 kB |
URL www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.en_US.cdJChLL3Kzs.O/am=wA/d=1/rs=AC2dHMJ-UPcpj1TrAIHbwPz2NVftQIDTdQ/m=main IP142.250.74.35:0
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (2432) Size490 kB (489997 bytes) Hash2d7af759a51cdc70b1f2f67ddbb117da 59f9c8e902ffe372c0d092830e0da74c88061925 0bc52c2beb6072968767ee6838cd66ec678be1a043ef3de66e2b047ecc8cbeff
GET /_/apps-viewer/_/js/k=apps-viewer.standalone.en_US.cdJChLL3Kzs.O/am=wA/d=1/rs=AC2dHMJ-UPcpj1TrAIHbwPz2NVftQIDTdQ/m=main HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-length: 489997
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 18:11:41 GMT
expires: Thu, 17 Apr 2025 18:11:41 GMT
cache-control: public, max-age=31536000
age: 62362
last-modified: Thu, 04 Apr 2024 11:03:01 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| apis.google.com/js/client.js | 142.250.74.110 | 200 OK | 5.9 kB |
URL GET HTTP/2apis.google.com/js/client.js IP142.250.74.110:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.apis.google.com FingerprintE3:82:77:FB:12:E7:1E:09:41:8D:12:01:82:E8:DB:CC:47:EB:3F:57 ValidityMon, 04 Mar 2024 07:19:24 GMT - Mon, 27 May 2024 07:19:23 GMT
File typeJavaScript source, ASCII text, with very long lines (2054) Hash956abd1c4d33686ed078e1fc2a208e70 adf181b4ffe9f884d1523a9e9055b3c975c22c2f 7ad5b3ae2e3d70b78dcb34e7809635ab483d6f56f8bb224c1660c2385a3157a9
GET /js/client.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 5905
date: Thu, 18 Apr 2024 11:31:03 GMT
expires: Thu, 18 Apr 2024 11:31:03 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "3c0b77da4dd83ef7"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf | 142.250.74.14 | | 40 kB |
URL GET docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf IP142.250.74.14:0
Requested byhttps://constantclients.cc/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeHTML document, ASCII text, with very long lines (4728) Hashb1f87c0eb2f9e97aa058f3a175a11e81 8e16f73c96c64cd5d1d18c184f7df520064837f3 6051c1b84778a3b804321584f8850731b80f9f3786343f77927c5f71398291a9
GET /gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 11:31:03 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-security-policy: script-src 'nonce-VlETPJwniugz5lC4mxfpAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=njd3C7h2ettcDu16ElEQFOu-G_70qDwcptxyv2Mh5MygTQ1BgLLcpjxtcVBxeUc2T2dny6lDnHJXdGYbNjZ3Its1OhxTBqK7TWbpV12QzpCWv_ow1fkXjwIMEb6eJRIIqQOdu-_1BozWjIdp5p5sWyqsbAU7CgBC6MhDopj3jzw; expires=Fri, 18-Oct-2024 11:31:03 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.78 | 200 OK | 0 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.78:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://docs.google.com/
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 18 Apr 2024 11:31:04 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.78 | 200 OK | 131 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.78:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 887
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 18 Apr 2024 11:31:04 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs | 142.250.74.110 | | 111 kB |
URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs IP142.250.74.110:0
CertificateIssuerGoogle Trust Services LLC Subject*.apis.google.com FingerprintE3:82:77:FB:12:E7:1E:09:41:8D:12:01:82:E8:DB:CC:47:EB:3F:57 ValidityMon, 04 Mar 2024 07:19:24 GMT - Mon, 27 May 2024 07:19:23 GMT
File typeJavaScript source, ASCII text, with very long lines (2124) Size111 kB (111004 bytes) Hash9d8cace6dabbc78e36c4aba49c7125b1 797a2f633272abdbf1d88054fbfb3f42adc1415f a4667786f4a20672e060bb8511e66d795c74b5cf705cd316f898cd2de4f68b43
GET /_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 111004
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:06:23 GMT
expires: Fri, 11 Apr 2025 17:06:23 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 31 Mar 2024 15:20:31 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 584681
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| docs.google.com/viewerng/presspage?id=ACFrOgCwvcBpt8DSo422TzymMRtNfRL75a6gD6fnKp2-9wNe4WFsMAQVphdxjRsVFNiX5O1AdnfMAGKt3hujSZYKnuxegAjNcrN35BZjrxx5xRXbHb2m1bjaR9JCZ9Ce-sBKNEJV0QQflvIUskuq&page=3 | 142.250.74.14 | 200 OK | 1.5 kB |
URL GET HTTP/3docs.google.com/viewerng/presspage?id=ACFrOgCwvcBpt8DSo422TzymMRtNfRL75a6gD6fnKp2-9wNe4WFsMAQVphdxjRsVFNiX5O1AdnfMAGKt3hujSZYKnuxegAjNcrN35BZjrxx5xRXbHb2m1bjaR9JCZ9Ce-sBKNEJV0QQflvIUskuq&page=3 IP142.250.74.14:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeUnicode text, UTF-8 text, with very long lines (4498) Hash2b0ab28c03b0473565d019e2b4448c9f 19bf9ffcfb262344bd03b2bb455688140331db8c a9b7b453d19bc79b528d46155cc5da19b0d147e8a635203076702365cf5cda30
GET /viewerng/presspage?id=ACFrOgCwvcBpt8DSo422TzymMRtNfRL75a6gD6fnKp2-9wNe4WFsMAQVphdxjRsVFNiX5O1AdnfMAGKt3hujSZYKnuxegAjNcrN35BZjrxx5xRXbHb2m1bjaR9JCZ9Ce-sBKNEJV0QQflvIUskuq&page=3 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 11:30:59 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-j1_BNcNyf9IhAF5dZ6cY-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=FuUeWOp9uI_u4vUO_oEIkzLVo5ARtmR4soaH6blaweywoo0uu8hnLZADfekwy2GZfH5OTjXvf89HbDGHo7y_N4DKweFURhD2eaLqruezFZ7_6B0LUFbCqBJQpZ55d_cyyMwCYBAIHMR2n6OiFdAWbrX-QoOHb-r-Y7Sl9HS08co; expires=Fri, 18-Oct-2024 11:30:59 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| ssl.gstatic.com/docs/common/viewer/v3/v-sprite56.svg | 142.250.74.35 | 200 OK | 50 kB |
URL GET HTTP/3ssl.gstatic.com/docs/common/viewer/v3/v-sprite56.svg IP142.250.74.35:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeSVG Scalable Vector Graphics image Hashba7ab7044d6c6c0240c3917858948cff 3b840b104cb3d74d5a35fbd193aca32d27815d3e 0189f7c6ed35a7be5e51a30366fbc54c9c9e27d2511db44895d85a1458f83ab5
GET /docs/common/viewer/v3/v-sprite56.svg HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-length: 50079
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 15:15:27 GMT
expires: Tue, 15 Apr 2025 15:15:27 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 15 Feb 2024 22:18:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
age: 245737
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.78 | 200 OK | 0 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.78:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://docs.google.com/
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 18 Apr 2024 11:31:04 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__ | 142.250.74.138 | | 272 B |
URL content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__ IP142.250.74.138:0
File typeHTML document, ASCII text Hash9b1ed9cdcedc353eb7fb5e634ddb0336 1f720be155526ee418d4d303e972453e16789fd8 556b0d721589154354579bd35e1cfa588d9d8d4cf09667a66e9eab9898062022
GET /static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__ HTTP/1.1
Host: content.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce-m3-0jY0oBTUYsn1HtyZWKQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none', require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apiserving"
report-to: {"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
content-length: 272
date: Thu, 18 Apr 2024 11:31:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Tue, 12 Mar 2024 05:08:00 GMT
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp; report-to="apiserving"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf | 142.250.74.14 | | 0 B |
URL docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf IP142.250.74.14:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 11:31:04 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-security-policy: script-src 'nonce-KU8IWfwSYwdncdpfXPz1xQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
server: GSE
set-cookie: NID=513=WFFIlRDPpSEOB-C3nA8USmC9n1sJTy-xXByYxYpmZr4a1-pRV31FUzR05OYdnZ9oMaWnZjic0SXpluxjaBL1I7C9R1XQ46L5m5vF_Dtf92HgLfu9wAQv4XoxUNXMfPQ4DsAoQb8CNKVl6acvX__3fxXWFRc3e3kgNPceLsLQ4oU; expires=Fri, 18-Oct-2024 11:31:04 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| constantclients.cc/wp-content/plugins/strong-testimonials/public/svg/chevron-right-solid.svg | 66.235.200.147 | | 531 kB |
URL constantclients.cc/wp-content/plugins/strong-testimonials/public/svg/chevron-right-solid.svg IP66.235.200.147:0
File typegzip compressed data, from Unix Size531 kB (530778 bytes) Hashbe6a1f18718f11809c7e21973ff58be1 13397b1a5583285a5d2cde8eaba78e3581dddf43 1d3e6d9f6f2eb3fc80d376c111d79c6c3089a61fb19198d7c9b6f6af55c1912d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/strong-testimonials/public/svg/chevron-right-solid.svg HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/wp-content/plugins/strong-testimonials/public/css/slider-controls-sides-outside-buttons.css?ver=3.1.12
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000; _ga_MR4VREK4MN=GS1.1.1713439846.1.0.1713439846.0.0.1016182287; _ga=GA1.1.546344179.1713439847
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:31:03 GMT
content-type: image/svg+xml
last-modified: Fri, 22 Mar 2024 20:03:55 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:31:03 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
vary: Accept-Encoding
server: cloudflare
cf-ray: 876453898c36b518-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.78 | 200 OK | 0 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.78:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://docs.google.com/
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 18 Apr 2024 11:31:04 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.78 | 200 OK | 131 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.78:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 2065
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 18 Apr 2024 11:31:04 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| apis.google.com/js/googleapis.proxy.js?onload=startup | 142.250.74.110 | 200 OK | 5.9 kB |
URL GET HTTP/2apis.google.com/js/googleapis.proxy.js?onload=startup IP142.250.74.110:443
Requested byhttps://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__#parent=https%3A%2F%2Fdocs.google.com&rpctoken=720213770 CertificateIssuerGoogle Trust Services LLC Subject*.apis.google.com FingerprintE3:82:77:FB:12:E7:1E:09:41:8D:12:01:82:E8:DB:CC:47:EB:3F:57 ValidityMon, 04 Mar 2024 07:19:24 GMT - Mon, 27 May 2024 07:19:23 GMT
File typeJavaScript source, ASCII text, with very long lines (2054) Hash7f93e0458ef1a4a7db3a3c75ef5c8f26 56f6636f85494d2dbb878e5214b95c12f71ba567 c2e9943fb0b73a7d2c5e3f3f4c076367903a0fe813bf652d7ee9af81eb150afc
GET /js/googleapis.proxy.js?onload=startup HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://content.googleapis.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 5906
date: Thu, 18 Apr 2024 11:31:04 GMT
expires: Thu, 18 Apr 2024 11:31:04 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "6a1d8767de9e733b"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs | 142.250.74.110 | | 28 kB |
URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs IP142.250.74.110:0
CertificateIssuerGoogle Trust Services LLC Subject*.apis.google.com FingerprintE3:82:77:FB:12:E7:1E:09:41:8D:12:01:82:E8:DB:CC:47:EB:3F:57 ValidityMon, 04 Mar 2024 07:19:24 GMT - Mon, 27 May 2024 07:19:23 GMT
File typeJavaScript source, ASCII text, with very long lines (2124) Hash2756c7839e34e1bfd27282c872153e6b 4f4f889d37f2b2ce157c740b4fcc5cf431f887a5 ae27d17adcefa0111d96a7504de7fef12bcf3167ab70dc3acab6d6e32c9bef3a
GET /_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://content.googleapis.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 28126
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:07:48 GMT
expires: Fri, 11 Apr 2025 17:07:48 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 31 Mar 2024 15:20:31 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 584596
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json | 142.250.74.138 | | 0 B |
URL content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json IP142.250.74.138:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json HTTP/1.1
Host: content.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-ClientDetails: appVersion=5.0%20(X11)&platform=Linux%20x86_64&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0
Content-Type: application/json
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Origin: https://docs.google.com
X-Referer: https://docs.google.com
X-Goog-Encode-Response-If-Executable: base64
Content-Length: 715
Origin: https://content.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
pragma: no-cache
date: Thu, 18 Apr 2024 11:31:04 GMT
vary: Origin, X-Origin
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| docs.google.com/viewerng/img?id=ACFrOgCwvcBpt8DSo422TzymMRtNfRL75a6gD6fnKp2-9wNe4WFsMAQVphdxjRsVFNiX5O1AdnfMAGKt3hujSZYKnuxegAjNcrN35BZjrxx5xRXbHb2m1bjaR9JCZ9Ce-sBKNEJV0QQflvIUskuq&page=1&w=800 | 142.250.74.14 | 200 OK | 114 kB |
URL GET HTTP/3docs.google.com/viewerng/img?id=ACFrOgCwvcBpt8DSo422TzymMRtNfRL75a6gD6fnKp2-9wNe4WFsMAQVphdxjRsVFNiX5O1AdnfMAGKt3hujSZYKnuxegAjNcrN35BZjrxx5xRXbHb2m1bjaR9JCZ9Ce-sBKNEJV0QQflvIUskuq&page=1&w=800 IP142.250.74.14:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typePNG image data, 800 x 1131, 8-bit/color RGB, non-interlaced Size114 kB (114428 bytes) Hash58e2ad9084417dcfe9b06639c335c107 96b51cf168b8258d09390ddd6211b3ac93bc900a 8fba6ddf0b010591b5a7166afa23f5e63f32a5be53ecb97c93d511f416afbb53
GET /viewerng/img?id=ACFrOgCwvcBpt8DSo422TzymMRtNfRL75a6gD6fnKp2-9wNe4WFsMAQVphdxjRsVFNiX5O1AdnfMAGKt3hujSZYKnuxegAjNcrN35BZjrxx5xRXbHb2m1bjaR9JCZ9Ce-sBKNEJV0QQflvIUskuq&page=1&w=800 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 11:30:59 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
content-security-policy: script-src 'nonce-L-g2J4Ce8FmITZtvDd5FkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=cqiyZKJNarIp87AAzhq78wFnEERsVX3fLj3N9x0xZdBd-DiBNgwcGKIGI_QWOGWl_HVqdtb9T7jRsVlpjNsOLeH1jqJo3AeovXqyfaEWqvvRtGzNGREDJ6Go8FOTmNCQFHFogUvwlcEQJZzl1v55i6mdgvNxYnFJB9VqZI4rd_0; expires=Fri, 18-Oct-2024 11:30:59 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| docs.google.com/viewerng/img?id=ACFrOgByfTB7jbLDIbZGJd05Rkzd1UoGhFOsNDujlTUdhxQpucSRzLNo_YsIb-HK4gLGrOUw2XyC3__2f988GS3xT0NzUzwwAW0EvxYXXET8j8lGLjQm4TgNFIiVY17B5hyram0f4qg9-WglNtD1&page=0&w=800 | 142.250.74.14 | | 789 kB |
URL docs.google.com/viewerng/img?id=ACFrOgByfTB7jbLDIbZGJd05Rkzd1UoGhFOsNDujlTUdhxQpucSRzLNo_YsIb-HK4gLGrOUw2XyC3__2f988GS3xT0NzUzwwAW0EvxYXXET8j8lGLjQm4TgNFIiVY17B5hyram0f4qg9-WglNtD1&page=0&w=800 IP142.250.74.14:0
File typePNG image data, 800 x 1131, 8-bit/color RGB, non-interlaced Size789 kB (789209 bytes) Hasha5b7de5aeaf0c20a9b1a348ecc469c68 00b63f6fac6e3ade5c561976b4dd5f91ab0d1f49 d27093aeb044b164eca6ed7a3c40d4bb16761db197f822e5f834395bd4c6aa8d
GET /viewerng/img?id=ACFrOgByfTB7jbLDIbZGJd05Rkzd1UoGhFOsNDujlTUdhxQpucSRzLNo_YsIb-HK4gLGrOUw2XyC3__2f988GS3xT0NzUzwwAW0EvxYXXET8j8lGLjQm4TgNFIiVY17B5hyram0f4qg9-WglNtD1&page=0&w=800 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 11:31:04 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-security-policy: script-src 'nonce-_Dsj1oQ_RbHeQlpu0MBuGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=oB64GWSG4epmW8Zkj8-G4S2JH8bR6s4wW6YVbUkKZb5BTOQLsHIwkwpYKz0ZbmouDUrk4a0aDwQZOxstpHV9uk3_3G0Rqy5Om0gU5FtkgLxfbEDiAyUgh0vJyPjW0MMMVQnofM6BygOnDnKGIDYGsPbfhy-giPI0Wc95gvKh8N8; expires=Fri, 18-Oct-2024 11:31:04 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| docs.google.com/viewerng/presspage?id=ACFrOgByfTB7jbLDIbZGJd05Rkzd1UoGhFOsNDujlTUdhxQpucSRzLNo_YsIb-HK4gLGrOUw2XyC3__2f988GS3xT0NzUzwwAW0EvxYXXET8j8lGLjQm4TgNFIiVY17B5hyram0f4qg9-WglNtD1&page=1 | 142.250.74.14 | | 93 kB |
URL docs.google.com/viewerng/presspage?id=ACFrOgByfTB7jbLDIbZGJd05Rkzd1UoGhFOsNDujlTUdhxQpucSRzLNo_YsIb-HK4gLGrOUw2XyC3__2f988GS3xT0NzUzwwAW0EvxYXXET8j8lGLjQm4TgNFIiVY17B5hyram0f4qg9-WglNtD1&page=1 IP142.250.74.14:0
File typeUnicode text, UTF-8 text, with very long lines (65525) Hash50d6a690dbd9fee93c7e9c494d7837f5 4bf5882d9ef1ea7a5f0ab2e4f1f45a7d2b6fe180 12d1e4715ef01358a8f3e1136be81a117064b64dda9a7f771660cfbeedf6add9
GET /viewerng/presspage?id=ACFrOgByfTB7jbLDIbZGJd05Rkzd1UoGhFOsNDujlTUdhxQpucSRzLNo_YsIb-HK4gLGrOUw2XyC3__2f988GS3xT0NzUzwwAW0EvxYXXET8j8lGLjQm4TgNFIiVY17B5hyram0f4qg9-WglNtD1&page=1 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 11:31:04 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
content-security-policy: script-src 'nonce-_pD9Ln5VPw43UEl5WoUbuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=FF5QiOjN-rK-3EoEqD1hBwZoPHqmV80N4xc7ftG9um-43dgGkfQB2yPWRNjpWg5Tj0LwfklrEzdn9utUhBeXTMCTmbQ9lN-EYjOedLgOe1Cdpr5EX8QVzSpS-byGxdH0KU94GyvGb0u0ngfQIRnu2nXGwNOwsuAIW8eSCfLC5cs; expires=Fri, 18-Oct-2024 11:31:04 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf | 142.250.74.14 | | 493 kB |
URL docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf IP142.250.74.14:0
File typeHTML document, ASCII text, with very long lines (4200) Size493 kB (492679 bytes) Hashe90ef97bedc980db598f88e6809729ec d045b74c8c626105e148fb7b022fb32339cb492b c74fe34ae994c4a46baa5c2a76edeeff983841512799f07535880312175a9df8
GET /gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 11:31:06 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
content-security-policy: script-src 'nonce-FZRXoBnqjX40qJ02GNSizw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=UgciQe5UmRA58MUWFBEHjz7e6lXDzRIllWscn9z5zV3MMjh9AtiVGd0Y7S-mI-UVUTq08iQNJoifx0-LywDuylb9JHQK1huw68aH5OZM_3zjsn33P4QwL_2UffGBNNZxD16GUg3pUCFeb6TTZ-D6X8_7N5kdY5VaegxnY1tiUBo; expires=Fri, 18-Oct-2024 11:31:06 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| docs.google.com/viewerng/img?id=ACFrOgByfTB7jbLDIbZGJd05Rkzd1UoGhFOsNDujlTUdhxQpucSRzLNo_YsIb-HK4gLGrOUw2XyC3__2f988GS3xT0NzUzwwAW0EvxYXXET8j8lGLjQm4TgNFIiVY17B5hyram0f4qg9-WglNtD1&page=2&w=800 | 142.250.74.14 | | 150 kB |
URL docs.google.com/viewerng/img?id=ACFrOgByfTB7jbLDIbZGJd05Rkzd1UoGhFOsNDujlTUdhxQpucSRzLNo_YsIb-HK4gLGrOUw2XyC3__2f988GS3xT0NzUzwwAW0EvxYXXET8j8lGLjQm4TgNFIiVY17B5hyram0f4qg9-WglNtD1&page=2&w=800 IP142.250.74.14:0
File typePNG image data, 800 x 1131, 8-bit/color RGB, non-interlaced Size150 kB (149648 bytes) Hashbd2d5c5f0ff6c46542d9edc54e9dedd7 0200efb35f6ee240515adeab187f86b7b5a502e8 63a05fe4c9e42d0c77d852ea6e85a5aed8980add54644dc5ad76a9cbb01b7433
GET /viewerng/img?id=ACFrOgByfTB7jbLDIbZGJd05Rkzd1UoGhFOsNDujlTUdhxQpucSRzLNo_YsIb-HK4gLGrOUw2XyC3__2f988GS3xT0NzUzwwAW0EvxYXXET8j8lGLjQm4TgNFIiVY17B5hyram0f4qg9-WglNtD1&page=2&w=800 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 11:31:04 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-SIxYZZ-XBltQejmc1zbItg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=gHfCjG8ggDb0rPPXwXAePCIi-uWhbeAgYSHK9M5rQJtOuXPHJ0Ard8Xe-nRbqSS_q0Y5KB5qknVUCq6pA32QvZxyeP8chiDoB6rAb_Gqwhu8hTN3XYrg8wqrQAgAWxZo19hPwu4OrtAlzsxty-ebWvTYnLKf0Hf59TwARabkNWU; expires=Fri, 18-Oct-2024 11:31:04 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/feedback/js/help/prod/service/lazy.min.js | 142.250.74.35 | | 37 kB |
URL GET www.gstatic.com/feedback/js/help/prod/service/lazy.min.js IP142.250.74.35:0
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (3383) Hash4d95791a35ae95bd11b6f6d7e880ff93 23f70202a367d2b280f2560bbec29b1c9eee5e66 15ce60ae9fdb72f42e3c0baf6010b4b1c55cb5f80f22e430d21bfc1d6886ec7a
GET /feedback/js/help/prod/service/lazy.min.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="product-feedback-gathering"
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-length: 36935
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 11:27:37 GMT
expires: Thu, 18 Apr 2024 12:17:37 GMT
cache-control: public, max-age=3000
last-modified: Tue, 16 Apr 2024 14:54:38 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 210
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| docs.google.com/viewerng/presspage?id=ACFrOgByfTB7jbLDIbZGJd05Rkzd1UoGhFOsNDujlTUdhxQpucSRzLNo_YsIb-HK4gLGrOUw2XyC3__2f988GS3xT0NzUzwwAW0EvxYXXET8j8lGLjQm4TgNFIiVY17B5hyram0f4qg9-WglNtD1&page=2 | 142.250.74.14 | 200 OK | 113 kB |
URL GET HTTP/3docs.google.com/viewerng/presspage?id=ACFrOgByfTB7jbLDIbZGJd05Rkzd1UoGhFOsNDujlTUdhxQpucSRzLNo_YsIb-HK4gLGrOUw2XyC3__2f988GS3xT0NzUzwwAW0EvxYXXET8j8lGLjQm4TgNFIiVY17B5hyram0f4qg9-WglNtD1&page=2 IP142.250.74.14:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (5108) Size113 kB (112720 bytes) Hash8055217fefcf54e7dc1b3ae4be65c990 85395047408bbefc6a26b39d2958d91c49bf0fcf 023046efaed9420c0fd72b13390cdc59de8ba1e2e7f3460e1764cacb069d0ea7
GET /viewerng/presspage?id=ACFrOgByfTB7jbLDIbZGJd05Rkzd1UoGhFOsNDujlTUdhxQpucSRzLNo_YsIb-HK4gLGrOUw2XyC3__2f988GS3xT0NzUzwwAW0EvxYXXET8j8lGLjQm4TgNFIiVY17B5hyram0f4qg9-WglNtD1&page=2 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 11:31:04 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
content-security-policy: script-src 'nonce-9sLbrEOv08AL6BJduyiJPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=bYO_RD_p96YJSLODJfAy0A-P6dm8vQYmk5PG--UAeeafYBfsxLWde-svEP4Amljb_Z5nNBVfjR1SvYVwvX7Oa6ya9HJgPEkCvd1Vv6Kdl1Wl7v7byulUAHsOzuhNtt9n6Nw3aTRvagQ4240bedOudrhjCDiJ7e_Tk9TF0u1f6fs; expires=Fri, 18-Oct-2024 11:31:04 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| docs.google.com/viewerng/presspage?id=ACFrOgByfTB7jbLDIbZGJd05Rkzd1UoGhFOsNDujlTUdhxQpucSRzLNo_YsIb-HK4gLGrOUw2XyC3__2f988GS3xT0NzUzwwAW0EvxYXXET8j8lGLjQm4TgNFIiVY17B5hyram0f4qg9-WglNtD1&page=3 | 142.250.74.14 | | 1.6 kB |
URL docs.google.com/viewerng/presspage?id=ACFrOgByfTB7jbLDIbZGJd05Rkzd1UoGhFOsNDujlTUdhxQpucSRzLNo_YsIb-HK4gLGrOUw2XyC3__2f988GS3xT0NzUzwwAW0EvxYXXET8j8lGLjQm4TgNFIiVY17B5hyram0f4qg9-WglNtD1&page=3 IP142.250.74.14:0
File typeUnicode text, UTF-8 text, with very long lines (4895) Hashcca967dcc3877ec5676e61fdce1a65c7 96963aaf98189ed1dd235cc467f66be9bae67878 69bc0609f9310cd6ba22360bec4d83d7f5f2da381fb6f2cbd0be587a99515598
GET /viewerng/presspage?id=ACFrOgByfTB7jbLDIbZGJd05Rkzd1UoGhFOsNDujlTUdhxQpucSRzLNo_YsIb-HK4gLGrOUw2XyC3__2f988GS3xT0NzUzwwAW0EvxYXXET8j8lGLjQm4TgNFIiVY17B5hyram0f4qg9-WglNtD1&page=3 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 11:31:04 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
content-security-policy: script-src 'nonce-cFvAWEEMGKaS_XYhrmo7Wg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=Z-aH4qCan5LRM585yWCohS_nRSL4QHPkjCKVGpLkRf9uqhLgbq_X5-Vn83ULSHZr27hjt4eejEpkh-qaBG-hKkn71U1eyGpTvDGRTQPpPKq5QEDRI2RnJQKKRLLpOM0FJMYH6rA_BHHpNTRxJXA666T8nWw6q62qYu454B4J71c; expires=Fri, 18-Oct-2024 11:31:04 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.78 | 200 OK | 131 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.78:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 887
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 18 Apr 2024 11:31:07 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.78 | 200 OK | 0 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.78:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://docs.google.com/
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 18 Apr 2024 11:31:07 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.78 | 200 OK | 131 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.78:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 7636
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 18 Apr 2024 11:31:07 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| drive.google.com/auth_warmup | 142.250.74.142 | | 0 B |
URL drive.google.com/auth_warmup IP142.250.74.142:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /auth_warmup HTTP/1.1
Host: drive.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 11:31:07 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000
cross-origin-resource-policy: same-site
content-security-policy: require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport, script-src 'nonce-IS3PQtFlU7eH_Jh8NRGGMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveOsidBootstrap/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
reporting-endpoints: default="/_/DriveOsidBootstrap/web-reports?context=eJzjEtDikmII0pBicEqfwRoExELcHL87WjayCcx4tzkQAGi1CRY"
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=513=iralAC7a0EyzrUIn0kxRQ5bUAIH4N6VJg0lo4de9NjzsmshKFloY7aE0_M1H3LJUrfKC1CIr2fq4yuKiKHJlAPTpz85KXTc_GdHZtTbuE2-82TjUnKGyCIFqHZMCWLr856Ej6vtKk9BCwlZHHBA7zxntjww87iOHY5_MDSU5KyY; expires=Fri, 18-Oct-2024 11:31:07 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| ssl.gstatic.com/docs/common/viewer/v3/v-sprite56.svg | 142.250.74.35 | 200 OK | 50 kB |
URL GET HTTP/3ssl.gstatic.com/docs/common/viewer/v3/v-sprite56.svg IP142.250.74.35:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeSVG Scalable Vector Graphics image Hashba7ab7044d6c6c0240c3917858948cff 3b840b104cb3d74d5a35fbd193aca32d27815d3e 0189f7c6ed35a7be5e51a30366fbc54c9c9e27d2511db44895d85a1458f83ab5
GET /docs/common/viewer/v3/v-sprite56.svg HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-length: 50079
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 15:15:27 GMT
expires: Tue, 15 Apr 2025 15:15:27 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 15 Feb 2024 22:18:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
age: 245740
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__ | 142.250.74.138 | | 270 B |
URL content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__ IP142.250.74.138:0
File typeHTML document, ASCII text Hashded59c69061ce3bf223fa63d773cf396 ee21a69bc3c50a5c4c927442ce86c96118b4a3b7 31f0b453d71dc0311ae18ebf359eff539a2b2b61969e96ab1ed4433b5f7221c0
GET /static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__ HTTP/1.1
Host: content.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce-sSphsvixcxrON_w8jXn0yg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none', require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apiserving"
report-to: {"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
content-length: 270
date: Thu, 18 Apr 2024 11:31:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Tue, 12 Mar 2024 05:08:00 GMT
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp; report-to="apiserving"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.78 | 200 OK | 0 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.78:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://docs.google.com/
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 18 Apr 2024 11:31:07 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.78 | 200 OK | 131 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.78:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 2841
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 18 Apr 2024 11:31:07 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| apis.google.com/js/googleapis.proxy.js?onload=startup | 142.250.74.110 | 200 OK | 5.9 kB |
URL GET HTTP/2apis.google.com/js/googleapis.proxy.js?onload=startup IP142.250.74.110:443
Requested byhttps://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__#parent=https%3A%2F%2Fdocs.google.com&rpctoken=720213770 CertificateIssuerGoogle Trust Services LLC Subject*.apis.google.com FingerprintE3:82:77:FB:12:E7:1E:09:41:8D:12:01:82:E8:DB:CC:47:EB:3F:57 ValidityMon, 04 Mar 2024 07:19:24 GMT - Mon, 27 May 2024 07:19:23 GMT
File typeJavaScript source, ASCII text, with very long lines (2054) Hash7f93e0458ef1a4a7db3a3c75ef5c8f26 56f6636f85494d2dbb878e5214b95c12f71ba567 c2e9943fb0b73a7d2c5e3f3f4c076367903a0fe813bf652d7ee9af81eb150afc
GET /js/googleapis.proxy.js?onload=startup HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://content.googleapis.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 5906
date: Thu, 18 Apr 2024 11:31:07 GMT
expires: Thu, 18 Apr 2024 11:31:07 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "6a1d8767de9e733b"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs | 142.250.74.110 | | 28 kB |
URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs IP142.250.74.110:0
CertificateIssuerGoogle Trust Services LLC Subject*.apis.google.com FingerprintE3:82:77:FB:12:E7:1E:09:41:8D:12:01:82:E8:DB:CC:47:EB:3F:57 ValidityMon, 04 Mar 2024 07:19:24 GMT - Mon, 27 May 2024 07:19:23 GMT
File typeJavaScript source, ASCII text, with very long lines (2124) Hash2756c7839e34e1bfd27282c872153e6b 4f4f889d37f2b2ce157c740b4fcc5cf431f887a5 ae27d17adcefa0111d96a7504de7fef12bcf3167ab70dc3acab6d6e32c9bef3a
GET /_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://content.googleapis.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 28126
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:07:48 GMT
expires: Fri, 11 Apr 2025 17:07:48 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 31 Mar 2024 15:20:31 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 584599
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.78 | 200 OK | 0 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.78:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://docs.google.com/
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 18 Apr 2024 11:31:07 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.78 | 200 OK | 131 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.78:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 2656
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 18 Apr 2024 11:31:07 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json | 142.250.74.138 | | 0 B |
URL content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json IP142.250.74.138:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json HTTP/1.1
Host: content.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-ClientDetails: appVersion=5.0%20(X11)&platform=Linux%20x86_64&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0
Content-Type: application/json
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Origin: https://docs.google.com
X-Referer: https://docs.google.com
X-Goog-Encode-Response-If-Executable: base64
Content-Length: 714
Origin: https://content.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin, X-Origin
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
date: Thu, 18 Apr 2024 11:31:07 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| docs.google.com/viewerng/img?id=ACFrOgCwvcBpt8DSo422TzymMRtNfRL75a6gD6fnKp2-9wNe4WFsMAQVphdxjRsVFNiX5O1AdnfMAGKt3hujSZYKnuxegAjNcrN35BZjrxx5xRXbHb2m1bjaR9JCZ9Ce-sBKNEJV0QQflvIUskuq&page=2&w=800 | 142.250.74.14 | 200 OK | 128 kB |
URL GET HTTP/3docs.google.com/viewerng/img?id=ACFrOgCwvcBpt8DSo422TzymMRtNfRL75a6gD6fnKp2-9wNe4WFsMAQVphdxjRsVFNiX5O1AdnfMAGKt3hujSZYKnuxegAjNcrN35BZjrxx5xRXbHb2m1bjaR9JCZ9Ce-sBKNEJV0QQflvIUskuq&page=2&w=800 IP142.250.74.14:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typePNG image data, 800 x 1131, 8-bit/color RGB, non-interlaced Size128 kB (128322 bytes) Hash85038dfd4b714c1c3ef6dfc2cc86ef58 f790758b6d71a60c2b8eade8a8aa615706272452 9349c1a65f75080a47335a6779321c524a903b9e982685451b3cb44feca3faef
GET /viewerng/img?id=ACFrOgCwvcBpt8DSo422TzymMRtNfRL75a6gD6fnKp2-9wNe4WFsMAQVphdxjRsVFNiX5O1AdnfMAGKt3hujSZYKnuxegAjNcrN35BZjrxx5xRXbHb2m1bjaR9JCZ9Ce-sBKNEJV0QQflvIUskuq&page=2&w=800 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 11:31:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-uLrhaqAVoqka1uDy_mftJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=jJLhSguoCgx1ffOJVe2rmdRDPLM2DajVLhx4vXejhDMYgpX2UsOHnq1Ykq4dusrRnQSIHal9HF9t0NMszfY0sw1IcgIz9R-85SEz1lMYBRXvl-tnuLHVdBAefn3HvZ1sXiO9ysrMro72U1nU_M-_Cs9mRqy48znc-gkiZ1ovxHI; expires=Fri, 18-Oct-2024 11:30:59 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| docs.google.com/viewerng/meta?id=ACFrOgByfTB7jbLDIbZGJd05Rkzd1UoGhFOsNDujlTUdhxQpucSRzLNo_YsIb-HK4gLGrOUw2XyC3__2f988GS3xT0NzUzwwAW0EvxYXXET8j8lGLjQm4TgNFIiVY17B5hyram0f4qg9-WglNtD1 | 142.250.74.14 | | 1.1 kB |
URL docs.google.com/viewerng/meta?id=ACFrOgByfTB7jbLDIbZGJd05Rkzd1UoGhFOsNDujlTUdhxQpucSRzLNo_YsIb-HK4gLGrOUw2XyC3__2f988GS3xT0NzUzwwAW0EvxYXXET8j8lGLjQm4TgNFIiVY17B5hyram0f4qg9-WglNtD1 IP142.250.74.14:0
File typeUnicode text, UTF-8 text, with very long lines (2765) Hashd8cfc851965951723ff55fedcb43e530 744454a56a44a404fb0a014c2a66f4811a4426f4 43a9f687b2a7c806c04ba765aaa32a03a288d5e59af72374522a9bb5dd5070d1
GET /viewerng/meta?id=ACFrOgByfTB7jbLDIbZGJd05Rkzd1UoGhFOsNDujlTUdhxQpucSRzLNo_YsIb-HK4gLGrOUw2XyC3__2f988GS3xT0NzUzwwAW0EvxYXXET8j8lGLjQm4TgNFIiVY17B5hyram0f4qg9-WglNtD1 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 11:31:04 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
content-security-policy: script-src 'nonce-Zt9xEiI8TxeItzZHyrlDWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=YlLm9EEg_MkGuc4Fzd_Wr68_CHt6AOIKtxjogFPTUXbNIaLY8eWWqdKr0dgpQ8ygabflMmB1Y4M__ucNd_UAZnBbRVPKzaFYVs_gS_MVWl8PDYkFFlnQ3Qimsh0We5pyBi_wG83JqcQ4py0w1pShOTdyUfuXS1nslQTCTj-WnzY; expires=Fri, 18-Oct-2024 11:31:04 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.78 | 200 OK | 131 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.78:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 7042
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 18 Apr 2024 11:31:10 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.78 | 200 OK | 0 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.78:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://docs.google.com/
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 18 Apr 2024 11:31:12 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| docs.google.com/viewerng/img?id=ACFrOgBC6KnSJEo30n3QywnYdEZvk-6ErOH3veiOP66h3wRP_SxgscsSZBO0YzPEnm4Yd19C9zzzoFSjt-ckV6rPjpLecOfKIPDv2_Ly7FboErDMzbqkuiBH5BQRQ_LihULXRZPMF8t6WuxekjKP&page=3&w=800 | 142.250.74.14 | | 231 kB |
URL docs.google.com/viewerng/img?id=ACFrOgBC6KnSJEo30n3QywnYdEZvk-6ErOH3veiOP66h3wRP_SxgscsSZBO0YzPEnm4Yd19C9zzzoFSjt-ckV6rPjpLecOfKIPDv2_Ly7FboErDMzbqkuiBH5BQRQ_LihULXRZPMF8t6WuxekjKP&page=3&w=800 IP142.250.74.14:0
File typePNG image data, 800 x 1131, 8-bit/color RGB, non-interlaced Size231 kB (230801 bytes) Hash63dbf2f98149a59ab77e73886e123161 6b515bb44f20ed74a985c2cdefee7a08eda85f6d 2ae0a5e6409e499d1f9770566f663401ee5e4b151b50051c7cfa766c524b27b0
GET /viewerng/img?id=ACFrOgBC6KnSJEo30n3QywnYdEZvk-6ErOH3veiOP66h3wRP_SxgscsSZBO0YzPEnm4Yd19C9zzzoFSjt-ckV6rPjpLecOfKIPDv2_Ly7FboErDMzbqkuiBH5BQRQ_LihULXRZPMF8t6WuxekjKP&page=3&w=800 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 11:31:07 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
content-security-policy: script-src 'nonce-EwpW_XAuyGbUxqI1-Em-5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=BHcO-yIoHWrBMuUyDvUOWGmoJ7Syg0W7HmOZgjyWzlm2j8LAFRlsMIXnxivR8JBhxXkvrIva1Izzvj5l9_db8ZVvl2aUmZgEwwNY1XoeIt9dklh9KlEKN3qYfWrOVAVHN--JGdyfkA_lAwrISGgnaDW5kgwlSdvMGk0sBHxHGLs; expires=Fri, 18-Oct-2024 11:31:07 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.78 | 200 OK | 131 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.78:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 1362
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 18 Apr 2024 11:31:12 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.78 | 200 OK | 131 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.78:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 1363
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 18 Apr 2024 11:31:12 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.78 | 200 OK | 0 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.78:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://docs.google.com/
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 18 Apr 2024 11:31:12 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| constantclients.cc/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js | 66.235.200.147 | 200 OK | 1.4 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (1391), with no line terminators Hash4cfac66103459bb99443544ed16dcf67 7d0b411b1ff93b5491c429e550feae0a88f8af72 f74e4df40f87705b7950bc2ddd6e602d7db3cc6499b11d6a2364e59ecebcf581
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000; _ga_MR4VREK4MN=GS1.1.1713439846.1.0.1713439846.0.0.1016182287; _ga=GA1.1.546344179.1713439847
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:59 GMT
content-type: application/javascript
content-length: 672
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:30:59 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 8764537139c6b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.3 | 66.235.200.147 | 409 Conflict | 83 B |
URL GET HTTP/2constantclients.cc/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.3 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeHTML document, ASCII text, with no line terminators Hash839e0e1ee803a341ab291aaed320c8c4 302992d7f2ec44edaa728c17a55c2c903c864755 089a32b861f84eaa48bfb8f106d29365277a979a0300d89feb69eb2a1b6dea45
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.3 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000; _ga_MR4VREK4MN=GS1.1.1713439846.1.0.1713439846.0.0.1016182287; _ga=GA1.1.546344179.1713439847
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 409 Conflict
date: Thu, 18 Apr 2024 11:30:47 GMT
content-type: text/html; charset=iso-8859-1
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 87645325ca22b518-OSL
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/sm.25.html | 104.22.71.197 | 200 OK | 716 B |
URL GET HTTP/3static.addtoany.com/menu/sm.25.html IP104.22.71.197:443
Requested byhttps://constantclients.cc/ CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT
File typeHTML document, ASCII text, with very long lines (744), with no line terminators Hashc3c97893ca5c74e7504aa4ec474ea41b cdccb12d7e73682e0e807107243ede7d5e14c962 b79f65e9ffe3bad9bd9cdcffed0758430f7eb1a630c368dc173eecdeb2821f00
GET /menu/sm.25.html HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 11:30:59 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zug0GuV8TT18l%2FvMZH%2FJnDeJHp7wf%2B1Y662Hj9%2BLzz2bUcCdNCoPp%2Fh0DEFIQdCRWhP4K%2BoKw%2FRmNo3FmNPd%2Fwhjcq0lNYxvJsnDWqwQO4JO8fVs77yEaENmOQytJ1Ua8d%2FapSMn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 12794
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87645370ad819298-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| constantclients.cc/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.29.0 | 66.235.200.147 | 200 OK | 20 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.29.0 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (19732) Hash45f978120a537b249dfac36306ed5471 9eebc1e6fe55d9737d0e91bdfa3976b344ea2a09 67ac597bed179b5842d996fad80472c6b9514edde408ade8b892161bcf9e9c88
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.29.0 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:30:45 GMT
content-type: text/css
content-length: 4117
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: HIT
age: 26877
accept-ranges: bytes
server: cloudflare
cf-ray: 8764531b58c6b518-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/strong-testimonials/public/svg/chevron-left-solid.svg | 66.235.200.147 | 200 OK | 482 B |
URL GET HTTP/2constantclients.cc/wp-content/plugins/strong-testimonials/public/svg/chevron-left-solid.svg IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashd8b074990a8c9f550270f8d265951f35 22014267f7d7ecbde3272518b6adc00a3afc109e 4a40b64e4494ef888fa44056df81fb55ff0471e76aaf9249d00edaeaef5afa88
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/strong-testimonials/public/svg/chevron-left-solid.svg HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/wp-content/plugins/strong-testimonials/public/css/slider-controls-sides-outside-buttons.css?ver=3.1.12
Cookie: _cfuvid=lakRa9BL_mPtL0reRDLluT2Io__LZzszS5ME3hQmVGE-1713439845375-0.0.1.1-604800000; _ga_MR4VREK4MN=GS1.1.1713439846.1.0.1713439846.0.0.1016182287; _ga=GA1.1.546344179.1713439847
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:31:03 GMT
content-type: image/svg+xml
last-modified: Fri, 22 Mar 2024 20:03:55 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 17:31:03 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: REVALIDATED
vary: Accept-Encoding
server: cloudflare
cf-ray: 876453898c2fb518-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| docs.google.com/viewerng/presspage?id=ACFrOgBC6KnSJEo30n3QywnYdEZvk-6ErOH3veiOP66h3wRP_SxgscsSZBO0YzPEnm4Yd19C9zzzoFSjt-ckV6rPjpLecOfKIPDv2_Ly7FboErDMzbqkuiBH5BQRQ_LihULXRZPMF8t6WuxekjKP&page=1 | 0.0.0.0 | | 4.7 kB |
URL GET docs.google.com/viewerng/presspage?id=ACFrOgBC6KnSJEo30n3QywnYdEZvk-6ErOH3veiOP66h3wRP_SxgscsSZBO0YzPEnm4Yd19C9zzzoFSjt-ckV6rPjpLecOfKIPDv2_Ly7FboErDMzbqkuiBH5BQRQ_LihULXRZPMF8t6WuxekjKP&page=1 IP0.0.0.0:0
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeUnicode text, UTF-8 text, with very long lines (4952), with no line terminators Hash7ec4a3a376b11ba95f6fd722cd75ea1a 849e0a3fa398e847b3c1a37359e237ad30454df6 d9ac2e93f75b82c9cf2aa18f827ba0834411676e0b5811562b95814bce4135ed
GET /viewerng/presspage?id=ACFrOgBC6KnSJEo30n3QywnYdEZvk-6ErOH3veiOP66h3wRP_SxgscsSZBO0YzPEnm4Yd19C9zzzoFSjt-ckV6rPjpLecOfKIPDv2_Ly7FboErDMzbqkuiBH5BQRQ_LihULXRZPMF8t6WuxekjKP&page=1 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 11:31:07 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-security-policy: script-src 'nonce-kijTT2BdIKHIN9MJslLQiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=j8Oo8i6PFObxk67f1DpF4_QtexJshd_3U6_yBWpXeBZEnajVAdewVQDBry9yR3qyXvoWAcCLTS1l3xIxuD-_cD9PiZoHevjAb--sqCvQhiIn7uvNHotR7UpN-lXPVueA5D30-FRJSuM0st329qH2MH0a-RM-z9kHiV95F2oX7B4; expires=Fri, 18-Oct-2024 11:31:07 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|