| atlaq.com/logo.png | 104.21.64.58 | 200 OK | 117 kB |
IP104.21.64.58:443
Requested byhttps://globalsou.com.atlaq.com/ CertificateIssuerLet's Encrypt Subjectatlaq.com Fingerprint45:A7:3A:3F:F8:8C:4D:F4:D2:AC:81:79:0B:C2:26:72:5E:53:44:1D ValidityTue, 26 Mar 2024 02:42:52 GMT - Mon, 24 Jun 2024 02:42:51 GMT
File typePNG image data, 500 x 446, 8-bit/color RGBA, non-interlaced Size117 kB (117433 bytes) Hash792b74959e26cd37fd05dfcd0ef07770 c6e3ed2dd9771b077daf93eda5773cd10d621147 7ae2cb133588b7a2926b71630869d602c294840f6c1379666e82b25f3354623b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /logo.png HTTP/1.1
Host: atlaq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://globalsou.com.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 10:41:49 GMT
content-type: image/png
content-length: 117433
cache-control: public, max-age=31536000
expires: Wed, 30 Apr 2025 16:19:32 GMT
last-modified: Wed, 29 Jan 2020 11:21:42 GMT
vary: User-Agent,Origin, Accept-Encoding
strict-transport-security: max-age=31536000;includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 670938
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Baxp4O3mdWN8s2CBEooIucOT3dDrzQFe%2BBnpqRv0sWfQADoXbhnMvqu1aWB%2FihZfBW7Be9l3GJQcrwgbPVd0aSZgqOM2pc9mDekdf1t%2BDnFciYg6iNShxMvFaRA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8808d6ef4a62b4f9-OSL
X-Firefox-Spdy: h2
|
|
| atlaq.com/style.css | 104.21.64.58 | 200 OK | 18 kB |
IP104.21.64.58:443
Requested byhttps://globalsou.com.atlaq.com/ CertificateIssuerLet's Encrypt Subjectatlaq.com Fingerprint45:A7:3A:3F:F8:8C:4D:F4:D2:AC:81:79:0B:C2:26:72:5E:53:44:1D ValidityTue, 26 Mar 2024 02:42:52 GMT - Mon, 24 Jun 2024 02:42:51 GMT
File typeASCII text, with very long lines (49091), with no line terminators Hash1dc4998a41131ac5df41ae820c7f583c 227aa907d96a66d38f5073700d2d8c5e1262187c 1f807cd9d5d8475f4ec107c17a62318927277940eb8bfe1d386ec97ad4cb9f57
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /style.css HTTP/1.1
Host: atlaq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://globalsou.com.atlaq.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 10:41:49 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-bgj: minify
alt-svc: h3=":443"; ma=86400
expires: Thu, 30 May 2024 20:11:54 GMT
last-modified: Tue, 25 Oct 2022 04:42:27 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding,User-Agent,Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 656996
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OPMcbpk6aqLtJkGWNf6GEUqWvXoN5IaslKze2vb3S1Pki%2Bw6tFYbQ%2BNyS5uIZXOr4ielDnD4me4E%2B6wfnU1SAq6cb2662thVU66NT9dm0%2FlIyRCKpYdri9JVxRU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8808d6ef4a63b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-85346163-2 | 142.250.74.168 | 200 OK | 72 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-85346163-2 IP142.250.74.168:443
Requested byhttps://globalsou.com.atlaq.com/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (1822) Hash98f69cde45556ad556131ad89a0b2d76 e15fe77b2987f9a4e3ad3c497b65d475145765aa ea25fa3ad5eede6b28538cfb46eef377d9364a34ccbfdbef15551e1a1eebed8c
GET /gtag/js?id=UA-85346163-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://globalsou.com.atlaq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 10:41:50 GMT
expires: Wed, 08 May 2024 10:41:50 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71493
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| preview.atlaq.com/d37ac50f85d066ab2788c11656b2350e_globalsou.com.png | 104.21.64.58 | 200 OK | 4.8 kB |
URL GET HTTP/2preview.atlaq.com/d37ac50f85d066ab2788c11656b2350e_globalsou.com.png IP104.21.64.58:443
Requested byhttps://globalsou.com.atlaq.com/ CertificateIssuerLet's Encrypt Subjectatlaq.com Fingerprint45:A7:3A:3F:F8:8C:4D:F4:D2:AC:81:79:0B:C2:26:72:5E:53:44:1D ValidityTue, 26 Mar 2024 02:42:52 GMT - Mon, 24 Jun 2024 02:42:51 GMT
File typePNG image data, 683 x 384, 8-bit/color RGBA, non-interlaced Hash7620b0e89492379e012493e48a39a636 5e68c02eada50687f3f9489b1bce3c905a7b7e0d 4b0da1af36b7a89b783255c24b27385d8ee41fe580ac7537dee47b7d8ca2dc1b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /d37ac50f85d066ab2788c11656b2350e_globalsou.com.png HTTP/1.1
Host: preview.atlaq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://globalsou.com.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 10:41:50 GMT
content-type: image/png
content-length: 4826
x-powered-by: Express
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000
last-modified: Tue, 24 Oct 2023 19:07:28 GMT
etag: W/"12da-18b6315b3eb"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EvqkyrzsuSzIr98KEOJVNo4QcJmH6mzqs3pJS4VI1h%2FB9B0dktf7Cyz1pspoFXvo9KlAz5wtcx6NqMj8E0esRXSLb2SOs53eXMV%2BB2hAiynWNcaZxlXb3d9RPMCx%2BrnRglEx2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8808d6ef3a56b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-FPZ0VEL1WQ&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 99 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-FPZ0VEL1WQ&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://globalsou.com.atlaq.com/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hashaffc9428968d07a7556907f40744a78b 5f1d98773a358929f9e12721819c946b6438e475 15a567f0eab5adfd0b7c3e3d764c0289074b48bbc9b63fccf22f0d68dfde5e21
GET /gtag/js?id=G-FPZ0VEL1WQ&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://globalsou.com.atlaq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 10:41:50 GMT
expires: Wed, 08 May 2024 10:41:50 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 99312
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| verre-a-soi.fr/favicon.ico | 185.230.63.107 | 200 OK | 22 kB |
URL GET HTTP/2verre-a-soi.fr/favicon.ico IP185.230.63.107:443
Requested byhttps://globalsou.com.atlaq.com/ CertificateIssuerLet's Encrypt Subjectverre-a-soi.fr Fingerprint7C:02:53:7E:91:A9:D4:65:9C:80:82:21:E4:07:18:71:C1:1B:85:1C ValidityWed, 03 Apr 2024 21:54:35 GMT - Tue, 02 Jul 2024 21:54:34 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hashd1551e39e0251b45d7d383571dff65c7 c82fb1065c01696f8474974342fc55a861ceafdd da069bf773832324f87007062e497657c5477c2c2d39888915b5c2e28b2782c7
GET /favicon.ico HTTP/1.1
Host: verre-a-soi.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 10:41:50 GMT
content-type: image/png
content-length: 21944
etag: W/"55b8-yC+xBlwBaW+EdJdDQvxVqGHOr90"
pragma: no-cache
cache-control: no-store, no-cache
x-seen-by: wmgbEcS9zOENaefw7bU4YSnUdZAmZakUQmJKM8Pg3xw=,W1c2/pqHBqplxcWufHCkILxkNjrXdwdgtu6E0yACibU=,m0j2EEknGIVUW/liY8BLLqv1Icz/+auWkycB0m9nz7sFJmEKNgQ96+wiTVoMq713,qYxvFa0bBL43z6b6TutC4QStZ/IzPk6xgXNtAu2tHbBUGmgMrD/WetH5YyPDNRE8tqeEd0a+XkMD2aU8sxK41g==,VdATtBf5hevuWcyf9l5KlpCK5rbuYarAGePVwyK6BTA=,ZD5L6N5o72Euizfw+olWbA09ekxXodTbguMLmcs31Ek=,u5NX5Mdk4pqaUnQtOh4FpBDSeq1zFAekv1rThGoKz8B/fezhMabmzzvk0tQ/sCeR9Wt+zu9CSVchHQ1T3AaMn3RHMVJKVgSHF1KTLKkmqec=,ZD5L6N5o72Euizfw+olWbA09ekxXodTbguMLmcs31Ek=,rdv3VvpBKKP3t0dJs+SxmWUVhpVocgDTLCfA6ATI3ck=,mvxQ9qSAmY38asKjFCcmG0SIMOMIIGyaRixZtYrFLCYa+/fNqvoCAdvuh9bRa1bxgF/taAsTdWa3Cft3pl4iPQ==,TdlpeEHj0GQqx65HoJePQwgZJxzGvmzqqFM+VfQpN6Q=,tznMqpp3e1oucszW+OT1FJohLZ7crib+wLSl3bRqsHEM/amszZrez939Xd66zYwXhex1dJGPRUmZS7TDVaPf4cWSbhVwXjaJ6rr8oXGSqg4=
x-wix-request-id: 1715164910.503102424260116319
x-content-type-options: nosniff
set-cookie: XSRF-TOKEN=1715164910|vm5WYhLeWXU8; Path=/; Domain=verre-a-soi.fr; Secure; SameSite=None
TS01e85bed=01d72e6d161958f443d3ae84b7589ae3972e69d5944849f8271741f98213472c35d4e12f83c5bebb198a285f8c36d8936fdd4fa5ff; Path=/; SameSite=none; Secure
TS01eafd15=01d72e6d161958f443d3ae84b7589ae3972e69d5944849f8271741f98213472c35d4e12f83c5bebb198a285f8c36d8936fdd4fa5ff; path=/; domain=verre-a-soi.fr; SameSite=none; Secure
server: Pepyaka/1.19.10
X-Firefox-Spdy: h2
|
|
| versdemain.org/favicon.ico | 184.107.95.59 | 301 Moved Permanently | 246 B |
URL GET HTTP/2versdemain.org/favicon.ico IP184.107.95.59:443
Requested byhttps://globalsou.com.atlaq.com/ CertificateIssuerLet's Encrypt Subjectversdemain.org FingerprintC0:90:01:C3:44:3E:B3:DF:E4:9D:85:AB:AF:41:8E:52:D7:75:18:32 ValidityTue, 26 Mar 2024 08:07:10 GMT - Mon, 24 Jun 2024 08:07:09 GMT
File typeHTML document, ASCII text Hashe1a0155c369fd81fe098867f7c5c6993 d316a4bad969376402c00ac6c8ba79c733368f82 37187581f5f0f8464dbec50e03c72ae38efd7ebd165879657140480fdfca27ce
GET /favicon.ico HTTP/1.1
Host: versdemain.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://www.versdemain.org/favicon.ico
cache-control: max-age=29030400
expires: Wed, 09 Apr 2025 10:41:50 GMT
content-length: 246
content-type: text/html; charset=iso-8859-1
date: Wed, 08 May 2024 10:41:50 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| verticalroots.com/favicon.ico | 3.19.210.125 | 302 Found | 0 B |
URL GET HTTP/1.1verticalroots.com/favicon.ico IP3.19.210.125:443
Requested byhttps://globalsou.com.atlaq.com/ CertificateIssuerLet's Encrypt Subjectverticalroots.com FingerprintD1:21:8E:42:B3:DE:5C:E9:0A:9F:0B:86:4B:C1:64:AC:24:0D:F2:92 ValidityMon, 15 Apr 2024 00:01:13 GMT - Sun, 14 Jul 2024 00:01:12 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: verticalroots.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Wed, 08 May 2024 10:41:50 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
X-Powered-By: PHP/7.4.30
Link: <https://www.verticalroots.com/wp-json/>; rel="https://api.w.org/"
X-Redirect-By: WordPress
Location: https://www.verticalroots.com/wp-content/uploads/2021/12/Flavor.svg
Content-Length: 0
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=UTF-8
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-FPZ0VEL1WQ>m=45je4510v894672372za200&_p=1715164910182&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1708399646.1715164911&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1715164910&sct=1&seg=0&dl=https%3A%2F%2Fglobalsou.com.atlaq.com%2F&dt=%E4%B8%80%E8%BE%BE%E6%90%9C%20-%20%E6%9F%A5%E6%B5%B7%E5%A4%96%E8%81%94%E7%B3%BB%E4%BA%BA&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1593 | 216.239.34.36 | 204 No Content | 0 B |
URL POST HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-FPZ0VEL1WQ>m=45je4510v894672372za200&_p=1715164910182&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1708399646.1715164911&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1715164910&sct=1&seg=0&dl=https%3A%2F%2Fglobalsou.com.atlaq.com%2F&dt=%E4%B8%80%E8%BE%BE%E6%90%9C%20-%20%E6%9F%A5%E6%B5%B7%E5%A4%96%E8%81%94%E7%B3%BB%E4%BA%BA&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1593 IP216.239.34.36:443
Requested byhttps://globalsou.com.atlaq.com/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-FPZ0VEL1WQ>m=45je4510v894672372za200&_p=1715164910182&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1708399646.1715164911&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1715164910&sct=1&seg=0&dl=https%3A%2F%2Fglobalsou.com.atlaq.com%2F&dt=%E4%B8%80%E8%BE%BE%E6%90%9C%20-%20%E6%9F%A5%E6%B5%B7%E5%A4%96%E8%81%94%E7%B3%BB%E4%BA%BA&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1593 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://globalsou.com.atlaq.com
DNT: 1
Connection: keep-alive
Referer: https://globalsou.com.atlaq.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://globalsou.com.atlaq.com
date: Wed, 08 May 2024 10:41:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.versdemain.org/favicon.ico | 184.107.95.59 | 404 Not Found | 1.1 kB |
URL GET HTTP/2www.versdemain.org/favicon.ico IP184.107.95.59:443
Requested byhttps://globalsou.com.atlaq.com/ CertificateIssuerLet's Encrypt Subjectversdemain.org FingerprintC0:90:01:C3:44:3E:B3:DF:E4:9D:85:AB:AF:41:8E:52:D7:75:18:32 ValidityTue, 26 Mar 2024 08:07:10 GMT - Mon, 24 Jun 2024 08:07:09 GMT
File typeHTML document, Unicode text, UTF-8 text Hashfadfbc783f00900be107f2a0569f56d6 f92e21d3c8d0b031d195ddb140c2dad670731514 72537a7b7834f9a0f7760450adeec2cae2680869f887dd74970ed351feaf1e81
GET /favicon.ico HTTP/1.1
Host: www.versdemain.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
cache-control: no-cache
pragma: no-cache
set-cookie: 06ff92caa03dcc65a1fd5ceda5b7b497=a3c60ee6420a4312dbdf063ddad03092; path=/; secure; HttpOnly
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1106
content-type: text/html; charset=UTF-8
date: Wed, 08 May 2024 10:41:51 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.verticalroots.com/wp-content/uploads/2021/12/Flavor.svg | 3.19.210.125 | 200 OK | 9.6 kB |
URL GET HTTP/1.1www.verticalroots.com/wp-content/uploads/2021/12/Flavor.svg IP3.19.210.125:443
Requested byhttps://globalsou.com.atlaq.com/ CertificateIssuerLet's Encrypt Subjectverticalroots.com FingerprintD1:21:8E:42:B3:DE:5C:E9:0A:9F:0B:86:4B:C1:64:AC:24:0D:F2:92 ValidityMon, 15 Apr 2024 00:01:13 GMT - Sun, 14 Jul 2024 00:01:12 GMT
File typeSVG Scalable Vector Graphics image Hash4f376ba28ee158e932be5bf3ac279704 444a9e8e849353012213b8b2afd4263bbea7a7e7 474b4f55ae264a45fcd06a92cd4f7b5398b1e03dac048a17148f96fb47e80f61
GET /wp-content/uploads/2021/12/Flavor.svg HTTP/1.1
Host: www.verticalroots.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 10:41:51 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 27 Dec 2021 19:41:01 GMT
ETag: "25a9-5d425e2698d40"
Accept-Ranges: bytes
Content-Length: 9641
Keep-Alive: timeout=5, max=100
Content-Type: image/svg+xml
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FPZ0VEL1WQ&cid=1708399646.1715164911>m=45je4510v894672372za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&frm=0&z=2076795912 | 142.250.74.67 | 200 OK | 42 B |
URL GET HTTP/2www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FPZ0VEL1WQ&cid=1708399646.1715164911>m=45je4510v894672372za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&frm=0&z=2076795912 IP142.250.74.67:443
Requested byhttps://globalsou.com.atlaq.com/ CertificateIssuerGoogle Trust Services LLC Subject*.google.no Fingerprint7D:68:6D:B1:32:34:52:51:20:C9:53:FF:B9:B7:8F:7E:05:F9:F5:97 ValidityTue, 16 Apr 2024 04:31:00 GMT - Tue, 09 Jul 2024 04:30:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FPZ0VEL1WQ&cid=1708399646.1715164911>m=45je4510v894672372za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&frm=0&z=2076795912 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://globalsou.com.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 May 2024 10:41:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://globalsou.com | 142.250.74.164 | 404 Not Found | 726 B |
URL GET HTTP/2t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://globalsou.com IP142.250.74.164:443
Requested byhttps://globalsou.com.atlaq.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashb8a0bf372c762e966cc99ede8682bc71 2d7c9b60d1e2b4f4726141de2e4ab738110b9287 59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://globalsou.com HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://globalsou.com.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Wed, 08 May 2024 10:41:51 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://versdemain.org | 142.250.74.164 | 200 OK | 2.9 kB |
URL GET HTTP/2t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://versdemain.org IP142.250.74.164:443
Requested byhttps://globalsou.com.atlaq.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typePNG image data, 64 x 64, 8-bit colormap, non-interlaced Hash6b4fe71a1e17432640fa801775315830 c2b7c2828bb83817973910a7da4b6dca70bada01 2217f5b99307daeec3df4da3c1aa91adc2f413ff0b84452818282ec5b40ea7f9
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://versdemain.org HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://globalsou.com.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://www.versdemain.org/images/st-michel.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 2910
date: Wed, 08 May 2024 10:41:51 GMT
expires: Wed, 15 May 2024 10:41:51 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| traffic.alexa.com/graph?w=260&h=190&o=f&c=1&y=q&b=f5f5f5&n=666666&r=2y&u=globalsou.com | 0.0.0.0 | | 0 B |
URL GET traffic.alexa.com/graph?w=260&h=190&o=f&c=1&y=q&b=f5f5f5&n=666666&r=2y&u=globalsou.com IP0.0.0.0:0
Requested byhttps://globalsou.com.atlaq.com/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /graph?w=260&h=190&o=f&c=1&y=q&b=f5f5f5&n=666666&r=2y&u=globalsou.com HTTP/1.1
Host: traffic.alexa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://globalsou.com.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| | 188.114.97.1 | 200 OK | 28 kB |
URL User Request GET HTTP/2IP188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectatlaq.com FingerprintF6:95:8D:B9:4E:AC:83:5B:61:5F:D2:F3:40:DD:10:57:D6:75:9E:84 ValidityMon, 25 Mar 2024 23:15:33 GMT - Sun, 23 Jun 2024 23:15:32 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: globalsou.com.atlaq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 10:41:49 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
expires: Fri, 07 Jun 2024 10:41:41 GMT
x-litespeed-cache: hit
vary: Accept-Encoding,User-Agent,Origin
strict-transport-security: max-age=31536000;includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Authorization, Accept
access-control-expose-headers: Content-Disposition
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7BjAJsSU2XYd8xt1%2BMuKAkgU3p%2BeBCcR6TFILZSoezu2ygqDDEZ0%2FMksm9V0dPRtPbDm7%2BGwZUjLw7%2BtNC%2FVMUIPqAPnZpBHnG6nHIXfvakxypCvvQQSCXXDM%2BVVMdq%2FvVz76T32mS8h5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8808d6e9fe6e712f-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| globalsou.com.atlaq.com/badk.txt | 188.114.97.1 | 200 OK | 44 kB |
URL GET HTTP/3globalsou.com.atlaq.com/badk.txt IP188.114.97.1:443
Requested byhttps://globalsou.com.atlaq.com/ CertificateIssuerLet's Encrypt Subjectatlaq.com FingerprintF6:95:8D:B9:4E:AC:83:5B:61:5F:D2:F3:40:DD:10:57:D6:75:9E:84 ValidityMon, 25 Mar 2024 23:15:33 GMT - Sun, 23 Jun 2024 23:15:32 GMT
Hashf4245877e1f9b8764acbac7b475ebf2d 7471a9d7354637651fa5d0200febe7ab162fb69a bd300473a295a173716b1b182aed7c14e3551f7400360dd5f694115683ccd41c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /badk.txt HTTP/1.1
Host: globalsou.com.atlaq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://globalsou.com.atlaq.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 10:41:50 GMT
content-type: text/plain; charset=UTF-8
cache-control: public, max-age=2592000
expires: Fri, 07 Jun 2024 10:41:50 GMT
last-modified: Mon, 13 Apr 2020 08:00:16 GMT
vary: Accept-Encoding,User-Agent,Origin
strict-transport-security: max-age=31536000;includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Authorization, Accept
access-control-expose-headers: Content-Disposition
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FG7kccTMqg4i%2F2gJVAa0tmjXnyflB%2FdeFKvwwSgojjrLxm3uXoYin%2FaicR%2Bv46D0SmgAXOLUcIa6qI6%2BPlyt9PIXHG7u0iIg3Ui%2Fqu%2FsoKoTUY0%2Bss6LhT4ta2kYu3nmezxQ2eU42p0L6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8808d6f0ca360b61-OSL
content-encoding: br
|
|
| traffic.alexa.com/graph?w=260&h=190&o=f&c=1&y=t&b=f5f5f5&n=666666&r=2y&u=globalsou.com | 0.0.0.0 | | 0 B |
URL GET traffic.alexa.com/graph?w=260&h=190&o=f&c=1&y=t&b=f5f5f5&n=666666&r=2y&u=globalsou.com IP0.0.0.0:0
Requested byhttps://globalsou.com.atlaq.com/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /graph?w=260&h=190&o=f&c=1&y=t&b=f5f5f5&n=666666&r=2y&u=globalsou.com HTTP/1.1
Host: traffic.alexa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://globalsou.com.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| vert.eco/favicon.ico | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
Requested byhttps://globalsou.com.atlaq.com/ CertificateIssuerGoogle Trust Services LLC Subjectvert.eco FingerprintBC:08:03:98:FD:0D:E3:81:B1:D4:9B:73:0F:52:EE:5C:1F:D4:94:E8 ValidityMon, 08 Apr 2024 16:39:43 GMT - Sun, 07 Jul 2024 16:39:42 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: vert.eco
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 10:41:50 GMT
content-type: image/vnd.microsoft.icon
strict-transport-security: max-age=16000000
vary: Accept-Encoding
last-modified: Tue, 12 Dec 2023 18:12:02 GMT
cache-control: public, max-age=2592000
expires: Wed, 15 May 2024 05:04:40 GMT
x-varnish: 11489204 8161590
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PK3EoNzOzbbZNuYY1FSWETmOMGpxVJEzmUSAGdSyWqZpJBERta%2FVj3%2BysV62gKL04LfYEGqgXyOngybhhQvk3pKohEbqwM5Z%2Bw3ZlKRAxtG9%2BMcckP60%2FeXHNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8808d6f0f8dfb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| verytoon.com/favicon.ico | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
Requested byhttps://globalsou.com.atlaq.com/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: verytoon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|