Report - constantclients.cc/New/Auth/sf_rand_string_lowercase6/YWphaW5AY2FzdGxlYnJhbmRzaW5jLmNvbQ==

Report Overview

Submitted URL
constantclients.cc/New/Auth/sf_rand_string_lowercase6/YWphaW5AY2FzdGxlYnJhbmRzaW5jLmNvbQ==
IP
66.235.200.147
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-18 04:03:21
Access
public
Website Title
Home - Constant Clients Inc
Final URL
constantclients.cc/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
196

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-17	4.3 kB	214 kB	216.58.207.227
i.vimeocdn.com	3126	2010-04-21	2014-03-27	2024-04-18	1.0 kB	123 kB	151.101.128.217
content.googleapis.com	2972	2005-01-25	2013-08-15	2024-04-16	7.5 kB	7.4 kB	142.250.74.106
ssl.gstatic.com	unknown	2008-02-11	2012-05-23	2024-04-16	920 B	102 kB	142.250.74.35
app.convertobot.com	unknown	2019-05-13	2019-05-31	2024-04-10	1.3 kB	58 kB	172.67.145.237
conv-avatar.s3.amazonaws.com	933648	2005-08-18	2021-02-16	2024-03-14	443 B	24 kB	52.216.114.11
constantclients.cc	unknown	2021-08-12	2021-08-14	2024-03-21	57 kB	29 MB	66.235.200.147
aus5.mozilla.org	2548	1998-01-24	2015-10-27	2024-04-17	512 B	1.2 kB	35.244.181.201
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-17	2.3 kB	16 kB	142.250.74.106
drive.google.com	321	1997-09-15	2012-10-03	2024-04-17	1.0 kB	3.9 kB	142.250.74.46
play.google.com	34	1997-09-15	2013-05-31	2024-04-17	11 kB	11 kB	142.250.74.174
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-17	1.4 kB	50 kB	104.17.24.14
gtm.constantclients.cc	unknown	2021-08-12	2021-12-18	2021-12-18	2.2 kB	0 B	0.0.0.0
player.vimeo.com	1858	unknown	2013-09-26	2024-04-17	557 B	22 kB	162.159.138.60
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-17	879 B	167 kB	142.250.74.168
docs.google.com	122	1997-09-15	2013-05-31	2024-04-16	17 kB	4.5 MB	142.250.74.142
static.addtoany.com	4091	2006-03-10	2012-05-21	2024-04-18	1.9 kB	80 kB	172.67.39.148
f.vimeocdn.com	3234	2010-04-21	2014-04-09	2024-04-15	1.3 kB	268 kB	151.101.246.109
apis.google.com	105	1997-09-15	2013-05-06	2024-04-17	4.5 kB	421 kB	142.250.74.110
www.gstatic.com	unknown	2008-02-11	2016-07-26	2024-04-17	2.5 kB	333 kB	142.250.74.35

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed
2024-04-18	medium	constantclients.cc	Sinkholed

ThreatFox

No alerts detected

JavaScript (89)

	URL	Size	First Seen	Last Seen
	constantclients.cc/	1.4 kB	2023-03-07	2024-04-28
Pretty URL constantclients.cc/ IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:58 Last Seen2024-04-28 16:38:57 Times Seen106 Hash a94f1d7e1165304022aae86adcad90be d8dd7d80985d83fe00bff5be73cfef9a640b647a 21ce781d49513048ce8806e446d18f8b361502b79e0bd0a931ae1981216142af Loading...

	constantclients.cc/wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1710878638&ver=1.18.5	70 kB	2024-04-10	2024-04-26
Pretty URL constantclients.cc/wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1710878638&ver=1.18.5 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-10 04:53:10 Last Seen2024-04-26 03:48:06 Times Seen7 Hash 992e89a32e06264ebe951e6dbbc0c84e 705500a532fe4549c9f33fcdeb4d3dfbe1351b12 2df2de61b123ab5641428fec89caf834f43ba90e78096ea3d1e939d31404bd50 Loading...

	constantclients.cc/	355 B	2023-03-07	2024-04-26
Pretty URL constantclients.cc/ IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:22:48 Last Seen2024-04-26 03:48:03 Times Seen289 Hash 90bc2b15554af42aef5c4113d8336ce6 8fa8aadd1a1e7c24dfb442bb29be4aa8229f9ba8 da775d099e1912ee13ea55374300d5252969a9344c83a8f2d6befa8dba801b17 Loading...

	constantclients.cc/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/gtm4wp-form-move-tracker.js?ver=1.20.2	1.1 kB	2023-12-13	2024-04-30
Pretty URL constantclients.cc/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/gtm4wp-form-move-tracker.js?ver=1.20.2 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-13 10:12:29 Last Seen2024-04-30 23:31:36 Times Seen204 Hash 416f52248a7f5b988d66f1ea80a196ce 06e2618030ffe16fe210c55bb60d42bb77d7b8c6 8b851243dfb01d421b9ad1b062622a23f230c32184a70c07b6e75908bf682961 Loading...

	www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.en_US.cdJChLL3Kzs.O/am=wA/d=1/rs=AC2dHMJ-UPcpj1TrAIHbwPz2NVftQIDTdQ/m=main	1.5 MB	2024-04-18	2024-04-18
Pretty URL www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.en_US.cdJChLL3Kzs.O/am=wA/d=1/rs=AC2dHMJ-UPcpj1TrAIHbwPz2NVftQIDTdQ/m=main IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 06:03:26 Last Seen2024-04-18 13:31:23 Times Seen4 Hash 2d7af759a51cdc70b1f2f67ddbb117da 59f9c8e902ffe372c0d092830e0da74c88061925 0bc52c2beb6072968767ee6838cd66ec678be1a043ef3de66e2b047ecc8cbeff Loading...

	f.vimeocdn.com/p/4.29.7/js/player.module.js	587 kB	2024-04-18	2024-04-22
Pretty URL f.vimeocdn.com/p/4.29.7/js/player.module.js IP 151.101.246.109 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 06:03:27 Last Seen2024-04-22 19:47:27 Times Seen63 Hash 2296fb574aa5763e0de8d692aacc8fc9 bfd743aa1ef5d70b43f5a06c6d71245117c3cbbe da286f7ddc94da3f6fd6453fd5b05d463e31e9f3a64d8eb1caf44f36627a12c0 Loading...

	constantclients.cc/wp-includes/js/underscore.min.js?ver=1.13.4	19 kB	2023-03-08	2024-05-01
Pretty URL constantclients.cc/wp-includes/js/underscore.min.js?ver=1.13.4 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:29 Last Seen2024-05-01 05:30:56 Times Seen41730 Hash f88d5720bb454ed5d204cbdb56901f6b f1952292fde4b15936e9aac16b2b9896684db95b 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a Loading...

	constantclients.cc/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6	9.1 kB	2024-04-03	2024-05-01
Pretty URL constantclients.cc/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-03 08:25:07 Last Seen2024-05-01 07:08:51 Times Seen839 Hash a8127c1a87bb4f99edbeec7c37311dcd 9997a1745f48bdd233dbe9bd8164daa53eba105b f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc Loading...

	constantclients.cc/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1	14 kB	2023-05-09	2024-05-01
Pretty URL constantclients.cc/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-09 19:21:05 Last Seen2024-05-01 07:08:52 Times Seen81669 Hash 9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Loading...

	constantclients.cc/	3.3 kB	2024-04-10	2024-04-26
Pretty URL constantclients.cc/ IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-10 04:53:09 Last Seen2024-04-26 03:48:03 Times Seen7 Hash 9b864da4cfb220a364f5d02597fb6851 ec1d03797b09b02c0b5afa539b06a23ac2c6965f dd21566596cd9952e38e7ec9ebe75c271e71d36344ec324cdd55e3779964112b Loading...

	player.vimeo.com/video/662404108?h=24abf7b0dc&dnt=1&app_id=122963	877 B	2023-05-30	2024-05-01
Pretty URL player.vimeo.com/video/662404108?h=24abf7b0dc&dnt=1&app_id=122963 IP 162.159.138.60 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-30 16:19:13 Last Seen2024-05-01 01:21:01 Times Seen3949 Hash 1a5b4d5d3e4b011a5ab11c586f797d44 648e005b908e068c567f5236736ea923480a8c08 49653c792dd94bb881bb47fde59c3036d1009d19d8151b3894b09419eb4bc8e3 Loading...

	constantclients.cc/	180 B	2023-11-21	2024-04-26
Pretty URL constantclients.cc/ IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-21 21:22:17 Last Seen2024-04-26 03:48:03 Times Seen10 Hash c8475da157a830b0ac9379c0778be722 9f5dbe8d9791fd4138916a410d09f4a4207cd878 342dcac62e21d577065789e3219156cd22645004e56010e61d0fbfe7ae4ee064 Loading...

	constantclients.cc/wp-includes/js/masonry.min.js?ver=4.2.2	24 kB	2023-03-07	2024-04-30
Pretty URL constantclients.cc/wp-includes/js/masonry.min.js?ver=4.2.2 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2024-04-30 23:31:43 Times Seen15335 Hash 3b3fc826e58fc554108e4a651c9c7848 76778fd446e2ff2377588a7b4ac4d79f258427c9 e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb Loading...

	constantclients.cc/wp-content/plugins/strong-testimonials/public/js/lib/verge/verge.min.js?ver=1.10.2	1.4 kB	2023-03-07	2024-04-26
Pretty URL constantclients.cc/wp-content/plugins/strong-testimonials/public/js/lib/verge/verge.min.js?ver=1.10.2 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:51 Last Seen2024-04-26 03:48:06 Times Seen294 Hash d55b2094ba7726bfecc91dbd573aa096 8be6dfaf3a0044f920cc23f882bb5573b2f77b46 f24d6b3320defba731e6dd055dc838a98dbce7f64d1fff9eaacb501113d6b11a Loading...

	f.vimeocdn.com/p/4.29.7/js/vendor.module.js	436 kB	2024-04-18	2024-04-22
Pretty URL f.vimeocdn.com/p/4.29.7/js/vendor.module.js IP 151.101.246.109 ASN #54113 FASTLY Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-18 06:03:27 Last Seen2024-04-22 19:47:27 Times Seen62 Hash daaf0cef21d261fdb059dc53a1e7b610 144556c0102d239542a6ff66e18af23ef8833b3a 4cc5fdc2315043b6059e25fc11d246e71c17049221d468bfb1b17852e53d9311 Loading...

	static.addtoany.com/menu/page.js	3.0 kB	2024-04-12	2024-05-01
Pretty URL static.addtoany.com/menu/page.js IP 172.67.39.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 02:34:00 Last Seen2024-05-01 06:03:26 Times Seen579 Hash 5f984fdd1d3384220c67422c1f544a95 79c8a48b5fab47972dd69ce7dfd08cee895006b5 6e0cc78c402cbc02fdfd41cd77c5fd6ffbd8066cc07935ea8eb5f3fcc59744a3 Loading...

	constantclients.cc/	1.1 kB	2023-11-21	2024-04-26
Pretty URL constantclients.cc/ IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-21 21:22:17 Last Seen2024-04-26 03:48:04 Times Seen25 Hash 9525168e010a20ff6f859b9024714f5d f4abd194dcd582f5cd70b93760c5b106315616a7 25267a1e37a2713a1c22e97a7fa5e6d118792f9ece211e9ff9d4bcd15e78377c Loading...

	constantclients.cc/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.21.0	63 kB	2024-04-16	2024-04-29
Pretty URL constantclients.cc/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.21.0 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 12:19:56 Last Seen2024-04-29 19:51:39 Times Seen52 Hash 5ccc4763017ac61801706d50d27dcfef 3e5977aebc5292aea4592a35763fde8cd96ac2b5 88a55f2f63b0693a5e880094799388b608eb0a80f666a7e8460f2ac82e7b3da5 Loading...

	constantclients.cc/wp-includes/js/imagesloaded.min.js?ver=5.0.0	5.5 kB	2023-11-08	2024-05-01
Pretty URL constantclients.cc/wp-includes/js/imagesloaded.min.js?ver=5.0.0 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-08 01:34:44 Last Seen2024-05-01 03:48:07 Times Seen6600 Hash 6823120876c9afc8929418c9a6f8e343 90b0adb37d70ffec5f9189c36bb0027c310c9502 b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1 Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs	325 kB	2024-04-11	2024-04-22
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-11 20:18:25 Last Seen2024-04-22 16:34:14 Times Seen53 Hash 9d8cace6dabbc78e36c4aba49c7125b1 797a2f633272abdbf1d88054fbfb3f42adc1415f a4667786f4a20672e060bb8511e66d795c74b5cf705cd316f898cd2de4f68b43 Loading...

	constantclients.cc/wp-content/plugins/wp-pdf-generator/assets/js/html2canvas.min.js?ver=1.2.3	61 kB	2023-03-07	2024-04-26
Pretty URL constantclients.cc/wp-content/plugins/wp-pdf-generator/assets/js/html2canvas.min.js?ver=1.2.3 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:00:11 Last Seen2024-04-26 03:48:04 Times Seen26 Hash a985c0f23f59aebdffe3037d21dfbcfb cc85a203305c1a4ba659c930f004f6f6e3475c64 4512bb8d0dd4746d13fde47b1b3b7615d49d452a57c22cfff58bfe7b3187ac65 Loading...

	apis.google.com/js/client.js	15 kB	2024-04-15	2024-04-22
Pretty URL apis.google.com/js/client.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-15 11:40:09 Last Seen2024-04-22 16:34:14 Times Seen16 Hash 956abd1c4d33686ed078e1fc2a208e70 adf181b4ffe9f884d1523a9e9055b3c975c22c2f 7ad5b3ae2e3d70b78dcb34e7809635ab483d6f56f8bb224c1660c2385a3157a9 Loading...

	docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf	889 B	2023-04-05	2024-04-26
Pretty URL docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf IP 142.250.74.142 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 14:04:32 Last Seen2024-04-26 03:48:03 Times Seen47 Hash 9e89c988c16873026099e45e23704e34 1817649596f07f7dfb6cf1d666a87b579f93a99d 294b2048f46ae0bb17ee724356a16888318f159bbe429999364e3dd49ca66fa8 Loading...

	www.gstatic.com/feedback/js/help/prod/service/lazy.min.js	109 kB	2024-04-16	2024-04-18
Pretty URL www.gstatic.com/feedback/js/help/prod/service/lazy.min.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 17:57:10 Last Seen2024-04-18 13:31:24 Times Seen40 Hash 4d95791a35ae95bd11b6f6d7e880ff93 23f70202a367d2b280f2560bbec29b1c9eee5e66 15ce60ae9fdb72f42e3c0baf6010b4b1c55cb5f80f22e430d21bfc1d6886ec7a Loading...

	static.addtoany.com/menu/sm.25.html#type=core&event=load	0 B	2023-03-07	2024-05-01
Pretty URL static.addtoany.com/menu/sm.25.html#type=core&event=load IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-01 08:26:40 Times Seen37239711 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	constantclients.cc/	625 B	2023-11-21	2024-04-26
Pretty URL constantclients.cc/ IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-21 21:22:17 Last Seen2024-04-26 03:48:04 Times Seen10 Hash 937d292b8a712f4ec72787928ec6737c b2b8fc7172a1e4820af30bd37a7793b236b59256 f3a8e0f1272b23529529d13696faf02009c7b2024369f4fa6981cdbf5b9b3fde Loading...

	cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment.min.js	53 kB	2023-03-07	2024-04-30
Pretty URL cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:33 Last Seen2024-04-30 23:27:00 Times Seen1978 Hash 761502841c035afcf6a9bdc5d0a20d11 69ab16ba8ca68431ab59eff286c7ed1e520bca30 e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964 Loading...

	constantclients.cc/	1.1 kB	2024-04-18	2024-04-18
Pretty URL constantclients.cc/ IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 06:03:27 Last Seen2024-04-18 13:31:22 Times Seen2 Hash 6d0a701a97ad075fc6ef4523a1898299 41ce80b78382596e1759f96461a66b48b7f4f9ba 28368c8b77b1d038227225ff57a069cccb6f4d3e33f3be8fd91dff26688822bf Loading...

	constantclients.cc/wp-content/plugins/strong-testimonials/public/js/lib/readmore/readmore.min.js?ver=3.1.12	1.6 kB	2023-11-18	2024-04-26
Pretty URL constantclients.cc/wp-content/plugins/strong-testimonials/public/js/lib/readmore/readmore.min.js?ver=3.1.12 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-18 06:45:03 Last Seen2024-04-26 03:48:06 Times Seen25 Hash dc1043230b64324918212e00103a6218 76f877c39fea92ab78ff12c89defa3d8b6bc82db f6588d639bce56904c74e0cc06dcb91976a4d42b18be27afd2207c7c831a3cad Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs	80 kB	2024-04-15	2024-04-22
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-15 11:40:09 Last Seen2024-04-22 16:34:14 Times Seen10 Hash 2756c7839e34e1bfd27282c872153e6b 4f4f889d37f2b2ce157c740b4fcc5cf431f887a5 ae27d17adcefa0111d96a7504de7fef12bcf3167ab70dc3acab6d6e32c9bef3a Loading...

	constantclients.cc/wp-content/plugins/popup-builder/public/js/Popup.js?ver=4.2.7	39 kB	2023-07-12	2024-05-01
Pretty URL constantclients.cc/wp-content/plugins/popup-builder/public/js/Popup.js?ver=4.2.7 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-12 23:47:38 Last Seen2024-05-01 01:05:41 Times Seen770 Hash aad76345b176f2bdea7082ce27717aba 1f3c44bf0b8169741bc5b3e71e83e05d07b59338 113500b83a965388babfdb15b9740741f750db1890f6fa3677cf1bcaddd96089 Loading...

	constantclients.cc/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1	129 B	2023-03-07	2024-04-30
Pretty URL constantclients.cc/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:19 Last Seen2024-04-30 22:54:30 Times Seen5017 Hash 5ef26b5e47e6951f43ecf2b1fc645222 081afb52577f6f3bb044fdea6d34a632c3cce7e8 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1 Loading...

	constantclients.cc/wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18	4.3 kB	2024-04-03	2024-05-01
Pretty URL constantclients.cc/wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-03 08:25:08 Last Seen2024-05-01 07:08:51 Times Seen867 Hash 072d3f6e5c446f57d5c544f9931860e2 ee6aa3d65b474309376468b24bb6f829a4514809 2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045 Loading...

	constantclients.cc/	389 B	2023-03-09	2024-04-26
Pretty URL constantclients.cc/ IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 12:13:28 Last Seen2024-04-26 03:48:04 Times Seen40 Hash e80ec4d3ec0fe5513152943ce2980b4d 3e9a2609810ac0933f68f33d0121aaffe8955604 4285a7a06e835066b6075dd424231f25bc2f9e7dafaead42b664dfdbe8718bd2 Loading...

	constantclients.cc/wp-content/plugins/popup-builder/public/js/PopupConfig.js?ver=4.2.7	6.0 kB	2023-03-07	2024-05-01
Pretty URL constantclients.cc/wp-content/plugins/popup-builder/public/js/PopupConfig.js?ver=4.2.7 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:32 Last Seen2024-05-01 01:05:41 Times Seen1310 Hash c7a493f7e281b7a2c5fe182a44ba8367 11c971b79a4c8ea2dd1b6b4d7b33192275054f44 3fe8c79d67b21039a5d059ef40761950fb76e1d17933d61509f7eb3c68f5aeeb Loading...

	constantclients.cc/wp-content/plugins/strong-testimonials/public/js/lib/actual/jquery-actual.min.js?ver=1.0.16	1.2 kB	2023-03-07	2024-04-26
Pretty URL constantclients.cc/wp-content/plugins/strong-testimonials/public/js/lib/actual/jquery-actual.min.js?ver=1.0.16 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:51 Last Seen2024-04-26 03:48:06 Times Seen240 Hash cd156e40fd815ff532b6dd8dbb5ffaa1 74ac7fb54741055f249f4237b14ef20d0c7e60d0 93a90efcdb00f1a394d7c9e04fcdc9b7c3589d24ad20046dc4e25553a5672c34 Loading...

	constantclients.cc/wp-content/plugins/strong-testimonials/public/js/lib/strongslider/jquery-strongslider.min.js?ver=3.1.12	25 kB	2023-09-22	2024-04-26
Pretty URL constantclients.cc/wp-content/plugins/strong-testimonials/public/js/lib/strongslider/jquery-strongslider.min.js?ver=3.1.12 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-22 22:41:06 Last Seen2024-04-26 03:48:06 Times Seen146 Hash 1895c85b5b2e67091f05c6fab4aab057 9aaa6a3ce5add87efb65c183d0ad3af3eb96561b a7044cbdee5f47cb5450b0315e0efbb606b80db33aa39106d21237bd1e30da71 Loading...

	constantclients.cc/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2	19 kB	2024-03-13	2024-05-01
Pretty URL constantclients.cc/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-13 16:02:37 Last Seen2024-05-01 07:08:52 Times Seen2246 Hash b976b651932bfd25b9ddb5b7693d88a7 7fcb7cb5c11227f9213b1e08a07d0212209e1432 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3 Loading...

	constantclients.cc/wp-includes/js/jquery/jquery.min.js?ver=3.7.1	88 kB	2023-11-03	2024-05-01
Pretty URL constantclients.cc/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 09:26:43 Last Seen2024-05-01 07:08:52 Times Seen43166 Hash 826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Loading...

	www.googletagmanager.com/gtm.js?id=GTM-KVRPFLS	213 kB	2024-04-18	2024-04-18
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-KVRPFLS IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 06:03:27 Last Seen2024-04-18 06:03:28 Times Seen2 Hash df2779effda08110e12b16cdb4a9cd3d febdafc101fd8d6accce1b71a494c6c4d1d30ecf 04046496829c8a1ed4e744108d8d33692084b4e5dfb1a5e4e71e543fab50f4f2 Loading...

	player.vimeo.com/video/662404108?h=24abf7b0dc&dnt=1&app_id=122963	185 B	2023-11-21	2024-04-26
Pretty URL player.vimeo.com/video/662404108?h=24abf7b0dc&dnt=1&app_id=122963 IP 162.159.138.60 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-21 21:22:17 Last Seen2024-04-26 03:48:04 Times Seen10 Hash 6ccef2a418bf67340c4df9273eb65829 c6e8cdea6451dbf795ea8b740bbe5353e6530be6 35bcd1505a62b0bf06345d0d5927d6c336c282e791e11942349b718613529fc7 Loading...

	player.vimeo.com/video/662404108?h=24abf7b0dc&dnt=1&app_id=122963	9.7 kB	2024-04-18	2024-04-18
Pretty URL player.vimeo.com/video/662404108?h=24abf7b0dc&dnt=1&app_id=122963 IP 162.159.138.60 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 06:03:27 Last Seen2024-04-18 06:03:27 Times Seen1 Hash ba6eb23baec191c3f2de31c83dcbac3d ca7aef3410ea3d10a1753f1ec13042c014057866 f0d28ea52dd0d56e8998eef73eeceef2efc3611b24c905bbe99e50a8af85d3c6 Loading...

	constantclients.cc/wp-content/plugins/popup-builder/public/js/PopupBuilder.js?ver=4.2.7	82 kB	2023-07-12	2024-05-01
Pretty URL constantclients.cc/wp-content/plugins/popup-builder/public/js/PopupBuilder.js?ver=4.2.7 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-12 23:47:38 Last Seen2024-05-01 01:05:41 Times Seen588 Hash ebd85c7aed86a2de3c0fbca71335dd5f 106ed33ea7adb032462f058bd9d3de1bb009c984 12ff59b61b2d94ec029a1eda78cbc4b857eb7f7a5e0916bbaa656174b2834a3f Loading...

	constantclients.cc/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2	8.2 kB	2023-03-13	2024-05-01
Pretty URL constantclients.cc/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:32:06 Last Seen2024-05-01 07:08:51 Times Seen51279 Hash dda652db133fddb9b80a05c6d1b5c540 60c8514c57a5db2980c4b046b0dd479bd427357b c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4 Loading...

	docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf	107 B	2023-03-07	2024-04-30
Pretty URL docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf IP 142.250.74.142 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:22:04 Last Seen2024-04-30 03:19:45 Times Seen42 Hash be3591661984aac68dd45a8c3a21bfdf 9a7b331a622fa75d4f175783dddbde01ecfa475f 4de9ecfed374c555f67e271788e4662ba4e2abcd23f693be9870d6a1203c34d6 Loading...

	constantclients.cc/	318 B	2023-07-27	2024-04-26
Pretty URL constantclients.cc/ IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-27 00:47:51 Last Seen2024-04-26 03:48:04 Times Seen19 Hash 742c0d1df346a386023a266adea1d674 ed5540088314bbbd83c510e7c6eb965fa130a45f 79c129fa84a8d0873eff392405b56f32100cd8cbe832b7194f841cea6b1c3dfb Loading...

	player.vimeo.com/video/662404108?h=24abf7b0dc&dnt=1&app_id=122963	2.6 kB	2023-05-30	2024-05-01
Pretty URL player.vimeo.com/video/662404108?h=24abf7b0dc&dnt=1&app_id=122963 IP 162.159.138.60 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-30 16:19:14 Last Seen2024-05-01 01:21:02 Times Seen3924 Hash 7d70ffccf91ab1fa16c1ff5679defe00 652e57ea3052e22b0b856f12d1a3fcc7078215a5 343e9afe006e5a64f2aedc9a4330d6e97de7a014b84e9be2d8a55d3111f3f190 Loading...

	constantclients.cc/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.9.15	10 kB	2024-03-27	2024-05-01
Pretty URL constantclients.cc/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.9.15 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-27 17:28:14 Last Seen2024-05-01 02:08:49 Times Seen257 Hash 8456ff924afc1c7b79f8e9c61d4edb50 69381f72090b4a2b76385dcbe86a5ce33a042820 bc9ce60ecd8ad81f4255baec05cee96d4a32f484f1cc6975e11ac87a5de667f2 Loading...

	constantclients.cc/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0	39 kB	2024-04-03	2024-05-01
Pretty URL constantclients.cc/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-03 08:25:08 Last Seen2024-05-01 07:08:51 Times Seen1018 Hash 92f8c01350c630f414f5d0b015ad6864 eab40ab4e77f92f2fb17684aaf44b579a51b8034 17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937 Loading...

	constantclients.cc/	290 B	2023-07-27	2024-04-26
Pretty URL constantclients.cc/ IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-27 00:47:51 Last Seen2024-04-26 03:48:04 Times Seen19 Hash 5ac6150929dea6d068838f3c4181efe2 88a9971c9d6b7866d23adb37d3a0620c9a09269a f9378e446ea1b08b85766626024e27fc99585e4c64ede6a4da5d5dfd9fa31f03 Loading...

	constantclients.cc/wp-content/plugins/ubermenu/assets/js/ubermenu.min.js?ver=3.7.4	39 kB	2023-03-07	2024-04-26
Pretty URL constantclients.cc/wp-content/plugins/ubermenu/assets/js/ubermenu.min.js?ver=3.7.4 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:07:44 Last Seen2024-04-26 03:48:06 Times Seen109 Hash 273b37618af3db6db671d2d1c8f0d168 f4d735f4c27b110cc2499e03a8e4854ea7511641 58415d97eb0b5745ccfa6e5e2f996581ec39f6c4af80627d3dd3c06bc5977ca6 Loading...

	constantclients.cc/wp-content/plugins/wp-pdf-generator/assets/js/jspdf.min.js?ver=1.2.3	307 kB	2023-03-07	2024-04-26
Pretty URL constantclients.cc/wp-content/plugins/wp-pdf-generator/assets/js/jspdf.min.js?ver=1.2.3 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:57:03 Last Seen2024-04-26 03:48:05 Times Seen32 Hash 23d81cdff8449823d1887b2ddab071d3 3a716355d8e3f7d02a3dfacd0eef79e0b2d9d6e1 b7390f7c982b01e85dd26518771c16be7f9342b9365634492ffc4ff625b97e19 Loading...

	constantclients.cc/	337 B	2023-11-21	2024-04-26
Pretty URL constantclients.cc/ IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-21 21:22:17 Last Seen2024-04-26 03:48:05 Times Seen10 Hash 170e7be9407bfb1e77c7cca31e564a56 0275cf90eb9fd5b00211a7ea6b240eb3a46012ea 0a4c4ad0af54b4af30c6514ac69b9b939a6ea436c78682cd0ff6afc11ca676a8 Loading...

	constantclients.cc/wp-content/plugins/wp-pdf-generator/assets/js/html2pdf.min.js?ver=1.2.3	12 kB	2023-03-08	2024-04-26
Pretty URL constantclients.cc/wp-content/plugins/wp-pdf-generator/assets/js/html2pdf.min.js?ver=1.2.3 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:43:14 Last Seen2024-04-26 03:48:06 Times Seen53 Hash 577ec05b87bab1bed79b597059a1fc5e 0e4178ee22cf1711c5ae7c5dfe9f6627152b4c76 660ddb72ebec44a4561b1a7ce4de9855fead2bed538e9350b878a2c2dcff49c4 Loading...

	constantclients.cc/	275 B	2023-03-07	2024-04-28
Pretty URL constantclients.cc/ IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:58 Last Seen2024-04-28 16:38:58 Times Seen112 Hash 78e755b0a81758fdf3b4a84e0eaf028f 91b2100458e60d382f5a2c0b109f78215d2c9004 19a6bb2edd5c78bc3652fe0ae038858734eda8121c8cf3f68ec4845d7fe01735 Loading...

	constantclients.cc/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.21.0	5.0 kB	2024-04-16	2024-04-29
Pretty URL constantclients.cc/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.21.0 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 12:19:55 Last Seen2024-04-29 19:51:39 Times Seen59 Hash d4611b146b41aa47d51076a0d3798082 6bb95b45dfc5379953c39fe6c56322350be95411 25ca7abf6b5b9becd0676818fde2d3b374badcff7867f95dbcbfebeac59a24c0 Loading...

	constantclients.cc/wp-content/plugins/strong-testimonials/public/js/controller.min.js?ver=3.1.12	5.2 kB	2023-03-07	2024-04-26
Pretty URL constantclients.cc/wp-content/plugins/strong-testimonials/public/js/controller.min.js?ver=3.1.12 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:51 Last Seen2024-04-26 03:48:06 Times Seen242 Hash 8be478d960c1631768caccadb401d3de 474ed4aed08c7bd6a520b0e62b0bb9bf8bb10267 23e87ea207c2004ed8cde1032e7e0419a52b0ede6848d7ecc0a68f5ceb3fb728 Loading...

	constantclients.cc/	96 B	2023-03-07	2024-04-28
Pretty URL constantclients.cc/ IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:12:30 Last Seen2024-04-28 16:38:58 Times Seen74 Hash d4410b830d796c4374bd75e8f0309550 e752d1df679b9ef7cda209df382c34b009f9a677 f296e0ae7bdc63c1d821191205da85dc493c7c59f65cefd198cdba4faedc5cc7 Loading...

	player.vimeo.com/video/662404108?h=24abf7b0dc&dnt=1&app_id=122963	129 B	2023-05-30	2024-05-01
Pretty URL player.vimeo.com/video/662404108?h=24abf7b0dc&dnt=1&app_id=122963 IP 162.159.138.60 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-30 16:19:14 Last Seen2024-05-01 01:21:03 Times Seen3914 Hash 8e500be2456c7adccd83f363e52ef5bd 327c9f69248844f40f89b9ade646394c825f2a28 95c35c2edce177114158dda90aa3f769080a60b08e437651df026a422da4c17d Loading...

	player.vimeo.com/video/662404108?h=24abf7b0dc&dnt=1&app_id=122963	0 B	2023-03-07	2024-05-01
Pretty URL player.vimeo.com/video/662404108?h=24abf7b0dc&dnt=1&app_id=122963 IP 162.159.138.60 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-01 08:26:40 Times Seen37239711 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	constantclients.cc/wp-content/plugins/wp-pdf-generator/assets/js/es6-promise.auto.min.js?ver=1.2.3	6.6 kB	2023-03-07	2024-04-26
Pretty URL constantclients.cc/wp-content/plugins/wp-pdf-generator/assets/js/es6-promise.auto.min.js?ver=1.2.3 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:00:11 Last Seen2024-04-26 03:48:06 Times Seen103 Hash 7850f75032813dc5c0e9eb75eba880bf 8e298e92961b97e21fce70a681992550f455b2de f2a14fbc03102e3f6139790da043b488e5d0c76b47c80f175a4ca6e4edddc6a3 Loading...

	constantclients.cc/	132 B	2023-07-27	2024-04-26
Pretty URL constantclients.cc/ IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-27 00:47:51 Last Seen2024-04-26 03:48:05 Times Seen19 Hash 095f8f89ddfd49ac23865be1af6f7bce e00319994363f95eb85b3994e06151c2bbe8557f 68937518cd31e6223c99c0c9c301b8e3beabe43d8fd6854841da9fc1dd9f70c0 Loading...

	constantclients.cc/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/analytics-talk-content-tracking.js?ver=1.20.2	1.7 kB	2024-03-27	2024-04-30
Pretty URL constantclients.cc/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/analytics-talk-content-tracking.js?ver=1.20.2 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-27 17:09:19 Last Seen2024-04-30 23:31:36 Times Seen20 Hash 070a12458ed43e10ecdc3c90ed286af5 ccb5fb60d9153cea396224a484f1984afb29503f a2a6f3d68cab390cc94906f0122540b73d23c164f2c26b356d10e620059135f1 Loading...

	constantclients.cc/	111 B	2023-07-27	2024-04-26
Pretty URL constantclients.cc/ IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-27 00:47:51 Last Seen2024-04-26 03:48:05 Times Seen19 Hash 0400e4035103725f60d37bea36a468f3 975579c3e98e0442d29f3f86f3a22da4b9274ccc c95c1d377555f81bc569fd7da212f49f3fa002a094038635125085af04c06b69 Loading...

	constantclients.cc/	1.8 kB	2024-04-10	2024-04-26
Pretty URL constantclients.cc/ IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-10 04:53:10 Last Seen2024-04-26 03:48:05 Times Seen7 Hash c63c6193c71610c48a3190c85e8b1b02 5614a0b0f47f6458d95a384e93a2d274c7850126 956001c5b097348472c8f7875cd93d2a5b94ca2ec6bc42b10083ff6ffe2c9c41 Loading...

	constantclients.cc/	874 B	2023-07-27	2024-04-26
Pretty URL constantclients.cc/ IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-27 00:47:51 Last Seen2024-04-26 03:48:05 Times Seen18 Hash 7488e3a10b4f190b25c2c87342a4b672 e0fe0040150e34de101f08c2c3442c3e0745e463 542d6e36c6f632b3a78e9c6fcade71de6f709a1d662f1213e9738137484e7605 Loading...

	www.googletagmanager.com/gtag/js?id=G-MR4VREK4MN&l=dataLayer&cx=c	265 kB	2024-04-18	2024-04-18
Pretty URL www.googletagmanager.com/gtag/js?id=G-MR4VREK4MN&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 06:03:28 Last Seen2024-04-18 06:03:29 Times Seen2 Hash 78c44ae8ec0a664b8ed0da63f5f2b2fd 43eb78a31d18d6088c330c1ef59cba3094706ba2 aa36340f225d333fe026208d7e5ed596ab5e222d00ee1331928b17905e9b802f Loading...

	app.convertobot.com/lib/js/gadget.js	113 kB	2023-07-12	2024-04-26
Pretty URL app.convertobot.com/lib/js/gadget.js IP 172.67.145.237 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-12 13:10:18 Last Seen2024-04-26 03:48:07 Times Seen29 Hash fe3938884e828e2e2f763dc2f3f48654 5d7ecc34d66ae825b73239787566d4489cf090fd 93aa19cadefec400f99ebdc750dc93b20bc48a2c6f50ac36521120d6fc52c7f2 Loading...

	constantclients.cc/	1.1 kB	2024-04-18	2024-04-18
Pretty URL constantclients.cc/ IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 06:03:28 Last Seen2024-04-18 13:31:22 Times Seen2 Hash d2a9ed3ab96c51ef1d4f2ff205d9f28f 118c4224f758fb27dc71dfa5edcef6db9818f86d dd12023ab8a391816b27c095dca8b10385b6342fb99865e2db881a6323eec19d Loading...

	constantclients.cc/	94 B	2023-11-08	2024-05-01
Pretty URL constantclients.cc/ IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-08 00:42:21 Last Seen2024-05-01 07:08:51 Times Seen3225 Hash 02d7d8402b7ddb8e6fe47f2a35071e8d 174b5a8fe0ecdfa989fbf40f3ecd51f1d0117693 8a96c1a0a8b1c2a8eab8adfa21634b7f2c4226f6bc5322df1ab7efc4f1f1af7f Loading...

	cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.28/moment-timezone-with-data-1970-2030.min.js	140 kB	2023-03-08	2024-04-27
Pretty URL cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.28/moment-timezone-with-data-1970-2030.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:10:09 Last Seen2024-04-27 01:04:54 Times Seen87 Hash 2254f17a3f253430a1e53e0eb421702a 446e6f427e47e99c4b964fe961dc274f602c6be6 a1bf4661317a1c9154c95b655a2bd4e3b9e06ba79e451dcbb62f557d47858412 Loading...

	content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__#parent=https%3A%2F%2Fdocs.google.com&rpctoken=304627719	0 B	2023-03-07	2024-05-01
Pretty URL content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__#parent=https%3A%2F%2Fdocs.google.com&rpctoken=304627719 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-01 08:26:40 Times Seen37239711 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	constantclients.cc/	804 B	2023-07-27	2024-04-26
Pretty URL constantclients.cc/ IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-27 00:47:51 Last Seen2024-04-26 03:48:05 Times Seen18 Hash 2c18d0286ba27e91da69926a237e0806 ce06a8d160ef45acaac3b4dd5ecbb9ad6b2d1a45 7f325fe77cb7a7a3ae45e84b14d1d11d4482bcbafd4bb319d89379e68a13afe9 Loading...

	constantclients.cc/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0	6.6 kB	2023-11-03	2024-05-01
Pretty URL constantclients.cc/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 09:26:42 Last Seen2024-05-01 07:08:51 Times Seen13625 Hash fd7ef2e4737acd74fd0dcdc3b515e304 0d792b33f12a48ee8aaaf2560a63a5682470645b 1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c Loading...

	constantclients.cc/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js	1.4 kB	2024-04-16	2024-04-30
Pretty URL constantclients.cc/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 12:19:56 Last Seen2024-04-30 12:27:46 Times Seen56 Hash b667dbc895223efab2d7cd4b524d83d6 b60bdf5d62426ce539da53ed135baeb6fa3ea975 96b8cb5f676cdf0fccb5a1002bb23b854477d8ade4f71b2e6438bd7bbcee2a86 Loading...

	constantclients.cc/wp-content/plugins/document-emberdder/dist/public.js?ver=1.8.6	679 B	2024-04-10	2024-04-26
Pretty URL constantclients.cc/wp-content/plugins/document-emberdder/dist/public.js?ver=1.8.6 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-10 04:53:09 Last Seen2024-04-26 03:48:06 Times Seen17 Hash 08e2f72feea4e7869318e95199bb7d57 153ebed062f5d87ef13306b6bbe4ebf7f08bda0e b299df1915daab7dc0e6cf895daa21e9d85230335b52edbf6f993c93fae712ac Loading...

	constantclients.cc/	225 B	2023-03-07	2024-04-26
Pretty URL constantclients.cc/ IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:11:51 Last Seen2024-04-26 03:48:05 Times Seen188 Hash 5615e485914032e63af912e64ffb7953 1fd7129697a013879fa918a8d1dbc2e86d3fa37f 6461317d5a44fbd15ff306c3fe75b47d1cf1c8b00ae0fc51f2df2d1547041f22 Loading...

	constantclients.cc/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2	12 kB	2023-03-07	2024-05-01
Pretty URL constantclients.cc/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-05-01 05:30:56 Times Seen53120 Hash 3819c3569da71daec283a75483735f7e ecd40a5cc6f0b76200c454ca880210dc301cfab8 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0 Loading...

	constantclients.cc/	2.3 kB	2024-04-18	2024-04-18
Pretty URL constantclients.cc/ IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 06:03:28 Last Seen2024-04-18 13:31:22 Times Seen2 Hash d9a68ad681d128c91f9395e5745de6f0 236276f180259f35b7b5f5fb06d4c8662e816dde 6ded6da28e4da230b9ce4659a6c31767d11c568a9bf6b11f5fc7e1c361fb8faa Loading...

	constantclients.cc/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2	21 kB	2023-04-01	2024-05-01
Pretty URL constantclients.cc/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:26:15 Last Seen2024-05-01 07:08:51 Times Seen52254 Hash c4e68a0f3463c0bd3c39eab38815e881 0ce58644e9f3c5063a11453ff287c5ec096465a7 ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f Loading...

	constantclients.cc/	398 B	2023-03-07	2024-04-28
Pretty URL constantclients.cc/ IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:12:31 Last Seen2024-04-28 16:38:58 Times Seen127 Hash e2a660db0196f986d83ae6550efd1880 7c1749e47578260df3f11e047cb16dd6058bc1f0 89509a92e80aaba5b030809286f1ffe85e4da2e437d0bb29c5003ffd7d0182ef Loading...

	constantclients.cc/	300 B	2023-07-27	2024-04-26
Pretty URL constantclients.cc/ IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-27 00:47:51 Last Seen2024-04-26 03:48:05 Times Seen18 Hash 5f9fdf575e2c140958a98925f850f7fb eb66543423caf252c8c4df50822e4a7ebdb12c6a 3823aef2c68fc0a1b0e44bb8c9f6729195e8986894626da686d9617a511f8337 Loading...

	constantclients.cc/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1	8.1 kB	2023-03-07	2024-04-29
Pretty URL constantclients.cc/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:30:33 Last Seen2024-04-29 22:46:22 Times Seen2807 Hash e3317d55ad904d30ea400a2da2a56686 b998595f2c96f76ba65a808ac4029d66021195b4 ecac4fc801141ce552220be4bb12969e2ee625e2cf08cf0edbac579a279b28f1 Loading...

	constantclients.cc/wp-content/themes/mesmerize/assets/js/theme.bundle.min.js?ver=1.6.109	85 kB	2023-03-07	2024-04-28
Pretty URL constantclients.cc/wp-content/themes/mesmerize/assets/js/theme.bundle.min.js?ver=1.6.109 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:03:48 Last Seen2024-04-28 16:38:58 Times Seen76 Hash 2f042b00685f23b715b773ceef644a1b 288e3425797ca89970502ed5c3bff634909e57ed 35c013f7b44dec194fda7044e8cd74fd39a03a400feba0909d5bec3c9fb5b220 Loading...

	constantclients.cc/	889 B	2023-07-27	2024-04-26
Pretty URL constantclients.cc/ IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-27 00:47:51 Last Seen2024-04-26 03:48:05 Times Seen16 Hash aa9f196706c84494469f89534f8a1906 e348a43a9c0d25ccbd9a2ea32bbe04995d45cd92 1cdc940e566c3a4fe8ec873103dff8fb73d1b342f47172d8898c7c5df45eb62d Loading...

	constantclients.cc/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.21.0	40 kB	2024-04-16	2024-04-29
Pretty URL constantclients.cc/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.21.0 IP 66.235.200.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 12:19:55 Last Seen2024-04-29 19:51:39 Times Seen69 Hash e89cb5dd5e3b9e2abe2170cc33b94f3f c2b27aae073c0c6beab34f829b3b2615a2b0d56b ebd07e134eaa69ff679725da56a465facafc8a09c61ef8bf42ceead8f79f6562 Loading...

	apis.google.com/js/googleapis.proxy.js?onload=startup	15 kB	2024-04-11	2024-04-22
Pretty URL apis.google.com/js/googleapis.proxy.js?onload=startup IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-11 21:28:09 Last Seen2024-04-22 16:34:14 Times Seen28 Hash 7f93e0458ef1a4a7db3a3c75ef5c8f26 56f6636f85494d2dbb878e5214b95c12f71ba567 c2e9943fb0b73a7d2c5e3f3f4c076367903a0fe813bf652d7ee9af81eb150afc Loading...

	static.addtoany.com/menu/modules/core.BRQnzO8v.js	72 kB	2024-04-12	2024-05-01
Pretty URL static.addtoany.com/menu/modules/core.BRQnzO8v.js IP 172.67.39.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 02:34:00 Last Seen2024-05-01 06:03:26 Times Seen859 Hash 629401c31553d2f42a6ca46e58c2a97b 0ab6084caa72f90913c7e4119f491838726ec5c2 91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 977a63baaae12bc6cebe8d12ca4c605f	14 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 12:07:05 Last Seen2024-04-26 22:46:45 Times Seen332 Hash 977a63baaae12bc6cebe8d12ca4c605f 351f8f17ffae36edd22bcab7d082b6cb79a029e9 ddcc07c1e3337442b3ada36ea3422c6b417949dfcf4068fbf813e581c93385f6 Loading...

HTTP Transactions (201)

URL IP Response Size

constantclients.cc/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=1.1

66.235.200.147

200 OK

124 B

URL GET HTTP/2
constantclients.cc/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=1.1
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
ASCII text, with CRLF, CR line terminators
Size
124 B (124 bytes)
Hash
9730086eefb28d971b315173f579b3b0
a9845ea261aef600305f310c15d83232ee33460d
9c0647c53dde19cd56b2dfd0626db41f3db20c92984e1e6a4d469c19e4823adf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=1.1 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 124
last-modified: Mon, 25 Dec 2023 20:13:33 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2ed8d21b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.28

66.235.200.147

200 OK

323 B

URL GET HTTP/2
constantclients.cc/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.28
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
ASCII text
Size
323 B (323 bytes)
Hash
a5bf64d5859ee94a3e8e93d592d6d2a0
049eb63b42dbb820b06870a430f523bf06880721
25825611ade7ceaed7df3862ec56dc91ad1d2be539966ef7bbe84306e51cfb08

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.28 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 323
last-modified: Tue, 16 Apr 2024 20:09:04 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2ed8d22b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/uploads/elementor/css/global.css?ver=1708890611

66.235.200.147

200 OK

3.5 kB

URL GET HTTP/2
constantclients.cc/wp-content/uploads/elementor/css/global.css?ver=1708890611
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (21216)
Size
3.5 kB (3455 bytes)
Hash
fb46c36a0e1370c14602c354a01ae0cb
2d7e31c67202b2cb67d9af9bde7524375e98f050
c30246b474bb2bfa1f801efb85462ed4bfeaaa649ec50289ff5c35fc05132e95

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/global.css?ver=1708890611 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 3455
last-modified: Sun, 25 Feb 2024 19:50:11 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2ed9d29b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/popup-builder/public/css/theme.css?ver=4.2.7

66.235.200.147

200 OK

15 kB

URL GET HTTP/2
constantclients.cc/wp-content/plugins/popup-builder/public/css/theme.css?ver=4.2.7
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4774)
Size
15 kB (15343 bytes)
Hash
e6fa0ab1e511473032e374f0ec4fc1ec
002f24a50270e1c847d21b8530db933dcbdc499f
96344c48276b6477946734dfa6f60c187fa33d371c0f4bc2156edc0e2868617c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/popup-builder/public/css/theme.css?ver=4.2.7 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 15343
last-modified: Tue, 20 Feb 2024 20:09:49 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2ed8d1db50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/document-emberdder/dist/public.css?ver=1.8.6

66.235.200.147

200 OK

545 B

URL GET HTTP/2
constantclients.cc/wp-content/plugins/document-emberdder/dist/public.css?ver=1.8.6
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1289)
Size
545 B (545 bytes)
Hash
fd70481184bb5db0628a2457c7614c50
c17d20bb7878723585f0e393b16b5151d9d2c0dc
294c91a9d8e5a19c67cc03c6c2865cbe637773d6e2137f5b4c8b2f5566ae1ee3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/document-emberdder/dist/public.css?ver=1.8.6 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 545
last-modified: Sat, 09 Mar 2024 08:07:00 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2ed8d1bb50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3

66.235.200.147

200 OK

308 B

URL GET HTTP/2
constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (489)
Size
308 B (308 bytes)
Hash
144e43c3b3d8ea5b278c062c202c92f2
3c037057a419245849747b4762d09d88cab66fc1
9cd63b8cea25045c14623c538d26752518a58c0c682795ce6ad3078976c65a37

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 308
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edad42b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/uploads/elementor/css/post-7.css?ver=1708890610

66.235.200.147

200 OK

384 B

URL GET HTTP/2
constantclients.cc/wp-content/uploads/elementor/css/post-7.css?ver=1708890610
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1142), with no line terminators
Size
384 B (384 bytes)
Hash
09b474b74635adffa3e25525863d8151
b3c4d1017333f8c5962491c1777210d9d72511fb
c1f94714293d0da750d2780ad7abf13fd88508fafa0bec27aa9dc4e9065bcf32

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/post-7.css?ver=1708890610 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 384
last-modified: Sun, 25 Feb 2024 19:50:10 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2ed9d28b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.29.0

66.235.200.147

200 OK

4.1 kB

URL GET HTTP/2
constantclients.cc/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.29.0
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (19732)
Size
4.1 kB (4117 bytes)
Hash
45f978120a537b249dfac36306ed5471
9eebc1e6fe55d9737d0e91bdfa3976b344ea2a09
67ac597bed179b5842d996fad80472c6b9514edde408ade8b892161bcf9e9c88

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.29.0 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 4117
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2ed9d24b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.9.15

66.235.200.147

200 OK

1.0 kB

URL GET HTTP/2
constantclients.cc/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.9.15
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (3757)
Size
1.0 kB (1028 bytes)
Hash
328ebfd01781de6fe0f18f59ca04861c
334fea12d6d0d4de5f19f0f1db467b444b0d67c3
0bc32c16a963f587d3d0d69da37f1ddf1269221fc7df0907f420624614ab2963

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.9.15 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 1028
last-modified: Tue, 09 Apr 2024 12:13:51 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edad3db50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3

66.235.200.147

200 OK

309 B

URL GET HTTP/2
constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (483)
Size
309 B (309 bytes)
Hash
9eb2d3c87feb6bb2ffa63b70532b1477
38f226335a05ab0e30497bc7419eb5e243a9e26c
37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 309
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edad41b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1

66.235.200.147

200 OK

126 B

URL GET HTTP/2
constantclients.cc/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with no line terminators
Size
126 B (126 bytes)
Hash
5ef26b5e47e6951f43ecf2b1fc645222
081afb52577f6f3bb044fdea6d34a632c3cce7e8
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 126
last-modified: Tue, 16 Apr 2024 08:03:52 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edbd45b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/uploads/elementor/css/post-1192.css?ver=1708890611

66.235.200.147

200 OK

680 B

URL GET HTTP/2
constantclients.cc/wp-content/uploads/elementor/css/post-1192.css?ver=1708890611
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2923), with no line terminators
Size
680 B (680 bytes)
Hash
6fec0d84a5bcded957c5e244c3e200cb
5697b9e9d68020e02ccee4f056c51c910a2d8488
b5e9c30e3e3a5d064d2d8d2db6bbd6b3fcb055498a95fffbbc72c60150a3f372

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/post-1192.css?ver=1708890611 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 680
last-modified: Sun, 25 Feb 2024 19:50:11 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2ed9d2db50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/popup-builder/public/js/Popup.js?ver=4.2.7

66.235.200.147

200 OK

11 kB

URL GET HTTP/2
constantclients.cc/wp-content/plugins/popup-builder/public/js/Popup.js?ver=4.2.7
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (5515)
Size
11 kB (10592 bytes)
Hash
aad76345b176f2bdea7082ce27717aba
1f3c44bf0b8169741bc5b3e71e83e05d07b59338
113500b83a965388babfdb15b9740741f750db1890f6fa3677cf1bcaddd96089

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/popup-builder/public/js/Popup.js?ver=4.2.7 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 10592
last-modified: Tue, 20 Feb 2024 20:09:50 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edbd48b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/Logo-New-1.png.webp

66.235.200.147

200 OK

15 kB

URL GET HTTP/2
constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/Logo-New-1.png.webp
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
15 kB (15244 bytes)
Hash
31e0b53ba82b874173ee64e436693d2c
a9cd55675f5112377f297920300a74c5bc761ef7
56fe4fe88acd6126c4390e49505042e965ef8fb2cc8aa2bf7e996624e09cb52e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/webp-express/webp-images/uploads/2021/08/Logo-New-1.png.webp HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: image/webp
content-length: 15244
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c2edbd4eb50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16

66.235.200.147

200 OK

544 B

URL GET HTTP/2
constantclients.cc/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1604), with no line terminators
Size
544 B (544 bytes)
Hash
2a489d28e2fc2088b3fe0bcda8417525
af48dd19c11ceac12d2473b2b8e216da9d9d432c
c19e3e4151ea4933fa9ba9703c51fe20ad469237771214b1c5001d1b107ddef5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 544
last-modified: Tue, 16 Apr 2024 08:03:52 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edad36b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

66.235.200.147

200 OK

5.4 kB

URL GET HTTP/2
constantclients.cc/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (13479)
Size
5.4 kB (5422 bytes)
Hash
9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 5422
last-modified: Tue, 08 Aug 2023 20:05:49 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edbd44b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/uploads/elementor/css/post-999.css?ver=1708890611

66.235.200.147

200 OK

4.9 kB

URL GET HTTP/2
constantclients.cc/wp-content/uploads/elementor/css/post-999.css?ver=1708890611
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (22576), with no line terminators
Size
4.9 kB (4861 bytes)
Hash
05f67e1594bf828a7fc28cb5804ce3dd
1e76805190ce70d64f2930b1fda33f46e8deb62a
ab659952ddbb016fa6a2ca12bba964321c4a7e0e4f0585288eb54708e0d76f6d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/post-999.css?ver=1708890611 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 4861
last-modified: Sun, 25 Feb 2024 19:50:11 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2ed9d2bb50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/ubermenu/assets/fontawesome/css/all.min.css?ver=6.5.2

66.235.200.147

200 OK

13 kB

URL GET HTTP/2
constantclients.cc/wp-content/plugins/ubermenu/assets/fontawesome/css/all.min.css?ver=6.5.2
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (58392)
Size
13 kB (12646 bytes)
Hash
76cb46c10b6c0293433b371bae2414b2
0038dc97c79451578b7bd48af60ba62282b4082b
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/ubermenu/assets/fontawesome/css/all.min.css?ver=6.5.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 12646
last-modified: Sat, 27 May 2023 14:54:44 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edad3cb50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-includes/js/masonry.min.js?ver=4.2.2

66.235.200.147

200 OK

9.2 kB

URL GET HTTP/2
constantclients.cc/wp-includes/js/masonry.min.js?ver=4.2.2
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (23966)
Size
9.2 kB (9216 bytes)
Hash
3b3fc826e58fc554108e4a651c9c7848
76778fd446e2ff2377588a7b4ac4d79f258427c9
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/masonry.min.js?ver=4.2.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 9216
last-modified: Sat, 27 May 2023 14:55:04 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2eddd70b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/12/Signature-Black-cropped-300x110.png.webp

66.235.200.147

200 OK

7.0 kB

URL GET HTTP/2
constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/12/Signature-Black-cropped-300x110.png.webp
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
7.0 kB (6972 bytes)
Hash
17bafbce1d3d92316c87a5320d0fe570
a239941ef6521d2e6c012bab5dbc29dbcdbf9eda
63880aa06cb4060255e87752eb0bddc8b704a8dbd8df008156190f920b64069a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/webp-express/webp-images/uploads/2021/12/Signature-Black-cropped-300x110.png.webp HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: image/webp
content-length: 6972
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c2edcd5ab50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-includes/js/imagesloaded.min.js?ver=5.0.0

66.235.200.147

200 OK

2.1 kB

URL GET HTTP/2
constantclients.cc/wp-includes/js/imagesloaded.min.js?ver=5.0.0
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (4358)
Size
2.1 kB (2112 bytes)
Hash
6823120876c9afc8929418c9a6f8e343
90b0adb37d70ffec5f9189c36bb0027c310c9502
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/imagesloaded.min.js?ver=5.0.0 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 2112
last-modified: Tue, 07 Nov 2023 20:03:53 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2eddd6fb50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/ubermenu/pro/assets/css/ubermenu.min.css?ver=3.7.4

66.235.200.147

200 OK

13 kB

URL GET HTTP/2
constantclients.cc/wp-content/plugins/ubermenu/pro/assets/css/ubermenu.min.css?ver=3.7.4
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
13 kB (12707 bytes)
Hash
30d4da1b06f620d981ebf7f1cfdebe7a
5be661ca056df76e26b16fe85c72378010fb2ad3
f7ba7e664816f88dde2f3f9b789e427087a5deb8986f708dd02bcfe1c0d8ff55

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/ubermenu/pro/assets/css/ubermenu.min.css?ver=3.7.4 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 12707
last-modified: Sat, 27 May 2023 14:54:44 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edad38b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/uploads/2021/08/menu-03-150x150.png

66.235.200.147

200 OK

2.9 kB

URL GET HTTP/2
constantclients.cc/wp-content/uploads/2021/08/menu-03-150x150.png
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
2.9 kB (2938 bytes)
Hash
687cae38bd7eee664ac9e4777800b413
4ac9e7015a249928a6a4a46590ecfe74679e2b47
eb86759a697d1d1213ac42344b16564dacea6726b3a8ec61569e7776cd5c74eb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/08/menu-03-150x150.png HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: image/webp
content-length: 2938
x-webp-convert-log: Serving converted file
vary: Accept,Accept-Encoding
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edcd51b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3

66.235.200.147

200 OK

13 kB

URL GET HTTP/2
constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (57884)
Size
13 kB (12618 bytes)
Hash
f4af7e5ec05ebb0f08d43e2384266abc
a1869e155e92fa178b9c3ae6dff787df57f195c6
fafc4160788beca657ec3e3041976281fb6d54a0e82bb4d22a433f7c6bb8b1d6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 12618
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edad3eb50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/strong-testimonials/public/css/slider-controls-sides-outside-buttons.css?ver=3.1.12

66.235.200.147

200 OK

1.1 kB

URL GET HTTP/2
constantclients.cc/wp-content/plugins/strong-testimonials/public/css/slider-controls-sides-outside-buttons.css?ver=3.1.12
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
ASCII text
Size
1.1 kB (1097 bytes)
Hash
372079cd65a278dc054c18eb721453a1
0f3d344abc3c648a3b1818d96c3125b2e6419199
709515b4bd2ec01218234daa7fc5ee63dcf3a375ca975f36886c3d029204f140

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/strong-testimonials/public/css/slider-controls-sides-outside-buttons.css?ver=3.1.12 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 1097
last-modified: Fri, 22 Mar 2024 20:03:55 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edcd5fb50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/analytics-talk-content-tracking.js?ver=1.20.2

66.235.200.147

200 OK

624 B

URL GET HTTP/2
constantclients.cc/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/analytics-talk-content-tracking.js?ver=1.20.2
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1685), with no line terminators
Size
624 B (624 bytes)
Hash
070a12458ed43e10ecdc3c90ed286af5
ccb5fb60d9153cea396224a484f1984afb29503f
a2a6f3d68cab390cc94906f0122540b73d23c164f2c26b356d10e620059135f1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/duracelltomi-google-tag-manager/dist/js/analytics-talk-content-tracking.js?ver=1.20.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 624
last-modified: Fri, 05 Apr 2024 14:04:35 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edbd4cb50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/icon-01-1024x702.png.webp

66.235.200.147

200 OK

46 kB

URL GET HTTP/2
constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/icon-01-1024x702.png.webp
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
46 kB (46548 bytes)
Hash
3026f217746be77a99b964ab371f1e54
ba579b141f3213e7f8811e74bc7a262133ac4b14
9fc6c1246f52f6c0d3fdd633ba9369330f34f72b81d410978fe9fd35badf2fd4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/webp-express/webp-images/uploads/2021/08/icon-01-1024x702.png.webp HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: image/webp
content-length: 46548
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c2edcd59b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2

66.235.200.147

200 OK

8.3 kB

URL GET HTTP/2
constantclients.cc/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (8189)
Size
8.3 kB (8343 bytes)
Hash
c4e68a0f3463c0bd3c39eab38815e881
0ce58644e9f3c5063a11453ff287c5ec096465a7
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 8343
last-modified: Sat, 27 May 2023 14:55:03 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2eddd72b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/Logo-New-2.png.webp

66.235.200.147

200 OK

17 kB

URL GET HTTP/2
constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/Logo-New-2.png.webp
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
17 kB (16556 bytes)
Hash
365659e2ee3dbbacb90695e65a432595
c842cf95aea83dc2fcc04c1e502afafa9cd69335
0178c88fb747b80c3faa02c63ddf3f56d6e578801cc0b050dc2b2802a1146522

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/webp-express/webp-images/uploads/2021/08/Logo-New-2.png.webp HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: image/webp
content-length: 16556
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c2edbd4db50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min.css?ver=8.4.5

66.235.200.147

200 OK

5.4 kB

URL GET HTTP/2
constantclients.cc/wp-content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min.css?ver=8.4.5
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (16214)
Size
5.4 kB (5361 bytes)
Hash
a2431bc290cf34e330e11ec4cfce1247
32a53342901fef5f4f4dbb26a555e730f84437a4
c57e64fcb72bddafa9c38de574441c3e69ac6c961df96b0cad34da83658bd196

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min.css?ver=8.4.5 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 5361
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2ed9d26b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/popup-builder/public/js/PopupConfig.js?ver=4.2.7

66.235.200.147

200 OK

1.9 kB

URL GET HTTP/2
constantclients.cc/wp-content/plugins/popup-builder/public/js/PopupConfig.js?ver=4.2.7
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (2826)
Size
1.9 kB (1922 bytes)
Hash
c7a493f7e281b7a2c5fe182a44ba8367
11c971b79a4c8ea2dd1b6b4d7b33192275054f44
3fe8c79d67b21039a5d059ef40761950fb76e1d17933d61509f7eb3c68f5aeeb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/popup-builder/public/js/PopupConfig.js?ver=4.2.7 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 1922
last-modified: Tue, 20 Feb 2024 20:09:50 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edbd4ab50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/document-emberdder/dist/public.js?ver=1.8.6

66.235.200.147

200 OK

367 B

URL GET HTTP/2
constantclients.cc/wp-content/plugins/document-emberdder/dist/public.js?ver=1.8.6
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (679), with no line terminators
Size
367 B (367 bytes)
Hash
08e2f72feea4e7869318e95199bb7d57
153ebed062f5d87ef13306b6bbe4ebf7f08bda0e
b299df1915daab7dc0e6cf895daa21e9d85230335b52edbf6f993c93fae712ac

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/document-emberdder/dist/public.js?ver=1.8.6 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 367
last-modified: Sat, 09 Mar 2024 08:07:00 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edbd46b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/ubermenu/assets/js/ubermenu.min.js?ver=3.7.4

66.235.200.147

200 OK

12 kB

URL GET HTTP/2
constantclients.cc/wp-content/plugins/ubermenu/assets/js/ubermenu.min.js?ver=3.7.4
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (698)
Size
12 kB (12333 bytes)
Hash
273b37618af3db6db671d2d1c8f0d168
f4d735f4c27b110cc2499e03a8e4854ea7511641
58415d97eb0b5745ccfa6e5e2f996581ec39f6c4af80627d3dd3c06bc5977ca6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/ubermenu/assets/js/ubermenu.min.js?ver=3.7.4 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 12333
last-modified: Sat, 27 May 2023 14:54:44 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2eded76b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/themes/mesmerize/assets/css/theme.bundle.min.css?ver=1.6.109

66.235.200.147

200 OK

18 kB

URL GET HTTP/2
constantclients.cc/wp-content/themes/mesmerize/assets/css/theme.bundle.min.css?ver=1.6.109
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (34446)
Size
18 kB (17766 bytes)
Hash
bb0c62f3cc6d9060171af6f42e68c296
6809ceee753cf8c1dd823b4dc565bf232e0a52a5
4122023e5f7e22cd0d2dc7bb99cf441cb2ba32b7b3b1b6dbc6cf23e1afe7c699

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/mesmerize/assets/css/theme.bundle.min.css?ver=1.6.109 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 17766
last-modified: Sat, 27 May 2023 14:54:47 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2ed9d31b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/strong-testimonials/public/js/controller.min.js?ver=3.1.12

66.235.200.147

200 OK

1.8 kB

URL GET HTTP/2
constantclients.cc/wp-content/plugins/strong-testimonials/public/js/controller.min.js?ver=3.1.12
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (5154), with no line terminators
Size
1.8 kB (1753 bytes)
Hash
8be478d960c1631768caccadb401d3de
474ed4aed08c7bd6a520b0e62b0bb9bf8bb10267
23e87ea207c2004ed8cde1032e7e0419a52b0ede6848d7ecc0a68f5ceb3fb728

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/strong-testimonials/public/js/controller.min.js?ver=3.1.12 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 1753
last-modified: Fri, 22 Mar 2024 20:03:55 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2ee0d98b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/strong-testimonials/public/js/lib/readmore/readmore.min.js?ver=3.1.12

66.235.200.147

200 OK

596 B

URL GET HTTP/2
constantclients.cc/wp-content/plugins/strong-testimonials/public/js/lib/readmore/readmore.min.js?ver=3.1.12
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1567), with no line terminators
Size
596 B (596 bytes)
Hash
dc1043230b64324918212e00103a6218
76f877c39fea92ab78ff12c89defa3d8b6bc82db
f6588d639bce56904c74e0cc06dcb91976a4d42b18be27afd2207c7c831a3cad

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/strong-testimonials/public/js/lib/readmore/readmore.min.js?ver=3.1.12 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 596
last-modified: Fri, 22 Mar 2024 20:03:55 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2ee0d99b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/menu-06-150x150.png.webp

66.235.200.147

200 OK

5.3 kB

URL GET HTTP/2
constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/menu-06-150x150.png.webp
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.3 kB (5274 bytes)
Hash
4ffd1646ecdab1cd611bf69edd506086
72413c7466e6526282f25a99c434dc4b4129ca43
328ef997d7204c93f847ee19465dc054520ceae0cb92d82629a05ae1db170127

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/webp-express/webp-images/uploads/2021/08/menu-06-150x150.png.webp HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: image/webp
content-length: 5274
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c2edcd54b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2

66.235.200.147

200 OK

3.7 kB

URL GET HTTP/2
constantclients.cc/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (12198), with no line terminators
Size
3.7 kB (3747 bytes)
Hash
3819c3569da71daec283a75483735f7e
ecd40a5cc6f0b76200c454ca880210dc301cfab8
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 3747
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2ee0d9eb50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/wp-pdf-generator/assets/js/es6-promise.auto.min.js?ver=1.2.3

66.235.200.147

200 OK

2.7 kB

URL GET HTTP/2
constantclients.cc/wp-content/plugins/wp-pdf-generator/assets/js/es6-promise.auto.min.js?ver=1.2.3
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (6601), with no line terminators
Size
2.7 kB (2719 bytes)
Hash
7850f75032813dc5c0e9eb75eba880bf
8e298e92961b97e21fce70a681992550f455b2de
f2a14fbc03102e3f6139790da043b488e5d0c76b47c80f175a4ca6e4edddc6a3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/wp-pdf-generator/assets/js/es6-promise.auto.min.js?ver=1.2.3 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 2719
last-modified: Mon, 05 Jun 2023 08:06:04 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2eded7bb50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/menu-01-150x150.png.webp

66.235.200.147

200 OK

5.7 kB

URL GET HTTP/2
constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/menu-01-150x150.png.webp
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.7 kB (5718 bytes)
Hash
9b484c028543cac0d4a89f8d2e91c0a9
a86917d94755622d2074b182b146a2040e3cd006
9f581de3fb14633e90e44fe419e8970f1e6eb93d3f43db5dd0b85eefc637d7f8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/webp-express/webp-images/uploads/2021/08/menu-01-150x150.png.webp HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: image/webp
content-length: 5718
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c2edcd55b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.28

66.235.200.147

200 OK

12 kB

URL GET HTTP/2
constantclients.cc/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.28
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (1646)
Size
12 kB (11708 bytes)
Hash
b46c6c561749d353ded2332c13a5e8eb
4c5ad91ccb661a5e48f9c502c06b326878f4f715
6f708315ec1e5f14fcf831768764aad338d6507ac1e5f11c155c820487052544

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.28 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 11708
last-modified: Tue, 16 Apr 2024 20:09:04 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edcd5bb50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.21.0

66.235.200.147

200 OK

2.3 kB

URL GET HTTP/2
constantclients.cc/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.21.0
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (4957)
Size
2.3 kB (2341 bytes)
Hash
d4611b146b41aa47d51076a0d3798082
6bb95b45dfc5379953c39fe6c56322350be95411
25ca7abf6b5b9becd0676818fde2d3b374badcff7867f95dbcbfebeac59a24c0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.21.0 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 2341
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2ee0d9ab50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18

66.235.200.147

200 OK

1.6 kB

URL GET HTTP/2
constantclients.cc/wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (4272)
Size
1.6 kB (1589 bytes)
Hash
072d3f6e5c446f57d5c544f9931860e2
ee6aa3d65b474309376468b24bb6f829a4514809
2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 1589
last-modified: Tue, 02 Apr 2024 20:04:39 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edfd91b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/strong-testimonials/public/css/rating-display.css?ver=3.1.12

66.235.200.147

200 OK

1.1 kB

URL GET HTTP/2
constantclients.cc/wp-content/plugins/strong-testimonials/public/css/rating-display.css?ver=3.1.12
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
ASCII text
Size
1.1 kB (1056 bytes)
Hash
e19642eec532b12a9638e63700ca0d54
9cff83f0f1c3efcd7bf2f97d3f3d8d0362d83174
3fab82fbed146cb073c78172db4a86d9eda3da79d385d97a425cd826d6bb084e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/strong-testimonials/public/css/rating-display.css?ver=3.1.12 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 1056
last-modified: Fri, 22 Mar 2024 20:03:55 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edcd61b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.21.0

66.235.200.147

200 OK

3.0 kB

URL GET HTTP/2
constantclients.cc/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.21.0
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (10019)
Size
3.0 kB (2997 bytes)
Hash
4601ba55044413706c2022cb6c1c3d05
5103ec2fbb389568ebf5cfe4fd721f3df2ff7aec
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.21.0 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 2997
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edcd65b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/strong-testimonials/public/css/animate.min.css?ver=6.5.2

66.235.200.147

200 OK

5.6 kB

URL GET HTTP/2
constantclients.cc/wp-content/plugins/strong-testimonials/public/css/animate.min.css?ver=6.5.2
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (57790)
Size
5.6 kB (5582 bytes)
Hash
c78e4003414fbf2814dc097a5e1c784a
de9d5645ef10c5362ec1f893bb83995594eadf99
1ed082521f47921ffff14d4ec1c6c3f1ea55114741bee23cc23d4ab6a3213642

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/strong-testimonials/public/css/animate.min.css?ver=6.5.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 5582
last-modified: Fri, 22 Mar 2024 20:03:55 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edcd64b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1

66.235.200.147

200 OK

2.0 kB

URL GET HTTP/2
constantclients.cc/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
2.0 kB (1987 bytes)
Hash
e3317d55ad904d30ea400a2da2a56686
b998595f2c96f76ba65a808ac4029d66021195b4
ecac4fc801141ce552220be4bb12969e2ee625e2cf08cf0edbac579a279b28f1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 1987
last-modified: Mon, 25 Dec 2023 20:13:33 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edcd68b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/gabrielle-henderson-HJckKnwCXxQ-unsplash-1024x683.jpg.webp

66.235.200.147

200 OK

50 kB

URL GET HTTP/2
constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/gabrielle-henderson-HJckKnwCXxQ-unsplash-1024x683.jpg.webp
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x683, Scaling: [none]x[none], YUV color, decoders should clamp
Size
50 kB (49708 bytes)
Hash
9630779c0704b4842acf7ca959055124
40efbdd3a6ef2f2c15921f77bbd434daeeb0c3c5
004ff3426ed84301ffa4f8cda28982386f2162ea69d041391cdeef3c731fd8dd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/webp-express/webp-images/uploads/2021/08/gabrielle-henderson-HJckKnwCXxQ-unsplash-1024x683.jpg.webp HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: image/webp
content-length: 49708
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c2edcd58b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/uploads/2021/08/menu-02-150x150.png

66.235.200.147

200 OK

2.2 kB

URL GET HTTP/2
constantclients.cc/wp-content/uploads/2021/08/menu-02-150x150.png
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
Size
2.2 kB (2195 bytes)
Hash
f8836a5ca15b4253bb3da24b40d74826
2c2ef93e4e3658d69ee5c5f08f15ba77f0050f3a
b20b0cb7ea04a40b6ec1bd37b1567010ac1290b93e618698108429bd18c419f2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/08/menu-02-150x150.png HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: image/png
content-length: 2195
x-webp-convert-log: Serving original (it is smaller)
vary: Accept,Accept-Encoding
last-modified: Sat, 27 May 2023 14:54:54 GMT
cache-control: max-age=31536000
expires: Fri, 18 Apr 2025 04:02:48 GMT
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edcd56b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

66.235.200.147

200 OK

3.0 kB

URL GET HTTP/2
constantclients.cc/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (8171), with no line terminators
Size
3.0 kB (2977 bytes)
Hash
dda652db133fddb9b80a05c6d1b5c540
60c8514c57a5db2980c4b046b0dd479bd427357b
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 2977
last-modified: Sat, 27 May 2023 14:55:03 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edfd8db50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-includes/js/underscore.min.js?ver=1.13.4

66.235.200.147

200 OK

8.3 kB

URL GET HTTP/2
constantclients.cc/wp-includes/js/underscore.min.js?ver=1.13.4
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (18798)
Size
8.3 kB (8305 bytes)
Hash
f88d5720bb454ed5d204cbdb56901f6b
f1952292fde4b15936e9aac16b2b9896684db95b
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 8305
last-modified: Sat, 27 May 2023 14:55:04 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edfd8ab50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/strong-testimonials/public/js/lib/actual/jquery-actual.min.js?ver=1.0.16

66.235.200.147

200 OK

683 B

URL GET HTTP/2
constantclients.cc/wp-content/plugins/strong-testimonials/public/js/lib/actual/jquery-actual.min.js?ver=1.0.16
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
683 B (683 bytes)
Hash
cd156e40fd815ff532b6dd8dbb5ffaa1
74ac7fb54741055f249f4237b14ef20d0c7e60d0
93a90efcdb00f1a394d7c9e04fcdc9b7c3589d24ad20046dc4e25553a5672c34

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/strong-testimonials/public/js/lib/actual/jquery-actual.min.js?ver=1.0.16 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 683
last-modified: Fri, 22 Mar 2024 20:03:55 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2eded89b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6

66.235.200.147

200 OK

3.9 kB

URL GET HTTP/2
constantclients.cc/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
data
Size
3.9 kB (3937 bytes)
Hash
a8127c1a87bb4f99edbeec7c37311dcd
9997a1745f48bdd233dbe9bd8164daa53eba105b
f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 3937
last-modified: Tue, 02 Apr 2024 20:04:39 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edfd95b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/menu-05-150x150.png.webp

66.235.200.147

200 OK

4.1 kB

URL GET HTTP/2
constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/menu-05-150x150.png.webp
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.1 kB (4108 bytes)
Hash
2e75fec5bf9c36e406ff0486160e10d0
272f81d765c86c1777d8a30f95b52e6950c54140
14a962fbf3930509f7035e9f2e1584a108586ecfe08ff2ea188a92c5af1b1d5d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/webp-express/webp-images/uploads/2021/08/menu-05-150x150.png.webp HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: image/webp
content-length: 4108
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c2edcd52b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/strong-testimonials/templates/simple/content.css?ver=3.1.12

66.235.200.147

200 OK

1.7 kB

URL GET HTTP/2
constantclients.cc/wp-content/plugins/strong-testimonials/templates/simple/content.css?ver=3.1.12
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
ASCII text
Size
1.7 kB (1726 bytes)
Hash
287179058185b5be1e67111fd491578c
9312d120ff41751d4984f11007ce52f3b890a1f5
af187b40e5f20639aaf376e860774c52606fbbfbab325da83d87ff7e6a434e8e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/strong-testimonials/templates/simple/content.css?ver=3.1.12 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 1726
last-modified: Fri, 22 Mar 2024 20:03:55 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edcd5db50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

66.235.200.147

200 OK

2.7 kB

URL GET HTTP/2
constantclients.cc/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (6625), with no line terminators
Size
2.7 kB (2746 bytes)
Hash
fd7ef2e4737acd74fd0dcdc3b515e304
0d792b33f12a48ee8aaaf2560a63a5682470645b
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 2746
last-modified: Tue, 07 Nov 2023 20:03:53 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edfd8eb50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/strong-testimonials/public/js/lib/verge/verge.min.js?ver=1.10.2

66.235.200.147

200 OK

605 B

URL GET HTTP/2
constantclients.cc/wp-content/plugins/strong-testimonials/public/js/lib/verge/verge.min.js?ver=1.10.2
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1382), with no line terminators
Size
605 B (605 bytes)
Hash
d55b2094ba7726bfecc91dbd573aa096
8be6dfaf3a0044f920cc23f882bb5573b2f77b46
f24d6b3320defba731e6dd055dc838a98dbce7f64d1fff9eaacb501113d6b11a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/strong-testimonials/public/js/lib/verge/verge.min.js?ver=1.10.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: application/javascript
content-length: 605
last-modified: Fri, 22 Mar 2024 20:03:55 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edfd8bb50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

66.235.200.147

200 OK

17 kB

URL GET HTTP/2
constantclients.cc/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (38582), with no line terminators
Size
17 kB (16635 bytes)
Hash
92f8c01350c630f414f5d0b015ad6864
eab40ab4e77f92f2fb17684aaf44b579a51b8034
17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: application/javascript
content-length: 16635
last-modified: Tue, 02 Apr 2024 20:04:39 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edfd8fb50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.21.0

66.235.200.147

200 OK

16 kB

URL GET HTTP/2
constantclients.cc/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.21.0
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (39932)
Size
16 kB (16119 bytes)
Hash
e89cb5dd5e3b9e2abe2170cc33b94f3f
c2b27aae073c0c6beab34f829b3b2615a2b0d56b
ebd07e134eaa69ff679725da56a465facafc8a09c61ef8bf42ceead8f79f6562

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.21.0 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: application/javascript
content-length: 16119
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2ee1d9fb50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/ubermenu/pro/assets/css/skins/white.css?ver=6.5.2

66.235.200.147

200 OK

808 B

URL GET HTTP/2
constantclients.cc/wp-content/plugins/ubermenu/pro/assets/css/skins/white.css?ver=6.5.2
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
ASCII text
Size
808 B (808 bytes)
Hash
58311224f456f95332c7c1b360ab72b4
7854653d128ca318ab757bf62c1ede84261f12ea
b37971ae4f66c84263ac0bd6541163c4ab5d1b82132610e727cdee5051b39481

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/ubermenu/pro/assets/css/skins/white.css?ver=6.5.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: text/css
content-length: 808
last-modified: Sat, 27 May 2023 14:54:44 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:49 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edad39b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/uploads/pum/pum-site-styles.css?generated=1710878638&ver=1.18.5

66.235.200.147

200 OK

5.1 kB

URL GET HTTP/2
constantclients.cc/wp-content/uploads/pum/pum-site-styles.css?generated=1710878638&ver=1.18.5
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (7454), with CRLF, LF line terminators
Size
5.1 kB (5105 bytes)
Hash
63beb8f6214c4ea3b2ce5873fdd2688e
161298749ae6dd16d5ce225dbbb0275dd5506368
0571bed0897b2a51c345eb29b6c9cf935ff7b67e788cd20b3bbafd1e0524f14b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/pum/pum-site-styles.css?generated=1710878638&ver=1.18.5 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: text/css
content-length: 5105
last-modified: Tue, 19 Mar 2024 20:03:58 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:49 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edad34b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/strong-testimonials/public/js/lib/strongslider/jquery-strongslider.min.js?ver=3.1.12

66.235.200.147

200 OK

8.5 kB

URL GET HTTP/2
constantclients.cc/wp-content/plugins/strong-testimonials/public/js/lib/strongslider/jquery-strongslider.min.js?ver=3.1.12
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (24588), with no line terminators
Size
8.5 kB (8454 bytes)
Hash
1895c85b5b2e67091f05c6fab4aab057
9aaa6a3ce5add87efb65c183d0ad3af3eb96561b
a7044cbdee5f47cb5450b0315e0efbb606b80db33aa39106d21237bd1e30da71

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/strong-testimonials/public/js/lib/strongslider/jquery-strongslider.min.js?ver=3.1.12 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: application/javascript
content-length: 8454
last-modified: Fri, 22 Mar 2024 20:03:55 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:49 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edfd97b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.9.15

66.235.200.147

200 OK

4.0 kB

URL GET HTTP/2
constantclients.cc/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.9.15
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (10287), with no line terminators
Size
4.0 kB (4001 bytes)
Hash
8456ff924afc1c7b79f8e9c61d4edb50
69381f72090b4a2b76385dcbe86a5ce33a042820
bc9ce60ecd8ad81f4255baec05cee96d4a32f484f1cc6975e11ac87a5de667f2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.9.15 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: application/javascript
content-length: 4001
last-modified: Tue, 09 Apr 2024 12:13:51 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:49 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2eded78b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/wp-pdf-generator/assets/js/html2pdf.min.js?ver=1.2.3

66.235.200.147

200 OK

4.8 kB

URL GET HTTP/2
constantclients.cc/wp-content/plugins/wp-pdf-generator/assets/js/html2pdf.min.js?ver=1.2.3
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (12131), with CRLF line terminators
Size
4.8 kB (4804 bytes)
Hash
577ec05b87bab1bed79b597059a1fc5e
0e4178ee22cf1711c5ae7c5dfe9f6627152b4c76
660ddb72ebec44a4561b1a7ce4de9855fead2bed538e9350b878a2c2dcff49c4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/wp-pdf-generator/assets/js/html2pdf.min.js?ver=1.2.3 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: application/javascript
content-length: 4804
last-modified: Mon, 05 Jun 2023 08:06:04 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:49 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2eded88b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/gtm4wp-form-move-tracker.js?ver=1.20.2

66.235.200.147

200 OK

313 B

URL GET HTTP/2
constantclients.cc/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/gtm4wp-form-move-tracker.js?ver=1.20.2
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1138), with no line terminators
Size
313 B (313 bytes)
Hash
416f52248a7f5b988d66f1ea80a196ce
06e2618030ffe16fe210c55bb60d42bb77d7b8c6
8b851243dfb01d421b9ad1b062622a23f230c32184a70c07b6e75908bf682961

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/duracelltomi-google-tag-manager/dist/js/gtm4wp-form-move-tracker.js?ver=1.20.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: application/javascript
content-length: 313
last-modified: Fri, 05 Apr 2024 14:04:35 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:49 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2eddd6db50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/uploads/2021/08/menu-04-150x150.png

66.235.200.147

200 OK

3.3 kB

URL GET HTTP/2
constantclients.cc/wp-content/uploads/2021/08/menu-04-150x150.png
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
Size
3.3 kB (3335 bytes)
Hash
b22da683e8599d7f8c458a6b0146d678
a287c6e75a6bcad356eb7962dda80604818ff74d
39964261d7bd055965eb0c4eb3bcc8fd47322720c14ee1f96b900c7f52d46b1f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/08/menu-04-150x150.png HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: image/png
content-length: 3335
x-webp-convert-log: Serving original (it is smaller)
vary: Accept,Accept-Encoding
last-modified: Sat, 27 May 2023 14:54:54 GMT
cache-control: max-age=31536000
expires: Fri, 18 Apr 2025 04:02:49 GMT
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edcd57b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.9.3

66.235.200.147

409 Conflict

1.1 kB

URL GET HTTP/2
constantclients.cc/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.9.3
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
data
Size
1.1 kB (1086 bytes)
Hash
ef746bfab0907733b9c528c1cf0d5619
4637e566770852a0eda252bbb4cbb4ed0e4b6701
f45c6e6d503a3eb90f9f01d64de1bdb0eb0a1047bacad2733c88ea4477952742

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.9.3 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 409 Conflict
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/html; charset=iso-8859-1
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c2ed8d19b50c-OSL
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-KVRPFLS

142.250.74.168

200 OK

73 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-KVRPFLS
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://constantclients.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5027)
Size
73 kB (73326 bytes)
Hash
df2779effda08110e12b16cdb4a9cd3d
febdafc101fd8d6accce1b71a494c6c4d1d30ecf
04046496829c8a1ed4e744108d8d33692084b4e5dfb1a5e4e71e543fab50f4f2

HTTP Headers

GET /gtm.js?id=GTM-KVRPFLS HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 04:02:49 GMT
expires: Thu, 18 Apr 2024 04:02:49 GMT
cache-control: private, max-age=900
last-modified: Thu, 18 Apr 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73326
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2

66.235.200.147

200 OK

78 kB

URL GET HTTP/2
constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261
Size
78 kB (78196 bytes)
Hash
e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: font/woff2
content-length: 78196
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:49 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c2f33814b50c-OSL
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.5.2

142.250.74.106

200 OK

1.6 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.5.2
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://constantclients.cc/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text
Size
1.6 kB (1590 bytes)
Hash
9abeee4ec31e36147f43fdb381c6fd4c
01cef8eadcf8e0fa6bb0b78ef064794fb5dbff15
e8cc80be6c43744ad0fa84933313cc74406e594583a351ed53963e6dbc72fcf1

HTTP Headers

GET /css?family=Roboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.5.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 04:02:49 GMT
date: Thu, 18 Apr 2024 04:02:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf

142.250.74.142

204 No Content

0 B

URL GET HTTP/2
docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://constantclients.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:02:49 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
content-security-policy: script-src 'nonce-ZHpP3UgMTjqrF6AFMAybPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
server: GSE
set-cookie: NID=513=Rr74cs8kNQ--RF8ahaDGmetVlXarGRfsts0YX4JOp-01Zpw-tlZi6DMPgjkqGoritnDSncCD3Jyia_IG2oJKF-bR2zcnEgC4IYUij9Pd1VeznjnRpyIeLgO2iZQll1-FuePDaWk3GoaEhq6kdG0UzF2um-8rA97SNxDSihy4eyU; expires=Fri, 18-Oct-2024 04:02:49 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2

66.235.200.147

200 OK

82 kB

URL GET HTTP/2
constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 81612, version 1.0
Size
82 kB (81612 bytes)
Hash
b4d6b90f14c0441aac364e194978408e
142696d43851c8eba0f54c7b94c5f6ebd09703e6
6b2680fab784d245cbb23d3b51e8d18740e8fc1c7c1c8eadcf0b2b7612125ff8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: font/woff2
content-length: 81612
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:49 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c2f40866b50c-OSL
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700%7CMuli%3A300%2C300italic%2C400%2C400italic%2C600%2C600italic%2C700%2C700italic%2C900%2C900italic%7CPlayfair+Display%3A400%2C400italic%2C700%2C700italic&subset=latin%2Clatin-ext&display=swap

142.250.74.106

200 OK

8.0 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700%7CMuli%3A300%2C300italic%2C400%2C400italic%2C600%2C600italic%2C700%2C700italic%2C900%2C900italic%7CPlayfair+Display%3A400%2C400italic%2C700%2C700italic&subset=latin%2Clatin-ext&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://constantclients.cc/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (9732)
Size
8.0 kB (7967 bytes)
Hash
c2027c67d573a603f8dc491d99dd887c
26e5e5240ad7e734504cbbd2dfa21bc06c98d167
2e3435f9ed753ad662892490333258c5215d8f86601d65c23cf34241ef2e5793

HTTP Headers

GET /css?family=Open+Sans%3A300%2C400%2C600%2C700%7CMuli%3A300%2C300italic%2C400%2C400italic%2C600%2C600italic%2C700%2C700italic%2C900%2C900italic%7CPlayfair+Display%3A400%2C400italic%2C700%2C700italic&subset=latin%2Clatin-ext&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 04:02:49 GMT
date: Thu, 18 Apr 2024 04:02:49 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.3

66.235.200.147

409 Conflict

554 B

URL GET HTTP/2
constantclients.cc/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.3
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
data
Size
554 B (554 bytes)
Hash
4c1d5e6f8562bc8a4a3d36057613c28b
c28c718714a52f21847636921087d8d5e1e756c3
21cf605a18d93ba02be81f60c6bb11157ba584dce550ac668791ae20997ddcb0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.3 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 409 Conflict
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: text/html; charset=iso-8859-1
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c2f3882db50c-OSL
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://constantclients.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://constantclients.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 5269
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://constantclients.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://constantclients.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 5269
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://constantclients.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://constantclients.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 13:20:56 GMT
expires: Fri, 11 Apr 2025 13:20:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 571313
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2

216.58.207.227

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://constantclients.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 32796, version 1.0
Size
33 kB (32796 bytes)
Hash
b2a264e3e87b58b54b76483238805a40
169d6f17c82024fe0cfc2d19884a14dae2ec0bdb
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929

HTTP Headers

GET /s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://constantclients.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32796
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 19:23:26 GMT
expires: Wed, 16 Apr 2025 19:23:26 GMT
cache-control: public, max-age=31536000
age: 117563
last-modified: Wed, 13 Sep 2023 22:41:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://constantclients.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15752, version 1.0
Size
16 kB (15752 bytes)
Hash
b20371a6daf29d4a1f2e85dbbf40fb20
0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://constantclients.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 13:20:59 GMT
expires: Fri, 11 Apr 2025 13:20:59 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
age: 571310
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://constantclients.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://constantclients.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:27:38 GMT
expires: Wed, 16 Apr 2025 16:27:38 GMT
cache-control: public, max-age=31536000
age: 128111
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://constantclients.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://constantclients.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 01:54:31 GMT
expires: Wed, 16 Apr 2025 01:54:31 GMT
cache-control: public, max-age=31536000
age: 180498
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-MR4VREK4MN&l=dataLayer&cx=c

142.250.74.168

200 OK

92 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-MR4VREK4MN&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://constantclients.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (3034)
Size
92 kB (92497 bytes)
Hash
78c44ae8ec0a664b8ed0da63f5f2b2fd
43eb78a31d18d6088c330c1ef59cba3094706ba2
aa36340f225d333fe026208d7e5ed596ab5e222d00ee1331928b17905e9b802f

HTTP Headers

GET /gtag/js?id=G-MR4VREK4MN&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 04:02:49 GMT
expires: Thu, 18 Apr 2024 04:02:49 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 92497
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

static.addtoany.com/menu/sm.25.html

172.67.39.148

883 B

URL
static.addtoany.com/menu/sm.25.html
IP
172.67.39.148:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (624)
Size
883 B (883 bytes)
Hash
41b7ed0cbe240173eea85148fcba633e
39acd5fe099974486a1c9ba11ba0fe7be6bc97ca
274d4116239b63097bb7c16e56e27cbb5a77be20392fb8e2317c0a0235185cad

HTTP Headers

GET /menu/sm.25.html HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XqYdf3zT6f5djRXIIJwMp9CmOr869HlwkvaSLOezMHs8bCNXKhchHrxUkAX8VobSQtGTx9av1ds6j%2BrAMbeIHt6gjCWQ%2F0%2FDDuSz%2BYQMTMfH9cMBRVSXt9wfmQ0xD6qcBrOg5iLUMVJymypfmtsURYC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 6912
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8761c2f4180b5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

constantclients.cc/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.3

66.235.200.147

409 Conflict

92 kB

URL GET HTTP/2
constantclients.cc/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.3
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
data
Size
92 kB (91753 bytes)
Hash
f359d0b10381931f9bd96cc5f7b165e5
3661b47d14eb0004cedf97684d518cb3b72b6cc7
aeef46976954cd593e5dd428c811e72d4646fda919ec456d1059aa1d9dab2bf6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.3 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 409 Conflict
date: Thu, 18 Apr 2024 04:02:50 GMT
content-type: text/html; charset=iso-8859-1
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c2f6998bb50c-OSL
X-Firefox-Spdy: h2

f.vimeocdn.com/p/4.29.7/css/player.css

151.101.246.109

200 OK

22 kB

URL GET HTTP/2
f.vimeocdn.com/p/4.29.7/css/player.css
IP
151.101.246.109:443
ASN
#54113 FASTLY

Requested by
https://player.vimeo.com/video/662404108?h=24abf7b0dc&dnt=1&app_id=122963
Certificate
IssuerGlobalSign nv-sa
Subject*.vimeocdn.com
Fingerprint4F:12:C8:71:F2:3F:56:5B:F7:BB:3A:38:F1:B9:76:36:96:18:43:07
ValidityWed, 22 Nov 2023 22:50:09 GMT - Mon, 23 Dec 2024 22:50:08 GMT

File type
ASCII text, with very long lines (65495)
Size
22 kB (21772 bytes)
Hash
2e4a9443fd858c2ffd20da076d4b266d
a47f270e29164f38b31e0262808b7ddf0211a584
c548b66fb01afbc6b8dd54081e76f284dd6daaa12e4a5e8e331c9299bc10c87e

HTTP Headers

GET /p/4.29.7/css/player.css HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 18 Apr 2024 04:02:50 GMT
age: 34749
x-served-by: cache-iad-kjyo7100091-IAD, cache-hel1410023-HEL
x-cache: HIT, HIT
x-cache-hits: 61, 13613
x-timer: S1713412970.316035,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 21772
X-Firefox-Spdy: h2

constantclients.cc/wp-content/uploads/2021/08/rodeo-project-management-software-ONe-snuCaqQ-unsplash.jpg

66.235.200.147

200 OK

578 kB

URL GET HTTP/2
constantclients.cc/wp-content/uploads/2021/08/rodeo-project-management-software-ONe-snuCaqQ-unsplash.jpg
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1280, Scaling: [none]x[none], YUV color, decoders should clamp
Size
578 kB (577454 bytes)
Hash
2be2e4d6550596910e08590fefa8e7d8
213581af3fb10272cb11a0600221951c2090834a
d6b38eb1dd8fe214bd1ce77eb57392a6d8f5a0c1d5fc172046f922ed7a21f762

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/08/rodeo-project-management-software-ONe-snuCaqQ-unsplash.jpg HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/wp-content/uploads/elementor/css/post-999.css?ver=1708890611
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: image/webp
x-webp-convert-log: Serving converted file
vary: Accept,Accept-Encoding
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:49 GMT
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
server: cloudflare
cf-ray: 8761c2f38831b50c-OSL
X-Firefox-Spdy: h2

apis.google.com/js/client.js

142.250.74.110

200 OK

5.9 kB

URL GET HTTP/2
apis.google.com/js/client.js
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.apis.google.com
FingerprintE3:82:77:FB:12:E7:1E:09:41:8D:12:01:82:E8:DB:CC:47:EB:3F:57
ValidityMon, 04 Mar 2024 07:19:24 GMT - Mon, 27 May 2024 07:19:23 GMT

File type
JavaScript source, ASCII text, with very long lines (2054)
Size
5.9 kB (5905 bytes)
Hash
956abd1c4d33686ed078e1fc2a208e70
adf181b4ffe9f884d1523a9e9055b3c975c22c2f
7ad5b3ae2e3d70b78dcb34e7809635ab483d6f56f8bb224c1660c2385a3157a9

HTTP Headers

GET /js/client.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 5905
date: Thu, 18 Apr 2024 04:02:50 GMT
expires: Thu, 18 Apr 2024 04:02:50 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "3c0b77da4dd83ef7"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

f.vimeocdn.com/p/4.29.7/js/player.module.js

151.101.246.109

200 OK

141 kB

URL GET HTTP/2
f.vimeocdn.com/p/4.29.7/js/player.module.js
IP
151.101.246.109:443
ASN
#54113 FASTLY

Requested by
https://player.vimeo.com/video/662404108?h=24abf7b0dc&dnt=1&app_id=122963
Certificate
IssuerGlobalSign nv-sa
Subject*.vimeocdn.com
Fingerprint4F:12:C8:71:F2:3F:56:5B:F7:BB:3A:38:F1:B9:76:36:96:18:43:07
ValidityWed, 22 Nov 2023 22:50:09 GMT - Mon, 23 Dec 2024 22:50:08 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65447)
Size
141 kB (141256 bytes)
Hash
2296fb574aa5763e0de8d692aacc8fc9
bfd743aa1ef5d70b43f5a06c6d71245117c3cbbe
da286f7ddc94da3f6fd6453fd5b05d463e31e9f3a64d8eb1caf44f36627a12c0

HTTP Headers

GET /p/4.29.7/js/player.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
DNT: 1
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 18 Apr 2024 04:02:50 GMT
age: 34749
x-served-by: cache-iad-kcgs7200104-IAD, cache-hel1410034-HEL
x-cache: HIT, HIT
x-cache-hits: 58, 13512
x-timer: S1713412970.411951,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 141256
X-Firefox-Spdy: h2

i.vimeocdn.com/video/1340250125-d9bf020c04ff83b092ef1d6187adecc9c70cde2a8aee65e3beaec1286637401c-d?mw=80&q=85

151.101.128.217

200 OK

1.9 kB

URL GET HTTP/2
i.vimeocdn.com/video/1340250125-d9bf020c04ff83b092ef1d6187adecc9c70cde2a8aee65e3beaec1286637401c-d?mw=80&q=85
IP
151.101.128.217:443
ASN
#54113 FASTLY

Requested by
https://player.vimeo.com/video/662404108?h=24abf7b0dc&dnt=1&app_id=122963
Certificate
IssuerGlobalSign nv-sa
Subject*.vimeo.com
FingerprintB1:D1:17:3D:08:07:A6:93:99:18:AC:B6:E9:C5:BC:F9:01:9F:32:9F
ValidityThu, 19 Oct 2023 18:39:17 GMT - Tue, 19 Nov 2024 18:39:16 GMT

File type
ISO Media, AVIF Image
Size
1.9 kB (1858 bytes)
Hash
495da0573fa0c5f6ca053ebd8f7a5677
6320f5c3a15589005981eaadc0b1bec609844e0d
4722f83c07d7e96a439825af0d61982ae6dab1922800a7aa13da1007d65a9aaf

HTTP Headers

GET /video/1340250125-d9bf020c04ff83b092ef1d6187adecc9c70cde2a8aee65e3beaec1286637401c-d?mw=80&q=85 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/avif
etag: "495da0573fa0c5f6ca053ebd8f7a5677"
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-glb-prod
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Thu, 18 Apr 2024 04:02:50 GMT
age: 993060
x-served-by: cache-dfw-kdfw8210048-DFW, cache-hel1410026-HEL
x-cache: miss, HIT, MISS
x-cache-hits: 47, 0
x-timer: S1713412970.413423,VS0,VE134
vary: Accept
content-length: 1858
X-Firefox-Spdy: h2

docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf

142.250.74.142

200 OK

0 B

URL GET HTTP/3
docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://constantclients.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:02:50 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
content-security-policy: script-src 'nonce--IIAmoIuxYBW0-O-jsirYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
server: GSE
set-cookie: NID=513=aKiKvQuKLbPEuEzxKrMkEBE5br7MqAemDCUTZjHlohCOSMrW2ebvb-2QIb9rFJGvVyTjSDNFMqYjobxsF62k4ODBc4OYd09inXO7WLvtqsDajdyEuDCm3lanwuMBTW06wL167nikpY3tB1TJVFYerKqClfKlOFzguXqpFudc5_4; expires=Fri, 18-Oct-2024 04:02:50 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs

142.250.74.110

200 OK

111 kB

URL GET HTTP/3
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JavaScript source, ASCII text, with very long lines (2124)
Size
111 kB (111004 bytes)
Hash
9d8cace6dabbc78e36c4aba49c7125b1
797a2f633272abdbf1d88054fbfb3f42adc1415f
a4667786f4a20672e060bb8511e66d795c74b5cf705cd316f898cd2de4f68b43

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 111004
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:06:23 GMT
expires: Fri, 11 Apr 2025 17:06:23 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 31 Mar 2024 15:20:31 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 557787
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/feedback/js/help/prod/service/lazy.min.js

142.250.74.35

200 OK

37 kB

URL GET HTTP/3
www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
JavaScript source, ASCII text, with very long lines (3383)
Size
37 kB (36935 bytes)
Hash
4d95791a35ae95bd11b6f6d7e880ff93
23f70202a367d2b280f2560bbec29b1c9eee5e66
15ce60ae9fdb72f42e3c0baf6010b4b1c55cb5f80f22e430d21bfc1d6886ec7a

HTTP Headers

GET /feedback/js/help/prod/service/lazy.min.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="product-feedback-gathering"
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-length: 36935
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 03:57:37 GMT
expires: Thu, 18 Apr 2024 04:47:37 GMT
cache-control: public, max-age=3000
last-modified: Tue, 16 Apr 2024 14:54:38 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 313
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

f.vimeocdn.com/p/4.29.7/js/vendor.module.js

151.101.246.109

200 OK

104 kB

URL GET HTTP/2
f.vimeocdn.com/p/4.29.7/js/vendor.module.js
IP
151.101.246.109:443
ASN
#54113 FASTLY

Requested by
https://player.vimeo.com/video/662404108?h=24abf7b0dc&dnt=1&app_id=122963
Certificate
IssuerGlobalSign nv-sa
Subject*.vimeocdn.com
Fingerprint4F:12:C8:71:F2:3F:56:5B:F7:BB:3A:38:F1:B9:76:36:96:18:43:07
ValidityWed, 22 Nov 2023 22:50:09 GMT - Mon, 23 Dec 2024 22:50:08 GMT

File type
JavaScript source, ASCII text, with very long lines (65457)
Size
104 kB (103578 bytes)
Hash
daaf0cef21d261fdb059dc53a1e7b610
144556c0102d239542a6ff66e18af23ef8833b3a
4cc5fdc2315043b6059e25fc11d246e71c17049221d468bfb1b17852e53d9311

HTTP Headers

GET /p/4.29.7/js/vendor.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
DNT: 1
Connection: keep-alive
Referer: https://f.vimeocdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 18 Apr 2024 04:02:51 GMT
age: 34750
x-served-by: cache-iad-kiad7000097-IAD, cache-hel1410034-HEL
x-cache: HIT, HIT
x-cache-hits: 62, 14396
x-timer: S1713412971.003488,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 103578
X-Firefox-Spdy: h2

drive.google.com/auth_warmup

142.250.74.46

200 OK

0 B

URL GET HTTP/2
drive.google.com/auth_warmup
IP
142.250.74.46:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /auth_warmup HTTP/1.1
Host: drive.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:02:51 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000
content-security-policy: script-src 'nonce-F_JfTJ50TBxZcxcvzENjbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveOsidBootstrap/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport
cross-origin-resource-policy: same-site
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints: default="/_/DriveOsidBootstrap/web-reports?context=eJzjEtDikmJw1ZBicEqfwRoCxELcHK-3NW1kEzhw8RQjAGinCPk"
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=513=AEoVIoKU5w68QbDxq3Nl8w9O90Em-fMYnnDGnSu0pHRRMBug88c0GgV7dMvllH0FXEdHWFmd7ck5rkbHKu6X0yoSCGCPXZmdGTR8dso6F2LFzjuWp2ilzTTZWpiU8j65qWmTxuBurVAZ3ydXf33wGSHHkkkjkEqAp_k6SDd8054; expires=Fri, 18-Oct-2024 04:02:50 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

constantclients.cc/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2

66.235.200.147

200 OK

5.4 kB

URL GET HTTP/2
constantclients.cc/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (15752)
Size
5.4 kB (5365 bytes)
Hash
b976b651932bfd25b9ddb5b7693d88a7
7fcb7cb5c11227f9213b1e08a07d0212209e1432
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000; _ga_MR4VREK4MN=GS1.1.1713412970.1.0.1713412970.0.0.1500175129; _ga=GA1.1.1651928891.1713412970
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:51 GMT
content-type: application/javascript
content-length: 5365
last-modified: Tue, 02 Apr 2024 20:04:39 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:50 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2fbdbb4b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js

66.235.200.147

200 OK

672 B

URL GET HTTP/2
constantclients.cc/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1320)
Size
672 B (672 bytes)
Hash
b667dbc895223efab2d7cd4b524d83d6
b60bdf5d62426ce539da53ed135baeb6fa3ea975
96b8cb5f676cdf0fccb5a1002bb23b854477d8ade4f71b2e6438bd7bbcee2a86

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000; _ga_MR4VREK4MN=GS1.1.1713412970.1.0.1713412970.0.0.1500175129; _ga=GA1.1.1651928891.1713412970
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:51 GMT
content-type: application/javascript
content-length: 672
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:51 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2fc7bf1b50c-OSL
X-Firefox-Spdy: h2

play.google.com/log?format=json&hasfast=true&authuser=0

142.250.74.174

200 OK

0 B

URL POST HTTP/3
play.google.com/log?format=json&hasfast=true&authuser=0
IP
142.250.74.174:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://docs.google.com/
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: https://docs.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 18 Apr 2024 04:02:51 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__

142.250.74.106

272 B

URL
content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text
Size
272 B (272 bytes)
Hash
36a9f31dd9a19d96a94440f2967440b3
f6a29641a8def28b936babc188511243cc6399ed
95ff3e0738cb5ed9bffeb8ff87c7cfe38e48b2df3164e1fe21a34e5d95f137cb

HTTP Headers

GET /static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__ HTTP/1.1
Host: content.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce-gOoAJoVTXG5WCnFdA-SXVw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none', require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apiserving"
report-to: {"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
content-length: 272
date: Thu, 18 Apr 2024 04:02:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Tue, 12 Mar 2024 05:08:00 GMT
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp; report-to="apiserving"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ssl.gstatic.com/docs/common/viewer/v3/v-sprite56.svg

142.250.74.35

200 OK

50 kB

URL GET HTTP/3
ssl.gstatic.com/docs/common/viewer/v3/v-sprite56.svg
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
SVG Scalable Vector Graphics image
Size
50 kB (50079 bytes)
Hash
ba7ab7044d6c6c0240c3917858948cff
3b840b104cb3d74d5a35fbd193aca32d27815d3e
0189f7c6ed35a7be5e51a30366fbc54c9c9e27d2511db44895d85a1458f83ab5

HTTP Headers

GET /docs/common/viewer/v3/v-sprite56.svg HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-length: 50079
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 15:15:27 GMT
expires: Tue, 15 Apr 2025 15:15:27 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 15 Feb 2024 22:18:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
age: 218844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

play.google.com/log?format=json&hasfast=true&authuser=0

142.250.74.174

200 OK

0 B

URL POST HTTP/3
play.google.com/log?format=json&hasfast=true&authuser=0
IP
142.250.74.174:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://docs.google.com/
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://docs.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 18 Apr 2024 04:02:51 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment.min.js

104.17.24.14

200 OK

16 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (53324), with no line terminators
Size
16 kB (15508 bytes)
Hash
761502841c035afcf6a9bdc5d0a20d11
69ab16ba8ca68431ab59eff286c7ed1e520bca30
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964

HTTP Headers

GET /ajax/libs/moment.js/2.24.0/moment.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 15508
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f26-d04c"
last-modified: Mon, 04 May 2020 16:13:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 207601
expires: Tue, 08 Apr 2025 04:02:51 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QfBvAeMZlNNuyikdoDrd71Tr3O%2Bk8qh%2BNNG4l6Qisak6kyvX7XAJaEsTnaVoDIoaw5CV7%2BKWG1B%2Be04vWQSQn1msT%2B6DtZrYSBFbR6jctdw82Nk4EcEvTeMtHKOoeDrzPsS0dgJi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8761c2fecdceb529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

app.convertobot.com/lib/js/gadget.js

172.67.145.237

200 OK

53 kB

URL GET HTTP/2
app.convertobot.com/lib/js/gadget.js
IP
172.67.145.237:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerLet's Encrypt
Subjectconvertobot.com
Fingerprint75:4A:AB:25:C4:5D:F0:14:F8:9C:B1:AB:06:28:B8:D5:14:30:1C:2D
ValidityFri, 29 Mar 2024 19:38:25 GMT - Thu, 27 Jun 2024 19:38:24 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
53 kB (53342 bytes)
Hash
fe3938884e828e2e2f763dc2f3f48654
5d7ecc34d66ae825b73239787566d4489cf090fd
93aa19cadefec400f99ebdc750dc93b20bc48a2c6f50ac36521120d6fc52c7f2

HTTP Headers

GET /lib/js/gadget.js HTTP/1.1
Host: app.convertobot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:50 GMT
content-type: application/javascript
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=125107
expires: Wed, 24 Apr 2024 07:23:07 GMT
last-modified: Tue, 03 May 2022 05:42:33 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 2061583
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PMgsl0R8xaOuJZ5aX9mEtYhLEhbT2ryxTOCM5tqYa%2F4nfrH6%2B%2BhPghzPKiI4Vx2T%2FYb7QTAaNQyskQAXdY%2BqhjfFW5y%2FdjK5C3gv1ZvJ1uciJlUWvuGP20NZ92rt2IRgXNNNy%2FQ7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8761c2fc08f5712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

play.google.com/log?format=json&hasfast=true&authuser=0

142.250.74.174

200 OK

131 B

URL POST HTTP/3
play.google.com/log?format=json&hasfast=true&authuser=0
IP
142.250.74.174:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JSON text data
Size
131 B (131 bytes)
Hash
ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

HTTP Headers

POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 887
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://docs.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 18 Apr 2024 04:02:51 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

play.google.com/log?format=json&hasfast=true&authuser=0

142.250.74.174

200 OK

131 B

URL POST HTTP/3
play.google.com/log?format=json&hasfast=true&authuser=0
IP
142.250.74.174:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JSON text data
Size
131 B (131 bytes)
Hash
ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

HTTP Headers

POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 2842
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://docs.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 18 Apr 2024 04:02:51 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

i.vimeocdn.com/video/1340250125-d9bf020c04ff83b092ef1d6187adecc9c70cde2a8aee65e3beaec1286637401c-d

151.101.128.217

200 OK

120 kB

URL GET HTTP/2
i.vimeocdn.com/video/1340250125-d9bf020c04ff83b092ef1d6187adecc9c70cde2a8aee65e3beaec1286637401c-d
IP
151.101.128.217:443
ASN
#54113 FASTLY

Requested by
https://player.vimeo.com/video/662404108?h=24abf7b0dc&dnt=1&app_id=122963
Certificate
IssuerGlobalSign nv-sa
Subject*.vimeo.com
FingerprintB1:D1:17:3D:08:07:A6:93:99:18:AC:B6:E9:C5:BC:F9:01:9F:32:9F
ValidityThu, 19 Oct 2023 18:39:17 GMT - Tue, 19 Nov 2024 18:39:16 GMT

File type
ISO Media, AVIF Image
Size
120 kB (120021 bytes)
Hash
0e8d537171164d7c4f039f86ff8a1f63
899a7fb43fcea3ea10840f98cb097a5f770eaf76
00533374d7b8f15e4bfa017685e5a147fe68862d1387d4831bde2ce1b4fbe4b1

HTTP Headers

GET /video/1340250125-d9bf020c04ff83b092ef1d6187adecc9c70cde2a8aee65e3beaec1286637401c-d HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2592000
content-type: image/avif
etag: "0e8d537171164d7c4f039f86ff8a1f63"
x-viewmaster-lossless-format: automatic
via: 1.1 google, 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Thu, 18 Apr 2024 04:02:51 GMT
age: 974923
x-served-by: cache-dfw-kdal2120100-DFW, cache-hel1410026-HEL
x-cache: HIT, MISS
x-cache-hits: 38, 0
x-timer: S1713412971.236913,VS0,VE141
vary: Accept
content-length: 120021
X-Firefox-Spdy: h2

apis.google.com/js/client.js

142.250.74.110

200 OK

5.9 kB

URL GET HTTP/2
apis.google.com/js/client.js
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.apis.google.com
FingerprintE3:82:77:FB:12:E7:1E:09:41:8D:12:01:82:E8:DB:CC:47:EB:3F:57
ValidityMon, 04 Mar 2024 07:19:24 GMT - Mon, 27 May 2024 07:19:23 GMT

File type
JavaScript source, ASCII text, with very long lines (2054)
Size
5.9 kB (5905 bytes)
Hash
956abd1c4d33686ed078e1fc2a208e70
adf181b4ffe9f884d1523a9e9055b3c975c22c2f
7ad5b3ae2e3d70b78dcb34e7809635ab483d6f56f8bb224c1660c2385a3157a9

HTTP Headers

GET /js/client.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 5905
date: Thu, 18 Apr 2024 04:02:51 GMT
expires: Thu, 18 Apr 2024 04:02:51 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "3c0b77da4dd83ef7"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

apis.google.com/js/googleapis.proxy.js?onload=startup

142.250.74.110

200 OK

5.9 kB

URL GET HTTP/3
apis.google.com/js/googleapis.proxy.js?onload=startup
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__#parent=https%3A%2F%2Fdocs.google.com&rpctoken=304627719
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JavaScript source, ASCII text, with very long lines (2054)
Size
5.9 kB (5906 bytes)
Hash
7f93e0458ef1a4a7db3a3c75ef5c8f26
56f6636f85494d2dbb878e5214b95c12f71ba567
c2e9943fb0b73a7d2c5e3f3f4c076367903a0fe813bf652d7ee9af81eb150afc

HTTP Headers

GET /js/googleapis.proxy.js?onload=startup HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://content.googleapis.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 5906
date: Thu, 18 Apr 2024 04:02:51 GMT
expires: Thu, 18 Apr 2024 04:02:51 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "6a1d8767de9e733b"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.khNBx8_Cbh4.L.F4.O/am=wA/d=0/rs=AC2dHMIvFHbG72CWiW98wYQsYhImXrAZeQ

142.250.74.35

200 OK

92 kB

URL GET HTTP/3
www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.khNBx8_Cbh4.L.F4.O/am=wA/d=0/rs=AC2dHMIvFHbG72CWiW98wYQsYhImXrAZeQ
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
92 kB (91670 bytes)
Hash
51bd712308407b2de2b907d0016c01ec
c37d535a2198523f78b950c55150de00c61aa011
3259a90d2810b5baa5d4a5d97ceb3fa2d9e83604b1a2d72f5033c0c940be8b72

HTTP Headers

GET /_/apps-viewer/_/ss/k=apps-viewer.standalone.khNBx8_Cbh4.L.F4.O/am=wA/d=0/rs=AC2dHMIvFHbG72CWiW98wYQsYhImXrAZeQ HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-length: 91670
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 19:18:22 GMT
expires: Thu, 17 Apr 2025 19:18:22 GMT
cache-control: public, max-age=31536000
age: 31469
last-modified: Thu, 04 Apr 2024 07:01:39 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

constantclients.cc/wp-content/uploads/2021/09/gif-nathan-one-small.gif

66.235.200.147

200 OK

26 MB

URL GET HTTP/2
constantclients.cc/wp-content/uploads/2021/09/gif-nathan-one-small.gif
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
GIF image data, version 89a, 800 x 450
Size
26 MB (25826397 bytes)
Hash
ff9cbf550acbe064120cf44e878439c3
4b204427b01975d64999eb3759c5f171d176843a
8dedb3ac31f717a8a2b426479e0840d76c418b13ca6beb2a314d43b52ba197fc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/09/gif-nathan-one-small.gif HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/wp-content/uploads/elementor/css/post-999.css?ver=1708890611
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: image/gif
content-length: 25826397
last-modified: Sat, 27 May 2023 14:54:55 GMT
cache-control: max-age=31536000
expires: Fri, 18 Apr 2025 04:02:49 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c2f3b845b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/uploads/2021/08/cropped-icon-01-192x192.png

66.235.200.147

200 OK

9.9 kB

URL GET HTTP/2
constantclients.cc/wp-content/uploads/2021/08/cropped-icon-01-192x192.png
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
9.9 kB (9853 bytes)
Hash
e8a5b5a146bd8e4ffdc0a8c5bbb7adf5
c58b5cee35352bf22613c15cf10ceb36b9bc0b52
75cb6d31cc1ecad7a66b631b88bb4f66450ab3bfa8e87115a7ade2ff8e828be7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/08/cropped-icon-01-192x192.png HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000; _ga_MR4VREK4MN=GS1.1.1713412970.1.0.1713412970.0.0.1500175129; _ga=GA1.1.1651928891.1713412970
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:51 GMT
content-type: image/webp
content-length: 9853
x-webp-convert-log: Serving converted file
vary: Accept,Accept-Encoding
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:51 GMT
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c3002d32b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/uploads/2021/08/cropped-icon-01-32x32.png

66.235.200.147

200 OK

1.1 kB

URL GET HTTP/2
constantclients.cc/wp-content/uploads/2021/08/cropped-icon-01-32x32.png
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
1.1 kB (1059 bytes)
Hash
8c7b026aec5b1315fee8fd74a60ff598
b30b3d3a9bb3dd916d855d6ae615ffeae5e9bf62
e43810348920bf7d26653e32727554d60ea1ce7b6acf6db3e56f69a0e314e9e0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/08/cropped-icon-01-32x32.png HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000; _ga_MR4VREK4MN=GS1.1.1713412970.1.0.1713412970.0.0.1500175129; _ga=GA1.1.1651928891.1713412970
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:51 GMT
content-type: image/webp
content-length: 1059
x-webp-convert-log: Serving converted file
vary: Accept,Accept-Encoding
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:51 GMT
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c3002d33b50c-OSL
X-Firefox-Spdy: h2

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs

142.250.74.110

200 OK

28 kB

URL GET HTTP/3
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__#parent=https%3A%2F%2Fdocs.google.com&rpctoken=304627719
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JavaScript source, ASCII text, with very long lines (2124)
Size
28 kB (28126 bytes)
Hash
2756c7839e34e1bfd27282c872153e6b
4f4f889d37f2b2ce157c740b4fcc5cf431f887a5
ae27d17adcefa0111d96a7504de7fef12bcf3167ab70dc3acab6d6e32c9bef3a

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://content.googleapis.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 28126
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:07:48 GMT
expires: Fri, 11 Apr 2025 17:07:48 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 31 Mar 2024 15:20:31 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 557714
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

play.google.com/log?format=json&hasfast=true&authuser=0

142.250.74.174

200 OK

0 B

URL POST HTTP/3
play.google.com/log?format=json&hasfast=true&authuser=0
IP
142.250.74.174:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://docs.google.com/
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://docs.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 18 Apr 2024 04:03:02 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

play.google.com/log?format=json&hasfast=true&authuser=0

142.250.74.174

200 OK

131 B

URL POST HTTP/3
play.google.com/log?format=json&hasfast=true&authuser=0
IP
142.250.74.174:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JSON text data
Size
131 B (131 bytes)
Hash
ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

HTTP Headers

POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 1387
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 18 Apr 2024 04:03:02 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs

142.250.74.110

200 OK

111 kB

URL GET HTTP/3
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JavaScript source, ASCII text, with very long lines (2124)
Size
111 kB (111004 bytes)
Hash
9d8cace6dabbc78e36c4aba49c7125b1
797a2f633272abdbf1d88054fbfb3f42adc1415f
a4667786f4a20672e060bb8511e66d795c74b5cf705cd316f898cd2de4f68b43

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 111004
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:06:23 GMT
expires: Fri, 11 Apr 2025 17:06:23 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 31 Mar 2024 15:20:31 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 557799
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

play.google.com/log?format=json&hasfast=true&authuser=0

142.250.74.174

200 OK

0 B

URL POST HTTP/3
play.google.com/log?format=json&hasfast=true&authuser=0
IP
142.250.74.174:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://docs.google.com/
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 18 Apr 2024 04:03:02 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

play.google.com/log?format=json&hasfast=true&authuser=0

142.250.74.174

200 OK

131 B

URL POST HTTP/3
play.google.com/log?format=json&hasfast=true&authuser=0
IP
142.250.74.174:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JSON text data
Size
131 B (131 bytes)
Hash
ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

HTTP Headers

POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 2065
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 18 Apr 2024 04:03:02 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json

142.250.74.106

204 No Content

0 B

URL POST HTTP/3
content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__#parent=https%3A%2F%2Fdocs.google.com&rpctoken=304627719
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json HTTP/1.1
Host: content.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-ClientDetails: appVersion=5.0%20(X11)&platform=Linux%20x86_64&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0
Content-Type: application/json
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Origin: https://docs.google.com
X-Referer: https://docs.google.com
X-Goog-Encode-Response-If-Executable: base64
Content-Length: 873
Origin: https://content.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
date: Thu, 18 Apr 2024 04:03:02 GMT
vary: Origin, X-Origin
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json

142.250.74.106

204 No Content

0 B

URL POST HTTP/3
content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__#parent=https%3A%2F%2Fdocs.google.com&rpctoken=304627719
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json HTTP/1.1
Host: content.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-ClientDetails: appVersion=5.0%20(X11)&platform=Linux%20x86_64&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0
Content-Type: application/json
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Origin: https://docs.google.com
X-Referer: https://docs.google.com
X-Goog-Encode-Response-If-Executable: base64
Content-Length: 715
Origin: https://content.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin, X-Origin
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Thu, 18 Apr 2024 04:03:02 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

play.google.com/log?format=json&hasfast=true&authuser=0

142.250.74.174

200 OK

0 B

URL POST HTTP/3
play.google.com/log?format=json&hasfast=true&authuser=0
IP
142.250.74.174:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://docs.google.com/
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 18 Apr 2024 04:03:03 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

docs.google.com/viewerng/presspage?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=0

142.250.74.142

200 OK

1.0 kB

URL GET HTTP/2
docs.google.com/viewerng/presspage?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=0
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf

File type
Unicode text, UTF-8 text, with very long lines (2560)
Size
1.0 kB (1046 bytes)
Hash
b99076d7f34c8235d3b6865dd60c53fc
d4ae4c51d94683e03b7b69282067e64eeabd43a5
5ebdf0d689e628401c9916ec785778ed83eb4fc8c03bacd53b5edbdfeb70fa57

HTTP Headers

GET /viewerng/presspage?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=0 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
Alt-Used: 0

HTTP/2 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:02 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-zpWsDl-gCa-XkE9-xCNZtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=niAwwz0fzQ9A0cMBgY3GEKBbtv4wSXh8O9mInQa7En1aVG0Cvr5PYpbBM2uaQvqE-nVj9hnFOjk-kef0WqTovq1hh0JgfvuLnQe9mJsQXMOWO7Otk408H5lxYQS-heVpsgbTBdpQsS-0yMXciYJPbOSyEWmXlQy5AWShunWgeQs; expires=Fri, 18-Oct-2024 04:03:02 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
X-Firefox-Early-Data: sent

docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf

142.250.74.142

200 OK

0 B

URL GET HTTP/3
docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://constantclients.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:03 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-security-policy: script-src 'nonce-D1SZDlrE8eWo1ACdS28d4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
server: GSE
set-cookie: NID=513=KF_QS62mXR76Twx2-yCGIdjBlkDEcO6FUO4XLOxtS2Q-pC2ENqS13AjwZBF5fecFEFWKKM2aqK7l5zJAxmxOp5oqwRydaPQRlU1LAZxgYJndFGa4FaIHDt46jd39OLiqC7mmBGlPR_qwXRI3jmDtR-6pkeD9u39FI48xiNaR52c; expires=Fri, 18-Oct-2024 04:03:03 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment.min.js

104.17.24.14

200 OK

16 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (53324), with no line terminators
Size
16 kB (15508 bytes)
Hash
761502841c035afcf6a9bdc5d0a20d11
69ab16ba8ca68431ab59eff286c7ed1e520bca30
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964

HTTP Headers

GET /ajax/libs/moment.js/2.24.0/moment.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:03:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 15508
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f26-d04c"
last-modified: Mon, 04 May 2020 16:13:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 207614
expires: Tue, 08 Apr 2025 04:03:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F8wPR%2BduAVQr5snR9hn9lAU%2BBts2IUd%2F%2FSUjxlSQgbrGVUXyQAiUhTULHkfPtLRSNaMKdmnOmfhOvIWI%2FRNN5cAI4nbxWAdGYqwOy4B%2BmFuyyTFW9KCEqH453HlfFiplQVSt3r0N"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8761c34e6ac2569a-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.28/moment-timezone-with-data-1970-2030.min.js

104.17.24.14

200 OK

16 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.28/moment-timezone-with-data-1970-2030.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
16 kB (16247 bytes)
Hash
2254f17a3f253430a1e53e0eb421702a
446e6f427e47e99c4b964fe961dc274f602c6be6
a1bf4661317a1c9154c95b655a2bd4e3b9e06ba79e451dcbb62f557d47858412

HTTP Headers

GET /ajax/libs/moment-timezone/0.5.28/moment-timezone-with-data-1970-2030.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:03:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 16247
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f26-224f9"
last-modified: Mon, 04 May 2020 16:13:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2277040
expires: Tue, 08 Apr 2025 04:03:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xWPrVyNFty18xxeCY87cC5uxQUUJqBk%2BdAcAeCnN%2Fw3peJeczH2kSVUhML6G5ab9TuDcHK1CmKI82oGpNqOMnNxabnHGnPtPQLNMUctSZLQrJY5Yk3GOLE%2BydZOgptovCY3g6WG0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8761c34e7ac7569a-OSL
alt-svc: h3=":443"; ma=86400

docs.google.com/viewerng/presspage?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=1

142.250.74.142

200 OK

7.2 kB

URL GET HTTP/2
docs.google.com/viewerng/presspage?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=1
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (4163)
Size
7.2 kB (7167 bytes)
Hash
76094abeeac166c2f805a356ecb4d8ad
1f01915a495f2146f0aae9ed17121adbba1e08b3
cac9dc3965f5892721bc42619a1e132240c47780f388f172239c801456c96de5

HTTP Headers

GET /viewerng/presspage?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=1 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
Alt-Used: 0

HTTP/2 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:02 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
content-security-policy: script-src 'nonce-RElhdTiLohfS7yuQGlHIJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=EiIk44l7zTj3VerVNCltc-X1SUv0MlA4Ts3uCmWM3_MtLa9dDNXm5BygXpXiUdee2P4Kl4AlGGt-JbksNNFUA-eqBGowFkKwgv-RJRf9Qi7IxW9zYXT2qzCYfX1kSRFKulo_9JbN9W08rLlKVrZIydny7YNt41A3X2rByA9WLgs; expires=Fri, 18-Oct-2024 04:03:02 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.khNBx8_Cbh4.L.F4.O/am=wA/d=0/rs=AC2dHMIvFHbG72CWiW98wYQsYhImXrAZeQ

142.250.74.35

200 OK

92 kB

URL GET HTTP/3
www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.khNBx8_Cbh4.L.F4.O/am=wA/d=0/rs=AC2dHMIvFHbG72CWiW98wYQsYhImXrAZeQ
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
92 kB (91670 bytes)
Hash
51bd712308407b2de2b907d0016c01ec
c37d535a2198523f78b950c55150de00c61aa011
3259a90d2810b5baa5d4a5d97ceb3fa2d9e83604b1a2d72f5033c0c940be8b72

HTTP Headers

GET /_/apps-viewer/_/ss/k=apps-viewer.standalone.khNBx8_Cbh4.L.F4.O/am=wA/d=0/rs=AC2dHMIvFHbG72CWiW98wYQsYhImXrAZeQ HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-length: 91670
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 19:18:22 GMT
expires: Thu, 17 Apr 2025 19:18:22 GMT
cache-control: public, max-age=31536000
age: 31483
last-modified: Thu, 04 Apr 2024 07:01:39 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

docs.google.com/viewerng/presspage?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=3

142.250.74.142

200 OK

492 kB

URL GET HTTP/2
docs.google.com/viewerng/presspage?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=3
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (4502)
Size
492 kB (491479 bytes)
Hash
38ade08c47b1b0156a1b6d7d05e963c4
eb92e093111da01c42be7fc5581f36ec62a4d25c
b1f1afd161e9b331caada310b8f603ff20c588996ef609492f2167e1a7cdfecc

HTTP Headers

GET /viewerng/presspage?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=3 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:02 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-security-policy: script-src 'nonce-p2JcL-LmRuOJcw85FJSzfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=mOP__vUgD6dzvzdWTbezJP5fMe_62OUwWKixG-aMhgYkhW98QCVocRS9O5PfiYoDRdpS1gkczkL2mU7mi2gu9gGUl_gxeUIC_fQyz6HZDcU_HPgv6r-SBlci48IMGD0c4ztVV6kgVbZv2c0ToH2furxMInoxZEjBJ09bkXb1n-8; expires=Fri, 18-Oct-2024 04:03:02 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

app.convertobot.com/lib/img/close-icon.png

172.67.145.237

200 OK

425 B

URL GET HTTP/2
app.convertobot.com/lib/img/close-icon.png
IP
172.67.145.237:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerLet's Encrypt
Subjectconvertobot.com
Fingerprint75:4A:AB:25:C4:5D:F0:14:F8:9C:B1:AB:06:28:B8:D5:14:30:1C:2D
ValidityFri, 29 Mar 2024 19:38:25 GMT - Thu, 27 Jun 2024 19:38:24 GMT

File type
PNG image data, 48 x 48, 4-bit colormap, non-interlaced
Size
425 B (425 bytes)
Hash
d07ae5d5b34fce5e08f624b40088de4d
c384a0fc3b0bdb3c1517c26806b879200d57295a
49f58876aafb5da4976c34b088a70c93c06624fedfa06dbb819aeb36d4d8cf5b

HTTP Headers

GET /lib/img/close-icon.png HTTP/1.1
Host: app.convertobot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:03:05 GMT
content-type: image/png
content-length: 425
last-modified: Fri, 06 Nov 2020 12:15:04 GMT
cache-control: max-age=2592000
expires: Tue, 23 Apr 2024 10:15:44 GMT
cf-cache-status: HIT
age: 2137640
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LD2a8txuBq2gtQCdXFKAfdCo1ngsr1vHLsUtyueZN9Ayljsh7whdfWgC568L9DVkhiE2XLceYOv2hTnqYGjbmgiiptihpI0RD%2FAYCjkkNWMEET9PxtsHqYAkRK8TEEG83YCvMcYH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c3557d65712e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml

35.244.181.201

444 B

URL
aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP
35.244.181.201:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
XML 1.0 document, ASCII text, with very long lines (332)
Size
444 B (444 bytes)
Hash
3b324dec137a87ef7e24a30a65b13dd0
c0faa95b2f1018e264b3a14aaf50d1003e6c27b3
6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463

HTTP Headers

GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-05-20-00-15-28.chain; p384ecdsa=Htp3fDT5nlE5VgguY-QIGuislwvfy6Qo4vna9O2pJnhj057TCYjK4Jw0zo0BfZ7kdfTGJYqMeWrdWZNJwt6iFPaWvUFnHNiqbpZx8-h2yY5m9hwbIH4nqEXHvmz0Ws0y
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: MISS
content-encoding: gzip
via: 1.1 google
date: Thu, 18 Apr 2024 04:01:55 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 70
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2

docs.google.com/viewerng/img?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=0&w=800

142.250.74.142

200 OK

657 kB

URL GET HTTP/2
docs.google.com/viewerng/img?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=0&w=800
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
PNG image data, 800 x 1131, 8-bit/color RGB, non-interlaced
Size
657 kB (657041 bytes)
Hash
0a4f68278be5b13c627ceefda3a702dd
8e6aff9026968f4436ff4d08bb4ee6ab2d87d6cc
d9df688572ef3be438f3bf2e6194ec8b60e61dc7adf1f8b9c704c6cc749d67d2

HTTP Headers

GET /viewerng/img?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=0&w=800 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
Alt-Used: 0

HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:03 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-security-policy: script-src 'nonce-a3nQod5uIZaMbKok9KJbpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=MteoXbUeWbI8fXNMFT2i3zjoHm-LabGImG_9aPPwqelepiD4uOeaMglrqdDg7kxZ4eZYcatrBh46Wt1fmnGPTsSKwhUtbrvrDPxXiZZycnCJjCsrnp8O7JauZza3DfsodS53e8QhlzKO0B_wJBRGtYAUmcxFHDZtNeZHgw3Bux8; expires=Fri, 18-Oct-2024 04:03:02 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs

142.250.74.110

200 OK

111 kB

URL GET HTTP/3
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JavaScript source, ASCII text, with very long lines (2124)
Size
111 kB (111004 bytes)
Hash
9d8cace6dabbc78e36c4aba49c7125b1
797a2f633272abdbf1d88054fbfb3f42adc1415f
a4667786f4a20672e060bb8511e66d795c74b5cf705cd316f898cd2de4f68b43

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 111004
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:06:23 GMT
expires: Fri, 11 Apr 2025 17:06:23 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 31 Mar 2024 15:20:31 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 557802
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

drive.google.com/auth_warmup

142.250.74.46

200 OK

0 B

URL GET HTTP/2
drive.google.com/auth_warmup
IP
142.250.74.46:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /auth_warmup HTTP/1.1
Host: drive.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:05 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000
cross-origin-resource-policy: same-site
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-MSez7scEM9H7hYlmgTT7lQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveOsidBootstrap/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints: default="/_/DriveOsidBootstrap/web-reports?context=eJzjEtDikmJw0JBicEqfwRoCxEI8HD-3NW1kEzgwrW0LEwBxdQk5"
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=513=KELLN9WqjqnklJmBe5LVjfZ11W0OfFCsiyy0GIDsTPXJWxjDBYYQjcUgBfSORPHJPs2tgEd02I7vzQimqtQqrPVX_0iVqNnAHj8wKYEekuIy-wgaqWJUNvoKM0-2xnegpotuEMNh0GWC4sOfmWIZsb58vb6zbnpCFZGeTS7AMy8; expires=Fri, 18-Oct-2024 04:03:05 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/feedback/js/help/prod/service/lazy.min.js

142.250.74.35

200 OK

37 kB

URL GET HTTP/3
www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
JavaScript source, ASCII text, with very long lines (3383)
Size
37 kB (36935 bytes)
Hash
4d95791a35ae95bd11b6f6d7e880ff93
23f70202a367d2b280f2560bbec29b1c9eee5e66
15ce60ae9fdb72f42e3c0baf6010b4b1c55cb5f80f22e430d21bfc1d6886ec7a

HTTP Headers

GET /feedback/js/help/prod/service/lazy.min.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="product-feedback-gathering"
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-length: 36935
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 03:57:37 GMT
expires: Thu, 18 Apr 2024 04:47:37 GMT
cache-control: public, max-age=3000
last-modified: Tue, 16 Apr 2024 14:54:38 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 328
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

play.google.com/log?format=json&hasfast=true&authuser=0

142.250.74.174

200 OK

0 B

URL POST HTTP/3
play.google.com/log?format=json&hasfast=true&authuser=0
IP
142.250.74.174:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://docs.google.com/
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 18 Apr 2024 04:03:05 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

play.google.com/log?format=json&hasfast=true&authuser=0

142.250.74.174

200 OK

131 B

URL POST HTTP/3
play.google.com/log?format=json&hasfast=true&authuser=0
IP
142.250.74.174:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JSON text data
Size
131 B (131 bytes)
Hash
ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

HTTP Headers

POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 887
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 18 Apr 2024 04:03:05 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ssl.gstatic.com/docs/common/viewer/v3/v-sprite56.svg

142.250.74.35

200 OK

50 kB

URL GET HTTP/3
ssl.gstatic.com/docs/common/viewer/v3/v-sprite56.svg
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
SVG Scalable Vector Graphics image
Size
50 kB (50079 bytes)
Hash
ba7ab7044d6c6c0240c3917858948cff
3b840b104cb3d74d5a35fbd193aca32d27815d3e
0189f7c6ed35a7be5e51a30366fbc54c9c9e27d2511db44895d85a1458f83ab5

HTTP Headers

GET /docs/common/viewer/v3/v-sprite56.svg HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-length: 50079
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 15:15:27 GMT
expires: Tue, 15 Apr 2025 15:15:27 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 15 Feb 2024 22:18:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
age: 218858
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

play.google.com/log?format=json&hasfast=true&authuser=0

142.250.74.174

200 OK

0 B

URL POST HTTP/3
play.google.com/log?format=json&hasfast=true&authuser=0
IP
142.250.74.174:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://docs.google.com/
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 18 Apr 2024 04:03:05 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

142.250.74.106

274 B

URL
content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text
Size
274 B (274 bytes)
Hash
852248a3678ca99deb12e20a87f25eea
dea97017386ef5bc1ee68defe857a0518cf88e4a
1af3baed91cd60566531f356f4aa73b55b1cbed787499ba5d567fca0a0233697

HTTP Headers

GET /static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__ HTTP/1.1
Host: content.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce-EEaih3g7dRhf7NP6SgG7SQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none', require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apiserving"
report-to: {"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
content-length: 274
date: Thu, 18 Apr 2024 04:03:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Tue, 12 Mar 2024 05:08:00 GMT
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp; report-to="apiserving"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

play.google.com/log?format=json&hasfast=true&authuser=0

142.250.74.174

200 OK

131 B

URL POST HTTP/3
play.google.com/log?format=json&hasfast=true&authuser=0
IP
142.250.74.174:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JSON text data
Size
131 B (131 bytes)
Hash
ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

HTTP Headers

POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 2842
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 18 Apr 2024 04:03:05 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

apis.google.com/js/googleapis.proxy.js?onload=startup

142.250.74.110

200 OK

5.9 kB

URL GET HTTP/3
apis.google.com/js/googleapis.proxy.js?onload=startup
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__#parent=https%3A%2F%2Fdocs.google.com&rpctoken=304627719
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JavaScript source, ASCII text, with very long lines (2054)
Size
5.9 kB (5906 bytes)
Hash
7f93e0458ef1a4a7db3a3c75ef5c8f26
56f6636f85494d2dbb878e5214b95c12f71ba567
c2e9943fb0b73a7d2c5e3f3f4c076367903a0fe813bf652d7ee9af81eb150afc

HTTP Headers

GET /js/googleapis.proxy.js?onload=startup HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://content.googleapis.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 5906
date: Thu, 18 Apr 2024 04:03:05 GMT
expires: Thu, 18 Apr 2024 04:03:05 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "6a1d8767de9e733b"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs

142.250.74.110

200 OK

28 kB

URL GET HTTP/3
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__#parent=https%3A%2F%2Fdocs.google.com&rpctoken=304627719
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JavaScript source, ASCII text, with very long lines (2124)
Size
28 kB (28126 bytes)
Hash
2756c7839e34e1bfd27282c872153e6b
4f4f889d37f2b2ce157c740b4fcc5cf431f887a5
ae27d17adcefa0111d96a7504de7fef12bcf3167ab70dc3acab6d6e32c9bef3a

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://content.googleapis.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 28126
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:07:48 GMT
expires: Fri, 11 Apr 2025 17:07:48 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 31 Mar 2024 15:20:31 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 557717
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

play.google.com/log?format=json&hasfast=true&authuser=0

142.250.74.174

200 OK

0 B

URL POST HTTP/3
play.google.com/log?format=json&hasfast=true&authuser=0
IP
142.250.74.174:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://docs.google.com/
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 18 Apr 2024 04:03:06 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

play.google.com/log?format=json&hasfast=true&authuser=0

142.250.74.174

200 OK

131 B

URL POST HTTP/3
play.google.com/log?format=json&hasfast=true&authuser=0
IP
142.250.74.174:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JSON text data
Size
131 B (131 bytes)
Hash
ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

HTTP Headers

POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 5206
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 18 Apr 2024 04:03:06 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json

142.250.74.106

204 No Content

0 B

URL POST HTTP/3
content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__#parent=https%3A%2F%2Fdocs.google.com&rpctoken=304627719
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json HTTP/1.1
Host: content.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-ClientDetails: appVersion=5.0%20(X11)&platform=Linux%20x86_64&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0
Content-Type: application/json
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Origin: https://docs.google.com
X-Referer: https://docs.google.com
X-Goog-Encode-Response-If-Executable: base64
Content-Length: 715
Origin: https://content.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
cache-control: no-cache, no-store, max-age=0, must-revalidate
vary: Origin, X-Origin
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Thu, 18 Apr 2024 04:03:06 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

docs.google.com/viewerng/img?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=1&w=800

142.250.74.142

200 OK

128 kB

URL GET HTTP/3
docs.google.com/viewerng/img?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=1&w=800
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
PNG image data, 800 x 1131, 8-bit/color RGB, non-interlaced
Size
128 kB (127494 bytes)
Hash
88153964c9f884c546b1a2b6c5a309d4
d5af6ef1d4d3e8f825d7bde4e8a6c315ea3e5ea4
8831ac3ceb0eeb51dda5b80b89dc1c17029386e375cb90a309f8bb7311adadf1

HTTP Headers

GET /viewerng/img?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=1&w=800 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:06 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-zAmP8GTulP_99V5Lciby9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=LDvs969BuGIUBDdYDxTDI4AU8ajCP90S8UPOk5pdhlRcUqDyz1AWeihRRH-OgpEeritkl-rGNltt-14UkLkalhq2L-NCKK5cdmWCdInhmuTpDaLPtEa2aJg1bQcp28o9zX1gpaQ0h1XCle2ay2Bv42aoOw0KOwSef8Fym4qHRic; expires=Fri, 18-Oct-2024 04:03:06 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

docs.google.com/viewerng/presspage?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=2

142.250.74.142

200 OK

1.7 kB

URL GET HTTP/2
docs.google.com/viewerng/presspage?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=2
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
Unicode text, UTF-8 text, with very long lines (4272)
Size
1.7 kB (1680 bytes)
Hash
d01930d8f9eed45f01e3e1a4de3d01b6
2c8fbafebcfc83148d0ce105237492e6432503de
3e386414b00b9770754e0b50aece8f0ef4af6404e74cef259d8b29632705bbb0

HTTP Headers

GET /viewerng/presspage?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=2 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
Alt-Used: 0

HTTP/2 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:02 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-security-policy: script-src 'nonce-vo2GnRvVUJpisn-UgWoKtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=ebYTye0zJdX4gmWepyDdNiOHplSWgSMRPcIPHrDWBemYgYaKv0hGGLMIjF1NeLXTvFPvhXOIdlfSn1k2RgaIcgnuQ6tiFTuD50fYXs3Oy_GhJY0ah_YXFEiocfE4cpsKpwMswxGKvfupaxrOJeIWzCxynVSr2mtTvpaP6jFVAF8; expires=Fri, 18-Oct-2024 04:03:02 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json

142.250.74.106

204 No Content

0 B

URL POST HTTP/3
content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__#parent=https%3A%2F%2Fdocs.google.com&rpctoken=304627719
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json HTTP/1.1
Host: content.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-ClientDetails: appVersion=5.0%20(X11)&platform=Linux%20x86_64&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0
Content-Type: application/json
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Origin: https://docs.google.com
X-Referer: https://docs.google.com
X-Goog-Encode-Response-If-Executable: base64
Content-Length: 1468
Origin: https://content.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
date: Thu, 18 Apr 2024 04:03:06 GMT
pragma: no-cache
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT
vary: Origin, X-Origin
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

docs.google.com/viewerng/presspage?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=0

142.250.74.142

200 OK

246 kB

URL GET HTTP/3
docs.google.com/viewerng/presspage?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=0
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size
246 kB (246433 bytes)
Hash
c46df1353c7df463ecf1017c2bc2d205
b7afa1596c32a1fa3230968cca135bcf2c58cf18
e00a7a94df851cfe3fa0da74834cdd50b30ceb8229276c1c36fa3de3d8b0a0df

HTTP Headers

GET /viewerng/presspage?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=0 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:06 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
content-security-policy: script-src 'nonce-_cULtRMXE8BCutw-gwrRhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=hI_En_atmGaVo8kd2Bu197-GMKr-ltpxkjOKceTqOXJu_glEByx1G4__vZXvS87yYvbO0h91XGBcnMx3FxeQFKzwl9lKkxOKjJBiiKn6Jh2vr_R3TwS9o8J0aAhw8lR-HW37Y6_P8OUhtTR2k2wVQnRHjUZmkOM3d_iMEFQ4nqs; expires=Fri, 18-Oct-2024 04:03:06 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

play.google.com/log?format=json&hasfast=true&authuser=0

142.250.74.174

200 OK

0 B

URL POST HTTP/3
play.google.com/log?format=json&hasfast=true&authuser=0
IP
142.250.74.174:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://docs.google.com/
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 18 Apr 2024 04:03:08 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

play.google.com/log?format=json&hasfast=true&authuser=0

142.250.74.174

200 OK

131 B

URL POST HTTP/3
play.google.com/log?format=json&hasfast=true&authuser=0
IP
142.250.74.174:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JSON text data
Size
131 B (131 bytes)
Hash
ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

HTTP Headers

POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 5204
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 18 Apr 2024 04:03:08 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

play.google.com/log?format=json&hasfast=true&authuser=0

142.250.74.174

200 OK

0 B

URL POST HTTP/3
play.google.com/log?format=json&hasfast=true&authuser=0
IP
142.250.74.174:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://docs.google.com/
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 18 Apr 2024 04:03:17 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

play.google.com/log?format=json&hasfast=true&authuser=0

142.250.74.174

200 OK

131 B

URL POST HTTP/3
play.google.com/log?format=json&hasfast=true&authuser=0
IP
142.250.74.174:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JSON text data
Size
131 B (131 bytes)
Hash
ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

HTTP Headers

POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 1363
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 18 Apr 2024 04:03:17 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.en_US.cdJChLL3Kzs.O/am=wA/d=1/rs=AC2dHMJ-UPcpj1TrAIHbwPz2NVftQIDTdQ/m=main

142.250.74.35

200 OK

71 kB

URL GET HTTP/3
www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.en_US.cdJChLL3Kzs.O/am=wA/d=1/rs=AC2dHMJ-UPcpj1TrAIHbwPz2NVftQIDTdQ/m=main
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
gzip compressed data
Size
71 kB (71314 bytes)
Hash
51fc9d86e3fd07d82c188bf54aaeb859
bd0e3c31bbef692c5479a444a9b6630a20982bf5
d6dd4d526e3dfab864bddafabdc151ffda70dfa8d7ca1dcc23ebb5fcb2e12e62

HTTP Headers

GET /_/apps-viewer/_/js/k=apps-viewer.standalone.en_US.cdJChLL3Kzs.O/am=wA/d=1/rs=AC2dHMJ-UPcpj1TrAIHbwPz2NVftQIDTdQ/m=main HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-length: 489997
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 18:11:41 GMT
expires: Thu, 17 Apr 2025 18:11:41 GMT
cache-control: public, max-age=31536000
age: 35470
last-modified: Thu, 04 Apr 2024 11:03:01 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

play.google.com/log?format=json&hasfast=true&authuser=0

142.250.74.174

200 OK

131 B

URL POST HTTP/3
play.google.com/log?format=json&hasfast=true&authuser=0
IP
142.250.74.174:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JSON text data
Size
131 B (131 bytes)
Hash
ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

HTTP Headers

POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 1363
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 18 Apr 2024 04:03:17 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

docs.google.com/viewerng/img?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=3&w=800

142.250.74.142

200 OK

231 kB

URL GET HTTP/3
docs.google.com/viewerng/img?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=3&w=800
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
PNG image data, 800 x 1131, 8-bit/color RGB, non-interlaced
Size
231 kB (230801 bytes)
Hash
63dbf2f98149a59ab77e73886e123161
6b515bb44f20ed74a985c2cdefee7a08eda85f6d
2ae0a5e6409e499d1f9770566f663401ee5e4b151b50051c7cfa766c524b27b0

HTTP Headers

GET /viewerng/img?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=3&w=800 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:06 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
content-security-policy: script-src 'nonce-FrZocggm4el0Co5zxI0BlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=HLrfsAf1gj1K4id6Ggy2uuw2bCy__9CRxaMSKX0DJ-pEYuPDDY2gvUOFttnQ2OGpokWQXeMcGqEt1H4KONwAJUyWL1GhFMjqDzuz8yrA9FqIy27PwwcyHEVYtCcvIvTH4CdeuaBb7cIjao-m14FP_JjTWe1fW2CxpxOrLxRqRvE; expires=Fri, 18-Oct-2024 04:03:06 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

constantclients.cc/wp-content/plugins/popup-builder/public/js/PopupBuilder.js?ver=4.2.7

66.235.200.147

200 OK

82 kB

URL GET HTTP/2
constantclients.cc/wp-content/plugins/popup-builder/public/js/PopupBuilder.js?ver=4.2.7
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type

Size
82 kB (82073 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/popup-builder/public/js/PopupBuilder.js?ver=4.2.7 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
last-modified: Tue, 20 Feb 2024 20:09:50 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
server: cloudflare
cf-ray: 8761c2edbd4bb50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/themes/mesmerize/style.min.css?ver=1.6.109

66.235.200.147

200 OK

181 kB

URL GET HTTP/2
constantclients.cc/wp-content/themes/mesmerize/style.min.css?ver=1.6.109
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
181 kB (181087 bytes)
Hash
7527d5e0b455fb469701e0835ca20ac5
88abd8f182c298178502ceadeb32a814d5bb5dd1
4af950d27d1ca08f7edf1e344722c92459fdf4adc55085514df27ad58fe0809e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/mesmerize/style.min.css?ver=1.6.109 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
last-modified: Sat, 27 May 2023 14:54:47 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
server: cloudflare
cf-ray: 8761c2ed9d2eb50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

66.235.200.147

200 OK

88 kB

URL GET HTTP/2
constantclients.cc/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
88 kB (87553 bytes)
Hash
826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
last-modified: Tue, 07 Nov 2023 20:03:53 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
server: cloudflare
cf-ray: 8761c2edbd43b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/New/Auth/sf_rand_string_lowercase6/YWphaW5AY2FzdGxlYnJhbmRzaW5jLmNvbQ==

66.235.200.147

301 Moved Permanently

187 kB

URL User Request GET HTTP/2
constantclients.cc/New/Auth/sf_rand_string_lowercase6/YWphaW5AY2FzdGxlYnJhbmRzaW5jLmNvbQ==
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type

Size
187 kB (186857 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /New/Auth/sf_rand_string_lowercase6/YWphaW5AY2FzdGxlYnJhbmRzaW5jLmNvbQ== HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Thu, 18 Apr 2024 04:02:47 GMT
content-type: text/html; charset=UTF-8
location: https://constantclients.cc
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
vary: Accept-Encoding
set-cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000; path=/; domain=.constantclients.cc; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8761c2df0e77b50c-OSL
X-Firefox-Spdy: h2

gtm.constantclients.cc/g/collect?v=2&tid=G-MR4VREK4MN&gtm=45je44f0v884890645z8854588744za200&_p=1713412969423&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1651928891.1713412970&ecid=1500175129&ul=en-us&sr=1280x1024&_fplc=0&ur=NO-03&pscdl=noapi&sst.etld=google.no&sst.gcsub=region1&sst.gcd=13l3l3l2l1&sst.tft=1713412969423&sst.ude=0&_s=2&sid=1713412970&sct=1&seg=0&dl=https%3A%2F%2Fconstantclients.cc%2F&dt=Home%20-%20Constant%20Clients%20Inc&en=view_item&ep.event_id=1713412969699.107181.3&tfd=4575&richsstsse

0.0.0.0

0 B

URL GET
gtm.constantclients.cc/g/collect?v=2&tid=G-MR4VREK4MN&gtm=45je44f0v884890645z8854588744za200&_p=1713412969423&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1651928891.1713412970&ecid=1500175129&ul=en-us&sr=1280x1024&_fplc=0&ur=NO-03&pscdl=noapi&sst.etld=google.no&sst.gcsub=region1&sst.gcd=13l3l3l2l1&sst.tft=1713412969423&sst.ude=0&_s=2&sid=1713412970&sct=1&seg=0&dl=https%3A%2F%2Fconstantclients.cc%2F&dt=Home%20-%20Constant%20Clients%20Inc&en=view_item&ep.event_id=1713412969699.107181.3&tfd=4575&richsstsse
IP
0.0.0.0:0
ASN
#0

Requested by
https://constantclients.cc/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /g/collect?v=2&tid=G-MR4VREK4MN&gtm=45je44f0v884890645z8854588744za200&_p=1713412969423&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1651928891.1713412970&ecid=1500175129&ul=en-us&sr=1280x1024&_fplc=0&ur=NO-03&pscdl=noapi&sst.etld=google.no&sst.gcsub=region1&sst.gcd=13l3l3l2l1&sst.tft=1713412969423&sst.ude=0&_s=2&sid=1713412970&sct=1&seg=0&dl=https%3A%2F%2Fconstantclients.cc%2F&dt=Home%20-%20Constant%20Clients%20Inc&en=view_item&ep.event_id=1713412969699.107181.3&tfd=4575&richsstsse HTTP/1.1
Host: gtm.constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://constantclients.cc
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000; _ga_MR4VREK4MN=GS1.1.1713412970.1.0.1713412970.0.0.1500175129; _ga=GA1.1.1651928891.1713412970
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

142.250.74.106

200 OK

382 B

URL GET HTTP/3
content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
HTML document, ASCII text, with very long lines (407), with no line terminators
Size
382 B (382 bytes)
Hash
d25ac582dc852661977a38c57987aff0
17b333f8aca6d7247502562eda702659ca08b5f0
184aa8a407270df041445247e3140dcfe1a279ca59d774c64ff17ba2d92db2ee

HTTP Headers

GET /static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__ HTTP/1.1
Host: content.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce-EEaih3g7dRhf7NP6SgG7SQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none', require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apiserving"
report-to: {"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
content-length: 274
date: Thu, 18 Apr 2024 04:03:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Tue, 12 Mar 2024 05:08:00 GMT
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp; report-to="apiserving"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

gtm.constantclients.cc/g/collect?v=2&tid=G-MR4VREK4MN&gtm=45je44f0v884890645z8854588744za200&_p=1713412969423&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1651928891.1713412970&ecid=1500175129&ul=en-us&sr=1280x1024&_fplc=0&ur=NO-03&pscdl=noapi&sst.etld=google.no&sst.gcsub=region1&sst.gcd=13l3l3l2l1&sst.tft=1713412969423&sst.ude=0&_s=1&sid=1713412970&sct=1&seg=0&dl=https%3A%2F%2Fconstantclients.cc%2F&dt=Home%20-%20Constant%20Clients%20Inc&en=page_view&_fv=1&_nsi=1&_ss=1&ep.event_id=1713412969699.107181.2&tfd=4017&richsstsse

0.0.0.0

0 B

URL GET
gtm.constantclients.cc/g/collect?v=2&tid=G-MR4VREK4MN&gtm=45je44f0v884890645z8854588744za200&_p=1713412969423&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1651928891.1713412970&ecid=1500175129&ul=en-us&sr=1280x1024&_fplc=0&ur=NO-03&pscdl=noapi&sst.etld=google.no&sst.gcsub=region1&sst.gcd=13l3l3l2l1&sst.tft=1713412969423&sst.ude=0&_s=1&sid=1713412970&sct=1&seg=0&dl=https%3A%2F%2Fconstantclients.cc%2F&dt=Home%20-%20Constant%20Clients%20Inc&en=page_view&_fv=1&_nsi=1&_ss=1&ep.event_id=1713412969699.107181.2&tfd=4017&richsstsse
IP
0.0.0.0:0
ASN
#0

Requested by
https://constantclients.cc/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /g/collect?v=2&tid=G-MR4VREK4MN&gtm=45je44f0v884890645z8854588744za200&_p=1713412969423&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1651928891.1713412970&ecid=1500175129&ul=en-us&sr=1280x1024&_fplc=0&ur=NO-03&pscdl=noapi&sst.etld=google.no&sst.gcsub=region1&sst.gcd=13l3l3l2l1&sst.tft=1713412969423&sst.ude=0&_s=1&sid=1713412970&sct=1&seg=0&dl=https%3A%2F%2Fconstantclients.cc%2F&dt=Home%20-%20Constant%20Clients%20Inc&en=page_view&_fv=1&_nsi=1&_ss=1&ep.event_id=1713412969699.107181.2&tfd=4017&richsstsse HTTP/1.1
Host: gtm.constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://constantclients.cc
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000; _ga_MR4VREK4MN=GS1.1.1713412970.1.0.1713412970.0.0.1500175129; _ga=GA1.1.1651928891.1713412970
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf

142.250.74.142

200 OK

8.6 kB

URL GET HTTP/2
docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://constantclients.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
HTML document, ASCII text, with very long lines (8833), with no line terminators
Size
8.6 kB (8589 bytes)
Hash
06d853172f60f88a516fd3e2c4fb0c7c
c6ed1eed77e960dd8e9666e0669a37646765e8bf
dc6b35f371bd2652aa4823c4cecdc79978661eac8fe42d489fa81ff68b3c66b7

HTTP Headers

GET /gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:02:49 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-security-policy: script-src 'nonce-mI97f3_OEXwQwmeKS3PYlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=JJ7Uy51zuvABnzJUZasH6FBiMQcA7b09eaeGycVzKLTN0VuHBC1jod_ufeWJvWK38sbfuIrLuFQEB6AZD6wyYjJLfi3NW8nvp2lKdjfstF5sBSyWl999arhOeJY4NkxymRKU5g5pKZPOkws4B5t8UVVEsuvata3r1UMpHApAaqM; expires=Fri, 18-Oct-2024 04:02:49 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

docs.google.com/viewerng/img?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=3&w=800

142.250.74.142

200 OK

224 kB

URL GET HTTP/2
docs.google.com/viewerng/img?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=3&w=800
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
PNG image data, 800 x 1131, 8-bit/color RGB, non-interlaced
Size
224 kB (224043 bytes)
Hash
32462fb28cc7e63f5071968dfcc64bea
9022437de3b5114b6e2556a36f227f3914c770aa
14efd614d18cb7e1bbbf7b5322e6420a61ac627f4d8a2ad35450d77866fa56a6

HTTP Headers

GET /viewerng/img?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=3&w=800 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:03 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
content-security-policy: script-src 'nonce-jmJnOM__jX-NnlFmjY5oDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=QrpmD7teOr8RSBXcxTjEQQVcQqQ6vSJ88hjCUtLD7fQtSru9umD43evWFOFv9UZykyfyDj28B0GOibIgOX3m4PId6r-iQlwiHqMSU9uEn5ZWgAvyZ7zHEBY5dMQpmFNA9ySfz1K8NLKl4stcotfUF5mfcjemycIXHn2uMk0glGM; expires=Fri, 18-Oct-2024 04:03:02 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

docs.google.com/viewerng/presspage?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=3

142.250.74.142

200 OK

4.7 kB

URL GET HTTP/3
docs.google.com/viewerng/presspage?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=3
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
Unicode text, UTF-8 text, with very long lines (4995), with no line terminators
Size
4.7 kB (4716 bytes)
Hash
27a70c0486570ec3acab9686111b829a
d15b1148e70f4996711e66f5ceaa2b5c1adb3838
ced12e7ed6d750cc636312fbe0d1a4d92ad2b47b94736374fc816f95a3d913bf

HTTP Headers

GET /viewerng/presspage?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=3 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:06 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-security-policy: script-src 'nonce-SUfCEzqq5Z-7_a9baB-avw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=XnJ27CJTK9duMRuh0WPHbnHgCHPcrdOCgts1FWMELUdWEH6_yX53J2H2kqMlH4dy671iM7KnB63bJvzZC2asdqZ8qQdMjWD_q6qOiPzTC_SbrjxT8gf_gXExSGx3ijCe4IfsH2PXarReZc6JGGotDyVNB6JLFbBMor5FNwR-PKM; expires=Fri, 18-Oct-2024 04:03:06 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

constantclients.cc/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.21.0

66.235.200.147

200 OK

63 kB

URL GET HTTP/2
constantclients.cc/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.21.0
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type

Size
63 kB (63265 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.21.0 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
server: cloudflare
cf-ray: 8761c2ee0d9cb50c-OSL
X-Firefox-Spdy: h2

static.addtoany.com/menu/sm.25.html

172.67.39.148

200 OK

716 B

URL GET HTTP/3
static.addtoany.com/menu/sm.25.html
IP
172.67.39.148:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD
ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT

File type
HTML document, ASCII text, with very long lines (744), with no line terminators
Size
716 B (716 bytes)
Hash
c3c97893ca5c74e7504aa4ec474ea41b
cdccb12d7e73682e0e807107243ede7d5e14c962
b79f65e9ffe3bad9bd9cdcffed0758430f7eb1a630c368dc173eecdeb2821f00

HTTP Headers

GET /menu/sm.25.html HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XqYdf3zT6f5djRXIIJwMp9CmOr869HlwkvaSLOezMHs8bCNXKhchHrxUkAX8VobSQtGTx9av1ds6j%2BrAMbeIHt6gjCWQ%2F0%2FDDuSz%2BYQMTMfH9cMBRVSXt9wfmQ0xD6qcBrOg5iLUMVJymypfmtsURYC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 6912
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8761c2f4180b5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

docs.google.com/viewerng/img?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=2&w=800

142.250.74.142

200 OK

128 kB

URL GET HTTP/2
docs.google.com/viewerng/img?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=2&w=800
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
PNG image data, 800 x 1131, 8-bit/color RGB, non-interlaced
Size
128 kB (128322 bytes)
Hash
85038dfd4b714c1c3ef6dfc2cc86ef58
f790758b6d71a60c2b8eade8a8aa615706272452
9349c1a65f75080a47335a6779321c524a903b9e982685451b3cb44feca3faef

HTTP Headers

GET /viewerng/img?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=2&w=800 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:02 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-zbx_jEUcTu0KrJltEL-3eA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=SqzZjW5GrUNYEGZ86kPvd7U4S392MYAASnWPRf4KrJkjLFDiZPgpfcPOv_vuqXuLO_oAxk5iM8SuOUcHwfkQ-XrGGl8iA2LwE-_VufeMDwDnfQkqiUSopy5Thrnr7Mq5zR_8E00ycA9SYXfgAkFGg4iEa2ZcQjV_hB8h_zjt0Gc; expires=Fri, 18-Oct-2024 04:03:02 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

142.250.74.106

200 OK

382 B

URL GET HTTP/3
content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
HTML document, ASCII text, with very long lines (407), with no line terminators
Size
382 B (382 bytes)
Hash
735c031e1eec1e32c4f76e15a3b313ec
987264f06a776690551b1c4e88f70a9f4512966b
45448ea71db0ebc1d264cb006e425d03269cef8d807bd0db4e91621642e47cf7

HTTP Headers

GET /static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__ HTTP/1.1
Host: content.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce-gOoAJoVTXG5WCnFdA-SXVw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none', require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apiserving"
report-to: {"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
content-length: 272
date: Thu, 18 Apr 2024 04:02:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Tue, 12 Mar 2024 05:08:00 GMT
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp; report-to="apiserving"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

docs.google.com/viewerng/meta?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol

142.250.74.142

200 OK

36 B

URL GET HTTP/3
docs.google.com/viewerng/meta?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
ASCII text, with no line terminators
Size
36 B (36 bytes)
Hash
45b006a58c64ecff5875ec96ef28e7ff
826b015d0c38cae990dbfef89fc1158c35b0cfad
5cfed5b80fb83f2dcae2d34ab23ec8be84c795cbf191b4bf62e1833a27421062

HTTP Headers

GET /viewerng/meta?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:05 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
content-security-policy: script-src 'nonce-eTRcjnwfmD3WCN3B8WxjQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=Bjkl6Di4AxMkczcxrE8DvTTzODZu2Fywc_gjZW8CEuj-UU_ViRD6DFiMTT8TJp66G3frPKNpMJDkcODwWMmiLKsQ3lIIIELhCoIex-x-SAU51rgjRQ_pMjYHdSXNJpY5e_7tckrfKvtML6Cp0mhXk5x9ge8cU_XH9xzl1Oqyv74; expires=Fri, 18-Oct-2024 04:03:05 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

constantclients.cc/wp-content/plugins/strong-testimonials/public/svg/chevron-left-solid.svg

66.235.200.147

200 OK

482 B

URL GET HTTP/2
constantclients.cc/wp-content/plugins/strong-testimonials/public/svg/chevron-left-solid.svg
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
482 B (482 bytes)
Hash
d8b074990a8c9f550270f8d265951f35
22014267f7d7ecbde3272518b6adc00a3afc109e
4a40b64e4494ef888fa44056df81fb55ff0471e76aaf9249d00edaeaef5afa88

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/strong-testimonials/public/svg/chevron-left-solid.svg HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/wp-content/plugins/strong-testimonials/public/css/slider-controls-sides-outside-buttons.css?ver=3.1.12
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000; _ga_MR4VREK4MN=GS1.1.1713412970.1.0.1713412970.0.0.1500175129; _ga=GA1.1.1651928891.1713412970
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:03:02 GMT
content-type: image/svg+xml
last-modified: Fri, 22 Mar 2024 20:03:55 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:03:02 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c3459ddcb50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

constantclients.cc/

66.235.200.147

200 OK

187 kB

URL User Request GET HTTP/2
constantclients.cc/
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type

Size
187 kB (186857 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/html; charset=UTF-8
link: <https://constantclients.cc/wp-json/>; rel="https://api.w.org/", <https://constantclients.cc/wp-json/wp/v2/pages/999>; rel="alternate"; type="application/json", <https://constantclients.cc/>; rel=shortlink
cache-control: max-age=7200
expires: Thu, 18 Apr 2024 06:02:47 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
last-modified: Wed, 17 Apr 2024 17:54:30 GMT
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 8761c2e659d3b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/gtm4wp-contact-form-7-tracker.js?ver=1.20.2

66.235.200.147

409 Conflict

83 B

URL GET HTTP/2
constantclients.cc/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/gtm4wp-contact-form-7-tracker.js?ver=1.20.2
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
839e0e1ee803a341ab291aaed320c8c4
302992d7f2ec44edaa728c17a55c2c903c864755
089a32b861f84eaa48bfb8f106d29365277a979a0300d89feb69eb2a1b6dea45

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/duracelltomi-google-tag-manager/dist/js/gtm4wp-contact-form-7-tracker.js?ver=1.20.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000; _ga_MR4VREK4MN=GS1.1.1713412970.1.0.1713412970.0.0.1500175129; _ga=GA1.1.1651928891.1713412970
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 409 Conflict
date: Thu, 18 Apr 2024 04:02:50 GMT
content-type: text/html; charset=iso-8859-1
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c2f7fa21b50c-OSL
X-Firefox-Spdy: h2

docs.google.com/viewerng/thumb?ds=AON1mFykBOCa42rKnPWyfTxI2jjIlzLHoPkBu50GYDH6X_qF6q8hKFKih7mVS7q0eLh7mzAiA-DcgzecJLaiXMYcs4CztXrhAENI2tcQ1FiqEZdYQVwLhdu1fI9oY6tgTclBZ_tupSOPlav1Qh010abFy7PRaP9e-VedA-pJw0jWLochE4O6PpM_0fRZdK9gMi0tdToRBm8BcxTUHz8OJIOJ2skrH9q4MahXX28o3ZzRisA_BdINW1mmhPRZEb4g_JxxcCrt_N7T9_0AIZY2OSYUJdAgQOQ5U6w-nMqfVi8QTN9L5DXuA1C7vzJA5M9lUmaamH9pV4Fe&ck=lantern&authuser&w=800&webp=true&p=proj

142.250.74.142

200 OK

12 kB

URL GET HTTP/3
docs.google.com/viewerng/thumb?ds=AON1mFykBOCa42rKnPWyfTxI2jjIlzLHoPkBu50GYDH6X_qF6q8hKFKih7mVS7q0eLh7mzAiA-DcgzecJLaiXMYcs4CztXrhAENI2tcQ1FiqEZdYQVwLhdu1fI9oY6tgTclBZ_tupSOPlav1Qh010abFy7PRaP9e-VedA-pJw0jWLochE4O6PpM_0fRZdK9gMi0tdToRBm8BcxTUHz8OJIOJ2skrH9q4MahXX28o3ZzRisA_BdINW1mmhPRZEb4g_JxxcCrt_N7T9_0AIZY2OSYUJdAgQOQ5U6w-nMqfVi8QTN9L5DXuA1C7vzJA5M9lUmaamH9pV4Fe&ck=lantern&authuser&w=800&webp=true&p=proj
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
RIFF (little-endian) data, Web/P image
Size
12 kB (12292 bytes)
Hash
e8f277e1e64ae5ea28942d3ce7dacbf1
b31171126218d7fbf17e982e945cb6f65e34bfa6
767714cd013f86376640c4c58cbff748a1d7e0ec4b07ce6edfaae71d75d6d72b

HTTP Headers

GET /viewerng/thumb?ds=AON1mFykBOCa42rKnPWyfTxI2jjIlzLHoPkBu50GYDH6X_qF6q8hKFKih7mVS7q0eLh7mzAiA-DcgzecJLaiXMYcs4CztXrhAENI2tcQ1FiqEZdYQVwLhdu1fI9oY6tgTclBZ_tupSOPlav1Qh010abFy7PRaP9e-VedA-pJw0jWLochE4O6PpM_0fRZdK9gMi0tdToRBm8BcxTUHz8OJIOJ2skrH9q4MahXX28o3ZzRisA_BdINW1mmhPRZEb4g_JxxcCrt_N7T9_0AIZY2OSYUJdAgQOQ5U6w-nMqfVi8QTN9L5DXuA1C7vzJA5M9lUmaamH9pV4Fe&ck=lantern&authuser&w=800&webp=true&p=proj HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/webp
expires: Thu, 18 Apr 2024 04:02:51 GMT
date: Thu, 18 Apr 2024 04:02:51 GMT
cache-control: private, max-age=300
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
content-security-policy: script-src 'nonce-kCAXKqLNFaGpLEsVLg2rUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=jL1lUY8If8WXznTBje7yziSbkuXzhPNcScJf2njuXFs8PRvRiJSnXcsS9rXvlDVy9U8E2sN1Z6i7NGleZUYQKYj3sSPBsZO--DJJeE9Vh40eDwKjYzL3ILnxCjVaHw-clbA_LBowkesxEOXGbG3r8LtOWlE_SwDA7Yk5yF3QFTM; expires=Fri, 18-Oct-2024 04:02:51 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

conv-avatar.s3.amazonaws.com/avatars/06.png

52.216.114.11

200 OK

23 kB

URL GET HTTP/1.1
conv-avatar.s3.amazonaws.com/avatars/06.png
IP
52.216.114.11:443
ASN
#16509 AMAZON-02

Requested by
https://constantclients.cc/
Certificate
IssuerAmazon
Subject*.s3.amazonaws.com
FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
23 kB (23160 bytes)
Hash
8b025d1010ad60ad70e06448b50598d3
925d5ed88aece2a5072090958bcfb38c007b4514
fa382ab24a81b1f68b44d4c96dacaf74e1c71b8d6fb00b8423e41286915c73e3

HTTP Headers

GET /avatars/06.png HTTP/1.1
Host: conv-avatar.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: x43EdkH3VgPWVuz3g4SiIbxYnvzQ+O1nIJ5cKPxcDH6GuvTrPuyPbSYP2sngtJIi7jZC1lqj8s4=
x-amz-request-id: 81FZ7FXRMV8M0P3F
Date: Thu, 18 Apr 2024 04:03:06 GMT
Last-Modified: Wed, 30 Sep 2020 12:16:27 GMT
ETag: "8b025d1010ad60ad70e06448b50598d3"
x-amz-meta-sha256: fa382ab24a81b1f68b44d4c96dacaf74e1c71b8d6fb00b8423e41286915c73e3
x-amz-meta-s3b-last-modified: 20190124T164417Z
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 23160

docs.google.com/viewerng/thumb?ds=AON1mFwf0WsDBdLjmoruCnFBeGzEcY8REJFJ_kurToUa3zSrZIsSsRYRU-uWHzN6MUO-wfJw9pmxvmlsUoqIBfGVljGFH1b-DMQcUoG6YQopRgKKINtWLicE3cyMhllAUtH7Bir7FWf8D0LzndCNKT58WSarDaeuwxEvsLHvfI-G07icqSneu2V5W2fVuCoh9d9pFUKgtRqHWpHUCGOjCOj1P9PmEkaB0T-kQUFNTaoyz2_ql9hurjgT0QFH8hKebFq162JRM1biNuKcS21b3NgEqBgoEK9CXBcmWKtRNLtZsG13C-ynWm-BJxWFjDfukYH7deT1T5OC&ck=lantern&authuser&w=800&webp=true&p=proj

142.250.74.142

200 OK

530 kB

URL GET HTTP/2
docs.google.com/viewerng/thumb?ds=AON1mFwf0WsDBdLjmoruCnFBeGzEcY8REJFJ_kurToUa3zSrZIsSsRYRU-uWHzN6MUO-wfJw9pmxvmlsUoqIBfGVljGFH1b-DMQcUoG6YQopRgKKINtWLicE3cyMhllAUtH7Bir7FWf8D0LzndCNKT58WSarDaeuwxEvsLHvfI-G07icqSneu2V5W2fVuCoh9d9pFUKgtRqHWpHUCGOjCOj1P9PmEkaB0T-kQUFNTaoyz2_ql9hurjgT0QFH8hKebFq162JRM1biNuKcS21b3NgEqBgoEK9CXBcmWKtRNLtZsG13C-ynWm-BJxWFjDfukYH7deT1T5OC&ck=lantern&authuser&w=800&webp=true&p=proj
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
RIFF (little-endian) data, Web/P image
Size
530 kB (530314 bytes)
Hash
0ef92b37d2a235e7d6cae3553c666c03
1f8c88c8f9dd6bb73a9713f4c837a13b17568070
ade85734cc8df6a24216e8f3a88e90d51077fb26fd4a64350b4e29c37175be59

HTTP Headers

GET /viewerng/thumb?ds=AON1mFwf0WsDBdLjmoruCnFBeGzEcY8REJFJ_kurToUa3zSrZIsSsRYRU-uWHzN6MUO-wfJw9pmxvmlsUoqIBfGVljGFH1b-DMQcUoG6YQopRgKKINtWLicE3cyMhllAUtH7Bir7FWf8D0LzndCNKT58WSarDaeuwxEvsLHvfI-G07icqSneu2V5W2fVuCoh9d9pFUKgtRqHWpHUCGOjCOj1P9PmEkaB0T-kQUFNTaoyz2_ql9hurjgT0QFH8hKebFq162JRM1biNuKcS21b3NgEqBgoEK9CXBcmWKtRNLtZsG13C-ynWm-BJxWFjDfukYH7deT1T5OC&ck=lantern&authuser&w=800&webp=true&p=proj HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
expires: Thu, 18 Apr 2024 04:03:03 GMT
date: Thu, 18 Apr 2024 04:03:03 GMT
cache-control: private, max-age=300
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
content-security-policy: script-src 'nonce-8SgGHZmjhgNKH_H48fjESQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=PYq9_LxzlmUL5RFbU4bkSioFPmvExo7a9wPhRIlQanDB6ZMXkBug-p9gJlr1x4L_l88qq6D8kwnzxOCQNJSRgxgS8f3134fyaAROU9yLpF-1AAJ5QtUAL91tTuktcQOtyxD3ORFZvKc4J9VKfIg3Tl_dBHHwV-1s3WgJ09Scy2I; expires=Fri, 18-Oct-2024 04:03:03 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

constantclients.cc/wp-content/uploads/2021/08/docusign-V7dZJybxhgc-unsplash.jpg

66.235.200.147

200 OK

83 kB

URL GET HTTP/2
constantclients.cc/wp-content/uploads/2021/08/docusign-V7dZJybxhgc-unsplash.jpg
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1280, Scaling: [none]x[none], YUV color, decoders should clamp
Size
83 kB (82806 bytes)
Hash
73c2b97f7c5bb2ca8e417474f9f75757
44f3ebfab345f1552a0124752b4918311c68bae8
107689c9a302ff28c03d78e46a08207895fc5da6b09e1c5369496e9c626894f3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/08/docusign-V7dZJybxhgc-unsplash.jpg HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/wp-content/uploads/elementor/css/post-999.css?ver=1708890611
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: image/webp
x-webp-convert-log: Serving converted file
vary: Accept,Accept-Encoding
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:49 GMT
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
server: cloudflare
cf-ray: 8761c2f39839b50c-OSL
X-Firefox-Spdy: h2

docs.google.com/viewerng/img?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=2&w=800

142.250.74.142

200 OK

122 kB

URL GET HTTP/3
docs.google.com/viewerng/img?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=2&w=800
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
PNG image data, 800 x 1131, 8-bit/color RGB, non-interlaced
Size
122 kB (121902 bytes)
Hash
edde32a819e23f9c4b79ccfccb03b7e5
de98437870fc201f66990f87c8d2beb03252bc85
bb83fd97ff8b0d5a965db1fcfcbeb6043d36df34c1b7aea400a0621167373cf5

HTTP Headers

GET /viewerng/img?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=2&w=800 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:06 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
content-security-policy: script-src 'nonce-cnRa51OfK_hz9ZDvUTyG9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=SC7qZtq1ITHn8f9GGl05PEQOHOeCIbp_mgcg3TlcLDakVyF0-zAG1GXHmf1p2xIN81U6R5EICOEfL_Y-4a3zXxG0hT5iJlcOwcRr-FGt50yGNyWcAcTWdsIxTNqHbrdDDu0VZkEeSmFNEIGqdlAIMFRa43i0FRMKwlc5-h4lXVg; expires=Fri, 18-Oct-2024 04:03:06 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

app.convertobot.com/get_chatbot_info/cvOfPC

172.67.145.237

200 OK

2.3 kB

URL GET HTTP/2
app.convertobot.com/get_chatbot_info/cvOfPC
IP
172.67.145.237:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerLet's Encrypt
Subjectconvertobot.com
Fingerprint75:4A:AB:25:C4:5D:F0:14:F8:9C:B1:AB:06:28:B8:D5:14:30:1C:2D
ValidityFri, 29 Mar 2024 19:38:25 GMT - Thu, 27 Jun 2024 19:38:24 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2701), with no line terminators
Size
2.3 kB (2345 bytes)
Hash
88eae1e88d2ea8db45179fb72195cf32
4fe74adba848b6d427d0763e48c8b745b62a5461
9a0b328989a86d98f88fc97d1a380ce0494a9bef44be71335dac56e654d9e2c5

HTTP Headers

GET /get_chatbot_info/cvOfPC HTTP/1.1
Host: app.convertobot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://constantclients.cc
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:03:05 GMT
content-type: application/json
cache-control: no-cache, max-age=172800
access-control-allow-origin: *
expires: Sat, 20 Apr 2024 04:03:04 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rpGpyVKS8rTqBuQGl6Bo3a2EQbhAcNi4gTushb9sUTJjbMbqjtdtvLI%2BqWyK9xOFJu8%2B%2Bh9bkR6exHu26pSVTexWw7EZJPz%2FDzNKVIdGZoRb1x00rzlguSTI%2BkXK4hsu3zrBm7pj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8761c34ebe1856bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Montserrat

142.250.74.106

200 OK

1.8 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Montserrat
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://constantclients.cc/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (1849), with no line terminators
Size
1.8 kB (1809 bytes)
Hash
f9bede8e0040dae7b773802d556ed574
3b54311abf21a8a22a7c39012bd4365561cd958e
a431b718972726753c9f8bfc03334df3414b61b644f692c51673bfbe90164e4a

HTTP Headers

GET /css?family=Montserrat HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 04:03:05 GMT
date: Thu, 18 Apr 2024 04:03:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

docs.google.com/viewerng/img?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=0&w=800

142.250.74.142

200 OK

893 kB

URL GET HTTP/3
docs.google.com/viewerng/img?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=0&w=800
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
PNG image data, 800 x 1131, 8-bit/color RGB, non-interlaced
Size
893 kB (892918 bytes)
Hash
1e29ff896ddf91619652798660b0775c
bec9afb8a4ccbf83b4286b5d7f39160ff6276149
308483e8507918f95e9171afd39761f4bf570f77fefd7887e9245ff8078b77b9

HTTP Headers

GET /viewerng/img?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=0&w=800 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:06 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
content-security-policy: script-src 'nonce-6M-ZuedTIK7fS-eMYV0K1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=PvCJcpb7gTUnqYLQs-SFD8Ee_8mURSpvRQ1JMlVTwTheMFhbjVX4brWsNfppzS2bX8wTqDKRwUZ-gyAg7x371hqkeM5hUkaOquwYIUFhZ8W7fKTpGomOjWRxHLuoy4Q0QbqQ-d_WEeNdY2wQUgDgAikWoDnJHBTSr74z35xIuas; expires=Fri, 18-Oct-2024 04:03:06 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

constantclients.cc/wp-content/uploads/2021/08/cherrydeck-05gac-Qn0k4-unsplash.jpg

66.235.200.147

200 OK

83 kB

URL GET HTTP/2
constantclients.cc/wp-content/uploads/2021/08/cherrydeck-05gac-Qn0k4-unsplash.jpg
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1267, Scaling: [none]x[none], YUV color, decoders should clamp
Size
83 kB (83262 bytes)
Hash
ba757b139d6c1a9c1e89099eca92cec6
61013a5760c4af54a0e58b44ee821063dd762fb5
a333b340ac193d86ae5fd252e3584e47fe6df2fa05bf9c3de6f07c5114b5025d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/08/cherrydeck-05gac-Qn0k4-unsplash.jpg HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/wp-content/uploads/elementor/css/post-999.css?ver=1708890611
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: image/webp
x-webp-convert-log: Serving converted file
vary: Accept,Accept-Encoding
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:49 GMT
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
server: cloudflare
cf-ray: 8761c2f3b844b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/themes/mesmerize/assets/js/theme.bundle.min.js?ver=1.6.109

66.235.200.147

200 OK

85 kB

URL GET HTTP/2
constantclients.cc/wp-content/themes/mesmerize/assets/js/theme.bundle.min.js?ver=1.6.109
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
85 kB (84752 bytes)
Hash
2f042b00685f23b715b773ceef644a1b
288e3425797ca89970502ed5c3bff634909e57ed
35c013f7b44dec194fda7044e8cd74fd39a03a400feba0909d5bec3c9fb5b220

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/mesmerize/assets/js/theme.bundle.min.js?ver=1.6.109 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
last-modified: Sat, 27 May 2023 14:54:47 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
server: cloudflare
cf-ray: 8761c2eddd71b50c-OSL
X-Firefox-Spdy: h2

static.addtoany.com/menu/modules/core.BRQnzO8v.js

172.67.39.148

200 OK

72 kB

URL GET HTTP/3
static.addtoany.com/menu/modules/core.BRQnzO8v.js
IP
172.67.39.148:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD
ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
72 kB (71454 bytes)
Hash
629401c31553d2f42a6ca46e58c2a97b
0ab6084caa72f90913c7e4119f491838726ec5c2
91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805

HTTP Headers

GET /menu/modules/core.BRQnzO8v.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://constantclients.cc
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
etag: W/"25da5432b1057724b8210f17e9b9db05"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8nFDFGM%2FTiMqg2hht%2BXWdICbclG9VkYxQZiBLUi5ICl9U9iHzP1rNLms9VEZ9zSKSjgcSuseOyIJZB0u1SyLiMSFZnvGYOWRjFYIcLyLiIFhFkPHgCv1JIm0zOvD5dcrLhGkH02R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8761c2f4180e5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

player.vimeo.com/video/662404108?h=24abf7b0dc&dnt=1&app_id=122963

162.159.138.60

200 OK

18 kB

URL GET HTTP/1.1
player.vimeo.com/video/662404108?h=24abf7b0dc&dnt=1&app_id=122963
IP
162.159.138.60:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerLet's Encrypt
Subjectplayer.vimeo.com
FingerprintE8:45:41:E9:31:D2:A5:77:D5:5E:75:89:F8:00:24:2E:C3:3F:C8:BE
ValidityFri, 29 Mar 2024 06:04:47 GMT - Thu, 27 Jun 2024 06:04:46 GMT

File type
HTML document, ASCII text, with very long lines (9732)
Size
18 kB (17949 bytes)
Hash
1c30913170ce78246b96827d6fe6044f
5ac2adfb8e711bfab433f4167689d40b2e8f01c7
f86f872411506afbabe8c2dcc2516bfb729dfbbafb47bba7dcf088605336d237

HTTP Headers

GET /video/662404108?h=24abf7b0dc&dnt=1&app_id=122963 HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 04:02:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
expires: Fri, 15 Dec 1985 19:30:00 GMT
link: <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin, <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-host: player-backend-66b7887c5c-sfkn2
x-player-backend: g
x-xss-protection: 1; mode=block
x-backend-server: player-backend-edge-entry
x-bapp-server: player-backend-66b7887c5c-sfkn2
via: 1.1 varnish
x-served-by: cache-osl6549-OSL
x-cache: MISS
x-cache-hits: 0
x-timer: S1713412970.530546,VS0,VE299
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=vcy.NXdi.c0dGRBflWTKPsg_RL4p.Ek_RyEVz7jGI4U-1713412969-1.0.1.1-tSBLqDSZFeBNNVz2aQJC5ARTPfhUCu..ceJHhm3dFvdVY2eK2JvoWs3jrM0eMO5X782bCEGRs_cLWcqqTEfruA; path=/; expires=Thu, 18-Apr-24 04:32:49 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
_cfuvid=PNnAYX__TvIfN80zKn.2p7nUSB3W00bQwUP1IPEBbAI-1713412969830-0.0.1.1-604800000; path=/; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 8761c2f37e6e56a5-OSL
Content-Encoding: gzip

constantclients.cc/wp-content/plugins/strong-testimonials/public/svg/chevron-right-solid.svg

66.235.200.147

200 OK

527 B

URL GET HTTP/2
constantclients.cc/wp-content/plugins/strong-testimonials/public/svg/chevron-right-solid.svg
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
527 B (527 bytes)
Hash
9cf3046a23e81a26c9cc945278f13194
0c6c3b9da1dac96e0acb5fc5634a22a69f4bb0d8
f2d92f4bb5a85adc8ab8e7963a6689e7e58dcab5825ad88cfc3a695db55575de

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/strong-testimonials/public/svg/chevron-right-solid.svg HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/wp-content/plugins/strong-testimonials/public/css/slider-controls-sides-outside-buttons.css?ver=3.1.12
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000; _ga_MR4VREK4MN=GS1.1.1713412970.1.0.1713412970.0.0.1500175129; _ga=GA1.1.1651928891.1713412970
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:03:02 GMT
content-type: image/svg+xml
last-modified: Fri, 22 Mar 2024 20:03:55 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:03:02 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c3459dddb50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

docs.google.com/viewerng/presspage?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=2

142.250.74.142

200 OK

4.0 kB

URL GET HTTP/3
docs.google.com/viewerng/presspage?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=2
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
Unicode text, UTF-8 text, with very long lines (4226), with no line terminators
Size
4.0 kB (3985 bytes)
Hash
ae0c67ffc035e7cf904b1d8d308b73e8
91a12688be942c53aaf77dafa5c13cba442c3305
f85fc8d04bb65936d6e99c2ba424615f4debf45f601a6676dcb3feed712b0509

HTTP Headers

GET /viewerng/presspage?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=2 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:06 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
content-security-policy: script-src 'nonce-9OerDBL7FD0_xLHjHWWRhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=pLHIM-H0bV5wlP_HVefn4JEaWe12kWC_9QcjT89aWs4fed6luD4r1CuV9Oy4PD-YdrGAtScco0Vz0wr-R5SZQcNx_uXWwrP3JSXCzRemMuxk22SYR3uENDi0ow_VCNtDDog5JGBm625kddNMlQd7orzUhlcmeWizxzDn1T7jX68; expires=Fri, 18-Oct-2024 04:03:06 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

constantclients.cc/wp-content/uploads/2021/08/redd-PTRzqc_h1r4-unsplash.jpg

66.235.200.147

200 OK

148 kB

URL GET HTTP/2
constantclients.cc/wp-content/uploads/2021/08/redd-PTRzqc_h1r4-unsplash.jpg
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1080, Scaling: [none]x[none], YUV color, decoders should clamp
Size
148 kB (147684 bytes)
Hash
356edb5828c53d981b92689cf9c833db
bb8f9883f02466a79b798719856783354b73400d
35b2cb9d0fc016bd145417d3cd20ede21c6a309143221543eedfcf98371eabd9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/08/redd-PTRzqc_h1r4-unsplash.jpg HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/wp-content/uploads/elementor/css/post-999.css?ver=1708890611
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:50 GMT
content-type: image/webp
x-webp-convert-log: Serving converted file
vary: Accept,Accept-Encoding
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:49 GMT
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
server: cloudflare
cf-ray: 8761c2f3983ab50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/gtm4wp-contact-form-7-tracker.js?ver=1.20.2

66.235.200.147

409 Conflict

83 B

URL GET HTTP/2
constantclients.cc/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/gtm4wp-contact-form-7-tracker.js?ver=1.20.2
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
839e0e1ee803a341ab291aaed320c8c4
302992d7f2ec44edaa728c17a55c2c903c864755
089a32b861f84eaa48bfb8f106d29365277a979a0300d89feb69eb2a1b6dea45

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/duracelltomi-google-tag-manager/dist/js/gtm4wp-contact-form-7-tracker.js?ver=1.20.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 409 Conflict
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/html; charset=iso-8859-1
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c2eddd6bb50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/wp-pdf-generator/assets/js/html2canvas.min.js?ver=1.2.3

66.235.200.147

200 OK

61 kB

URL GET HTTP/2
constantclients.cc/wp-content/plugins/wp-pdf-generator/assets/js/html2canvas.min.js?ver=1.2.3
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type

Size
61 kB (60798 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/wp-pdf-generator/assets/js/html2canvas.min.js?ver=1.2.3 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
last-modified: Mon, 05 Jun 2023 08:06:04 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
server: cloudflare
cf-ray: 8761c2eded84b50c-OSL
X-Firefox-Spdy: h2

docs.google.com/viewerng/img?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=1&w=800

142.250.74.142

200 OK

114 kB

URL GET HTTP/2
docs.google.com/viewerng/img?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=1&w=800
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
PNG image data, 800 x 1131, 8-bit/color RGB, non-interlaced
Size
114 kB (114428 bytes)
Hash
58e2ad9084417dcfe9b06639c335c107
96b51cf168b8258d09390ddd6211b3ac93bc900a
8fba6ddf0b010591b5a7166afa23f5e63f32a5be53ecb97c93d511f416afbb53

HTTP Headers

GET /viewerng/img?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=1&w=800 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:03 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
content-security-policy: script-src 'nonce-dh-JBFU8LB8WLu0b5gXe7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=mx0twNeFG8bn28ceX06zt4LV043ekzM_f--5VCPTRUF-MF-hah7UOL_o8LAmbRLbnDNNyzI6AKXH8RUdBasxPpgaNIIALF9rAOU7ltvXxUXHXwspL_LOgUQjNutBfN8eYgZdtoUxVMxVzwWdmGCYhQLfv8_Heb_5MCSIBECTrMU; expires=Fri, 18-Oct-2024 04:03:02 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static.addtoany.com/menu/page.js

172.67.39.148

200 OK

3.0 kB

URL GET HTTP/2
static.addtoany.com/menu/page.js
IP
172.67.39.148:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD
ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT

File type
JavaScript source, ASCII text, with very long lines (3132), with no line terminators
Size
3.0 kB (3003 bytes)
Hash
40486591ae8ea6d1423aeb13f1fd509b
f847af56588642de93c6fe0d2ce182303f312455
16a6753a1de5c5602b0ca4afe3d17b95e2cb18d6b79bf7cdccedba3a733c1138

HTTP Headers

GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"e346c2841e4abbb66ee259e9540abb61"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i2AC7bE2UDFKM7qC5jDQxDxGBrcVDlnPDaJpMnzeeMpH%2BWmJ3duBGtVLq6wxk1QIfxp7e6MatgiRO5LypYWukV0nng7cUXW9aran8y9cwM8v0JAzIBzS1YQZ9pyCABT%2BXorAHEebwrAhbk61YRrQnUdl"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6907
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8761c2eddfea0b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Montserrat:100

142.250.74.106

200 OK

1.8 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Montserrat:100
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://constantclients.cc/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (1849), with no line terminators
Size
1.8 kB (1809 bytes)
Hash
9d6738899527d728b3e2221180de3c12
c671720a5866a500f2ac0eac71064078708f1230
06af7c4adad9defe1b2accf8a83cb79af79ceb16a6d0077a82d69ed3399d6582

HTTP Headers

GET /css?family=Montserrat:100 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 04:02:49 GMT
date: Thu, 18 Apr 2024 04:02:49 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

constantclients.cc/wp-content/uploads/2021/11/magnet-me-315vPGsAFUk-unsplash.jpg

66.235.200.147

200 OK

92 kB

URL GET HTTP/2
constantclients.cc/wp-content/uploads/2021/11/magnet-me-315vPGsAFUk-unsplash.jpg
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1280, Scaling: [none]x[none], YUV color, decoders should clamp
Size
92 kB (91544 bytes)
Hash
d39f5a051b7b7d179deb91e00d0b0113
b868a9b5b8999badc2a0a810db9ba9ab89f37704
6beeb77125e805eb2d6eb336d5c51939db66ac650f1c0b17487721ff376cada0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/11/magnet-me-315vPGsAFUk-unsplash.jpg HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/wp-content/uploads/elementor/css/post-999.css?ver=1708890611
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: image/webp
x-webp-convert-log: Serving converted file
vary: Accept,Accept-Encoding
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:49 GMT
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
server: cloudflare
cf-ray: 8761c2f39836b50c-OSL
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://constantclients.cc/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14940, version 1.0
Size
15 kB (14940 bytes)
Hash
a46fb7aae99225fdfd9d64b2b8b1063f
1ee50bf5985c1956dde1c06d9b1cec4645ddb92b
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281

HTTP Headers

GET /s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://constantclients.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14940
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 21:46:04 GMT
expires: Tue, 15 Apr 2025 21:46:04 GMT
cache-control: public, max-age=31536000
age: 195423
last-modified: Wed, 13 Sep 2023 22:46:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.21.0

66.235.200.147

200 OK

174 kB

URL GET HTTP/2
constantclients.cc/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.21.0
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type

Size
174 kB (173746 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.21.0 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
server: cloudflare
cf-ray: 8761c2ed9d25b50c-OSL
X-Firefox-Spdy: h2

constantclients.cc/wp-content/plugins/wp-pdf-generator/assets/js/jspdf.min.js?ver=1.2.3

66.235.200.147

200 OK

307 kB

URL GET HTTP/2
constantclients.cc/wp-content/plugins/wp-pdf-generator/assets/js/jspdf.min.js?ver=1.2.3
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type

Size
307 kB (306942 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/wp-pdf-generator/assets/js/jspdf.min.js?ver=1.2.3 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: application/javascript
last-modified: Mon, 05 Jun 2023 08:06:04 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:49 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
server: cloudflare
cf-ray: 8761c2eded7fb50c-OSL
X-Firefox-Spdy: h2

docs.google.com/viewerng/presspage?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=1

142.250.74.142

200 OK

4.7 kB

URL GET HTTP/3
docs.google.com/viewerng/presspage?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=1
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
Unicode text, UTF-8 text, with very long lines (4952), with no line terminators
Size
4.7 kB (4665 bytes)
Hash
7ec4a3a376b11ba95f6fd722cd75ea1a
849e0a3fa398e847b3c1a37359e237ad30454df6
d9ac2e93f75b82c9cf2aa18f827ba0834411676e0b5811562b95814bce4135ed

HTTP Headers

GET /viewerng/presspage?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=1 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:06 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-security-policy: script-src 'nonce-tzpEN_Bpztzv3K7J3Qkf5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=JMgBaB3xDGOQoOQozn1mQmlyKJIZGk3Gv40H8Yk63lqed5AqyBRjZfjBOIDpWL2NtXiR9yFF7dXlTyxkMzI6v9py_SDdM9ClG9dehREZBm2NjIJZFDpDKVLhy9cTdE7i9XwDRto2t3eQjjPofJolNJmoHRWNKAf6MzWbjzRApL8; expires=Fri, 18-Oct-2024 04:03:06 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

docs.google.com/viewerng/thumb?ds=AON1mFzLR22rKqGTmJQ8BO1PwBFAnR9XYIFhooxKHY0E3-aLkutGQn-xJBeUtLaFXimz1m5waozWW98Ny0KGZeiDEepaEuq52k8E-lt6I1KGFe5cOX1Q_kvHy9mEEet3jqDeGBUf9QXmhrmBHGv3019s3Gb0F_HbjfPoin2Rk9mlNrqU0KpykKyrzgQMahWvCT8ON9DCezAy09IcGLJ5AEKyk1qoxMhTVecCFAC6SeTS03hVCZP0zQaj3a4AHRmO1tnwJm7K6u-9wtAR9vLcUlkyVzGZH-2fWkKN--rQuLzLOAfhixKZfM5MuFygEFA2GisQdYTW9iAW&ck=lantern&authuser&w=800&webp=true&p=proj

142.250.74.142

200 OK

629 kB

URL GET HTTP/3
docs.google.com/viewerng/thumb?ds=AON1mFzLR22rKqGTmJQ8BO1PwBFAnR9XYIFhooxKHY0E3-aLkutGQn-xJBeUtLaFXimz1m5waozWW98Ny0KGZeiDEepaEuq52k8E-lt6I1KGFe5cOX1Q_kvHy9mEEet3jqDeGBUf9QXmhrmBHGv3019s3Gb0F_HbjfPoin2Rk9mlNrqU0KpykKyrzgQMahWvCT8ON9DCezAy09IcGLJ5AEKyk1qoxMhTVecCFAC6SeTS03hVCZP0zQaj3a4AHRmO1tnwJm7K6u-9wtAR9vLcUlkyVzGZH-2fWkKN--rQuLzLOAfhixKZfM5MuFygEFA2GisQdYTW9iAW&ck=lantern&authuser&w=800&webp=true&p=proj
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
RIFF (little-endian) data, Web/P image
Size
629 kB (628602 bytes)
Hash
08bc35cb1484803d8cf1807deeb181ca
aee5b8218478ef3eac8411e929623b11a9c43a6e
34631d15b99518faf6a51fe36a95c5c42b65391f5230709284abaefad725b699

HTTP Headers

GET /viewerng/thumb?ds=AON1mFzLR22rKqGTmJQ8BO1PwBFAnR9XYIFhooxKHY0E3-aLkutGQn-xJBeUtLaFXimz1m5waozWW98Ny0KGZeiDEepaEuq52k8E-lt6I1KGFe5cOX1Q_kvHy9mEEet3jqDeGBUf9QXmhrmBHGv3019s3Gb0F_HbjfPoin2Rk9mlNrqU0KpykKyrzgQMahWvCT8ON9DCezAy09IcGLJ5AEKyk1qoxMhTVecCFAC6SeTS03hVCZP0zQaj3a4AHRmO1tnwJm7K6u-9wtAR9vLcUlkyVzGZH-2fWkKN--rQuLzLOAfhixKZfM5MuFygEFA2GisQdYTW9iAW&ck=lantern&authuser&w=800&webp=true&p=proj HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/webp
expires: Thu, 18 Apr 2024 04:03:05 GMT
date: Thu, 18 Apr 2024 04:03:05 GMT
cache-control: private, max-age=300
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-mXwW3qN9x_A1KDLb-7sXvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=HyvhhKBaXy35uu64KtE0lVYAslkTY2dpNAuSpu28hWX36_AeZ05jfkiPokoDkbT37TUylKj-gBJrDKG4-B4gwYMC0J6M5pYlg2XHDCbKpd7iB7DfSG2V-QOLmRk6GEie6mW_CtF3qwt-ZjHsKZAyPAl8wT24T05zNDTV6Y-VghM; expires=Fri, 18-Oct-2024 04:03:05 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

docs.google.com/viewerng/meta?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU

142.250.74.142

200 OK

36 B

URL GET HTTP/3
docs.google.com/viewerng/meta?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
ASCII text, with no line terminators
Size
36 B (36 bytes)
Hash
45b006a58c64ecff5875ec96ef28e7ff
826b015d0c38cae990dbfef89fc1158c35b0cfad
5cfed5b80fb83f2dcae2d34ab23ec8be84c795cbf191b4bf62e1833a27421062

HTTP Headers

GET /viewerng/meta?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:02:51 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
content-security-policy: script-src 'nonce-hanR-J56ldYF94BCnOVDRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=fwdA-K3tvq7vmqknRMcZBY3yXFwMIjA6-ugVbl9iJdMUv4Z9j5ajJx9m-LrwSE_Q2z4RKNSe9xA1Ue0EWBf-UgfXWpANYyu7Kox1xwD4_nuE1ZCDrdi9AgsXCnFkNTw19pg8AckYfqS_s1Bx-v3xceKxG8YE59L5ysztjlSouBw; expires=Fri, 18-Oct-2024 04:02:51 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

constantclients.cc/wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1710878638&ver=1.18.5

66.235.200.147

200 OK

70 kB

URL GET HTTP/2
constantclients.cc/wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1710878638&ver=1.18.5
IP
66.235.200.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://constantclients.cc/
Certificate
IssuerCloudflare, Inc.
Subjectconstantclients.cc
FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2
ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT

File type

Size
70 kB (69803 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1710878638&ver=1.18.5 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: application/javascript
last-modified: Tue, 19 Mar 2024 20:03:58 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:49 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
server: cloudflare
cf-ray: 8761c2eddd75b50c-OSL
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (89)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML