| constantclients.cc/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=1.1 | 66.235.200.147 | 200 OK | 124 B |
URL GET HTTP/2constantclients.cc/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=1.1 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeASCII text, with CRLF, CR line terminators Hash9730086eefb28d971b315173f579b3b0 a9845ea261aef600305f310c15d83232ee33460d 9c0647c53dde19cd56b2dfd0626db41f3db20c92984e1e6a4d469c19e4823adf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=1.1 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 124
last-modified: Mon, 25 Dec 2023 20:13:33 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2ed8d21b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.28 | 66.235.200.147 | 200 OK | 323 B |
URL GET HTTP/2constantclients.cc/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.28 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
Hasha5bf64d5859ee94a3e8e93d592d6d2a0 049eb63b42dbb820b06870a430f523bf06880721 25825611ade7ceaed7df3862ec56dc91ad1d2be539966ef7bbe84306e51cfb08
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.28 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 323
last-modified: Tue, 16 Apr 2024 20:09:04 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2ed8d22b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/uploads/elementor/css/global.css?ver=1708890611 | 66.235.200.147 | 200 OK | 3.5 kB |
URL GET HTTP/2constantclients.cc/wp-content/uploads/elementor/css/global.css?ver=1708890611 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (21216) Hashfb46c36a0e1370c14602c354a01ae0cb 2d7e31c67202b2cb67d9af9bde7524375e98f050 c30246b474bb2bfa1f801efb85462ed4bfeaaa649ec50289ff5c35fc05132e95
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/elementor/css/global.css?ver=1708890611 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 3455
last-modified: Sun, 25 Feb 2024 19:50:11 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2ed9d29b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/popup-builder/public/css/theme.css?ver=4.2.7 | 66.235.200.147 | 200 OK | 15 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/popup-builder/public/css/theme.css?ver=4.2.7 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (4774) Hashe6fa0ab1e511473032e374f0ec4fc1ec 002f24a50270e1c847d21b8530db933dcbdc499f 96344c48276b6477946734dfa6f60c187fa33d371c0f4bc2156edc0e2868617c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/popup-builder/public/css/theme.css?ver=4.2.7 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 15343
last-modified: Tue, 20 Feb 2024 20:09:49 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2ed8d1db50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/document-emberdder/dist/public.css?ver=1.8.6 | 66.235.200.147 | 200 OK | 545 B |
URL GET HTTP/2constantclients.cc/wp-content/plugins/document-emberdder/dist/public.css?ver=1.8.6 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (1289) Hashfd70481184bb5db0628a2457c7614c50 c17d20bb7878723585f0e393b16b5151d9d2c0dc 294c91a9d8e5a19c67cc03c6c2865cbe637773d6e2137f5b4c8b2f5566ae1ee3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/document-emberdder/dist/public.css?ver=1.8.6 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 545
last-modified: Sat, 09 Mar 2024 08:07:00 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2ed8d1bb50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 | 66.235.200.147 | 200 OK | 308 B |
URL GET HTTP/2constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (489) Hash144e43c3b3d8ea5b278c062c202c92f2 3c037057a419245849747b4762d09d88cab66fc1 9cd63b8cea25045c14623c538d26752518a58c0c682795ce6ad3078976c65a37
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 308
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edad42b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/uploads/elementor/css/post-7.css?ver=1708890610 | 66.235.200.147 | 200 OK | 384 B |
URL GET HTTP/2constantclients.cc/wp-content/uploads/elementor/css/post-7.css?ver=1708890610 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (1142), with no line terminators Hash09b474b74635adffa3e25525863d8151 b3c4d1017333f8c5962491c1777210d9d72511fb c1f94714293d0da750d2780ad7abf13fd88508fafa0bec27aa9dc4e9065bcf32
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/elementor/css/post-7.css?ver=1708890610 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 384
last-modified: Sun, 25 Feb 2024 19:50:10 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2ed9d28b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.29.0 | 66.235.200.147 | 200 OK | 4.1 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.29.0 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (19732) Hash45f978120a537b249dfac36306ed5471 9eebc1e6fe55d9737d0e91bdfa3976b344ea2a09 67ac597bed179b5842d996fad80472c6b9514edde408ade8b892161bcf9e9c88
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.29.0 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 4117
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2ed9d24b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.9.15 | 66.235.200.147 | 200 OK | 1.0 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.9.15 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (3757) Hash328ebfd01781de6fe0f18f59ca04861c 334fea12d6d0d4de5f19f0f1db467b444b0d67c3 0bc32c16a963f587d3d0d69da37f1ddf1269221fc7df0907f420624614ab2963
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.9.15 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 1028
last-modified: Tue, 09 Apr 2024 12:13:51 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edad3db50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 | 66.235.200.147 | 200 OK | 309 B |
URL GET HTTP/2constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (483) Hash9eb2d3c87feb6bb2ffa63b70532b1477 38f226335a05ab0e30497bc7419eb5e243a9e26c 37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 309
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edad41b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1 | 66.235.200.147 | 200 OK | 126 B |
URL GET HTTP/2constantclients.cc/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with no line terminators Hash5ef26b5e47e6951f43ecf2b1fc645222 081afb52577f6f3bb044fdea6d34a632c3cce7e8 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 126
last-modified: Tue, 16 Apr 2024 08:03:52 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edbd45b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/uploads/elementor/css/post-1192.css?ver=1708890611 | 66.235.200.147 | 200 OK | 680 B |
URL GET HTTP/2constantclients.cc/wp-content/uploads/elementor/css/post-1192.css?ver=1708890611 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (2923), with no line terminators Hash6fec0d84a5bcded957c5e244c3e200cb 5697b9e9d68020e02ccee4f056c51c910a2d8488 b5e9c30e3e3a5d064d2d8d2db6bbd6b3fcb055498a95fffbbc72c60150a3f372
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/elementor/css/post-1192.css?ver=1708890611 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 680
last-modified: Sun, 25 Feb 2024 19:50:11 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2ed9d2db50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/popup-builder/public/js/Popup.js?ver=4.2.7 | 66.235.200.147 | 200 OK | 11 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/popup-builder/public/js/Popup.js?ver=4.2.7 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (5515) Hashaad76345b176f2bdea7082ce27717aba 1f3c44bf0b8169741bc5b3e71e83e05d07b59338 113500b83a965388babfdb15b9740741f750db1890f6fa3677cf1bcaddd96089
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/popup-builder/public/js/Popup.js?ver=4.2.7 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 10592
last-modified: Tue, 20 Feb 2024 20:09:50 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edbd48b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/Logo-New-1.png.webp | 66.235.200.147 | 200 OK | 15 kB |
URL GET HTTP/2constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/Logo-New-1.png.webp IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash31e0b53ba82b874173ee64e436693d2c a9cd55675f5112377f297920300a74c5bc761ef7 56fe4fe88acd6126c4390e49505042e965ef8fb2cc8aa2bf7e996624e09cb52e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/webp-express/webp-images/uploads/2021/08/Logo-New-1.png.webp HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: image/webp
content-length: 15244
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c2edbd4eb50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16 | 66.235.200.147 | 200 OK | 544 B |
URL GET HTTP/2constantclients.cc/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (1604), with no line terminators Hash2a489d28e2fc2088b3fe0bcda8417525 af48dd19c11ceac12d2473b2b8e216da9d9d432c c19e3e4151ea4933fa9ba9703c51fe20ad469237771214b1c5001d1b107ddef5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 544
last-modified: Tue, 16 Apr 2024 08:03:52 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edad36b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 | 66.235.200.147 | 200 OK | 5.4 kB |
URL GET HTTP/2constantclients.cc/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (13479) Hash9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 5422
last-modified: Tue, 08 Aug 2023 20:05:49 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edbd44b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/uploads/elementor/css/post-999.css?ver=1708890611 | 66.235.200.147 | 200 OK | 4.9 kB |
URL GET HTTP/2constantclients.cc/wp-content/uploads/elementor/css/post-999.css?ver=1708890611 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (22576), with no line terminators Hash05f67e1594bf828a7fc28cb5804ce3dd 1e76805190ce70d64f2930b1fda33f46e8deb62a ab659952ddbb016fa6a2ca12bba964321c4a7e0e4f0585288eb54708e0d76f6d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/elementor/css/post-999.css?ver=1708890611 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 4861
last-modified: Sun, 25 Feb 2024 19:50:11 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2ed9d2bb50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/ubermenu/assets/fontawesome/css/all.min.css?ver=6.5.2 | 66.235.200.147 | 200 OK | 13 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/ubermenu/assets/fontawesome/css/all.min.css?ver=6.5.2 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (58392) Hash76cb46c10b6c0293433b371bae2414b2 0038dc97c79451578b7bd48af60ba62282b4082b 876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ubermenu/assets/fontawesome/css/all.min.css?ver=6.5.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 12646
last-modified: Sat, 27 May 2023 14:54:44 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edad3cb50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-includes/js/masonry.min.js?ver=4.2.2 | 66.235.200.147 | 200 OK | 9.2 kB |
URL GET HTTP/2constantclients.cc/wp-includes/js/masonry.min.js?ver=4.2.2 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (23966) Hash3b3fc826e58fc554108e4a651c9c7848 76778fd446e2ff2377588a7b4ac4d79f258427c9 e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/masonry.min.js?ver=4.2.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 9216
last-modified: Sat, 27 May 2023 14:55:04 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2eddd70b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/12/Signature-Black-cropped-300x110.png.webp | 66.235.200.147 | 200 OK | 7.0 kB |
URL GET HTTP/2constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/12/Signature-Black-cropped-300x110.png.webp IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash17bafbce1d3d92316c87a5320d0fe570 a239941ef6521d2e6c012bab5dbc29dbcdbf9eda 63880aa06cb4060255e87752eb0bddc8b704a8dbd8df008156190f920b64069a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/webp-express/webp-images/uploads/2021/12/Signature-Black-cropped-300x110.png.webp HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: image/webp
content-length: 6972
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c2edcd5ab50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-includes/js/imagesloaded.min.js?ver=5.0.0 | 66.235.200.147 | 200 OK | 2.1 kB |
URL GET HTTP/2constantclients.cc/wp-includes/js/imagesloaded.min.js?ver=5.0.0 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (4358) Hash6823120876c9afc8929418c9a6f8e343 90b0adb37d70ffec5f9189c36bb0027c310c9502 b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/imagesloaded.min.js?ver=5.0.0 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 2112
last-modified: Tue, 07 Nov 2023 20:03:53 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2eddd6fb50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/ubermenu/pro/assets/css/ubermenu.min.css?ver=3.7.4 | 66.235.200.147 | 200 OK | 13 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/ubermenu/pro/assets/css/ubermenu.min.css?ver=3.7.4 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash30d4da1b06f620d981ebf7f1cfdebe7a 5be661ca056df76e26b16fe85c72378010fb2ad3 f7ba7e664816f88dde2f3f9b789e427087a5deb8986f708dd02bcfe1c0d8ff55
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ubermenu/pro/assets/css/ubermenu.min.css?ver=3.7.4 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 12707
last-modified: Sat, 27 May 2023 14:54:44 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edad38b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/uploads/2021/08/menu-03-150x150.png | 66.235.200.147 | 200 OK | 2.9 kB |
URL GET HTTP/2constantclients.cc/wp-content/uploads/2021/08/menu-03-150x150.png IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash687cae38bd7eee664ac9e4777800b413 4ac9e7015a249928a6a4a46590ecfe74679e2b47 eb86759a697d1d1213ac42344b16564dacea6726b3a8ec61569e7776cd5c74eb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2021/08/menu-03-150x150.png HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: image/webp
content-length: 2938
x-webp-convert-log: Serving converted file
vary: Accept,Accept-Encoding
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edcd51b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 | 66.235.200.147 | 200 OK | 13 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (57884) Hashf4af7e5ec05ebb0f08d43e2384266abc a1869e155e92fa178b9c3ae6dff787df57f195c6 fafc4160788beca657ec3e3041976281fb6d54a0e82bb4d22a433f7c6bb8b1d6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 12618
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edad3eb50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/strong-testimonials/public/css/slider-controls-sides-outside-buttons.css?ver=3.1.12 | 66.235.200.147 | 200 OK | 1.1 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/strong-testimonials/public/css/slider-controls-sides-outside-buttons.css?ver=3.1.12 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
Hash372079cd65a278dc054c18eb721453a1 0f3d344abc3c648a3b1818d96c3125b2e6419199 709515b4bd2ec01218234daa7fc5ee63dcf3a375ca975f36886c3d029204f140
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/strong-testimonials/public/css/slider-controls-sides-outside-buttons.css?ver=3.1.12 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 1097
last-modified: Fri, 22 Mar 2024 20:03:55 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edcd5fb50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/analytics-talk-content-tracking.js?ver=1.20.2 | 66.235.200.147 | 200 OK | 624 B |
URL GET HTTP/2constantclients.cc/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/analytics-talk-content-tracking.js?ver=1.20.2 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1685), with no line terminators Hash070a12458ed43e10ecdc3c90ed286af5 ccb5fb60d9153cea396224a484f1984afb29503f a2a6f3d68cab390cc94906f0122540b73d23c164f2c26b356d10e620059135f1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/duracelltomi-google-tag-manager/dist/js/analytics-talk-content-tracking.js?ver=1.20.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 624
last-modified: Fri, 05 Apr 2024 14:04:35 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edbd4cb50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/icon-01-1024x702.png.webp | 66.235.200.147 | 200 OK | 46 kB |
URL GET HTTP/2constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/icon-01-1024x702.png.webp IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash3026f217746be77a99b964ab371f1e54 ba579b141f3213e7f8811e74bc7a262133ac4b14 9fc6c1246f52f6c0d3fdd633ba9369330f34f72b81d410978fe9fd35badf2fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/webp-express/webp-images/uploads/2021/08/icon-01-1024x702.png.webp HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: image/webp
content-length: 46548
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c2edcd59b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 | 66.235.200.147 | 200 OK | 8.3 kB |
URL GET HTTP/2constantclients.cc/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (8189) Hashc4e68a0f3463c0bd3c39eab38815e881 0ce58644e9f3c5063a11453ff287c5ec096465a7 ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 8343
last-modified: Sat, 27 May 2023 14:55:03 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2eddd72b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/Logo-New-2.png.webp | 66.235.200.147 | 200 OK | 17 kB |
URL GET HTTP/2constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/Logo-New-2.png.webp IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash365659e2ee3dbbacb90695e65a432595 c842cf95aea83dc2fcc04c1e502afafa9cd69335 0178c88fb747b80c3faa02c63ddf3f56d6e578801cc0b050dc2b2802a1146522
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/webp-express/webp-images/uploads/2021/08/Logo-New-2.png.webp HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: image/webp
content-length: 16556
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c2edbd4db50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min.css?ver=8.4.5 | 66.235.200.147 | 200 OK | 5.4 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min.css?ver=8.4.5 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (16214) Hasha2431bc290cf34e330e11ec4cfce1247 32a53342901fef5f4f4dbb26a555e730f84437a4 c57e64fcb72bddafa9c38de574441c3e69ac6c961df96b0cad34da83658bd196
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min.css?ver=8.4.5 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 5361
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2ed9d26b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/popup-builder/public/js/PopupConfig.js?ver=4.2.7 | 66.235.200.147 | 200 OK | 1.9 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/popup-builder/public/js/PopupConfig.js?ver=4.2.7 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (2826) Hashc7a493f7e281b7a2c5fe182a44ba8367 11c971b79a4c8ea2dd1b6b4d7b33192275054f44 3fe8c79d67b21039a5d059ef40761950fb76e1d17933d61509f7eb3c68f5aeeb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/popup-builder/public/js/PopupConfig.js?ver=4.2.7 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 1922
last-modified: Tue, 20 Feb 2024 20:09:50 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edbd4ab50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/document-emberdder/dist/public.js?ver=1.8.6 | 66.235.200.147 | 200 OK | 367 B |
URL GET HTTP/2constantclients.cc/wp-content/plugins/document-emberdder/dist/public.js?ver=1.8.6 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (679), with no line terminators Hash08e2f72feea4e7869318e95199bb7d57 153ebed062f5d87ef13306b6bbe4ebf7f08bda0e b299df1915daab7dc0e6cf895daa21e9d85230335b52edbf6f993c93fae712ac
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/document-emberdder/dist/public.js?ver=1.8.6 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 367
last-modified: Sat, 09 Mar 2024 08:07:00 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edbd46b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/ubermenu/assets/js/ubermenu.min.js?ver=3.7.4 | 66.235.200.147 | 200 OK | 12 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/ubermenu/assets/js/ubermenu.min.js?ver=3.7.4 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (698) Hash273b37618af3db6db671d2d1c8f0d168 f4d735f4c27b110cc2499e03a8e4854ea7511641 58415d97eb0b5745ccfa6e5e2f996581ec39f6c4af80627d3dd3c06bc5977ca6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ubermenu/assets/js/ubermenu.min.js?ver=3.7.4 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 12333
last-modified: Sat, 27 May 2023 14:54:44 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2eded76b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/themes/mesmerize/assets/css/theme.bundle.min.css?ver=1.6.109 | 66.235.200.147 | 200 OK | 18 kB |
URL GET HTTP/2constantclients.cc/wp-content/themes/mesmerize/assets/css/theme.bundle.min.css?ver=1.6.109 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (34446) Hashbb0c62f3cc6d9060171af6f42e68c296 6809ceee753cf8c1dd823b4dc565bf232e0a52a5 4122023e5f7e22cd0d2dc7bb99cf441cb2ba32b7b3b1b6dbc6cf23e1afe7c699
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/mesmerize/assets/css/theme.bundle.min.css?ver=1.6.109 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 17766
last-modified: Sat, 27 May 2023 14:54:47 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2ed9d31b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/strong-testimonials/public/js/controller.min.js?ver=3.1.12 | 66.235.200.147 | 200 OK | 1.8 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/strong-testimonials/public/js/controller.min.js?ver=3.1.12 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (5154), with no line terminators Hash8be478d960c1631768caccadb401d3de 474ed4aed08c7bd6a520b0e62b0bb9bf8bb10267 23e87ea207c2004ed8cde1032e7e0419a52b0ede6848d7ecc0a68f5ceb3fb728
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/strong-testimonials/public/js/controller.min.js?ver=3.1.12 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 1753
last-modified: Fri, 22 Mar 2024 20:03:55 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2ee0d98b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/strong-testimonials/public/js/lib/readmore/readmore.min.js?ver=3.1.12 | 66.235.200.147 | 200 OK | 596 B |
URL GET HTTP/2constantclients.cc/wp-content/plugins/strong-testimonials/public/js/lib/readmore/readmore.min.js?ver=3.1.12 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (1567), with no line terminators Hashdc1043230b64324918212e00103a6218 76f877c39fea92ab78ff12c89defa3d8b6bc82db f6588d639bce56904c74e0cc06dcb91976a4d42b18be27afd2207c7c831a3cad
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/strong-testimonials/public/js/lib/readmore/readmore.min.js?ver=3.1.12 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 596
last-modified: Fri, 22 Mar 2024 20:03:55 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2ee0d99b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/menu-06-150x150.png.webp | 66.235.200.147 | 200 OK | 5.3 kB |
URL GET HTTP/2constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/menu-06-150x150.png.webp IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash4ffd1646ecdab1cd611bf69edd506086 72413c7466e6526282f25a99c434dc4b4129ca43 328ef997d7204c93f847ee19465dc054520ceae0cb92d82629a05ae1db170127
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/webp-express/webp-images/uploads/2021/08/menu-06-150x150.png.webp HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: image/webp
content-length: 5274
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c2edcd54b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 | 66.235.200.147 | 200 OK | 3.7 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (12198), with no line terminators Hash3819c3569da71daec283a75483735f7e ecd40a5cc6f0b76200c454ca880210dc301cfab8 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 3747
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2ee0d9eb50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/wp-pdf-generator/assets/js/es6-promise.auto.min.js?ver=1.2.3 | 66.235.200.147 | 200 OK | 2.7 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/wp-pdf-generator/assets/js/es6-promise.auto.min.js?ver=1.2.3 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (6601), with no line terminators Hash7850f75032813dc5c0e9eb75eba880bf 8e298e92961b97e21fce70a681992550f455b2de f2a14fbc03102e3f6139790da043b488e5d0c76b47c80f175a4ca6e4edddc6a3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/wp-pdf-generator/assets/js/es6-promise.auto.min.js?ver=1.2.3 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 2719
last-modified: Mon, 05 Jun 2023 08:06:04 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2eded7bb50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/menu-01-150x150.png.webp | 66.235.200.147 | 200 OK | 5.7 kB |
URL GET HTTP/2constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/menu-01-150x150.png.webp IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash9b484c028543cac0d4a89f8d2e91c0a9 a86917d94755622d2074b182b146a2040e3cd006 9f581de3fb14633e90e44fe419e8970f1e6eb93d3f43db5dd0b85eefc637d7f8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/webp-express/webp-images/uploads/2021/08/menu-01-150x150.png.webp HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: image/webp
content-length: 5718
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c2edcd55b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.28 | 66.235.200.147 | 200 OK | 12 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.28 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (1646) Hashb46c6c561749d353ded2332c13a5e8eb 4c5ad91ccb661a5e48f9c502c06b326878f4f715 6f708315ec1e5f14fcf831768764aad338d6507ac1e5f11c155c820487052544
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.28 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 11708
last-modified: Tue, 16 Apr 2024 20:09:04 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edcd5bb50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.21.0 | 66.235.200.147 | 200 OK | 2.3 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.21.0 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (4957) Hashd4611b146b41aa47d51076a0d3798082 6bb95b45dfc5379953c39fe6c56322350be95411 25ca7abf6b5b9becd0676818fde2d3b374badcff7867f95dbcbfebeac59a24c0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.21.0 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 2341
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2ee0d9ab50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18 | 66.235.200.147 | 200 OK | 1.6 kB |
URL GET HTTP/2constantclients.cc/wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (4272) Hash072d3f6e5c446f57d5c544f9931860e2 ee6aa3d65b474309376468b24bb6f829a4514809 2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 1589
last-modified: Tue, 02 Apr 2024 20:04:39 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edfd91b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/strong-testimonials/public/css/rating-display.css?ver=3.1.12 | 66.235.200.147 | 200 OK | 1.1 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/strong-testimonials/public/css/rating-display.css?ver=3.1.12 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
Hashe19642eec532b12a9638e63700ca0d54 9cff83f0f1c3efcd7bf2f97d3f3d8d0362d83174 3fab82fbed146cb073c78172db4a86d9eda3da79d385d97a425cd826d6bb084e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/strong-testimonials/public/css/rating-display.css?ver=3.1.12 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 1056
last-modified: Fri, 22 Mar 2024 20:03:55 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edcd61b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.21.0 | 66.235.200.147 | 200 OK | 3.0 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.21.0 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (10019) Hash4601ba55044413706c2022cb6c1c3d05 5103ec2fbb389568ebf5cfe4fd721f3df2ff7aec fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.21.0 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 2997
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edcd65b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/strong-testimonials/public/css/animate.min.css?ver=6.5.2 | 66.235.200.147 | 200 OK | 5.6 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/strong-testimonials/public/css/animate.min.css?ver=6.5.2 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (57790) Hashc78e4003414fbf2814dc097a5e1c784a de9d5645ef10c5362ec1f893bb83995594eadf99 1ed082521f47921ffff14d4ec1c6c3f1ea55114741bee23cc23d4ab6a3213642
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/strong-testimonials/public/css/animate.min.css?ver=6.5.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 5582
last-modified: Fri, 22 Mar 2024 20:03:55 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edcd64b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1 | 66.235.200.147 | 200 OK | 2.0 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hashe3317d55ad904d30ea400a2da2a56686 b998595f2c96f76ba65a808ac4029d66021195b4 ecac4fc801141ce552220be4bb12969e2ee625e2cf08cf0edbac579a279b28f1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 1987
last-modified: Mon, 25 Dec 2023 20:13:33 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edcd68b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/gabrielle-henderson-HJckKnwCXxQ-unsplash-1024x683.jpg.webp | 66.235.200.147 | 200 OK | 50 kB |
URL GET HTTP/2constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/gabrielle-henderson-HJckKnwCXxQ-unsplash-1024x683.jpg.webp IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1024x683, Scaling: [none]x[none], YUV color, decoders should clamp Hash9630779c0704b4842acf7ca959055124 40efbdd3a6ef2f2c15921f77bbd434daeeb0c3c5 004ff3426ed84301ffa4f8cda28982386f2162ea69d041391cdeef3c731fd8dd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/webp-express/webp-images/uploads/2021/08/gabrielle-henderson-HJckKnwCXxQ-unsplash-1024x683.jpg.webp HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: image/webp
content-length: 49708
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c2edcd58b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/uploads/2021/08/menu-02-150x150.png | 66.235.200.147 | 200 OK | 2.2 kB |
URL GET HTTP/2constantclients.cc/wp-content/uploads/2021/08/menu-02-150x150.png IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typePNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced Hashf8836a5ca15b4253bb3da24b40d74826 2c2ef93e4e3658d69ee5c5f08f15ba77f0050f3a b20b0cb7ea04a40b6ec1bd37b1567010ac1290b93e618698108429bd18c419f2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2021/08/menu-02-150x150.png HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: image/png
content-length: 2195
x-webp-convert-log: Serving original (it is smaller)
vary: Accept,Accept-Encoding
last-modified: Sat, 27 May 2023 14:54:54 GMT
cache-control: max-age=31536000
expires: Fri, 18 Apr 2025 04:02:48 GMT
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edcd56b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 | 66.235.200.147 | 200 OK | 3.0 kB |
URL GET HTTP/2constantclients.cc/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (8171), with no line terminators Hashdda652db133fddb9b80a05c6d1b5c540 60c8514c57a5db2980c4b046b0dd479bd427357b c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 2977
last-modified: Sat, 27 May 2023 14:55:03 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edfd8db50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-includes/js/underscore.min.js?ver=1.13.4 | 66.235.200.147 | 200 OK | 8.3 kB |
URL GET HTTP/2constantclients.cc/wp-includes/js/underscore.min.js?ver=1.13.4 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (18798) Hashf88d5720bb454ed5d204cbdb56901f6b f1952292fde4b15936e9aac16b2b9896684db95b 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 8305
last-modified: Sat, 27 May 2023 14:55:04 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edfd8ab50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/strong-testimonials/public/js/lib/actual/jquery-actual.min.js?ver=1.0.16 | 66.235.200.147 | 200 OK | 683 B |
URL GET HTTP/2constantclients.cc/wp-content/plugins/strong-testimonials/public/js/lib/actual/jquery-actual.min.js?ver=1.0.16 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hashcd156e40fd815ff532b6dd8dbb5ffaa1 74ac7fb54741055f249f4237b14ef20d0c7e60d0 93a90efcdb00f1a394d7c9e04fcdc9b7c3589d24ad20046dc4e25553a5672c34
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/strong-testimonials/public/js/lib/actual/jquery-actual.min.js?ver=1.0.16 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 683
last-modified: Fri, 22 Mar 2024 20:03:55 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2eded89b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6 | 66.235.200.147 | 200 OK | 3.9 kB |
URL GET HTTP/2constantclients.cc/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
Hasha8127c1a87bb4f99edbeec7c37311dcd 9997a1745f48bdd233dbe9bd8164daa53eba105b f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 3937
last-modified: Tue, 02 Apr 2024 20:04:39 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edfd95b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/menu-05-150x150.png.webp | 66.235.200.147 | 200 OK | 4.1 kB |
URL GET HTTP/2constantclients.cc/wp-content/webp-express/webp-images/uploads/2021/08/menu-05-150x150.png.webp IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash2e75fec5bf9c36e406ff0486160e10d0 272f81d765c86c1777d8a30f95b52e6950c54140 14a962fbf3930509f7035e9f2e1584a108586ecfe08ff2ea188a92c5af1b1d5d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/webp-express/webp-images/uploads/2021/08/menu-05-150x150.png.webp HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: image/webp
content-length: 4108
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c2edcd52b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/strong-testimonials/templates/simple/content.css?ver=3.1.12 | 66.235.200.147 | 200 OK | 1.7 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/strong-testimonials/templates/simple/content.css?ver=3.1.12 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
Hash287179058185b5be1e67111fd491578c 9312d120ff41751d4984f11007ce52f3b890a1f5 af187b40e5f20639aaf376e860774c52606fbbfbab325da83d87ff7e6a434e8e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/strong-testimonials/templates/simple/content.css?ver=3.1.12 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
content-length: 1726
last-modified: Fri, 22 Mar 2024 20:03:55 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edcd5db50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0 | 66.235.200.147 | 200 OK | 2.7 kB |
URL GET HTTP/2constantclients.cc/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (6625), with no line terminators Hashfd7ef2e4737acd74fd0dcdc3b515e304 0d792b33f12a48ee8aaaf2560a63a5682470645b 1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
content-length: 2746
last-modified: Tue, 07 Nov 2023 20:03:53 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edfd8eb50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/strong-testimonials/public/js/lib/verge/verge.min.js?ver=1.10.2 | 66.235.200.147 | 200 OK | 605 B |
URL GET HTTP/2constantclients.cc/wp-content/plugins/strong-testimonials/public/js/lib/verge/verge.min.js?ver=1.10.2 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1382), with no line terminators Hashd55b2094ba7726bfecc91dbd573aa096 8be6dfaf3a0044f920cc23f882bb5573b2f77b46 f24d6b3320defba731e6dd055dc838a98dbce7f64d1fff9eaacb501113d6b11a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/strong-testimonials/public/js/lib/verge/verge.min.js?ver=1.10.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: application/javascript
content-length: 605
last-modified: Fri, 22 Mar 2024 20:03:55 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edfd8bb50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 | 66.235.200.147 | 200 OK | 17 kB |
URL GET HTTP/2constantclients.cc/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (38582), with no line terminators Hash92f8c01350c630f414f5d0b015ad6864 eab40ab4e77f92f2fb17684aaf44b579a51b8034 17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: application/javascript
content-length: 16635
last-modified: Tue, 02 Apr 2024 20:04:39 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edfd8fb50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.21.0 | 66.235.200.147 | 200 OK | 16 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.21.0 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (39932) Hashe89cb5dd5e3b9e2abe2170cc33b94f3f c2b27aae073c0c6beab34f829b3b2615a2b0d56b ebd07e134eaa69ff679725da56a465facafc8a09c61ef8bf42ceead8f79f6562
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.21.0 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: application/javascript
content-length: 16119
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2ee1d9fb50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/ubermenu/pro/assets/css/skins/white.css?ver=6.5.2 | 66.235.200.147 | 200 OK | 808 B |
URL GET HTTP/2constantclients.cc/wp-content/plugins/ubermenu/pro/assets/css/skins/white.css?ver=6.5.2 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
Hash58311224f456f95332c7c1b360ab72b4 7854653d128ca318ab757bf62c1ede84261f12ea b37971ae4f66c84263ac0bd6541163c4ab5d1b82132610e727cdee5051b39481
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/ubermenu/pro/assets/css/skins/white.css?ver=6.5.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: text/css
content-length: 808
last-modified: Sat, 27 May 2023 14:54:44 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:49 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edad39b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/uploads/pum/pum-site-styles.css?generated=1710878638&ver=1.18.5 | 66.235.200.147 | 200 OK | 5.1 kB |
URL GET HTTP/2constantclients.cc/wp-content/uploads/pum/pum-site-styles.css?generated=1710878638&ver=1.18.5 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (7454), with CRLF, LF line terminators Hash63beb8f6214c4ea3b2ce5873fdd2688e 161298749ae6dd16d5ce225dbbb0275dd5506368 0571bed0897b2a51c345eb29b6c9cf935ff7b67e788cd20b3bbafd1e0524f14b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/pum/pum-site-styles.css?generated=1710878638&ver=1.18.5 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: text/css
content-length: 5105
last-modified: Tue, 19 Mar 2024 20:03:58 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:49 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edad34b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/strong-testimonials/public/js/lib/strongslider/jquery-strongslider.min.js?ver=3.1.12 | 66.235.200.147 | 200 OK | 8.5 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/strong-testimonials/public/js/lib/strongslider/jquery-strongslider.min.js?ver=3.1.12 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (24588), with no line terminators Hash1895c85b5b2e67091f05c6fab4aab057 9aaa6a3ce5add87efb65c183d0ad3af3eb96561b a7044cbdee5f47cb5450b0315e0efbb606b80db33aa39106d21237bd1e30da71
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/strong-testimonials/public/js/lib/strongslider/jquery-strongslider.min.js?ver=3.1.12 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: application/javascript
content-length: 8454
last-modified: Fri, 22 Mar 2024 20:03:55 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:49 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edfd97b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.9.15 | 66.235.200.147 | 200 OK | 4.0 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.9.15 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (10287), with no line terminators Hash8456ff924afc1c7b79f8e9c61d4edb50 69381f72090b4a2b76385dcbe86a5ce33a042820 bc9ce60ecd8ad81f4255baec05cee96d4a32f484f1cc6975e11ac87a5de667f2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.9.15 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: application/javascript
content-length: 4001
last-modified: Tue, 09 Apr 2024 12:13:51 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:49 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2eded78b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/wp-pdf-generator/assets/js/html2pdf.min.js?ver=1.2.3 | 66.235.200.147 | 200 OK | 4.8 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/wp-pdf-generator/assets/js/html2pdf.min.js?ver=1.2.3 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (12131), with CRLF line terminators Hash577ec05b87bab1bed79b597059a1fc5e 0e4178ee22cf1711c5ae7c5dfe9f6627152b4c76 660ddb72ebec44a4561b1a7ce4de9855fead2bed538e9350b878a2c2dcff49c4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/wp-pdf-generator/assets/js/html2pdf.min.js?ver=1.2.3 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: application/javascript
content-length: 4804
last-modified: Mon, 05 Jun 2023 08:06:04 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:49 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2eded88b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/gtm4wp-form-move-tracker.js?ver=1.20.2 | 66.235.200.147 | 200 OK | 313 B |
URL GET HTTP/2constantclients.cc/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/gtm4wp-form-move-tracker.js?ver=1.20.2 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1138), with no line terminators Hash416f52248a7f5b988d66f1ea80a196ce 06e2618030ffe16fe210c55bb60d42bb77d7b8c6 8b851243dfb01d421b9ad1b062622a23f230c32184a70c07b6e75908bf682961
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/duracelltomi-google-tag-manager/dist/js/gtm4wp-form-move-tracker.js?ver=1.20.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: application/javascript
content-length: 313
last-modified: Fri, 05 Apr 2024 14:04:35 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:49 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2eddd6db50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/uploads/2021/08/menu-04-150x150.png | 66.235.200.147 | 200 OK | 3.3 kB |
URL GET HTTP/2constantclients.cc/wp-content/uploads/2021/08/menu-04-150x150.png IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typePNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced Hashb22da683e8599d7f8c458a6b0146d678 a287c6e75a6bcad356eb7962dda80604818ff74d 39964261d7bd055965eb0c4eb3bcc8fd47322720c14ee1f96b900c7f52d46b1f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2021/08/menu-04-150x150.png HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: image/png
content-length: 3335
x-webp-convert-log: Serving original (it is smaller)
vary: Accept,Accept-Encoding
last-modified: Sat, 27 May 2023 14:54:54 GMT
cache-control: max-age=31536000
expires: Fri, 18 Apr 2025 04:02:49 GMT
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2edcd57b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.9.3 | 66.235.200.147 | 409 Conflict | 1.1 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.9.3 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
Hashef746bfab0907733b9c528c1cf0d5619 4637e566770852a0eda252bbb4cbb4ed0e4b6701 f45c6e6d503a3eb90f9f01d64de1bdb0eb0a1047bacad2733c88ea4477952742
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.9.3 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 409 Conflict
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/html; charset=iso-8859-1
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c2ed8d19b50c-OSL
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-KVRPFLS | 142.250.74.168 | 200 OK | 73 kB |
URL GET HTTP/2www.googletagmanager.com/gtm.js?id=GTM-KVRPFLS IP142.250.74.168:443
Requested byhttps://constantclients.cc/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5027) Hashdf2779effda08110e12b16cdb4a9cd3d febdafc101fd8d6accce1b71a494c6c4d1d30ecf 04046496829c8a1ed4e744108d8d33692084b4e5dfb1a5e4e71e543fab50f4f2
GET /gtm.js?id=GTM-KVRPFLS HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 04:02:49 GMT
expires: Thu, 18 Apr 2024 04:02:49 GMT
cache-control: private, max-age=900
last-modified: Thu, 18 Apr 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73326
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 | 66.235.200.147 | 200 OK | 78 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 78196, version 331.-31261 Hashe8a427e15cc502bef99cfd722b37ea98 a9922842a120a7f1eaced667480c5e185a106d69 d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: font/woff2
content-length: 78196
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:49 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c2f33814b50c-OSL
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.5.2 | 142.250.74.106 | 200 OK | 1.6 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.5.2 IP142.250.74.106:443
Requested byhttps://constantclients.cc/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hash9abeee4ec31e36147f43fdb381c6fd4c 01cef8eadcf8e0fa6bb0b78ef064794fb5dbff15 e8cc80be6c43744ad0fa84933313cc74406e594583a351ed53963e6dbc72fcf1
GET /css?family=Roboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.5.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 04:02:49 GMT
date: Thu, 18 Apr 2024 04:02:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf | 142.250.74.142 | 204 No Content | 0 B |
URL GET HTTP/2docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf IP142.250.74.142:443
Requested byhttps://constantclients.cc/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:02:49 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
content-security-policy: script-src 'nonce-ZHpP3UgMTjqrF6AFMAybPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
server: GSE
set-cookie: NID=513=Rr74cs8kNQ--RF8ahaDGmetVlXarGRfsts0YX4JOp-01Zpw-tlZi6DMPgjkqGoritnDSncCD3Jyia_IG2oJKF-bR2zcnEgC4IYUij9Pd1VeznjnRpyIeLgO2iZQll1-FuePDaWk3GoaEhq6kdG0UzF2um-8rA97SNxDSihy4eyU; expires=Fri, 18-Oct-2024 04:02:49 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 | 66.235.200.147 | 200 OK | 82 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 81612, version 1.0 Hashb4d6b90f14c0441aac364e194978408e 142696d43851c8eba0f54c7b94c5f6ebd09703e6 6b2680fab784d245cbb23d3b51e8d18740e8fc1c7c1c8eadcf0b2b7612125ff8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: font/woff2
content-length: 81612
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:49 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c2f40866b50c-OSL
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700%7CMuli%3A300%2C300italic%2C400%2C400italic%2C600%2C600italic%2C700%2C700italic%2C900%2C900italic%7CPlayfair+Display%3A400%2C400italic%2C700%2C700italic&subset=latin%2Clatin-ext&display=swap | 142.250.74.106 | 200 OK | 8.0 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700%7CMuli%3A300%2C300italic%2C400%2C400italic%2C600%2C600italic%2C700%2C700italic%2C900%2C900italic%7CPlayfair+Display%3A400%2C400italic%2C700%2C700italic&subset=latin%2Clatin-ext&display=swap IP142.250.74.106:443
Requested byhttps://constantclients.cc/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (9732) Hashc2027c67d573a603f8dc491d99dd887c 26e5e5240ad7e734504cbbd2dfa21bc06c98d167 2e3435f9ed753ad662892490333258c5215d8f86601d65c23cf34241ef2e5793
GET /css?family=Open+Sans%3A300%2C400%2C600%2C700%7CMuli%3A300%2C300italic%2C400%2C400italic%2C600%2C600italic%2C700%2C700italic%2C900%2C900italic%7CPlayfair+Display%3A400%2C400italic%2C700%2C700italic&subset=latin%2Clatin-ext&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 04:02:49 GMT
date: Thu, 18 Apr 2024 04:02:49 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.3 | 66.235.200.147 | 409 Conflict | 554 B |
URL GET HTTP/2constantclients.cc/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.3 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
Hash4c1d5e6f8562bc8a4a3d36057613c28b c28c718714a52f21847636921087d8d5e1e756c3 21cf605a18d93ba02be81f60c6bb11157ba584dce550ac668791ae20997ddcb0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.3 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 409 Conflict
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: text/html; charset=iso-8859-1
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c2f3882db50c-OSL
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://constantclients.cc/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://constantclients.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 5269
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://constantclients.cc/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://constantclients.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 5269
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP216.58.207.227:443
Requested byhttps://constantclients.cc/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15920, version 1.0 Hash3a44e06eb954b96aa043227f3534189d 23cef6993ddb2b2979e8e7647fc3763694e2ba7d b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://constantclients.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 13:20:56 GMT
expires: Fri, 11 Apr 2025 13:20:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 571313
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2 | 216.58.207.227 | 200 OK | 33 kB |
URL GET HTTP/2fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2 IP216.58.207.227:443
Requested byhttps://constantclients.cc/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 32796, version 1.0 Hashb2a264e3e87b58b54b76483238805a40 169d6f17c82024fe0cfc2d19884a14dae2ec0bdb f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929
GET /s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://constantclients.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32796
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 19:23:26 GMT
expires: Wed, 16 Apr 2025 19:23:26 GMT
cache-control: public, max-age=31536000
age: 117563
last-modified: Wed, 13 Sep 2023 22:41:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://constantclients.cc/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15752, version 1.0 Hashb20371a6daf29d4a1f2e85dbbf40fb20 0355a01c1ccb45cb728e7e07c41c8ebf456f70bb 7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://constantclients.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 13:20:59 GMT
expires: Fri, 11 Apr 2025 13:20:59 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
age: 571310
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://constantclients.cc/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://constantclients.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:27:38 GMT
expires: Wed, 16 Apr 2025 16:27:38 GMT
cache-control: public, max-age=31536000
age: 128111
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://constantclients.cc/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://constantclients.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 01:54:31 GMT
expires: Wed, 16 Apr 2025 01:54:31 GMT
cache-control: public, max-age=31536000
age: 180498
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-MR4VREK4MN&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 92 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-MR4VREK4MN&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://constantclients.cc/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (3034) Hash78c44ae8ec0a664b8ed0da63f5f2b2fd 43eb78a31d18d6088c330c1ef59cba3094706ba2 aa36340f225d333fe026208d7e5ed596ab5e222d00ee1331928b17905e9b802f
GET /gtag/js?id=G-MR4VREK4MN&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 04:02:49 GMT
expires: Thu, 18 Apr 2024 04:02:49 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 92497
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| static.addtoany.com/menu/sm.25.html | 172.67.39.148 | | 883 B |
URL static.addtoany.com/menu/sm.25.html IP172.67.39.148:0
File typeHTML document, ASCII text, with very long lines (624) Hash41b7ed0cbe240173eea85148fcba633e 39acd5fe099974486a1c9ba11ba0fe7be6bc97ca 274d4116239b63097bb7c16e56e27cbb5a77be20392fb8e2317c0a0235185cad
GET /menu/sm.25.html HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XqYdf3zT6f5djRXIIJwMp9CmOr869HlwkvaSLOezMHs8bCNXKhchHrxUkAX8VobSQtGTx9av1ds6j%2BrAMbeIHt6gjCWQ%2F0%2FDDuSz%2BYQMTMfH9cMBRVSXt9wfmQ0xD6qcBrOg5iLUMVJymypfmtsURYC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 6912
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8761c2f4180b5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| constantclients.cc/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.3 | 66.235.200.147 | 409 Conflict | 92 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.3 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
Hashf359d0b10381931f9bd96cc5f7b165e5 3661b47d14eb0004cedf97684d518cb3b72b6cc7 aeef46976954cd593e5dd428c811e72d4646fda919ec456d1059aa1d9dab2bf6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.3 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 409 Conflict
date: Thu, 18 Apr 2024 04:02:50 GMT
content-type: text/html; charset=iso-8859-1
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c2f6998bb50c-OSL
X-Firefox-Spdy: h2
|
|
| f.vimeocdn.com/p/4.29.7/css/player.css | 151.101.246.109 | 200 OK | 22 kB |
URL GET HTTP/2f.vimeocdn.com/p/4.29.7/css/player.css IP151.101.246.109:443
Requested byhttps://player.vimeo.com/video/662404108?h=24abf7b0dc&dnt=1&app_id=122963 CertificateIssuerGlobalSign nv-sa Subject*.vimeocdn.com Fingerprint4F:12:C8:71:F2:3F:56:5B:F7:BB:3A:38:F1:B9:76:36:96:18:43:07 ValidityWed, 22 Nov 2023 22:50:09 GMT - Mon, 23 Dec 2024 22:50:08 GMT
File typeASCII text, with very long lines (65495) Hash2e4a9443fd858c2ffd20da076d4b266d a47f270e29164f38b31e0262808b7ddf0211a584 c548b66fb01afbc6b8dd54081e76f284dd6daaa12e4a5e8e331c9299bc10c87e
GET /p/4.29.7/css/player.css HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 18 Apr 2024 04:02:50 GMT
age: 34749
x-served-by: cache-iad-kjyo7100091-IAD, cache-hel1410023-HEL
x-cache: HIT, HIT
x-cache-hits: 61, 13613
x-timer: S1713412970.316035,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 21772
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/uploads/2021/08/rodeo-project-management-software-ONe-snuCaqQ-unsplash.jpg | 66.235.200.147 | 200 OK | 578 kB |
URL GET HTTP/2constantclients.cc/wp-content/uploads/2021/08/rodeo-project-management-software-ONe-snuCaqQ-unsplash.jpg IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1280, Scaling: [none]x[none], YUV color, decoders should clamp Size578 kB (577454 bytes) Hash2be2e4d6550596910e08590fefa8e7d8 213581af3fb10272cb11a0600221951c2090834a d6b38eb1dd8fe214bd1ce77eb57392a6d8f5a0c1d5fc172046f922ed7a21f762
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2021/08/rodeo-project-management-software-ONe-snuCaqQ-unsplash.jpg HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/wp-content/uploads/elementor/css/post-999.css?ver=1708890611
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: image/webp
x-webp-convert-log: Serving converted file
vary: Accept,Accept-Encoding
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:49 GMT
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
server: cloudflare
cf-ray: 8761c2f38831b50c-OSL
X-Firefox-Spdy: h2
|
|
| apis.google.com/js/client.js | 142.250.74.110 | 200 OK | 5.9 kB |
URL GET HTTP/2apis.google.com/js/client.js IP142.250.74.110:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.apis.google.com FingerprintE3:82:77:FB:12:E7:1E:09:41:8D:12:01:82:E8:DB:CC:47:EB:3F:57 ValidityMon, 04 Mar 2024 07:19:24 GMT - Mon, 27 May 2024 07:19:23 GMT
File typeJavaScript source, ASCII text, with very long lines (2054) Hash956abd1c4d33686ed078e1fc2a208e70 adf181b4ffe9f884d1523a9e9055b3c975c22c2f 7ad5b3ae2e3d70b78dcb34e7809635ab483d6f56f8bb224c1660c2385a3157a9
GET /js/client.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 5905
date: Thu, 18 Apr 2024 04:02:50 GMT
expires: Thu, 18 Apr 2024 04:02:50 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "3c0b77da4dd83ef7"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| f.vimeocdn.com/p/4.29.7/js/player.module.js | 151.101.246.109 | 200 OK | 141 kB |
URL GET HTTP/2f.vimeocdn.com/p/4.29.7/js/player.module.js IP151.101.246.109:443
Requested byhttps://player.vimeo.com/video/662404108?h=24abf7b0dc&dnt=1&app_id=122963 CertificateIssuerGlobalSign nv-sa Subject*.vimeocdn.com Fingerprint4F:12:C8:71:F2:3F:56:5B:F7:BB:3A:38:F1:B9:76:36:96:18:43:07 ValidityWed, 22 Nov 2023 22:50:09 GMT - Mon, 23 Dec 2024 22:50:08 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65447) Size141 kB (141256 bytes) Hash2296fb574aa5763e0de8d692aacc8fc9 bfd743aa1ef5d70b43f5a06c6d71245117c3cbbe da286f7ddc94da3f6fd6453fd5b05d463e31e9f3a64d8eb1caf44f36627a12c0
GET /p/4.29.7/js/player.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
DNT: 1
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 18 Apr 2024 04:02:50 GMT
age: 34749
x-served-by: cache-iad-kcgs7200104-IAD, cache-hel1410034-HEL
x-cache: HIT, HIT
x-cache-hits: 58, 13512
x-timer: S1713412970.411951,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 141256
X-Firefox-Spdy: h2
|
|
| i.vimeocdn.com/video/1340250125-d9bf020c04ff83b092ef1d6187adecc9c70cde2a8aee65e3beaec1286637401c-d?mw=80&q=85 | 151.101.128.217 | 200 OK | 1.9 kB |
URL GET HTTP/2i.vimeocdn.com/video/1340250125-d9bf020c04ff83b092ef1d6187adecc9c70cde2a8aee65e3beaec1286637401c-d?mw=80&q=85 IP151.101.128.217:443
Requested byhttps://player.vimeo.com/video/662404108?h=24abf7b0dc&dnt=1&app_id=122963 CertificateIssuerGlobalSign nv-sa Subject*.vimeo.com FingerprintB1:D1:17:3D:08:07:A6:93:99:18:AC:B6:E9:C5:BC:F9:01:9F:32:9F ValidityThu, 19 Oct 2023 18:39:17 GMT - Tue, 19 Nov 2024 18:39:16 GMT
Hash495da0573fa0c5f6ca053ebd8f7a5677 6320f5c3a15589005981eaadc0b1bec609844e0d 4722f83c07d7e96a439825af0d61982ae6dab1922800a7aa13da1007d65a9aaf
GET /video/1340250125-d9bf020c04ff83b092ef1d6187adecc9c70cde2a8aee65e3beaec1286637401c-d?mw=80&q=85 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/avif
etag: "495da0573fa0c5f6ca053ebd8f7a5677"
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-glb-prod
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Thu, 18 Apr 2024 04:02:50 GMT
age: 993060
x-served-by: cache-dfw-kdfw8210048-DFW, cache-hel1410026-HEL
x-cache: miss, HIT, MISS
x-cache-hits: 47, 0
x-timer: S1713412970.413423,VS0,VE134
vary: Accept
content-length: 1858
X-Firefox-Spdy: h2
|
|
| docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf | 142.250.74.142 | 200 OK | 0 B |
URL GET HTTP/3docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf IP142.250.74.142:443
Requested byhttps://constantclients.cc/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:02:50 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
content-security-policy: script-src 'nonce--IIAmoIuxYBW0-O-jsirYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
server: GSE
set-cookie: NID=513=aKiKvQuKLbPEuEzxKrMkEBE5br7MqAemDCUTZjHlohCOSMrW2ebvb-2QIb9rFJGvVyTjSDNFMqYjobxsF62k4ODBc4OYd09inXO7WLvtqsDajdyEuDCm3lanwuMBTW06wL167nikpY3tB1TJVFYerKqClfKlOFzguXqpFudc5_4; expires=Fri, 18-Oct-2024 04:02:50 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs | 142.250.74.110 | 200 OK | 111 kB |
URL GET HTTP/3apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs IP142.250.74.110:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJavaScript source, ASCII text, with very long lines (2124) Size111 kB (111004 bytes) Hash9d8cace6dabbc78e36c4aba49c7125b1 797a2f633272abdbf1d88054fbfb3f42adc1415f a4667786f4a20672e060bb8511e66d795c74b5cf705cd316f898cd2de4f68b43
GET /_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 111004
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:06:23 GMT
expires: Fri, 11 Apr 2025 17:06:23 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 31 Mar 2024 15:20:31 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 557787
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/feedback/js/help/prod/service/lazy.min.js | 142.250.74.35 | 200 OK | 37 kB |
URL GET HTTP/3www.gstatic.com/feedback/js/help/prod/service/lazy.min.js IP142.250.74.35:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (3383) Hash4d95791a35ae95bd11b6f6d7e880ff93 23f70202a367d2b280f2560bbec29b1c9eee5e66 15ce60ae9fdb72f42e3c0baf6010b4b1c55cb5f80f22e430d21bfc1d6886ec7a
GET /feedback/js/help/prod/service/lazy.min.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="product-feedback-gathering"
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-length: 36935
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 03:57:37 GMT
expires: Thu, 18 Apr 2024 04:47:37 GMT
cache-control: public, max-age=3000
last-modified: Tue, 16 Apr 2024 14:54:38 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 313
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| f.vimeocdn.com/p/4.29.7/js/vendor.module.js | 151.101.246.109 | 200 OK | 104 kB |
URL GET HTTP/2f.vimeocdn.com/p/4.29.7/js/vendor.module.js IP151.101.246.109:443
Requested byhttps://player.vimeo.com/video/662404108?h=24abf7b0dc&dnt=1&app_id=122963 CertificateIssuerGlobalSign nv-sa Subject*.vimeocdn.com Fingerprint4F:12:C8:71:F2:3F:56:5B:F7:BB:3A:38:F1:B9:76:36:96:18:43:07 ValidityWed, 22 Nov 2023 22:50:09 GMT - Mon, 23 Dec 2024 22:50:08 GMT
File typeJavaScript source, ASCII text, with very long lines (65457) Size104 kB (103578 bytes) Hashdaaf0cef21d261fdb059dc53a1e7b610 144556c0102d239542a6ff66e18af23ef8833b3a 4cc5fdc2315043b6059e25fc11d246e71c17049221d468bfb1b17852e53d9311
GET /p/4.29.7/js/vendor.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
DNT: 1
Connection: keep-alive
Referer: https://f.vimeocdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 18 Apr 2024 04:02:51 GMT
age: 34750
x-served-by: cache-iad-kiad7000097-IAD, cache-hel1410034-HEL
x-cache: HIT, HIT
x-cache-hits: 62, 14396
x-timer: S1713412971.003488,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 103578
X-Firefox-Spdy: h2
|
|
| drive.google.com/auth_warmup | 142.250.74.46 | 200 OK | 0 B |
URL GET HTTP/2drive.google.com/auth_warmup IP142.250.74.46:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /auth_warmup HTTP/1.1
Host: drive.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:02:51 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000
content-security-policy: script-src 'nonce-F_JfTJ50TBxZcxcvzENjbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveOsidBootstrap/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport
cross-origin-resource-policy: same-site
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints: default="/_/DriveOsidBootstrap/web-reports?context=eJzjEtDikmJw1ZBicEqfwRoCxELcHK-3NW1kEzhw8RQjAGinCPk"
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=513=AEoVIoKU5w68QbDxq3Nl8w9O90Em-fMYnnDGnSu0pHRRMBug88c0GgV7dMvllH0FXEdHWFmd7ck5rkbHKu6X0yoSCGCPXZmdGTR8dso6F2LFzjuWp2ilzTTZWpiU8j65qWmTxuBurVAZ3ydXf33wGSHHkkkjkEqAp_k6SDd8054; expires=Fri, 18-Oct-2024 04:02:50 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 | 66.235.200.147 | 200 OK | 5.4 kB |
URL GET HTTP/2constantclients.cc/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (15752) Hashb976b651932bfd25b9ddb5b7693d88a7 7fcb7cb5c11227f9213b1e08a07d0212209e1432 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000; _ga_MR4VREK4MN=GS1.1.1713412970.1.0.1713412970.0.0.1500175129; _ga=GA1.1.1651928891.1713412970
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:51 GMT
content-type: application/javascript
content-length: 5365
last-modified: Tue, 02 Apr 2024 20:04:39 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:50 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2fbdbb4b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js | 66.235.200.147 | 200 OK | 672 B |
URL GET HTTP/2constantclients.cc/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1320) Hashb667dbc895223efab2d7cd4b524d83d6 b60bdf5d62426ce539da53ed135baeb6fa3ea975 96b8cb5f676cdf0fccb5a1002bb23b854477d8ade4f71b2e6438bd7bbcee2a86
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000; _ga_MR4VREK4MN=GS1.1.1713412970.1.0.1713412970.0.0.1500175129; _ga=GA1.1.1651928891.1713412970
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:51 GMT
content-type: application/javascript
content-length: 672
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:51 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c2fc7bf1b50c-OSL
X-Firefox-Spdy: h2
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.174 | 200 OK | 0 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.174:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://docs.google.com/
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://docs.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 18 Apr 2024 04:02:51 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__ | 142.250.74.106 | | 272 B |
URL content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__ IP142.250.74.106:0
File typeHTML document, ASCII text Hash36a9f31dd9a19d96a94440f2967440b3 f6a29641a8def28b936babc188511243cc6399ed 95ff3e0738cb5ed9bffeb8ff87c7cfe38e48b2df3164e1fe21a34e5d95f137cb
GET /static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__ HTTP/1.1
Host: content.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce-gOoAJoVTXG5WCnFdA-SXVw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none', require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apiserving"
report-to: {"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
content-length: 272
date: Thu, 18 Apr 2024 04:02:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Tue, 12 Mar 2024 05:08:00 GMT
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp; report-to="apiserving"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| ssl.gstatic.com/docs/common/viewer/v3/v-sprite56.svg | 142.250.74.35 | 200 OK | 50 kB |
URL GET HTTP/3ssl.gstatic.com/docs/common/viewer/v3/v-sprite56.svg IP142.250.74.35:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeSVG Scalable Vector Graphics image Hashba7ab7044d6c6c0240c3917858948cff 3b840b104cb3d74d5a35fbd193aca32d27815d3e 0189f7c6ed35a7be5e51a30366fbc54c9c9e27d2511db44895d85a1458f83ab5
GET /docs/common/viewer/v3/v-sprite56.svg HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-length: 50079
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 15:15:27 GMT
expires: Tue, 15 Apr 2025 15:15:27 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 15 Feb 2024 22:18:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
age: 218844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.174 | 200 OK | 0 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.174:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://docs.google.com/
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://docs.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 18 Apr 2024 04:02:51 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment.min.js | 104.17.24.14 | 200 OK | 16 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment.min.js IP104.17.24.14:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (53324), with no line terminators Hash761502841c035afcf6a9bdc5d0a20d11 69ab16ba8ca68431ab59eff286c7ed1e520bca30 e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
GET /ajax/libs/moment.js/2.24.0/moment.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 15508
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f26-d04c"
last-modified: Mon, 04 May 2020 16:13:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 207601
expires: Tue, 08 Apr 2025 04:02:51 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QfBvAeMZlNNuyikdoDrd71Tr3O%2Bk8qh%2BNNG4l6Qisak6kyvX7XAJaEsTnaVoDIoaw5CV7%2BKWG1B%2Be04vWQSQn1msT%2B6DtZrYSBFbR6jctdw82Nk4EcEvTeMtHKOoeDrzPsS0dgJi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8761c2fecdceb529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| app.convertobot.com/lib/js/gadget.js | 172.67.145.237 | 200 OK | 53 kB |
URL GET HTTP/2app.convertobot.com/lib/js/gadget.js IP172.67.145.237:443
Requested byhttps://constantclients.cc/ CertificateIssuerLet's Encrypt Subjectconvertobot.com Fingerprint75:4A:AB:25:C4:5D:F0:14:F8:9C:B1:AB:06:28:B8:D5:14:30:1C:2D ValidityFri, 29 Mar 2024 19:38:25 GMT - Thu, 27 Jun 2024 19:38:24 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashfe3938884e828e2e2f763dc2f3f48654 5d7ecc34d66ae825b73239787566d4489cf090fd 93aa19cadefec400f99ebdc750dc93b20bc48a2c6f50ac36521120d6fc52c7f2
GET /lib/js/gadget.js HTTP/1.1
Host: app.convertobot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:50 GMT
content-type: application/javascript
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=125107
expires: Wed, 24 Apr 2024 07:23:07 GMT
last-modified: Tue, 03 May 2022 05:42:33 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 2061583
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PMgsl0R8xaOuJZ5aX9mEtYhLEhbT2ryxTOCM5tqYa%2F4nfrH6%2B%2BhPghzPKiI4Vx2T%2FYb7QTAaNQyskQAXdY%2BqhjfFW5y%2FdjK5C3gv1ZvJ1uciJlUWvuGP20NZ92rt2IRgXNNNy%2FQ7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8761c2fc08f5712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.174 | 200 OK | 131 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.174:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 887
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://docs.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 18 Apr 2024 04:02:51 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.174 | 200 OK | 131 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.174:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 2842
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://docs.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 18 Apr 2024 04:02:51 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| i.vimeocdn.com/video/1340250125-d9bf020c04ff83b092ef1d6187adecc9c70cde2a8aee65e3beaec1286637401c-d | 151.101.128.217 | 200 OK | 120 kB |
URL GET HTTP/2i.vimeocdn.com/video/1340250125-d9bf020c04ff83b092ef1d6187adecc9c70cde2a8aee65e3beaec1286637401c-d IP151.101.128.217:443
Requested byhttps://player.vimeo.com/video/662404108?h=24abf7b0dc&dnt=1&app_id=122963 CertificateIssuerGlobalSign nv-sa Subject*.vimeo.com FingerprintB1:D1:17:3D:08:07:A6:93:99:18:AC:B6:E9:C5:BC:F9:01:9F:32:9F ValidityThu, 19 Oct 2023 18:39:17 GMT - Tue, 19 Nov 2024 18:39:16 GMT
Size120 kB (120021 bytes) Hash0e8d537171164d7c4f039f86ff8a1f63 899a7fb43fcea3ea10840f98cb097a5f770eaf76 00533374d7b8f15e4bfa017685e5a147fe68862d1387d4831bde2ce1b4fbe4b1
GET /video/1340250125-d9bf020c04ff83b092ef1d6187adecc9c70cde2a8aee65e3beaec1286637401c-d HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=2592000
content-type: image/avif
etag: "0e8d537171164d7c4f039f86ff8a1f63"
x-viewmaster-lossless-format: automatic
via: 1.1 google, 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Thu, 18 Apr 2024 04:02:51 GMT
age: 974923
x-served-by: cache-dfw-kdal2120100-DFW, cache-hel1410026-HEL
x-cache: HIT, MISS
x-cache-hits: 38, 0
x-timer: S1713412971.236913,VS0,VE141
vary: Accept
content-length: 120021
X-Firefox-Spdy: h2
|
|
| apis.google.com/js/client.js | 142.250.74.110 | 200 OK | 5.9 kB |
URL GET HTTP/2apis.google.com/js/client.js IP142.250.74.110:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.apis.google.com FingerprintE3:82:77:FB:12:E7:1E:09:41:8D:12:01:82:E8:DB:CC:47:EB:3F:57 ValidityMon, 04 Mar 2024 07:19:24 GMT - Mon, 27 May 2024 07:19:23 GMT
File typeJavaScript source, ASCII text, with very long lines (2054) Hash956abd1c4d33686ed078e1fc2a208e70 adf181b4ffe9f884d1523a9e9055b3c975c22c2f 7ad5b3ae2e3d70b78dcb34e7809635ab483d6f56f8bb224c1660c2385a3157a9
GET /js/client.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 5905
date: Thu, 18 Apr 2024 04:02:51 GMT
expires: Thu, 18 Apr 2024 04:02:51 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "3c0b77da4dd83ef7"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| apis.google.com/js/googleapis.proxy.js?onload=startup | 142.250.74.110 | 200 OK | 5.9 kB |
URL GET HTTP/3apis.google.com/js/googleapis.proxy.js?onload=startup IP142.250.74.110:443
Requested byhttps://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__#parent=https%3A%2F%2Fdocs.google.com&rpctoken=304627719 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJavaScript source, ASCII text, with very long lines (2054) Hash7f93e0458ef1a4a7db3a3c75ef5c8f26 56f6636f85494d2dbb878e5214b95c12f71ba567 c2e9943fb0b73a7d2c5e3f3f4c076367903a0fe813bf652d7ee9af81eb150afc
GET /js/googleapis.proxy.js?onload=startup HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://content.googleapis.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 5906
date: Thu, 18 Apr 2024 04:02:51 GMT
expires: Thu, 18 Apr 2024 04:02:51 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "6a1d8767de9e733b"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.khNBx8_Cbh4.L.F4.O/am=wA/d=0/rs=AC2dHMIvFHbG72CWiW98wYQsYhImXrAZeQ | 142.250.74.35 | 200 OK | 92 kB |
URL GET HTTP/3www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.khNBx8_Cbh4.L.F4.O/am=wA/d=0/rs=AC2dHMIvFHbG72CWiW98wYQsYhImXrAZeQ IP142.250.74.35:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash51bd712308407b2de2b907d0016c01ec c37d535a2198523f78b950c55150de00c61aa011 3259a90d2810b5baa5d4a5d97ceb3fa2d9e83604b1a2d72f5033c0c940be8b72
GET /_/apps-viewer/_/ss/k=apps-viewer.standalone.khNBx8_Cbh4.L.F4.O/am=wA/d=0/rs=AC2dHMIvFHbG72CWiW98wYQsYhImXrAZeQ HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-length: 91670
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 19:18:22 GMT
expires: Thu, 17 Apr 2025 19:18:22 GMT
cache-control: public, max-age=31536000
age: 31469
last-modified: Thu, 04 Apr 2024 07:01:39 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| constantclients.cc/wp-content/uploads/2021/09/gif-nathan-one-small.gif | 66.235.200.147 | 200 OK | 26 MB |
URL GET HTTP/2constantclients.cc/wp-content/uploads/2021/09/gif-nathan-one-small.gif IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeGIF image data, version 89a, 800 x 450 Size26 MB (25826397 bytes) Hashff9cbf550acbe064120cf44e878439c3 4b204427b01975d64999eb3759c5f171d176843a 8dedb3ac31f717a8a2b426479e0840d76c418b13ca6beb2a314d43b52ba197fc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2021/09/gif-nathan-one-small.gif HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/wp-content/uploads/elementor/css/post-999.css?ver=1708890611
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: image/gif
content-length: 25826397
last-modified: Sat, 27 May 2023 14:54:55 GMT
cache-control: max-age=31536000
expires: Fri, 18 Apr 2025 04:02:49 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c2f3b845b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/uploads/2021/08/cropped-icon-01-192x192.png | 66.235.200.147 | 200 OK | 9.9 kB |
URL GET HTTP/2constantclients.cc/wp-content/uploads/2021/08/cropped-icon-01-192x192.png IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashe8a5b5a146bd8e4ffdc0a8c5bbb7adf5 c58b5cee35352bf22613c15cf10ceb36b9bc0b52 75cb6d31cc1ecad7a66b631b88bb4f66450ab3bfa8e87115a7ade2ff8e828be7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2021/08/cropped-icon-01-192x192.png HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000; _ga_MR4VREK4MN=GS1.1.1713412970.1.0.1713412970.0.0.1500175129; _ga=GA1.1.1651928891.1713412970
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:51 GMT
content-type: image/webp
content-length: 9853
x-webp-convert-log: Serving converted file
vary: Accept,Accept-Encoding
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:51 GMT
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c3002d32b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/uploads/2021/08/cropped-icon-01-32x32.png | 66.235.200.147 | 200 OK | 1.1 kB |
URL GET HTTP/2constantclients.cc/wp-content/uploads/2021/08/cropped-icon-01-32x32.png IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash8c7b026aec5b1315fee8fd74a60ff598 b30b3d3a9bb3dd916d855d6ae615ffeae5e9bf62 e43810348920bf7d26653e32727554d60ea1ce7b6acf6db3e56f69a0e314e9e0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2021/08/cropped-icon-01-32x32.png HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000; _ga_MR4VREK4MN=GS1.1.1713412970.1.0.1713412970.0.0.1500175129; _ga=GA1.1.1651928891.1713412970
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:51 GMT
content-type: image/webp
content-length: 1059
x-webp-convert-log: Serving converted file
vary: Accept,Accept-Encoding
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:51 GMT
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8761c3002d33b50c-OSL
X-Firefox-Spdy: h2
|
|
| apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs | 142.250.74.110 | 200 OK | 28 kB |
URL GET HTTP/3apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs IP142.250.74.110:443
Requested byhttps://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__#parent=https%3A%2F%2Fdocs.google.com&rpctoken=304627719 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJavaScript source, ASCII text, with very long lines (2124) Hash2756c7839e34e1bfd27282c872153e6b 4f4f889d37f2b2ce157c740b4fcc5cf431f887a5 ae27d17adcefa0111d96a7504de7fef12bcf3167ab70dc3acab6d6e32c9bef3a
GET /_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://content.googleapis.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 28126
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:07:48 GMT
expires: Fri, 11 Apr 2025 17:07:48 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 31 Mar 2024 15:20:31 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 557714
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.174 | 200 OK | 0 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.174:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://docs.google.com/
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://docs.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 18 Apr 2024 04:03:02 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.174 | 200 OK | 131 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.174:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 1387
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 18 Apr 2024 04:03:02 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs | 142.250.74.110 | 200 OK | 111 kB |
URL GET HTTP/3apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs IP142.250.74.110:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJavaScript source, ASCII text, with very long lines (2124) Size111 kB (111004 bytes) Hash9d8cace6dabbc78e36c4aba49c7125b1 797a2f633272abdbf1d88054fbfb3f42adc1415f a4667786f4a20672e060bb8511e66d795c74b5cf705cd316f898cd2de4f68b43
GET /_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 111004
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:06:23 GMT
expires: Fri, 11 Apr 2025 17:06:23 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 31 Mar 2024 15:20:31 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 557799
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.174 | 200 OK | 0 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.174:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://docs.google.com/
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 18 Apr 2024 04:03:02 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.174 | 200 OK | 131 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.174:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 2065
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 18 Apr 2024 04:03:02 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json | 142.250.74.106 | 204 No Content | 0 B |
URL POST HTTP/3content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json IP142.250.74.106:443
Requested byhttps://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__#parent=https%3A%2F%2Fdocs.google.com&rpctoken=304627719 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json HTTP/1.1
Host: content.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-ClientDetails: appVersion=5.0%20(X11)&platform=Linux%20x86_64&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0
Content-Type: application/json
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Origin: https://docs.google.com
X-Referer: https://docs.google.com
X-Goog-Encode-Response-If-Executable: base64
Content-Length: 873
Origin: https://content.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
date: Thu, 18 Apr 2024 04:03:02 GMT
vary: Origin, X-Origin
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json | 142.250.74.106 | 204 No Content | 0 B |
URL POST HTTP/3content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json IP142.250.74.106:443
Requested byhttps://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__#parent=https%3A%2F%2Fdocs.google.com&rpctoken=304627719 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json HTTP/1.1
Host: content.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-ClientDetails: appVersion=5.0%20(X11)&platform=Linux%20x86_64&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0
Content-Type: application/json
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Origin: https://docs.google.com
X-Referer: https://docs.google.com
X-Goog-Encode-Response-If-Executable: base64
Content-Length: 715
Origin: https://content.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin, X-Origin
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Thu, 18 Apr 2024 04:03:02 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.174 | 200 OK | 0 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.174:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://docs.google.com/
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 18 Apr 2024 04:03:03 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| docs.google.com/viewerng/presspage?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=0 | 142.250.74.142 | 200 OK | 1.0 kB |
URL GET HTTP/2docs.google.com/viewerng/presspage?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=0 IP142.250.74.142:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
File typeUnicode text, UTF-8 text, with very long lines (2560) Hashb99076d7f34c8235d3b6865dd60c53fc d4ae4c51d94683e03b7b69282067e64eeabd43a5 5ebdf0d689e628401c9916ec785778ed83eb4fc8c03bacd53b5edbdfeb70fa57
GET /viewerng/presspage?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=0 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
Alt-Used: 0
HTTP/2 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:02 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-zpWsDl-gCa-XkE9-xCNZtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=niAwwz0fzQ9A0cMBgY3GEKBbtv4wSXh8O9mInQa7En1aVG0Cvr5PYpbBM2uaQvqE-nVj9hnFOjk-kef0WqTovq1hh0JgfvuLnQe9mJsQXMOWO7Otk408H5lxYQS-heVpsgbTBdpQsS-0yMXciYJPbOSyEWmXlQy5AWShunWgeQs; expires=Fri, 18-Oct-2024 04:03:02 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
X-Firefox-Early-Data: sent
|
|
| docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf | 142.250.74.142 | 200 OK | 0 B |
URL GET HTTP/3docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf IP142.250.74.142:443
Requested byhttps://constantclients.cc/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:03 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-security-policy: script-src 'nonce-D1SZDlrE8eWo1ACdS28d4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
server: GSE
set-cookie: NID=513=KF_QS62mXR76Twx2-yCGIdjBlkDEcO6FUO4XLOxtS2Q-pC2ENqS13AjwZBF5fecFEFWKKM2aqK7l5zJAxmxOp5oqwRydaPQRlU1LAZxgYJndFGa4FaIHDt46jd39OLiqC7mmBGlPR_qwXRI3jmDtR-6pkeD9u39FI48xiNaR52c; expires=Fri, 18-Oct-2024 04:03:03 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment.min.js | 104.17.24.14 | 200 OK | 16 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment.min.js IP104.17.24.14:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (53324), with no line terminators Hash761502841c035afcf6a9bdc5d0a20d11 69ab16ba8ca68431ab59eff286c7ed1e520bca30 e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
GET /ajax/libs/moment.js/2.24.0/moment.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:03:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 15508
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f26-d04c"
last-modified: Mon, 04 May 2020 16:13:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 207614
expires: Tue, 08 Apr 2025 04:03:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F8wPR%2BduAVQr5snR9hn9lAU%2BBts2IUd%2F%2FSUjxlSQgbrGVUXyQAiUhTULHkfPtLRSNaMKdmnOmfhOvIWI%2FRNN5cAI4nbxWAdGYqwOy4B%2BmFuyyTFW9KCEqH453HlfFiplQVSt3r0N"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8761c34e6ac2569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.28/moment-timezone-with-data-1970-2030.min.js | 104.17.24.14 | 200 OK | 16 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.28/moment-timezone-with-data-1970-2030.min.js IP104.17.24.14:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash2254f17a3f253430a1e53e0eb421702a 446e6f427e47e99c4b964fe961dc274f602c6be6 a1bf4661317a1c9154c95b655a2bd4e3b9e06ba79e451dcbb62f557d47858412
GET /ajax/libs/moment-timezone/0.5.28/moment-timezone-with-data-1970-2030.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:03:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 16247
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f26-224f9"
last-modified: Mon, 04 May 2020 16:13:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2277040
expires: Tue, 08 Apr 2025 04:03:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xWPrVyNFty18xxeCY87cC5uxQUUJqBk%2BdAcAeCnN%2Fw3peJeczH2kSVUhML6G5ab9TuDcHK1CmKI82oGpNqOMnNxabnHGnPtPQLNMUctSZLQrJY5Yk3GOLE%2BydZOgptovCY3g6WG0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8761c34e7ac7569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| docs.google.com/viewerng/presspage?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=1 | 142.250.74.142 | 200 OK | 7.2 kB |
URL GET HTTP/2docs.google.com/viewerng/presspage?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=1 IP142.250.74.142:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (4163) Hash76094abeeac166c2f805a356ecb4d8ad 1f01915a495f2146f0aae9ed17121adbba1e08b3 cac9dc3965f5892721bc42619a1e132240c47780f388f172239c801456c96de5
GET /viewerng/presspage?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=1 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
Alt-Used: 0
HTTP/2 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:02 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
content-security-policy: script-src 'nonce-RElhdTiLohfS7yuQGlHIJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=EiIk44l7zTj3VerVNCltc-X1SUv0MlA4Ts3uCmWM3_MtLa9dDNXm5BygXpXiUdee2P4Kl4AlGGt-JbksNNFUA-eqBGowFkKwgv-RJRf9Qi7IxW9zYXT2qzCYfX1kSRFKulo_9JbN9W08rLlKVrZIydny7YNt41A3X2rByA9WLgs; expires=Fri, 18-Oct-2024 04:03:02 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.khNBx8_Cbh4.L.F4.O/am=wA/d=0/rs=AC2dHMIvFHbG72CWiW98wYQsYhImXrAZeQ | 142.250.74.35 | 200 OK | 92 kB |
URL GET HTTP/3www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.khNBx8_Cbh4.L.F4.O/am=wA/d=0/rs=AC2dHMIvFHbG72CWiW98wYQsYhImXrAZeQ IP142.250.74.35:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash51bd712308407b2de2b907d0016c01ec c37d535a2198523f78b950c55150de00c61aa011 3259a90d2810b5baa5d4a5d97ceb3fa2d9e83604b1a2d72f5033c0c940be8b72
GET /_/apps-viewer/_/ss/k=apps-viewer.standalone.khNBx8_Cbh4.L.F4.O/am=wA/d=0/rs=AC2dHMIvFHbG72CWiW98wYQsYhImXrAZeQ HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-length: 91670
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 19:18:22 GMT
expires: Thu, 17 Apr 2025 19:18:22 GMT
cache-control: public, max-age=31536000
age: 31483
last-modified: Thu, 04 Apr 2024 07:01:39 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| docs.google.com/viewerng/presspage?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=3 | 142.250.74.142 | 200 OK | 492 kB |
URL GET HTTP/2docs.google.com/viewerng/presspage?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=3 IP142.250.74.142:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (4502) Size492 kB (491479 bytes) Hash38ade08c47b1b0156a1b6d7d05e963c4 eb92e093111da01c42be7fc5581f36ec62a4d25c b1f1afd161e9b331caada310b8f603ff20c588996ef609492f2167e1a7cdfecc
GET /viewerng/presspage?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=3 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:02 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-security-policy: script-src 'nonce-p2JcL-LmRuOJcw85FJSzfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=mOP__vUgD6dzvzdWTbezJP5fMe_62OUwWKixG-aMhgYkhW98QCVocRS9O5PfiYoDRdpS1gkczkL2mU7mi2gu9gGUl_gxeUIC_fQyz6HZDcU_HPgv6r-SBlci48IMGD0c4ztVV6kgVbZv2c0ToH2furxMInoxZEjBJ09bkXb1n-8; expires=Fri, 18-Oct-2024 04:03:02 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| app.convertobot.com/lib/img/close-icon.png | 172.67.145.237 | 200 OK | 425 B |
URL GET HTTP/2app.convertobot.com/lib/img/close-icon.png IP172.67.145.237:443
Requested byhttps://constantclients.cc/ CertificateIssuerLet's Encrypt Subjectconvertobot.com Fingerprint75:4A:AB:25:C4:5D:F0:14:F8:9C:B1:AB:06:28:B8:D5:14:30:1C:2D ValidityFri, 29 Mar 2024 19:38:25 GMT - Thu, 27 Jun 2024 19:38:24 GMT
File typePNG image data, 48 x 48, 4-bit colormap, non-interlaced Hashd07ae5d5b34fce5e08f624b40088de4d c384a0fc3b0bdb3c1517c26806b879200d57295a 49f58876aafb5da4976c34b088a70c93c06624fedfa06dbb819aeb36d4d8cf5b
GET /lib/img/close-icon.png HTTP/1.1
Host: app.convertobot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:03:05 GMT
content-type: image/png
content-length: 425
last-modified: Fri, 06 Nov 2020 12:15:04 GMT
cache-control: max-age=2592000
expires: Tue, 23 Apr 2024 10:15:44 GMT
cf-cache-status: HIT
age: 2137640
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LD2a8txuBq2gtQCdXFKAfdCo1ngsr1vHLsUtyueZN9Ayljsh7whdfWgC568L9DVkhiE2XLceYOv2hTnqYGjbmgiiptihpI0RD%2FAYCjkkNWMEET9PxtsHqYAkRK8TEEG83YCvMcYH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c3557d65712e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 444 B |
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeXML 1.0 document, ASCII text, with very long lines (332) Hash3b324dec137a87ef7e24a30a65b13dd0 c0faa95b2f1018e264b3a14aaf50d1003e6c27b3 6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-05-20-00-15-28.chain; p384ecdsa=Htp3fDT5nlE5VgguY-QIGuislwvfy6Qo4vna9O2pJnhj057TCYjK4Jw0zo0BfZ7kdfTGJYqMeWrdWZNJwt6iFPaWvUFnHNiqbpZx8-h2yY5m9hwbIH4nqEXHvmz0Ws0y
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: MISS
content-encoding: gzip
via: 1.1 google
date: Thu, 18 Apr 2024 04:01:55 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 70
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| docs.google.com/viewerng/img?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=0&w=800 | 142.250.74.142 | 200 OK | 657 kB |
URL GET HTTP/2docs.google.com/viewerng/img?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=0&w=800 IP142.250.74.142:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typePNG image data, 800 x 1131, 8-bit/color RGB, non-interlaced Size657 kB (657041 bytes) Hash0a4f68278be5b13c627ceefda3a702dd 8e6aff9026968f4436ff4d08bb4ee6ab2d87d6cc d9df688572ef3be438f3bf2e6194ec8b60e61dc7adf1f8b9c704c6cc749d67d2
GET /viewerng/img?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=0&w=800 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
Alt-Used: 0
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:03 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-security-policy: script-src 'nonce-a3nQod5uIZaMbKok9KJbpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=MteoXbUeWbI8fXNMFT2i3zjoHm-LabGImG_9aPPwqelepiD4uOeaMglrqdDg7kxZ4eZYcatrBh46Wt1fmnGPTsSKwhUtbrvrDPxXiZZycnCJjCsrnp8O7JauZza3DfsodS53e8QhlzKO0B_wJBRGtYAUmcxFHDZtNeZHgw3Bux8; expires=Fri, 18-Oct-2024 04:03:02 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs | 142.250.74.110 | 200 OK | 111 kB |
URL GET HTTP/3apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs IP142.250.74.110:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJavaScript source, ASCII text, with very long lines (2124) Size111 kB (111004 bytes) Hash9d8cace6dabbc78e36c4aba49c7125b1 797a2f633272abdbf1d88054fbfb3f42adc1415f a4667786f4a20672e060bb8511e66d795c74b5cf705cd316f898cd2de4f68b43
GET /_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 111004
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:06:23 GMT
expires: Fri, 11 Apr 2025 17:06:23 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 31 Mar 2024 15:20:31 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 557802
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| drive.google.com/auth_warmup | 142.250.74.46 | 200 OK | 0 B |
URL GET HTTP/2drive.google.com/auth_warmup IP142.250.74.46:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /auth_warmup HTTP/1.1
Host: drive.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:05 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000
cross-origin-resource-policy: same-site
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-MSez7scEM9H7hYlmgTT7lQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveOsidBootstrap/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints: default="/_/DriveOsidBootstrap/web-reports?context=eJzjEtDikmJw0JBicEqfwRoCxEI8HD-3NW1kEzgwrW0LEwBxdQk5"
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=513=KELLN9WqjqnklJmBe5LVjfZ11W0OfFCsiyy0GIDsTPXJWxjDBYYQjcUgBfSORPHJPs2tgEd02I7vzQimqtQqrPVX_0iVqNnAHj8wKYEekuIy-wgaqWJUNvoKM0-2xnegpotuEMNh0GWC4sOfmWIZsb58vb6zbnpCFZGeTS7AMy8; expires=Fri, 18-Oct-2024 04:03:05 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/feedback/js/help/prod/service/lazy.min.js | 142.250.74.35 | 200 OK | 37 kB |
URL GET HTTP/3www.gstatic.com/feedback/js/help/prod/service/lazy.min.js IP142.250.74.35:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (3383) Hash4d95791a35ae95bd11b6f6d7e880ff93 23f70202a367d2b280f2560bbec29b1c9eee5e66 15ce60ae9fdb72f42e3c0baf6010b4b1c55cb5f80f22e430d21bfc1d6886ec7a
GET /feedback/js/help/prod/service/lazy.min.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="product-feedback-gathering"
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-length: 36935
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 03:57:37 GMT
expires: Thu, 18 Apr 2024 04:47:37 GMT
cache-control: public, max-age=3000
last-modified: Tue, 16 Apr 2024 14:54:38 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 328
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.174 | 200 OK | 0 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.174:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://docs.google.com/
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 18 Apr 2024 04:03:05 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.174 | 200 OK | 131 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.174:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 887
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 18 Apr 2024 04:03:05 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| ssl.gstatic.com/docs/common/viewer/v3/v-sprite56.svg | 142.250.74.35 | 200 OK | 50 kB |
URL GET HTTP/3ssl.gstatic.com/docs/common/viewer/v3/v-sprite56.svg IP142.250.74.35:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeSVG Scalable Vector Graphics image Hashba7ab7044d6c6c0240c3917858948cff 3b840b104cb3d74d5a35fbd193aca32d27815d3e 0189f7c6ed35a7be5e51a30366fbc54c9c9e27d2511db44895d85a1458f83ab5
GET /docs/common/viewer/v3/v-sprite56.svg HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-length: 50079
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 15:15:27 GMT
expires: Tue, 15 Apr 2025 15:15:27 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 15 Feb 2024 22:18:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
age: 218858
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.174 | 200 OK | 0 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.174:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://docs.google.com/
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 18 Apr 2024 04:03:05 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__ | 142.250.74.106 | | 274 B |
URL content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__ IP142.250.74.106:0
File typeHTML document, ASCII text Hash852248a3678ca99deb12e20a87f25eea dea97017386ef5bc1ee68defe857a0518cf88e4a 1af3baed91cd60566531f356f4aa73b55b1cbed787499ba5d567fca0a0233697
GET /static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__ HTTP/1.1
Host: content.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce-EEaih3g7dRhf7NP6SgG7SQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none', require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apiserving"
report-to: {"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
content-length: 274
date: Thu, 18 Apr 2024 04:03:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Tue, 12 Mar 2024 05:08:00 GMT
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp; report-to="apiserving"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.174 | 200 OK | 131 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.174:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 2842
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 18 Apr 2024 04:03:05 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| apis.google.com/js/googleapis.proxy.js?onload=startup | 142.250.74.110 | 200 OK | 5.9 kB |
URL GET HTTP/3apis.google.com/js/googleapis.proxy.js?onload=startup IP142.250.74.110:443
Requested byhttps://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__#parent=https%3A%2F%2Fdocs.google.com&rpctoken=304627719 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJavaScript source, ASCII text, with very long lines (2054) Hash7f93e0458ef1a4a7db3a3c75ef5c8f26 56f6636f85494d2dbb878e5214b95c12f71ba567 c2e9943fb0b73a7d2c5e3f3f4c076367903a0fe813bf652d7ee9af81eb150afc
GET /js/googleapis.proxy.js?onload=startup HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://content.googleapis.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 5906
date: Thu, 18 Apr 2024 04:03:05 GMT
expires: Thu, 18 Apr 2024 04:03:05 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "6a1d8767de9e733b"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs | 142.250.74.110 | 200 OK | 28 kB |
URL GET HTTP/3apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs IP142.250.74.110:443
Requested byhttps://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__#parent=https%3A%2F%2Fdocs.google.com&rpctoken=304627719 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJavaScript source, ASCII text, with very long lines (2124) Hash2756c7839e34e1bfd27282c872153e6b 4f4f889d37f2b2ce157c740b4fcc5cf431f887a5 ae27d17adcefa0111d96a7504de7fef12bcf3167ab70dc3acab6d6e32c9bef3a
GET /_/scs/abc-static/_/js/k=gapi.lb.en.5BIk7BglYEE.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://content.googleapis.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 28126
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:07:48 GMT
expires: Fri, 11 Apr 2025 17:07:48 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 31 Mar 2024 15:20:31 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 557717
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.174 | 200 OK | 0 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.174:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://docs.google.com/
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 18 Apr 2024 04:03:06 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.174 | 200 OK | 131 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.174:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 5206
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 18 Apr 2024 04:03:06 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json | 142.250.74.106 | 204 No Content | 0 B |
URL POST HTTP/3content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json IP142.250.74.106:443
Requested byhttps://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__#parent=https%3A%2F%2Fdocs.google.com&rpctoken=304627719 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json HTTP/1.1
Host: content.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-ClientDetails: appVersion=5.0%20(X11)&platform=Linux%20x86_64&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0
Content-Type: application/json
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Origin: https://docs.google.com
X-Referer: https://docs.google.com
X-Goog-Encode-Response-If-Executable: base64
Content-Length: 715
Origin: https://content.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
cache-control: no-cache, no-store, max-age=0, must-revalidate
vary: Origin, X-Origin
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Thu, 18 Apr 2024 04:03:06 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| docs.google.com/viewerng/img?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=1&w=800 | 142.250.74.142 | 200 OK | 128 kB |
URL GET HTTP/3docs.google.com/viewerng/img?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=1&w=800 IP142.250.74.142:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typePNG image data, 800 x 1131, 8-bit/color RGB, non-interlaced Size128 kB (127494 bytes) Hash88153964c9f884c546b1a2b6c5a309d4 d5af6ef1d4d3e8f825d7bde4e8a6c315ea3e5ea4 8831ac3ceb0eeb51dda5b80b89dc1c17029386e375cb90a309f8bb7311adadf1
GET /viewerng/img?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=1&w=800 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:06 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-zAmP8GTulP_99V5Lciby9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=LDvs969BuGIUBDdYDxTDI4AU8ajCP90S8UPOk5pdhlRcUqDyz1AWeihRRH-OgpEeritkl-rGNltt-14UkLkalhq2L-NCKK5cdmWCdInhmuTpDaLPtEa2aJg1bQcp28o9zX1gpaQ0h1XCle2ay2Bv42aoOw0KOwSef8Fym4qHRic; expires=Fri, 18-Oct-2024 04:03:06 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| docs.google.com/viewerng/presspage?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=2 | 142.250.74.142 | 200 OK | 1.7 kB |
URL GET HTTP/2docs.google.com/viewerng/presspage?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=2 IP142.250.74.142:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeUnicode text, UTF-8 text, with very long lines (4272) Hashd01930d8f9eed45f01e3e1a4de3d01b6 2c8fbafebcfc83148d0ce105237492e6432503de 3e386414b00b9770754e0b50aece8f0ef4af6404e74cef259d8b29632705bbb0
GET /viewerng/presspage?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=2 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
Alt-Used: 0
HTTP/2 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:02 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-security-policy: script-src 'nonce-vo2GnRvVUJpisn-UgWoKtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=ebYTye0zJdX4gmWepyDdNiOHplSWgSMRPcIPHrDWBemYgYaKv0hGGLMIjF1NeLXTvFPvhXOIdlfSn1k2RgaIcgnuQ6tiFTuD50fYXs3Oy_GhJY0ah_YXFEiocfE4cpsKpwMswxGKvfupaxrOJeIWzCxynVSr2mtTvpaP6jFVAF8; expires=Fri, 18-Oct-2024 04:03:02 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json | 142.250.74.106 | 204 No Content | 0 B |
URL POST HTTP/3content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json IP142.250.74.106:443
Requested byhttps://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__#parent=https%3A%2F%2Fdocs.google.com&rpctoken=304627719 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json HTTP/1.1
Host: content.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-ClientDetails: appVersion=5.0%20(X11)&platform=Linux%20x86_64&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0
Content-Type: application/json
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Origin: https://docs.google.com
X-Referer: https://docs.google.com
X-Goog-Encode-Response-If-Executable: base64
Content-Length: 1468
Origin: https://content.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
date: Thu, 18 Apr 2024 04:03:06 GMT
pragma: no-cache
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT
vary: Origin, X-Origin
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| docs.google.com/viewerng/presspage?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=0 | 142.250.74.142 | 200 OK | 246 kB |
URL GET HTTP/3docs.google.com/viewerng/presspage?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=0 IP142.250.74.142:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typegzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT) Size246 kB (246433 bytes) Hashc46df1353c7df463ecf1017c2bc2d205 b7afa1596c32a1fa3230968cca135bcf2c58cf18 e00a7a94df851cfe3fa0da74834cdd50b30ceb8229276c1c36fa3de3d8b0a0df
GET /viewerng/presspage?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=0 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:06 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
content-security-policy: script-src 'nonce-_cULtRMXE8BCutw-gwrRhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=hI_En_atmGaVo8kd2Bu197-GMKr-ltpxkjOKceTqOXJu_glEByx1G4__vZXvS87yYvbO0h91XGBcnMx3FxeQFKzwl9lKkxOKjJBiiKn6Jh2vr_R3TwS9o8J0aAhw8lR-HW37Y6_P8OUhtTR2k2wVQnRHjUZmkOM3d_iMEFQ4nqs; expires=Fri, 18-Oct-2024 04:03:06 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.174 | 200 OK | 0 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.174:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://docs.google.com/
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 18 Apr 2024 04:03:08 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.174 | 200 OK | 131 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.174:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 5204
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 18 Apr 2024 04:03:08 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.174 | 200 OK | 0 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.174:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://docs.google.com/
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 18 Apr 2024 04:03:17 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.174 | 200 OK | 131 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.174:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 1363
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 18 Apr 2024 04:03:17 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.en_US.cdJChLL3Kzs.O/am=wA/d=1/rs=AC2dHMJ-UPcpj1TrAIHbwPz2NVftQIDTdQ/m=main | 142.250.74.35 | 200 OK | 71 kB |
URL GET HTTP/3www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.en_US.cdJChLL3Kzs.O/am=wA/d=1/rs=AC2dHMJ-UPcpj1TrAIHbwPz2NVftQIDTdQ/m=main IP142.250.74.35:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
Hash51fc9d86e3fd07d82c188bf54aaeb859 bd0e3c31bbef692c5479a444a9b6630a20982bf5 d6dd4d526e3dfab864bddafabdc151ffda70dfa8d7ca1dcc23ebb5fcb2e12e62
GET /_/apps-viewer/_/js/k=apps-viewer.standalone.en_US.cdJChLL3Kzs.O/am=wA/d=1/rs=AC2dHMJ-UPcpj1TrAIHbwPz2NVftQIDTdQ/m=main HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-length: 489997
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 18:11:41 GMT
expires: Thu, 17 Apr 2025 18:11:41 GMT
cache-control: public, max-age=31536000
age: 35470
last-modified: Thu, 04 Apr 2024 11:03:01 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.174 | 200 OK | 131 B |
URL POST HTTP/3play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.174:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://docs.google.com/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 1363
Origin: https://docs.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://docs.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Thu, 18 Apr 2024 04:03:17 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| docs.google.com/viewerng/img?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=3&w=800 | 142.250.74.142 | 200 OK | 231 kB |
URL GET HTTP/3docs.google.com/viewerng/img?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=3&w=800 IP142.250.74.142:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typePNG image data, 800 x 1131, 8-bit/color RGB, non-interlaced Size231 kB (230801 bytes) Hash63dbf2f98149a59ab77e73886e123161 6b515bb44f20ed74a985c2cdefee7a08eda85f6d 2ae0a5e6409e499d1f9770566f663401ee5e4b151b50051c7cfa766c524b27b0
GET /viewerng/img?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=3&w=800 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:06 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
content-security-policy: script-src 'nonce-FrZocggm4el0Co5zxI0BlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=HLrfsAf1gj1K4id6Ggy2uuw2bCy__9CRxaMSKX0DJ-pEYuPDDY2gvUOFttnQ2OGpokWQXeMcGqEt1H4KONwAJUyWL1GhFMjqDzuz8yrA9FqIy27PwwcyHEVYtCcvIvTH4CdeuaBb7cIjao-m14FP_JjTWe1fW2CxpxOrLxRqRvE; expires=Fri, 18-Oct-2024 04:03:06 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| constantclients.cc/wp-content/plugins/popup-builder/public/js/PopupBuilder.js?ver=4.2.7 | 66.235.200.147 | 200 OK | 82 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/popup-builder/public/js/PopupBuilder.js?ver=4.2.7 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/popup-builder/public/js/PopupBuilder.js?ver=4.2.7 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
last-modified: Tue, 20 Feb 2024 20:09:50 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
server: cloudflare
cf-ray: 8761c2edbd4bb50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/themes/mesmerize/style.min.css?ver=1.6.109 | 66.235.200.147 | 200 OK | 181 kB |
URL GET HTTP/2constantclients.cc/wp-content/themes/mesmerize/style.min.css?ver=1.6.109 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size181 kB (181087 bytes) Hash7527d5e0b455fb469701e0835ca20ac5 88abd8f182c298178502ceadeb32a814d5bb5dd1 4af950d27d1ca08f7edf1e344722c92459fdf4adc55085514df27ad58fe0809e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/mesmerize/style.min.css?ver=1.6.109 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
last-modified: Sat, 27 May 2023 14:54:47 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
server: cloudflare
cf-ray: 8761c2ed9d2eb50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 | 66.235.200.147 | 200 OK | 88 kB |
URL GET HTTP/2constantclients.cc/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
last-modified: Tue, 07 Nov 2023 20:03:53 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
server: cloudflare
cf-ray: 8761c2edbd43b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/New/Auth/sf_rand_string_lowercase6/YWphaW5AY2FzdGxlYnJhbmRzaW5jLmNvbQ== | 66.235.200.147 | 301 Moved Permanently | 187 kB |
URL User Request GET HTTP/2constantclients.cc/New/Auth/sf_rand_string_lowercase6/YWphaW5AY2FzdGxlYnJhbmRzaW5jLmNvbQ== IP66.235.200.147:443
CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
Size187 kB (186857 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /New/Auth/sf_rand_string_lowercase6/YWphaW5AY2FzdGxlYnJhbmRzaW5jLmNvbQ== HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Thu, 18 Apr 2024 04:02:47 GMT
content-type: text/html; charset=UTF-8
location: https://constantclients.cc
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
vary: Accept-Encoding
set-cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000; path=/; domain=.constantclients.cc; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8761c2df0e77b50c-OSL
X-Firefox-Spdy: h2
|
|
| gtm.constantclients.cc/g/collect?v=2&tid=G-MR4VREK4MN>m=45je44f0v884890645z8854588744za200&_p=1713412969423&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1651928891.1713412970&ecid=1500175129&ul=en-us&sr=1280x1024&_fplc=0&ur=NO-03&pscdl=noapi&sst.etld=google.no&sst.gcsub=region1&sst.gcd=13l3l3l2l1&sst.tft=1713412969423&sst.ude=0&_s=2&sid=1713412970&sct=1&seg=0&dl=https%3A%2F%2Fconstantclients.cc%2F&dt=Home%20-%20Constant%20Clients%20Inc&en=view_item&ep.event_id=1713412969699.107181.3&tfd=4575&richsstsse | 0.0.0.0 | | 0 B |
URL GET gtm.constantclients.cc/g/collect?v=2&tid=G-MR4VREK4MN>m=45je44f0v884890645z8854588744za200&_p=1713412969423&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1651928891.1713412970&ecid=1500175129&ul=en-us&sr=1280x1024&_fplc=0&ur=NO-03&pscdl=noapi&sst.etld=google.no&sst.gcsub=region1&sst.gcd=13l3l3l2l1&sst.tft=1713412969423&sst.ude=0&_s=2&sid=1713412970&sct=1&seg=0&dl=https%3A%2F%2Fconstantclients.cc%2F&dt=Home%20-%20Constant%20Clients%20Inc&en=view_item&ep.event_id=1713412969699.107181.3&tfd=4575&richsstsse IP0.0.0.0:0
Requested byhttps://constantclients.cc/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /g/collect?v=2&tid=G-MR4VREK4MN>m=45je44f0v884890645z8854588744za200&_p=1713412969423&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1651928891.1713412970&ecid=1500175129&ul=en-us&sr=1280x1024&_fplc=0&ur=NO-03&pscdl=noapi&sst.etld=google.no&sst.gcsub=region1&sst.gcd=13l3l3l2l1&sst.tft=1713412969423&sst.ude=0&_s=2&sid=1713412970&sct=1&seg=0&dl=https%3A%2F%2Fconstantclients.cc%2F&dt=Home%20-%20Constant%20Clients%20Inc&en=view_item&ep.event_id=1713412969699.107181.3&tfd=4575&richsstsse HTTP/1.1
Host: gtm.constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://constantclients.cc
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000; _ga_MR4VREK4MN=GS1.1.1713412970.1.0.1713412970.0.0.1500175129; _ga=GA1.1.1651928891.1713412970
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__ | 142.250.74.106 | 200 OK | 382 B |
URL GET HTTP/3content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__ IP142.250.74.106:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeHTML document, ASCII text, with very long lines (407), with no line terminators Hashd25ac582dc852661977a38c57987aff0 17b333f8aca6d7247502562eda702659ca08b5f0 184aa8a407270df041445247e3140dcfe1a279ca59d774c64ff17ba2d92db2ee
GET /static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__ HTTP/1.1
Host: content.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce-EEaih3g7dRhf7NP6SgG7SQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none', require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apiserving"
report-to: {"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
content-length: 274
date: Thu, 18 Apr 2024 04:03:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Tue, 12 Mar 2024 05:08:00 GMT
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp; report-to="apiserving"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| gtm.constantclients.cc/g/collect?v=2&tid=G-MR4VREK4MN>m=45je44f0v884890645z8854588744za200&_p=1713412969423&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1651928891.1713412970&ecid=1500175129&ul=en-us&sr=1280x1024&_fplc=0&ur=NO-03&pscdl=noapi&sst.etld=google.no&sst.gcsub=region1&sst.gcd=13l3l3l2l1&sst.tft=1713412969423&sst.ude=0&_s=1&sid=1713412970&sct=1&seg=0&dl=https%3A%2F%2Fconstantclients.cc%2F&dt=Home%20-%20Constant%20Clients%20Inc&en=page_view&_fv=1&_nsi=1&_ss=1&ep.event_id=1713412969699.107181.2&tfd=4017&richsstsse | 0.0.0.0 | | 0 B |
URL GET gtm.constantclients.cc/g/collect?v=2&tid=G-MR4VREK4MN>m=45je44f0v884890645z8854588744za200&_p=1713412969423&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1651928891.1713412970&ecid=1500175129&ul=en-us&sr=1280x1024&_fplc=0&ur=NO-03&pscdl=noapi&sst.etld=google.no&sst.gcsub=region1&sst.gcd=13l3l3l2l1&sst.tft=1713412969423&sst.ude=0&_s=1&sid=1713412970&sct=1&seg=0&dl=https%3A%2F%2Fconstantclients.cc%2F&dt=Home%20-%20Constant%20Clients%20Inc&en=page_view&_fv=1&_nsi=1&_ss=1&ep.event_id=1713412969699.107181.2&tfd=4017&richsstsse IP0.0.0.0:0
Requested byhttps://constantclients.cc/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /g/collect?v=2&tid=G-MR4VREK4MN>m=45je44f0v884890645z8854588744za200&_p=1713412969423&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1651928891.1713412970&ecid=1500175129&ul=en-us&sr=1280x1024&_fplc=0&ur=NO-03&pscdl=noapi&sst.etld=google.no&sst.gcsub=region1&sst.gcd=13l3l3l2l1&sst.tft=1713412969423&sst.ude=0&_s=1&sid=1713412970&sct=1&seg=0&dl=https%3A%2F%2Fconstantclients.cc%2F&dt=Home%20-%20Constant%20Clients%20Inc&en=page_view&_fv=1&_nsi=1&_ss=1&ep.event_id=1713412969699.107181.2&tfd=4017&richsstsse HTTP/1.1
Host: gtm.constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://constantclients.cc
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000; _ga_MR4VREK4MN=GS1.1.1713412970.1.0.1713412970.0.0.1500175129; _ga=GA1.1.1651928891.1713412970
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf | 142.250.74.142 | 200 OK | 8.6 kB |
URL GET HTTP/2docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf IP142.250.74.142:443
Requested byhttps://constantclients.cc/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeHTML document, ASCII text, with very long lines (8833), with no line terminators Hash06d853172f60f88a516fd3e2c4fb0c7c c6ed1eed77e960dd8e9666e0669a37646765e8bf dc6b35f371bd2652aa4823c4cecdc79978661eac8fe42d489fa81ff68b3c66b7
GET /gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:02:49 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-security-policy: script-src 'nonce-mI97f3_OEXwQwmeKS3PYlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=JJ7Uy51zuvABnzJUZasH6FBiMQcA7b09eaeGycVzKLTN0VuHBC1jod_ufeWJvWK38sbfuIrLuFQEB6AZD6wyYjJLfi3NW8nvp2lKdjfstF5sBSyWl999arhOeJY4NkxymRKU5g5pKZPOkws4B5t8UVVEsuvata3r1UMpHApAaqM; expires=Fri, 18-Oct-2024 04:02:49 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| docs.google.com/viewerng/img?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=3&w=800 | 142.250.74.142 | 200 OK | 224 kB |
URL GET HTTP/2docs.google.com/viewerng/img?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=3&w=800 IP142.250.74.142:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typePNG image data, 800 x 1131, 8-bit/color RGB, non-interlaced Size224 kB (224043 bytes) Hash32462fb28cc7e63f5071968dfcc64bea 9022437de3b5114b6e2556a36f227f3914c770aa 14efd614d18cb7e1bbbf7b5322e6420a61ac627f4d8a2ad35450d77866fa56a6
GET /viewerng/img?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=3&w=800 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:03 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
content-security-policy: script-src 'nonce-jmJnOM__jX-NnlFmjY5oDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=QrpmD7teOr8RSBXcxTjEQQVcQqQ6vSJ88hjCUtLD7fQtSru9umD43evWFOFv9UZykyfyDj28B0GOibIgOX3m4PId6r-iQlwiHqMSU9uEn5ZWgAvyZ7zHEBY5dMQpmFNA9ySfz1K8NLKl4stcotfUF5mfcjemycIXHn2uMk0glGM; expires=Fri, 18-Oct-2024 04:03:02 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| docs.google.com/viewerng/presspage?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=3 | 142.250.74.142 | 200 OK | 4.7 kB |
URL GET HTTP/3docs.google.com/viewerng/presspage?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=3 IP142.250.74.142:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeUnicode text, UTF-8 text, with very long lines (4995), with no line terminators Hash27a70c0486570ec3acab9686111b829a d15b1148e70f4996711e66f5ceaa2b5c1adb3838 ced12e7ed6d750cc636312fbe0d1a4d92ad2b47b94736374fc816f95a3d913bf
GET /viewerng/presspage?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=3 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:06 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-security-policy: script-src 'nonce-SUfCEzqq5Z-7_a9baB-avw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=XnJ27CJTK9duMRuh0WPHbnHgCHPcrdOCgts1FWMELUdWEH6_yX53J2H2kqMlH4dy671iM7KnB63bJvzZC2asdqZ8qQdMjWD_q6qOiPzTC_SbrjxT8gf_gXExSGx3ijCe4IfsH2PXarReZc6JGGotDyVNB6JLFbBMor5FNwR-PKM; expires=Fri, 18-Oct-2024 04:03:06 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| constantclients.cc/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.21.0 | 66.235.200.147 | 200 OK | 63 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.21.0 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.21.0 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
server: cloudflare
cf-ray: 8761c2ee0d9cb50c-OSL
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/sm.25.html | 172.67.39.148 | 200 OK | 716 B |
URL GET HTTP/3static.addtoany.com/menu/sm.25.html IP172.67.39.148:443
Requested byhttps://constantclients.cc/ CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT
File typeHTML document, ASCII text, with very long lines (744), with no line terminators Hashc3c97893ca5c74e7504aa4ec474ea41b cdccb12d7e73682e0e807107243ede7d5e14c962 b79f65e9ffe3bad9bd9cdcffed0758430f7eb1a630c368dc173eecdeb2821f00
GET /menu/sm.25.html HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XqYdf3zT6f5djRXIIJwMp9CmOr869HlwkvaSLOezMHs8bCNXKhchHrxUkAX8VobSQtGTx9av1ds6j%2BrAMbeIHt6gjCWQ%2F0%2FDDuSz%2BYQMTMfH9cMBRVSXt9wfmQ0xD6qcBrOg5iLUMVJymypfmtsURYC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 6912
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8761c2f4180b5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| docs.google.com/viewerng/img?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=2&w=800 | 142.250.74.142 | 200 OK | 128 kB |
URL GET HTTP/2docs.google.com/viewerng/img?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=2&w=800 IP142.250.74.142:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typePNG image data, 800 x 1131, 8-bit/color RGB, non-interlaced Size128 kB (128322 bytes) Hash85038dfd4b714c1c3ef6dfc2cc86ef58 f790758b6d71a60c2b8eade8a8aa615706272452 9349c1a65f75080a47335a6779321c524a903b9e982685451b3cb44feca3faef
GET /viewerng/img?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=2&w=800 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:02 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-zbx_jEUcTu0KrJltEL-3eA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=SqzZjW5GrUNYEGZ86kPvd7U4S392MYAASnWPRf4KrJkjLFDiZPgpfcPOv_vuqXuLO_oAxk5iM8SuOUcHwfkQ-XrGGl8iA2LwE-_VufeMDwDnfQkqiUSopy5Thrnr7Mq5zR_8E00ycA9SYXfgAkFGg4iEa2ZcQjV_hB8h_zjt0Gc; expires=Fri, 18-Oct-2024 04:03:02 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__ | 142.250.74.106 | 200 OK | 382 B |
URL GET HTTP/3content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__ IP142.250.74.106:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeHTML document, ASCII text, with very long lines (407), with no line terminators Hash735c031e1eec1e32c4f76e15a3b313ec 987264f06a776690551b1c4e88f70a9f4512966b 45448ea71db0ebc1d264cb006e425d03269cef8d807bd0db4e91621642e47cf7
GET /static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.5BIk7BglYEE.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9V8V9Op_7rn4BCy9pIOBNUyU2IjA%2Fm%3D__features__ HTTP/1.1
Host: content.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce-gOoAJoVTXG5WCnFdA-SXVw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none', require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apiserving"
report-to: {"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
content-length: 272
date: Thu, 18 Apr 2024 04:02:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Tue, 12 Mar 2024 05:08:00 GMT
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp; report-to="apiserving"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| docs.google.com/viewerng/meta?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol | 142.250.74.142 | 200 OK | 36 B |
URL GET HTTP/3docs.google.com/viewerng/meta?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol IP142.250.74.142:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeASCII text, with no line terminators Hash45b006a58c64ecff5875ec96ef28e7ff 826b015d0c38cae990dbfef89fc1158c35b0cfad 5cfed5b80fb83f2dcae2d34ab23ec8be84c795cbf191b4bf62e1833a27421062
GET /viewerng/meta?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:05 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
content-security-policy: script-src 'nonce-eTRcjnwfmD3WCN3B8WxjQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=Bjkl6Di4AxMkczcxrE8DvTTzODZu2Fywc_gjZW8CEuj-UU_ViRD6DFiMTT8TJp66G3frPKNpMJDkcODwWMmiLKsQ3lIIIELhCoIex-x-SAU51rgjRQ_pMjYHdSXNJpY5e_7tckrfKvtML6Cp0mhXk5x9ge8cU_XH9xzl1Oqyv74; expires=Fri, 18-Oct-2024 04:03:05 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| constantclients.cc/wp-content/plugins/strong-testimonials/public/svg/chevron-left-solid.svg | 66.235.200.147 | 200 OK | 482 B |
URL GET HTTP/2constantclients.cc/wp-content/plugins/strong-testimonials/public/svg/chevron-left-solid.svg IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashd8b074990a8c9f550270f8d265951f35 22014267f7d7ecbde3272518b6adc00a3afc109e 4a40b64e4494ef888fa44056df81fb55ff0471e76aaf9249d00edaeaef5afa88
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/strong-testimonials/public/svg/chevron-left-solid.svg HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/wp-content/plugins/strong-testimonials/public/css/slider-controls-sides-outside-buttons.css?ver=3.1.12
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000; _ga_MR4VREK4MN=GS1.1.1713412970.1.0.1713412970.0.0.1500175129; _ga=GA1.1.1651928891.1713412970
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:03:02 GMT
content-type: image/svg+xml
last-modified: Fri, 22 Mar 2024 20:03:55 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:03:02 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c3459ddcb50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| | 66.235.200.147 | 200 OK | 187 kB |
URL User Request GET HTTP/2IP66.235.200.147:443
CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
Size187 kB (186857 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/html; charset=UTF-8
link: <https://constantclients.cc/wp-json/>; rel="https://api.w.org/", <https://constantclients.cc/wp-json/wp/v2/pages/999>; rel="alternate"; type="application/json", <https://constantclients.cc/>; rel=shortlink
cache-control: max-age=7200
expires: Thu, 18 Apr 2024 06:02:47 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
last-modified: Wed, 17 Apr 2024 17:54:30 GMT
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 8761c2e659d3b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/gtm4wp-contact-form-7-tracker.js?ver=1.20.2 | 66.235.200.147 | 409 Conflict | 83 B |
URL GET HTTP/2constantclients.cc/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/gtm4wp-contact-form-7-tracker.js?ver=1.20.2 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeHTML document, ASCII text, with no line terminators Hash839e0e1ee803a341ab291aaed320c8c4 302992d7f2ec44edaa728c17a55c2c903c864755 089a32b861f84eaa48bfb8f106d29365277a979a0300d89feb69eb2a1b6dea45
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/duracelltomi-google-tag-manager/dist/js/gtm4wp-contact-form-7-tracker.js?ver=1.20.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000; _ga_MR4VREK4MN=GS1.1.1713412970.1.0.1713412970.0.0.1500175129; _ga=GA1.1.1651928891.1713412970
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 409 Conflict
date: Thu, 18 Apr 2024 04:02:50 GMT
content-type: text/html; charset=iso-8859-1
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c2f7fa21b50c-OSL
X-Firefox-Spdy: h2
|
|
| docs.google.com/viewerng/thumb?ds=AON1mFykBOCa42rKnPWyfTxI2jjIlzLHoPkBu50GYDH6X_qF6q8hKFKih7mVS7q0eLh7mzAiA-DcgzecJLaiXMYcs4CztXrhAENI2tcQ1FiqEZdYQVwLhdu1fI9oY6tgTclBZ_tupSOPlav1Qh010abFy7PRaP9e-VedA-pJw0jWLochE4O6PpM_0fRZdK9gMi0tdToRBm8BcxTUHz8OJIOJ2skrH9q4MahXX28o3ZzRisA_BdINW1mmhPRZEb4g_JxxcCrt_N7T9_0AIZY2OSYUJdAgQOQ5U6w-nMqfVi8QTN9L5DXuA1C7vzJA5M9lUmaamH9pV4Fe&ck=lantern&authuser&w=800&webp=true&p=proj | 142.250.74.142 | 200 OK | 12 kB |
URL GET HTTP/3docs.google.com/viewerng/thumb?ds=AON1mFykBOCa42rKnPWyfTxI2jjIlzLHoPkBu50GYDH6X_qF6q8hKFKih7mVS7q0eLh7mzAiA-DcgzecJLaiXMYcs4CztXrhAENI2tcQ1FiqEZdYQVwLhdu1fI9oY6tgTclBZ_tupSOPlav1Qh010abFy7PRaP9e-VedA-pJw0jWLochE4O6PpM_0fRZdK9gMi0tdToRBm8BcxTUHz8OJIOJ2skrH9q4MahXX28o3ZzRisA_BdINW1mmhPRZEb4g_JxxcCrt_N7T9_0AIZY2OSYUJdAgQOQ5U6w-nMqfVi8QTN9L5DXuA1C7vzJA5M9lUmaamH9pV4Fe&ck=lantern&authuser&w=800&webp=true&p=proj IP142.250.74.142:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeRIFF (little-endian) data, Web/P image Hashe8f277e1e64ae5ea28942d3ce7dacbf1 b31171126218d7fbf17e982e945cb6f65e34bfa6 767714cd013f86376640c4c58cbff748a1d7e0ec4b07ce6edfaae71d75d6d72b
GET /viewerng/thumb?ds=AON1mFykBOCa42rKnPWyfTxI2jjIlzLHoPkBu50GYDH6X_qF6q8hKFKih7mVS7q0eLh7mzAiA-DcgzecJLaiXMYcs4CztXrhAENI2tcQ1FiqEZdYQVwLhdu1fI9oY6tgTclBZ_tupSOPlav1Qh010abFy7PRaP9e-VedA-pJw0jWLochE4O6PpM_0fRZdK9gMi0tdToRBm8BcxTUHz8OJIOJ2skrH9q4MahXX28o3ZzRisA_BdINW1mmhPRZEb4g_JxxcCrt_N7T9_0AIZY2OSYUJdAgQOQ5U6w-nMqfVi8QTN9L5DXuA1C7vzJA5M9lUmaamH9pV4Fe&ck=lantern&authuser&w=800&webp=true&p=proj HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: image/webp
expires: Thu, 18 Apr 2024 04:02:51 GMT
date: Thu, 18 Apr 2024 04:02:51 GMT
cache-control: private, max-age=300
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
content-security-policy: script-src 'nonce-kCAXKqLNFaGpLEsVLg2rUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=jL1lUY8If8WXznTBje7yziSbkuXzhPNcScJf2njuXFs8PRvRiJSnXcsS9rXvlDVy9U8E2sN1Z6i7NGleZUYQKYj3sSPBsZO--DJJeE9Vh40eDwKjYzL3ILnxCjVaHw-clbA_LBowkesxEOXGbG3r8LtOWlE_SwDA7Yk5yF3QFTM; expires=Fri, 18-Oct-2024 04:02:51 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| conv-avatar.s3.amazonaws.com/avatars/06.png | 52.216.114.11 | 200 OK | 23 kB |
URL GET HTTP/1.1conv-avatar.s3.amazonaws.com/avatars/06.png IP52.216.114.11:443
Requested byhttps://constantclients.cc/ CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typePNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced Hash8b025d1010ad60ad70e06448b50598d3 925d5ed88aece2a5072090958bcfb38c007b4514 fa382ab24a81b1f68b44d4c96dacaf74e1c71b8d6fb00b8423e41286915c73e3
GET /avatars/06.png HTTP/1.1
Host: conv-avatar.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: x43EdkH3VgPWVuz3g4SiIbxYnvzQ+O1nIJ5cKPxcDH6GuvTrPuyPbSYP2sngtJIi7jZC1lqj8s4=
x-amz-request-id: 81FZ7FXRMV8M0P3F
Date: Thu, 18 Apr 2024 04:03:06 GMT
Last-Modified: Wed, 30 Sep 2020 12:16:27 GMT
ETag: "8b025d1010ad60ad70e06448b50598d3"
x-amz-meta-sha256: fa382ab24a81b1f68b44d4c96dacaf74e1c71b8d6fb00b8423e41286915c73e3
x-amz-meta-s3b-last-modified: 20190124T164417Z
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 23160
|
|
| docs.google.com/viewerng/thumb?ds=AON1mFwf0WsDBdLjmoruCnFBeGzEcY8REJFJ_kurToUa3zSrZIsSsRYRU-uWHzN6MUO-wfJw9pmxvmlsUoqIBfGVljGFH1b-DMQcUoG6YQopRgKKINtWLicE3cyMhllAUtH7Bir7FWf8D0LzndCNKT58WSarDaeuwxEvsLHvfI-G07icqSneu2V5W2fVuCoh9d9pFUKgtRqHWpHUCGOjCOj1P9PmEkaB0T-kQUFNTaoyz2_ql9hurjgT0QFH8hKebFq162JRM1biNuKcS21b3NgEqBgoEK9CXBcmWKtRNLtZsG13C-ynWm-BJxWFjDfukYH7deT1T5OC&ck=lantern&authuser&w=800&webp=true&p=proj | 142.250.74.142 | 200 OK | 530 kB |
URL GET HTTP/2docs.google.com/viewerng/thumb?ds=AON1mFwf0WsDBdLjmoruCnFBeGzEcY8REJFJ_kurToUa3zSrZIsSsRYRU-uWHzN6MUO-wfJw9pmxvmlsUoqIBfGVljGFH1b-DMQcUoG6YQopRgKKINtWLicE3cyMhllAUtH7Bir7FWf8D0LzndCNKT58WSarDaeuwxEvsLHvfI-G07icqSneu2V5W2fVuCoh9d9pFUKgtRqHWpHUCGOjCOj1P9PmEkaB0T-kQUFNTaoyz2_ql9hurjgT0QFH8hKebFq162JRM1biNuKcS21b3NgEqBgoEK9CXBcmWKtRNLtZsG13C-ynWm-BJxWFjDfukYH7deT1T5OC&ck=lantern&authuser&w=800&webp=true&p=proj IP142.250.74.142:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeRIFF (little-endian) data, Web/P image Size530 kB (530314 bytes) Hash0ef92b37d2a235e7d6cae3553c666c03 1f8c88c8f9dd6bb73a9713f4c837a13b17568070 ade85734cc8df6a24216e8f3a88e90d51077fb26fd4a64350b4e29c37175be59
GET /viewerng/thumb?ds=AON1mFwf0WsDBdLjmoruCnFBeGzEcY8REJFJ_kurToUa3zSrZIsSsRYRU-uWHzN6MUO-wfJw9pmxvmlsUoqIBfGVljGFH1b-DMQcUoG6YQopRgKKINtWLicE3cyMhllAUtH7Bir7FWf8D0LzndCNKT58WSarDaeuwxEvsLHvfI-G07icqSneu2V5W2fVuCoh9d9pFUKgtRqHWpHUCGOjCOj1P9PmEkaB0T-kQUFNTaoyz2_ql9hurjgT0QFH8hKebFq162JRM1biNuKcS21b3NgEqBgoEK9CXBcmWKtRNLtZsG13C-ynWm-BJxWFjDfukYH7deT1T5OC&ck=lantern&authuser&w=800&webp=true&p=proj HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS1-revised.pdf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/webp
expires: Thu, 18 Apr 2024 04:03:03 GMT
date: Thu, 18 Apr 2024 04:03:03 GMT
cache-control: private, max-age=300
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
content-security-policy: script-src 'nonce-8SgGHZmjhgNKH_H48fjESQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=PYq9_LxzlmUL5RFbU4bkSioFPmvExo7a9wPhRIlQanDB6ZMXkBug-p9gJlr1x4L_l88qq6D8kwnzxOCQNJSRgxgS8f3134fyaAROU9yLpF-1AAJ5QtUAL91tTuktcQOtyxD3ORFZvKc4J9VKfIg3Tl_dBHHwV-1s3WgJ09Scy2I; expires=Fri, 18-Oct-2024 04:03:03 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/uploads/2021/08/docusign-V7dZJybxhgc-unsplash.jpg | 66.235.200.147 | 200 OK | 83 kB |
URL GET HTTP/2constantclients.cc/wp-content/uploads/2021/08/docusign-V7dZJybxhgc-unsplash.jpg IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1280, Scaling: [none]x[none], YUV color, decoders should clamp Hash73c2b97f7c5bb2ca8e417474f9f75757 44f3ebfab345f1552a0124752b4918311c68bae8 107689c9a302ff28c03d78e46a08207895fc5da6b09e1c5369496e9c626894f3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2021/08/docusign-V7dZJybxhgc-unsplash.jpg HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/wp-content/uploads/elementor/css/post-999.css?ver=1708890611
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: image/webp
x-webp-convert-log: Serving converted file
vary: Accept,Accept-Encoding
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:49 GMT
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
server: cloudflare
cf-ray: 8761c2f39839b50c-OSL
X-Firefox-Spdy: h2
|
|
| docs.google.com/viewerng/img?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=2&w=800 | 142.250.74.142 | 200 OK | 122 kB |
URL GET HTTP/3docs.google.com/viewerng/img?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=2&w=800 IP142.250.74.142:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typePNG image data, 800 x 1131, 8-bit/color RGB, non-interlaced Size122 kB (121902 bytes) Hashedde32a819e23f9c4b79ccfccb03b7e5 de98437870fc201f66990f87c8d2beb03252bc85 bb83fd97ff8b0d5a965db1fcfcbeb6043d36df34c1b7aea400a0621167373cf5
GET /viewerng/img?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=2&w=800 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:06 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
content-security-policy: script-src 'nonce-cnRa51OfK_hz9ZDvUTyG9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=SC7qZtq1ITHn8f9GGl05PEQOHOeCIbp_mgcg3TlcLDakVyF0-zAG1GXHmf1p2xIN81U6R5EICOEfL_Y-4a3zXxG0hT5iJlcOwcRr-FGt50yGNyWcAcTWdsIxTNqHbrdDDu0VZkEeSmFNEIGqdlAIMFRa43i0FRMKwlc5-h4lXVg; expires=Fri, 18-Oct-2024 04:03:06 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| app.convertobot.com/get_chatbot_info/cvOfPC | 172.67.145.237 | 200 OK | 2.3 kB |
URL GET HTTP/2app.convertobot.com/get_chatbot_info/cvOfPC IP172.67.145.237:443
Requested byhttps://constantclients.cc/ CertificateIssuerLet's Encrypt Subjectconvertobot.com Fingerprint75:4A:AB:25:C4:5D:F0:14:F8:9C:B1:AB:06:28:B8:D5:14:30:1C:2D ValidityFri, 29 Mar 2024 19:38:25 GMT - Thu, 27 Jun 2024 19:38:24 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2701), with no line terminators Hash88eae1e88d2ea8db45179fb72195cf32 4fe74adba848b6d427d0763e48c8b745b62a5461 9a0b328989a86d98f88fc97d1a380ce0494a9bef44be71335dac56e654d9e2c5
GET /get_chatbot_info/cvOfPC HTTP/1.1
Host: app.convertobot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://constantclients.cc
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:03:05 GMT
content-type: application/json
cache-control: no-cache, max-age=172800
access-control-allow-origin: *
expires: Sat, 20 Apr 2024 04:03:04 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rpGpyVKS8rTqBuQGl6Bo3a2EQbhAcNi4gTushb9sUTJjbMbqjtdtvLI%2BqWyK9xOFJu8%2B%2Bh9bkR6exHu26pSVTexWw7EZJPz%2FDzNKVIdGZoRb1x00rzlguSTI%2BkXK4hsu3zrBm7pj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8761c34ebe1856bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Montserrat | 142.250.74.106 | 200 OK | 1.8 kB |
URL GET HTTP/3fonts.googleapis.com/css?family=Montserrat IP142.250.74.106:443
Requested byhttps://constantclients.cc/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (1849), with no line terminators Hashf9bede8e0040dae7b773802d556ed574 3b54311abf21a8a22a7c39012bd4365561cd958e a431b718972726753c9f8bfc03334df3414b61b644f692c51673bfbe90164e4a
GET /css?family=Montserrat HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 04:03:05 GMT
date: Thu, 18 Apr 2024 04:03:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| docs.google.com/viewerng/img?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=0&w=800 | 142.250.74.142 | 200 OK | 893 kB |
URL GET HTTP/3docs.google.com/viewerng/img?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=0&w=800 IP142.250.74.142:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typePNG image data, 800 x 1131, 8-bit/color RGB, non-interlaced Size893 kB (892918 bytes) Hash1e29ff896ddf91619652798660b0775c bec9afb8a4ccbf83b4286b5d7f39160ff6276149 308483e8507918f95e9171afd39761f4bf570f77fefd7887e9245ff8078b77b9
GET /viewerng/img?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=0&w=800 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:06 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
content-security-policy: script-src 'nonce-6M-ZuedTIK7fS-eMYV0K1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=PvCJcpb7gTUnqYLQs-SFD8Ee_8mURSpvRQ1JMlVTwTheMFhbjVX4brWsNfppzS2bX8wTqDKRwUZ-gyAg7x371hqkeM5hUkaOquwYIUFhZ8W7fKTpGomOjWRxHLuoy4Q0QbqQ-d_WEeNdY2wQUgDgAikWoDnJHBTSr74z35xIuas; expires=Fri, 18-Oct-2024 04:03:06 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| constantclients.cc/wp-content/uploads/2021/08/cherrydeck-05gac-Qn0k4-unsplash.jpg | 66.235.200.147 | 200 OK | 83 kB |
URL GET HTTP/2constantclients.cc/wp-content/uploads/2021/08/cherrydeck-05gac-Qn0k4-unsplash.jpg IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1267, Scaling: [none]x[none], YUV color, decoders should clamp Hashba757b139d6c1a9c1e89099eca92cec6 61013a5760c4af54a0e58b44ee821063dd762fb5 a333b340ac193d86ae5fd252e3584e47fe6df2fa05bf9c3de6f07c5114b5025d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2021/08/cherrydeck-05gac-Qn0k4-unsplash.jpg HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/wp-content/uploads/elementor/css/post-999.css?ver=1708890611
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: image/webp
x-webp-convert-log: Serving converted file
vary: Accept,Accept-Encoding
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:49 GMT
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
server: cloudflare
cf-ray: 8761c2f3b844b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/themes/mesmerize/assets/js/theme.bundle.min.js?ver=1.6.109 | 66.235.200.147 | 200 OK | 85 kB |
URL GET HTTP/2constantclients.cc/wp-content/themes/mesmerize/assets/js/theme.bundle.min.js?ver=1.6.109 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash2f042b00685f23b715b773ceef644a1b 288e3425797ca89970502ed5c3bff634909e57ed 35c013f7b44dec194fda7044e8cd74fd39a03a400feba0909d5bec3c9fb5b220
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/mesmerize/assets/js/theme.bundle.min.js?ver=1.6.109 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
last-modified: Sat, 27 May 2023 14:54:47 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
server: cloudflare
cf-ray: 8761c2eddd71b50c-OSL
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/modules/core.BRQnzO8v.js | 172.67.39.148 | 200 OK | 72 kB |
URL GET HTTP/3static.addtoany.com/menu/modules/core.BRQnzO8v.js IP172.67.39.148:443
Requested byhttps://constantclients.cc/ CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash629401c31553d2f42a6ca46e58c2a97b 0ab6084caa72f90913c7e4119f491838726ec5c2 91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805
GET /menu/modules/core.BRQnzO8v.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://constantclients.cc
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
etag: W/"25da5432b1057724b8210f17e9b9db05"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8nFDFGM%2FTiMqg2hht%2BXWdICbclG9VkYxQZiBLUi5ICl9U9iHzP1rNLms9VEZ9zSKSjgcSuseOyIJZB0u1SyLiMSFZnvGYOWRjFYIcLyLiIFhFkPHgCv1JIm0zOvD5dcrLhGkH02R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8761c2f4180e5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| player.vimeo.com/video/662404108?h=24abf7b0dc&dnt=1&app_id=122963 | 162.159.138.60 | 200 OK | 18 kB |
URL GET HTTP/1.1player.vimeo.com/video/662404108?h=24abf7b0dc&dnt=1&app_id=122963 IP162.159.138.60:443
Requested byhttps://constantclients.cc/ CertificateIssuerLet's Encrypt Subjectplayer.vimeo.com FingerprintE8:45:41:E9:31:D2:A5:77:D5:5E:75:89:F8:00:24:2E:C3:3F:C8:BE ValidityFri, 29 Mar 2024 06:04:47 GMT - Thu, 27 Jun 2024 06:04:46 GMT
File typeHTML document, ASCII text, with very long lines (9732) Hash1c30913170ce78246b96827d6fe6044f 5ac2adfb8e711bfab433f4167689d40b2e8f01c7 f86f872411506afbabe8c2dcc2516bfb729dfbbafb47bba7dcf088605336d237
GET /video/662404108?h=24abf7b0dc&dnt=1&app_id=122963 HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 04:02:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
expires: Fri, 15 Dec 1985 19:30:00 GMT
link: <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin, <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-host: player-backend-66b7887c5c-sfkn2
x-player-backend: g
x-xss-protection: 1; mode=block
x-backend-server: player-backend-edge-entry
x-bapp-server: player-backend-66b7887c5c-sfkn2
via: 1.1 varnish
x-served-by: cache-osl6549-OSL
x-cache: MISS
x-cache-hits: 0
x-timer: S1713412970.530546,VS0,VE299
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=vcy.NXdi.c0dGRBflWTKPsg_RL4p.Ek_RyEVz7jGI4U-1713412969-1.0.1.1-tSBLqDSZFeBNNVz2aQJC5ARTPfhUCu..ceJHhm3dFvdVY2eK2JvoWs3jrM0eMO5X782bCEGRs_cLWcqqTEfruA; path=/; expires=Thu, 18-Apr-24 04:32:49 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
_cfuvid=PNnAYX__TvIfN80zKn.2p7nUSB3W00bQwUP1IPEBbAI-1713412969830-0.0.1.1-604800000; path=/; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 8761c2f37e6e56a5-OSL
Content-Encoding: gzip
|
|
| constantclients.cc/wp-content/plugins/strong-testimonials/public/svg/chevron-right-solid.svg | 66.235.200.147 | 200 OK | 527 B |
URL GET HTTP/2constantclients.cc/wp-content/plugins/strong-testimonials/public/svg/chevron-right-solid.svg IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash9cf3046a23e81a26c9cc945278f13194 0c6c3b9da1dac96e0acb5fc5634a22a69f4bb0d8 f2d92f4bb5a85adc8ab8e7963a6689e7e58dcab5825ad88cfc3a695db55575de
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/strong-testimonials/public/svg/chevron-right-solid.svg HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/wp-content/plugins/strong-testimonials/public/css/slider-controls-sides-outside-buttons.css?ver=3.1.12
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000; _ga_MR4VREK4MN=GS1.1.1713412970.1.0.1713412970.0.0.1500175129; _ga=GA1.1.1651928891.1713412970
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:03:02 GMT
content-type: image/svg+xml
last-modified: Fri, 22 Mar 2024 20:03:55 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:03:02 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c3459dddb50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| docs.google.com/viewerng/presspage?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=2 | 142.250.74.142 | 200 OK | 4.0 kB |
URL GET HTTP/3docs.google.com/viewerng/presspage?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=2 IP142.250.74.142:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeUnicode text, UTF-8 text, with very long lines (4226), with no line terminators Hashae0c67ffc035e7cf904b1d8d308b73e8 91a12688be942c53aaf77dafa5c13cba442c3305 f85fc8d04bb65936d6e99c2ba424615f4debf45f601a6676dcb3feed712b0509
GET /viewerng/presspage?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=2 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:06 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
content-security-policy: script-src 'nonce-9OerDBL7FD0_xLHjHWWRhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=pLHIM-H0bV5wlP_HVefn4JEaWe12kWC_9QcjT89aWs4fed6luD4r1CuV9Oy4PD-YdrGAtScco0Vz0wr-R5SZQcNx_uXWwrP3JSXCzRemMuxk22SYR3uENDi0ow_VCNtDDog5JGBm625kddNMlQd7orzUhlcmeWizxzDn1T7jX68; expires=Fri, 18-Oct-2024 04:03:06 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| constantclients.cc/wp-content/uploads/2021/08/redd-PTRzqc_h1r4-unsplash.jpg | 66.235.200.147 | 200 OK | 148 kB |
URL GET HTTP/2constantclients.cc/wp-content/uploads/2021/08/redd-PTRzqc_h1r4-unsplash.jpg IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1080, Scaling: [none]x[none], YUV color, decoders should clamp Size148 kB (147684 bytes) Hash356edb5828c53d981b92689cf9c833db bb8f9883f02466a79b798719856783354b73400d 35b2cb9d0fc016bd145417d3cd20ede21c6a309143221543eedfcf98371eabd9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2021/08/redd-PTRzqc_h1r4-unsplash.jpg HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/wp-content/uploads/elementor/css/post-999.css?ver=1708890611
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:50 GMT
content-type: image/webp
x-webp-convert-log: Serving converted file
vary: Accept,Accept-Encoding
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:49 GMT
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
server: cloudflare
cf-ray: 8761c2f3983ab50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/gtm4wp-contact-form-7-tracker.js?ver=1.20.2 | 66.235.200.147 | 409 Conflict | 83 B |
URL GET HTTP/2constantclients.cc/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/gtm4wp-contact-form-7-tracker.js?ver=1.20.2 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeHTML document, ASCII text, with no line terminators Hash839e0e1ee803a341ab291aaed320c8c4 302992d7f2ec44edaa728c17a55c2c903c864755 089a32b861f84eaa48bfb8f106d29365277a979a0300d89feb69eb2a1b6dea45
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/duracelltomi-google-tag-manager/dist/js/gtm4wp-contact-form-7-tracker.js?ver=1.20.2 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 409 Conflict
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/html; charset=iso-8859-1
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c2eddd6bb50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/wp-pdf-generator/assets/js/html2canvas.min.js?ver=1.2.3 | 66.235.200.147 | 200 OK | 61 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/wp-pdf-generator/assets/js/html2canvas.min.js?ver=1.2.3 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/wp-pdf-generator/assets/js/html2canvas.min.js?ver=1.2.3 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
last-modified: Mon, 05 Jun 2023 08:06:04 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
server: cloudflare
cf-ray: 8761c2eded84b50c-OSL
X-Firefox-Spdy: h2
|
|
| docs.google.com/viewerng/img?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=1&w=800 | 142.250.74.142 | 200 OK | 114 kB |
URL GET HTTP/2docs.google.com/viewerng/img?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=1&w=800 IP142.250.74.142:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typePNG image data, 800 x 1131, 8-bit/color RGB, non-interlaced Size114 kB (114428 bytes) Hash58e2ad9084417dcfe9b06639c335c107 96b51cf168b8258d09390ddd6211b3ac93bc900a 8fba6ddf0b010591b5a7166afa23f5e63f32a5be53ecb97c93d511f416afbb53
GET /viewerng/img?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU&page=1&w=800 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:03 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
content-security-policy: script-src 'nonce-dh-JBFU8LB8WLu0b5gXe7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=mx0twNeFG8bn28ceX06zt4LV043ekzM_f--5VCPTRUF-MF-hah7UOL_o8LAmbRLbnDNNyzI6AKXH8RUdBasxPpgaNIIALF9rAOU7ltvXxUXHXwspL_LOgUQjNutBfN8eYgZdtoUxVMxVzwWdmGCYhQLfv8_Heb_5MCSIBECTrMU; expires=Fri, 18-Oct-2024 04:03:02 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/page.js | 172.67.39.148 | 200 OK | 3.0 kB |
URL GET HTTP/2static.addtoany.com/menu/page.js IP172.67.39.148:443
Requested byhttps://constantclients.cc/ CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT
File typeJavaScript source, ASCII text, with very long lines (3132), with no line terminators Hash40486591ae8ea6d1423aeb13f1fd509b f847af56588642de93c6fe0d2ce182303f312455 16a6753a1de5c5602b0ca4afe3d17b95e2cb18d6b79bf7cdccedba3a733c1138
GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"e346c2841e4abbb66ee259e9540abb61"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i2AC7bE2UDFKM7qC5jDQxDxGBrcVDlnPDaJpMnzeeMpH%2BWmJ3duBGtVLq6wxk1QIfxp7e6MatgiRO5LypYWukV0nng7cUXW9aran8y9cwM8v0JAzIBzS1YQZ9pyCABT%2BXorAHEebwrAhbk61YRrQnUdl"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6907
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8761c2eddfea0b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Montserrat:100 | 142.250.74.106 | 200 OK | 1.8 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Montserrat:100 IP142.250.74.106:443
Requested byhttps://constantclients.cc/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (1849), with no line terminators Hash9d6738899527d728b3e2221180de3c12 c671720a5866a500f2ac0eac71064078708f1230 06af7c4adad9defe1b2accf8a83cb79af79ceb16a6d0077a82d69ed3399d6582
GET /css?family=Montserrat:100 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 04:02:49 GMT
date: Thu, 18 Apr 2024 04:02:49 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/uploads/2021/11/magnet-me-315vPGsAFUk-unsplash.jpg | 66.235.200.147 | 200 OK | 92 kB |
URL GET HTTP/2constantclients.cc/wp-content/uploads/2021/11/magnet-me-315vPGsAFUk-unsplash.jpg IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1280, Scaling: [none]x[none], YUV color, decoders should clamp Hashd39f5a051b7b7d179deb91e00d0b0113 b868a9b5b8999badc2a0a810db9ba9ab89f37704 6beeb77125e805eb2d6eb336d5c51939db66ac650f1c0b17487721ff376cada0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2021/11/magnet-me-315vPGsAFUk-unsplash.jpg HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/wp-content/uploads/elementor/css/post-999.css?ver=1708890611
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: image/webp
x-webp-convert-log: Serving converted file
vary: Accept,Accept-Encoding
last-modified: Sat, 27 May 2023 14:55:02 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:49 GMT
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
server: cloudflare
cf-ray: 8761c2f39836b50c-OSL
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 | 216.58.207.227 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 IP216.58.207.227:443
Requested byhttps://constantclients.cc/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 14940, version 1.0 Hasha46fb7aae99225fdfd9d64b2b8b1063f 1ee50bf5985c1956dde1c06d9b1cec4645ddb92b 4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
GET /s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://constantclients.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14940
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 21:46:04 GMT
expires: Tue, 15 Apr 2025 21:46:04 GMT
cache-control: public, max-age=31536000
age: 195423
last-modified: Wed, 13 Sep 2023 22:46:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.21.0 | 66.235.200.147 | 200 OK | 174 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.21.0 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
Size174 kB (173746 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.21.0 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:48 GMT
content-type: text/css
last-modified: Mon, 15 Apr 2024 20:04:20 GMT
cache-control: max-age=2592000
expires: Sat, 18 May 2024 04:02:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
server: cloudflare
cf-ray: 8761c2ed9d25b50c-OSL
X-Firefox-Spdy: h2
|
|
| constantclients.cc/wp-content/plugins/wp-pdf-generator/assets/js/jspdf.min.js?ver=1.2.3 | 66.235.200.147 | 200 OK | 307 kB |
URL GET HTTP/2constantclients.cc/wp-content/plugins/wp-pdf-generator/assets/js/jspdf.min.js?ver=1.2.3 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
Size307 kB (306942 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/wp-pdf-generator/assets/js/jspdf.min.js?ver=1.2.3 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: application/javascript
last-modified: Mon, 05 Jun 2023 08:06:04 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:49 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
server: cloudflare
cf-ray: 8761c2eded7fb50c-OSL
X-Firefox-Spdy: h2
|
|
| docs.google.com/viewerng/presspage?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=1 | 142.250.74.142 | 200 OK | 4.7 kB |
URL GET HTTP/3docs.google.com/viewerng/presspage?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=1 IP142.250.74.142:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeUnicode text, UTF-8 text, with very long lines (4952), with no line terminators Hash7ec4a3a376b11ba95f6fd722cd75ea1a 849e0a3fa398e847b3c1a37359e237ad30454df6 d9ac2e93f75b82c9cf2aa18f827ba0834411676e0b5811562b95814bce4135ed
GET /viewerng/presspage?id=ACFrOgDJUv3KzVu9gdtzike0uf5ZDFIxEJm6vbCwPEIgmDsBLXMeycKbioIEM9AMCV7-YIBVscNKHOvxpLpIn7Y0c340RUlTLzTNbTZhv_l2ftaBVpeNHRe4yyA1MUt2-w3tHtyNEq6dVrgDjlol&page=1 HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:03:06 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-security-policy: script-src 'nonce-tzpEN_Bpztzv3K7J3Qkf5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=JMgBaB3xDGOQoOQozn1mQmlyKJIZGk3Gv40H8Yk63lqed5AqyBRjZfjBOIDpWL2NtXiR9yFF7dXlTyxkMzI6v9py_SDdM9ClG9dehREZBm2NjIJZFDpDKVLhy9cTdE7i9XwDRto2t3eQjjPofJolNJmoHRWNKAf6MzWbjzRApL8; expires=Fri, 18-Oct-2024 04:03:06 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| docs.google.com/viewerng/thumb?ds=AON1mFzLR22rKqGTmJQ8BO1PwBFAnR9XYIFhooxKHY0E3-aLkutGQn-xJBeUtLaFXimz1m5waozWW98Ny0KGZeiDEepaEuq52k8E-lt6I1KGFe5cOX1Q_kvHy9mEEet3jqDeGBUf9QXmhrmBHGv3019s3Gb0F_HbjfPoin2Rk9mlNrqU0KpykKyrzgQMahWvCT8ON9DCezAy09IcGLJ5AEKyk1qoxMhTVecCFAC6SeTS03hVCZP0zQaj3a4AHRmO1tnwJm7K6u-9wtAR9vLcUlkyVzGZH-2fWkKN--rQuLzLOAfhixKZfM5MuFygEFA2GisQdYTW9iAW&ck=lantern&authuser&w=800&webp=true&p=proj | 142.250.74.142 | 200 OK | 629 kB |
URL GET HTTP/3docs.google.com/viewerng/thumb?ds=AON1mFzLR22rKqGTmJQ8BO1PwBFAnR9XYIFhooxKHY0E3-aLkutGQn-xJBeUtLaFXimz1m5waozWW98Ny0KGZeiDEepaEuq52k8E-lt6I1KGFe5cOX1Q_kvHy9mEEet3jqDeGBUf9QXmhrmBHGv3019s3Gb0F_HbjfPoin2Rk9mlNrqU0KpykKyrzgQMahWvCT8ON9DCezAy09IcGLJ5AEKyk1qoxMhTVecCFAC6SeTS03hVCZP0zQaj3a4AHRmO1tnwJm7K6u-9wtAR9vLcUlkyVzGZH-2fWkKN--rQuLzLOAfhixKZfM5MuFygEFA2GisQdYTW9iAW&ck=lantern&authuser&w=800&webp=true&p=proj IP142.250.74.142:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeRIFF (little-endian) data, Web/P image Size629 kB (628602 bytes) Hash08bc35cb1484803d8cf1807deeb181ca aee5b8218478ef3eac8411e929623b11a9c43a6e 34631d15b99518faf6a51fe36a95c5c42b65391f5230709284abaefad725b699
GET /viewerng/thumb?ds=AON1mFzLR22rKqGTmJQ8BO1PwBFAnR9XYIFhooxKHY0E3-aLkutGQn-xJBeUtLaFXimz1m5waozWW98Ny0KGZeiDEepaEuq52k8E-lt6I1KGFe5cOX1Q_kvHy9mEEet3jqDeGBUf9QXmhrmBHGv3019s3Gb0F_HbjfPoin2Rk9mlNrqU0KpykKyrzgQMahWvCT8ON9DCezAy09IcGLJ5AEKyk1qoxMhTVecCFAC6SeTS03hVCZP0zQaj3a4AHRmO1tnwJm7K6u-9wtAR9vLcUlkyVzGZH-2fWkKN--rQuLzLOAfhixKZfM5MuFygEFA2GisQdYTW9iAW&ck=lantern&authuser&w=800&webp=true&p=proj HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS3-revised.pdf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: image/webp
expires: Thu, 18 Apr 2024 04:03:05 GMT
date: Thu, 18 Apr 2024 04:03:05 GMT
cache-control: private, max-age=300
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-mXwW3qN9x_A1KDLb-7sXvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=HyvhhKBaXy35uu64KtE0lVYAslkTY2dpNAuSpu28hWX36_AeZ05jfkiPokoDkbT37TUylKj-gBJrDKG4-B4gwYMC0J6M5pYlg2XHDCbKpd7iB7DfSG2V-QOLmRk6GEie6mW_CtF3qwt-ZjHsKZAyPAl8wT24T05zNDTV6Y-VghM; expires=Fri, 18-Oct-2024 04:03:05 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| docs.google.com/viewerng/meta?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU | 142.250.74.142 | 200 OK | 36 B |
URL GET HTTP/3docs.google.com/viewerng/meta?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU IP142.250.74.142:443
Requested byhttps://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeASCII text, with no line terminators Hash45b006a58c64ecff5875ec96ef28e7ff 826b015d0c38cae990dbfef89fc1158c35b0cfad 5cfed5b80fb83f2dcae2d34ab23ec8be84c795cbf191b4bf62e1833a27421062
GET /viewerng/meta?id=ACFrOgDUC1EMuHtcLLduVCy9VEydSoQ4588Gtcoza91d0pSCaW7rCuoVCkMKXPxccaflHzU0QsDjF4jmGYHXks-ve0RXkP5fH6UFJ3X_FYkgQyq0wuaRYkgle9KIIv0O_UGFVHe_VdDzELPZQHxU HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://docs.google.com/gview?embedded=true&url=https://constantclients.cc/wp-content/uploads/2021/05/Phalanx-CS2-revised.pdf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:02:51 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
content-security-policy: script-src 'nonce-hanR-J56ldYF94BCnOVDRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=513=fwdA-K3tvq7vmqknRMcZBY3yXFwMIjA6-ugVbl9iJdMUv4Z9j5ajJx9m-LrwSE_Q2z4RKNSe9xA1Ue0EWBf-UgfXWpANYyu7Kox1xwD4_nuE1ZCDrdi9AgsXCnFkNTw19pg8AckYfqS_s1Bx-v3xceKxG8YE59L5ysztjlSouBw; expires=Fri, 18-Oct-2024 04:02:51 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| constantclients.cc/wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1710878638&ver=1.18.5 | 66.235.200.147 | 200 OK | 70 kB |
URL GET HTTP/2constantclients.cc/wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1710878638&ver=1.18.5 IP66.235.200.147:443
Requested byhttps://constantclients.cc/ CertificateIssuerCloudflare, Inc. Subjectconstantclients.cc FingerprintCC:80:A3:45:D4:93:10:84:A7:A2:60:A4:8C:53:0A:46:5E:10:4A:E2 ValidityTue, 30 May 2023 00:00:00 GMT - Tue, 28 May 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1710878638&ver=1.18.5 HTTP/1.1
Host: constantclients.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://constantclients.cc/
Cookie: _cfuvid=9faZtZa77xlwo1cUPr9nIwl_B3d7yYGFMdJdUzmmvvk-1713412967411-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:02:49 GMT
content-type: application/javascript
last-modified: Tue, 19 Mar 2024 20:03:58 GMT
cache-control: max-age=21600
expires: Thu, 18 Apr 2024 10:02:49 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
server: cloudflare
cf-ray: 8761c2eddd75b50c-OSL
X-Firefox-Spdy: h2
|
|