| 32063.2475april2024.com/hyFCCY02PgnmZtczvQOYbhxKk9RQ5tiBZvheX8ucEJkUPJmUyZsDatUA7nFCOyBKo_bf6KM?_=579872689548894967 | 88.208.22.1 | | 0 B |
URL 32063.2475april2024.com/hyFCCY02PgnmZtczvQOYbhxKk9RQ5tiBZvheX8ucEJkUPJmUyZsDatUA7nFCOyBKo_bf6KM?_=579872689548894967 IP88.208.22.1:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /hyFCCY02PgnmZtczvQOYbhxKk9RQ5tiBZvheX8ucEJkUPJmUyZsDatUA7nFCOyBKo_bf6KM?_=579872689548894967 HTTP/1.1
Host: 32063.2475april2024.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
server: nginx
date: Fri, 19 Apr 2024 14:00:28 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
location: https://nossairt.net/4/7184682
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
last-modified: Fri, 19 Apr 2024 14:00:28 UTC
expires: Fri, 19 Apr 2024 14:00:28 UTC
X-Firefox-Spdy: h2
|
|
| nossairt.net/sftouch?userId=008043397b0c4f8efc4b81fabbede9a9&z=7184682&p_rid=ba350720-81bd-4baa-a0ac-d20b06240380&p_src=sf&branchId=0&rb=c79bg8_32jV1Eiafn5UFR_ufuU-Oi09sC7bKAY2r85dRAEI1VYTfzb4XfBX4tp6f3BilGzIRB12I6mdScJwFMAnpfhmNjuiGO6_1w51CH7bWng8S1dUVUbjPMDg4kcWUOi6bzL7iY16PgxNXPSZiMjhYPqN0nwY2hyDmiV6rZNhBPaX4Td6jUStItQml5uQf5M4XHGor1pMaK_Gvm5EQ66CmZNj4ux9fx1sbTwD2h8M= | 139.45.197.238 | | 2 B |
URL nossairt.net/sftouch?userId=008043397b0c4f8efc4b81fabbede9a9&z=7184682&p_rid=ba350720-81bd-4baa-a0ac-d20b06240380&p_src=sf&branchId=0&rb=c79bg8_32jV1Eiafn5UFR_ufuU-Oi09sC7bKAY2r85dRAEI1VYTfzb4XfBX4tp6f3BilGzIRB12I6mdScJwFMAnpfhmNjuiGO6_1w51CH7bWng8S1dUVUbjPMDg4kcWUOi6bzL7iY16PgxNXPSZiMjhYPqN0nwY2hyDmiV6rZNhBPaX4Td6jUStItQml5uQf5M4XHGor1pMaK_Gvm5EQ66CmZNj4ux9fx1sbTwD2h8M= IP139.45.197.238:0
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sftouch?userId=008043397b0c4f8efc4b81fabbede9a9&z=7184682&p_rid=ba350720-81bd-4baa-a0ac-d20b06240380&p_src=sf&branchId=0&rb=c79bg8_32jV1Eiafn5UFR_ufuU-Oi09sC7bKAY2r85dRAEI1VYTfzb4XfBX4tp6f3BilGzIRB12I6mdScJwFMAnpfhmNjuiGO6_1w51CH7bWng8S1dUVUbjPMDg4kcWUOi6bzL7iY16PgxNXPSZiMjhYPqN0nwY2hyDmiV6rZNhBPaX4Td6jUStItQml5uQf5M4XHGor1pMaK_Gvm5EQ66CmZNj4ux9fx1sbTwD2h8M= HTTP/1.1
Host: nossairt.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nossairt.net
DNT: 1
Connection: keep-alive
Referer: https://nossairt.net/4/7184682
Cookie: OAID=008043397b0c4f8efc4b81fabbede9a9; oaidts=1713535228
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 14:00:28 GMT
content-type: text/plain
content-length: 2
x-trace-id: 805afc2a1649fc66f860160c4d9f66f3
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://nossairt.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/img.gif?f=merge&userId=008043397b0c4f8efc4b81fabbede9a9&z=7184682&p_rid=ba350720-81bd-4baa-a0ac-d20b06240380&p_src=sf | 139.45.195.8 | | 43 B |
URL my.rtmark.net/img.gif?f=merge&userId=008043397b0c4f8efc4b81fabbede9a9&z=7184682&p_rid=ba350720-81bd-4baa-a0ac-d20b06240380&p_src=sf IP139.45.195.8:0
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=008043397b0c4f8efc4b81fabbede9a9&z=7184682&p_rid=ba350720-81bd-4baa-a0ac-d20b06240380&p_src=sf HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nossairt.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 14:00:29 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=008043397b0c4f8efc4b81fabbede9a9; expires=Sat, 19 Apr 2025 14:00:29 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| nossairt.net/favicon.ico | 139.45.197.238 | | 0 B |
IP139.45.197.238:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: nossairt.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nossairt.net/4/7184682
Cookie: OAID=008043397b0c4f8efc4b81fabbede9a9; oaidts=1713535228
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 19 Apr 2024 14:00:29 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2
|
|
| nossairt.net/?z=7184682&syncedCookie=true&rhd=false | 139.45.197.238 | | 0 B |
URL nossairt.net/?z=7184682&syncedCookie=true&rhd=false IP139.45.197.238:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /?z=7184682&syncedCookie=true&rhd=false HTTP/1.1
Host: nossairt.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 520
Origin: https://nossairt.net
DNT: 1
Connection: keep-alive
Referer: https://nossairt.net/afu.php?zoneid=7184682&var=7184682&rid=mnhKzS_wDF_SW3g2Y1iWsw%3D%3D&rhd=false&ab2r=0&sf=1
Cookie: OAID=008043397b0c4f8efc4b81fabbede9a9; oaidts=1713535228
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Fri, 19 Apr 2024 14:00:29 GMT
content-length: 0
location: https://eu.can-get-so.me/pr?ids=wbwsdgevdua&hash=9d2e850da28b60f5&ext_req_id=805187711056220222&subid1=7184682&cost=0.001050
x-trace-id: f558c1211311357c9056a7b234b61201
link: <https://eu.can-get-so.me>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://nossairt.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=008043397b0c4f8efc4b81fabbede9a9; expires=Sat, 19 Apr 2025 14:00:29 GMT; path=/; secure; SameSite=None
oaidts=1713535228; expires=Sat, 19 Apr 2025 14:00:29 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 26 Apr 2024 14:00:29 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| eu.can-get-so.me/pr?ids=wbwsdgevdua&hash=9d2e850da28b60f5&ext_req_id=805187711056220222&subid1=7184682&cost=0.001050 | 178.63.248.54 | 302 Found | 17 kB |
URL User Request POST HTTP/2eu.can-get-so.me/pr?ids=wbwsdgevdua&hash=9d2e850da28b60f5&ext_req_id=805187711056220222&subid1=7184682&cost=0.001050 IP178.63.248.54:443 ASN#24940 Hetzner Online GmbH
CertificateIssuerLet's Encrypt Subjecteu.can-get-so.me Fingerprint06:3A:29:D0:50:D1:F5:1E:18:2E:C7:A2:FC:B4:01:5D:7B:49:F5:0C ValiditySun, 25 Feb 2024 03:31:23 GMT - Sat, 25 May 2024 03:31:22 GMT
File typeHTML document, ASCII text, with very long lines (37656) Hash03619d6cdf5260a6401b52272307435f b122c325f4eae9dc90f1656054d4f7dc71dd2d45 8b9b9a82f130dc77da9af55fc68e9d756621e826f6b901333390e6e75c12e1bf
GET /pr?ids=wbwsdgevdua&hash=9d2e850da28b60f5&ext_req_id=805187711056220222&subid1=7184682&cost=0.001050 HTTP/1.1
Host: eu.can-get-so.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Angie
date: Fri, 19 Apr 2024 14:00:29 GMT
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
link: <https://adserving.unibet.com>; rel="dns-prefetch preconnect"
set-cookie: rauid=obesAXbzSC65E7JY8Z035g; expires=Sat, 19 Apr 2025 14:00:29 GMT; path=/; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| eu.can-get-so.me/favicon.ico | 178.63.248.54 | | 0 B |
URL eu.can-get-so.me/favicon.ico IP178.63.248.54:0 ASN#24940 Hetzner Online GmbH
CertificateIssuerLet's Encrypt Subjecteu.can-get-so.me Fingerprint06:3A:29:D0:50:D1:F5:1E:18:2E:C7:A2:FC:B4:01:5D:7B:49:F5:0C ValiditySun, 25 Feb 2024 03:31:23 GMT - Sat, 25 May 2024 03:31:22 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: eu.can-get-so.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: rauid=obesAXbzSC65E7JY8Z035g
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: Angie
date: Fri, 19 Apr 2024 14:00:29 GMT
X-Firefox-Spdy: h2
|
|
| adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB_2 | 13.107.246.53 | 403 Forbidden | 409 B |
URL User Request GET HTTP/2adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB_2 IP13.107.246.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerTrustwave Holdings, Inc. Subjectaffiliates.kindredplc.com Fingerprint9C:1F:91:86:77:41:76:62:71:CD:11:FD:80:70:B7:83:58:47:BF:4F ValidityThu, 17 Aug 2023 06:39:43 GMT - Fri, 16 Aug 2024 06:38:43 GMT
File typeASCII text, with CRLF line terminators Hashaff1412dcd0939e2277e1b0055700680 7defc58de02bffa9aff78cf9d6085a3cb87f690e bfea1b46023270d18a417ba5534490ecddce09e78e6db67df3b3bbaba9cc9c96
GET /redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB_2 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Fri, 19 Apr 2024 14:00:29 GMT
content-type: text/html
content-length: 409
x-azure-ref: 20240419T140029Z-17f9dd4c48bt4v25ygc2qn5xds00000003ng00000000a1nb
x-cache: CONFIG_NOCACHE
X-Firefox-Spdy: h2
|
|
| adserving.unibet.com/favicon.ico | 13.107.246.53 | 403 Forbidden | 409 B |
URL GET HTTP/2adserving.unibet.com/favicon.ico IP13.107.246.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB_2 CertificateIssuerTrustwave Holdings, Inc. Subjectaffiliates.kindredplc.com Fingerprint9C:1F:91:86:77:41:76:62:71:CD:11:FD:80:70:B7:83:58:47:BF:4F ValidityThu, 17 Aug 2023 06:39:43 GMT - Fri, 16 Aug 2024 06:38:43 GMT
File typeASCII text, with CRLF line terminators Hash62ba02cad2a06567dd0864236f52c4af 37671847e0567544809345027c7a78790401eec6 ae6a6cbdfef1fb7372304806ae556e1d2375316b47ccd300ab756f00d3cca1c3
GET /favicon.ico HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB_2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Fri, 19 Apr 2024 14:00:30 GMT
content-type: text/html
content-length: 409
x-azure-ref: 20240419T140030Z-17f9dd4c48b2smg4vb48rxw4zn000000039g000000004u4a
x-cache: CONFIG_NOCACHE
X-Firefox-Spdy: h2
|
|
| nossairt.net/4/7184682 | 139.45.197.238 | | 19 kB |
IP139.45.197.238:0
File typegzip compressed data, max speed, from Unix Hash5550f542143f81b68a0de8cb2b8cc259 6ca8a7f2e343a892f93b81e07c97fe108d2d5f58 28d3f315463153c6c7cb5232e79eb0bba744aba83c095e78fcae2d80838129e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /4/7184682 HTTP/1.1
Host: nossairt.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 14:00:28 GMT
content-type: text/html; charset=utf8
x-trace-id: 94302b853a6dffb1e159d31957a07552
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=008043397b0c4f8efc4b81fabbede9a9; expires=Sat, 19 Apr 2025 14:00:28 GMT; path=/; secure; SameSite=None
oaidts=1713535228; expires=Sat, 19 Apr 2025 14:00:28 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|