r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5153
Expires: Thu, 02 Feb 2023 00:53:15 GMT
Date: Wed, 01 Feb 2023 23:27:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2638
Expires: Thu, 02 Feb 2023 00:11:20 GMT
Date: Wed, 01 Feb 2023 23:27:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16345
Expires: Thu, 02 Feb 2023 03:59:47 GMT
Date: Wed, 01 Feb 2023 23:27:22 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 22:43:26 GMT
content-type: application/json
age: 2636
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: gfYBtcFQ+bFatOdYiuZTb+r05TpfA6J6a5dUlLQg6J9ale/0imlA6u2JMDr3P4o4MQ9tWSSyI4c=
x-amz-request-id: N6JVJ8WXX3YVXXY4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 22:51:44 GMT
age: 2138
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 23:27:22 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 22:49:05 GMT
age: 2298
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11070
Expires: Thu, 02 Feb 2023 02:31:53 GMT
Date: Wed, 01 Feb 2023 23:27:23 GMT
Connection: keep-alive
push.services.mozilla.com/
52.89.44.161101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.44.161:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iwtMY8xzQY1mLy6jMkNiKg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: r5GVM5JzOZ3ebWWvl5KIAaFAn5o=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11869
Expires: Thu, 02 Feb 2023 02:45:13 GMT
Date: Wed, 01 Feb 2023 23:27:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11869
Expires: Thu, 02 Feb 2023 02:45:13 GMT
Date: Wed, 01 Feb 2023 23:27:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11869
Expires: Thu, 02 Feb 2023 02:45:13 GMT
Date: Wed, 01 Feb 2023 23:27:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11869
Expires: Thu, 02 Feb 2023 02:45:13 GMT
Date: Wed, 01 Feb 2023 23:27:24 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6bb5b89e738516f4862491eec286bf6d
8fb46b9ca85f2c578eb2a56d0007859183e12209
7f164a37b675bf39f8473392b07a2a383397da003303965fb190fd4f455bb43b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15051
x-amzn-requestid: 72a3f2ae-538e-40dc-9496-86c28334ba0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc6jGTAIAMFy4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb76-72178ed13a2e70d462785b90;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CKTfQzCvXa4oL6Lm2n8Rw_9Uhj69YfgpDTP9s0zoaX5qW1vcqWIXDA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:46:26 GMT
age: 6058
etag: "8fb46b9ca85f2c578eb2a56d0007859183e12209"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 02:29:58 GMT
age: 75446
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b1e36ab-6847-48e2-8227-fc589124cb93.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b1e36ab-6847-48e2-8227-fc589124cb93.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f4dbd75e0cdc28265ccbe825c5c5b6c
78187b014be0ee8bf7543fb873915db8a9c8dbc4
bf49642b990d73f58ca5f9ee979271ba2ab80bae94c8f333fa5737b16016d1c8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b1e36ab-6847-48e2-8227-fc589124cb93.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7036
x-amzn-requestid: 9d54dd82-add1-4d7d-97b7-53c92eecb724
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJxCHAqoAMF3qA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcd3-109d34d11a9834886e3080ee;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:01:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: U45NW79hI4Vtd7fV7kXnxqlxRQzC-u9PVlNK4D1pBkAa8CBYuUf9ig==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:06:05 GMT
age: 58879
etag: "78187b014be0ee8bf7543fb873915db8a9c8dbc4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00c1df1d-5e83-46c4-87de-093028c17afe.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00c1df1d-5e83-46c4-87de-093028c17afe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dbb3b7fe13504478f3fe5e8c0190b8db
b8ca03ed416b5ab9cd118f32a1890ffa764a7aec
e47f269c393ee8d87bfce593f31fd49309e1d9b47b8745dd3b6568036da50d55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00c1df1d-5e83-46c4-87de-093028c17afe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7416
x-amzn-requestid: c4e8c4e6-5f2a-4b94-ad48-f10fb51c78c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BH1-IAMF17g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-40e58e6e49f919a3740bb92a;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2-O9YJrb-baVaEYFpesrbfMrIDBautEp2f5ilm1-vmHcjUGxE0c1VA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:55 GMT
age: 4109
etag: "b8ca03ed416b5ab9cd118f32a1890ffa764a7aec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dac6192-89b0-4161-86a2-38f3998a1bc4.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dac6192-89b0-4161-86a2-38f3998a1bc4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f1d06527f75868ea84da730b7c8b5660
6c0cb65a477d6bc7d013529411d5735bd39e3d46
2ff4fb12b9ac4dff67bf89cc69f1bfce3ffa738696f904172044a5a537a704c9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dac6192-89b0-4161-86a2-38f3998a1bc4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6783
x-amzn-requestid: 5ab60169-ec65-483a-828b-3312c74ee4b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BGjqoAMFV6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-73a465244f89adaa27626246;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: S012XKdrl7ID1qnfD-G2fcAxWoseP_mAnaDi12Y-UmdBW8yXgGlpgQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:46 GMT
age: 4118
etag: "6c0cb65a477d6bc7d013529411d5735bd39e3d46"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XyDZc0F-b0rxwoS5wvSXBuBfYE7JljMmuXseBjLOBk4HvxU5gE7Oqg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:55 GMT
age: 4109
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mail.klargexports.us/
198.44.48.18301 Moved Permanently 16 kB IP 198.44.48.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (43952), with CRLF, LF line terminators
Hash 66b52aff357c16efa9017384206b2ada
aa032786ce09f585c6821f3189143dbd9f0bcce2
9d01840765a5070fa12b8022d979c340a18e295d00047c50fc4817b771128f96
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: mail.klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 01 Feb 2023 23:27:22 GMT
Server: Apache
X-Redirect-By: WordPress
Content-Encoding: gzip
Vary: Accept-Encoding
Location: https://klargexports.us/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
klargexports.us/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
198.44.48.18200 OK 12 kB URL HTTP/1.1 klargexports.us/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 198.44.48.18:0
File type ASCII text, with very long lines (47826)
Hash 8fa87dd23394a22621248ec378d2af59
9305bc637a89b1700d7f56a19a80bd32b0feb2f7
c162f7de24fa2d4e93e0da254ef287ff72f4a3e03f42443265097968351388dc
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:25 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 20:51:50 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:25 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 12518
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:27:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
klargexports.us/wp-content/themes/unbound/css/animate.min.css
198.44.48.18200 OK 2.7 kB URL HTTP/1.1 klargexports.us/wp-content/themes/unbound/css/animate.min.css
IP 198.44.48.18:0
File type ASCII text, with very long lines (17291)
Hash 40c02aba041e62f3f71980251f6fb857
14db198c6a9d91541b8e12e964a48a307c07d9ab
bc01a8361c62da50a62eedf567c19ffae0e3962b8777dd4780139ff2bd23853c
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/unbound/css/animate.min.css HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:25 GMT
Server: Apache
Last-Modified: Wed, 27 Jun 2018 14:54:08 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:25 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2659
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
klargexports.us/wp-includes/css/classic-themes.min.css?ver=1
198.44.48.18200 OK 189 B URL HTTP/1.1 klargexports.us/wp-includes/css/classic-themes.min.css?ver=1
IP 198.44.48.18:0
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:25 GMT
Server: Apache
Last-Modified: Tue, 25 Oct 2022 23:15:16 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:25 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 189
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
klargexports.us/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.3
198.44.48.18200 OK 9.6 kB URL HTTP/1.1 klargexports.us/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.3
IP 198.44.48.18:0
File type Unicode text, UTF-8 text, with very long lines (5178), with CRLF line terminators
Hash 720fc0a8dbcc1bd2c6bc2e2d8f1a1ea5
141d498396c9688411ebba4a9490116f09b04049
f2656c8581ad8ba6fd6bad6bcb19d57cba2015438df8e85ae6019de5b1751a62
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.3 HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:25 GMT
Server: Apache
Last-Modified: Wed, 17 Apr 2019 13:15:28 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:25 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 9562
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:27:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
klargexports.us/wp-content/themes/unbound/css/elusive-icons.min.css
198.44.48.18200 OK 3.2 kB URL HTTP/1.1 klargexports.us/wp-content/themes/unbound/css/elusive-icons.min.css
IP 198.44.48.18:0
File type ASCII text, with very long lines (13926)
Hash 193366f489d8fa68d6a39017b706c4a7
a5dd955f27b940ddea859e3efd192255bb26e302
cec6a1502af22f7ea13b4f7173eabf3de01a6bbebf9bbf6f30f584661435d035
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/unbound/css/elusive-icons.min.css HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:25 GMT
Server: Apache
Last-Modified: Thu, 21 Jun 2018 13:50:26 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:25 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3152
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
klargexports.us/wp-content/themes/unbound/css/font-awesome.min.css
198.44.48.18200 OK 7.1 kB URL HTTP/1.1 klargexports.us/wp-content/themes/unbound/css/font-awesome.min.css
IP 198.44.48.18:0
File type ASCII text, with very long lines (30837)
Hash 52f1a8a2ce85fa8432308b33bc1a2e79
fd80917af5371c8ecad0198592a1e7cce4b77b0e
07bd6a9ea0213e20f362485aadc17a88c486ecfb394004b41b8b38db6e6a35f6
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/unbound/css/font-awesome.min.css HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:25 GMT
Server: Apache
Last-Modified: Thu, 21 Jun 2018 13:50:26 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:25 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 7053
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:27:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
klargexports.us/wp-content/themes/unbound/css/radiantthemes-custom.css
198.44.48.18200 OK 20 kB URL HTTP/1.1 klargexports.us/wp-content/themes/unbound/css/radiantthemes-custom.css
IP 198.44.48.18:0
File type ASCII text, with very long lines (844), with CRLF line terminators
Hash 258c6d363a0df5d1a2fe87b02f5a865d
1a0fdaad9b02192af81fb298b6448aeee830d927
15d3931e28c13d6f75a958472a3447194bb444ba73ed3e23f23edf9568076c02
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/unbound/css/radiantthemes-custom.css HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:25 GMT
Server: Apache
Last-Modified: Wed, 19 Sep 2018 18:29:36 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:25 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 19873
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:27:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
klargexports.us/wp-content/themes/unbound/css/bootstrap.min.css
198.44.48.18200 OK 20 kB URL HTTP/1.1 klargexports.us/wp-content/themes/unbound/css/bootstrap.min.css
IP 198.44.48.18:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65329)
Hash daa3f62c07aa7646edbe59b93b510986
edc3a20dc23c6590a55236dceff00d6889750982
31e84eca489bf75936d69793d16f8c3ee5e38dcbd324689e3136d2afb46516e3
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/unbound/css/bootstrap.min.css HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:25 GMT
Server: Apache
Last-Modified: Thu, 19 Jul 2018 15:47:06 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:25 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 19541
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
klargexports.us/wp-content/themes/unbound/inc/widget/contact-box/css/radiantthemes-contact-box.css
198.44.48.18200 OK 0 B URL HTTP/1.1 klargexports.us/wp-content/themes/unbound/inc/widget/contact-box/css/radiantthemes-contact-box.css
IP 198.44.48.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/unbound/inc/widget/contact-box/css/radiantthemes-contact-box.css HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:25 GMT
Server: Apache
Last-Modified: Mon, 03 Sep 2018 18:48:58 GMT
Accept-Ranges: bytes
Content-Length: 0
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:25 GMT
Vary: User-Agent
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
klargexports.us/wp-content/themes/unbound/css/radiantthemes-responsive.css
198.44.48.18200 OK 880 B URL HTTP/1.1 klargexports.us/wp-content/themes/unbound/css/radiantthemes-responsive.css
IP 198.44.48.18:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 9ed82d9508c5460fbbe72452c483689b
7079e24cebf5a5aecbbc3cecd0de61d0ba512726
2af607d9530f93fbb1afad82e8e5c80e4a1ecee0f11c6b696e0b7d4a78996405
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/unbound/css/radiantthemes-responsive.css HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:25 GMT
Server: Apache
Last-Modified: Thu, 21 Jun 2018 13:50:26 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:25 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 880
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
klargexports.us/wp-content/themes/unbound/inc/widget/recent-posts/css/radiantthemes-recent-post-with-thumbnail-element-one.css
198.44.48.18200 OK 324 B URL HTTP/1.1 klargexports.us/wp-content/themes/unbound/inc/widget/recent-posts/css/radiantthemes-recent-post-with-thumbnail-element-one.css
IP 198.44.48.18:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash c68dfb22f492728f8b35c730b1ac2dfd
9a68eb99f4bab09440465810241950abb4bda7dd
73439c0a1c8eff06dfdcd8f77a5bdd7cdabfdef2f587cde3cb4e87ec67b6af4f
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/unbound/inc/widget/recent-posts/css/radiantthemes-recent-post-with-thumbnail-element-one.css HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:25 GMT
Server: Apache
Last-Modified: Thu, 20 Sep 2018 15:17:48 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:25 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 324
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
klargexports.us/wp-content/themes/unbound/css/radiantthemes-header-style-four.css
198.44.48.18200 OK 2.5 kB URL HTTP/1.1 klargexports.us/wp-content/themes/unbound/css/radiantthemes-header-style-four.css
IP 198.44.48.18:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 173d76b56773399a185f47ad837c8702
9a38e512b69df77e2cbd7ee07fa7f4453e95e24c
2a00b31c0b624609170290c8d69a4e9d6d07e6d2aa4fcbed96dc91de14827e34
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/unbound/css/radiantthemes-header-style-four.css HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:25 GMT
Server: Apache
Last-Modified: Wed, 19 Sep 2018 16:51:34 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:25 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2471
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
klargexports.us/wp-content/themes/unbound/css/radiantthemes-footer-style-one.css
198.44.48.18200 OK 2.1 kB URL HTTP/1.1 klargexports.us/wp-content/themes/unbound/css/radiantthemes-footer-style-one.css
IP 198.44.48.18:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash fb85e078c99bdbe3a9c796454d59dbec
3c9d17dac616388a5fc6aed0a021cf503125848e
83ae06bf287bb868112dd54dfc70329dde520f7b5f82377c9dfaa4d5c0b9523f
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/unbound/css/radiantthemes-footer-style-one.css HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:25 GMT
Server: Apache
Last-Modified: Wed, 19 Sep 2018 18:18:06 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:25 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2147
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
klargexports.us/wp-content/themes/unbound/style.css?ver=6.1.1
198.44.48.18200 OK 937 B URL HTTP/1.1 klargexports.us/wp-content/themes/unbound/style.css?ver=6.1.1
IP 198.44.48.18:0
File type ASCII text, with very long lines (587)
Hash dc80fe54852aedd8fe2f07b466b82807
70e6e17d2dc78e1a32ce9464aef73df43ab1bb35
6807da04c397039d2b74871feceaac91bb986240189ea3c68fe0d32347b07f47
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/unbound/style.css?ver=6.1.1 HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:25 GMT
Server: Apache
Last-Modified: Thu, 18 Apr 2019 16:44:16 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:25 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 937
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
klargexports.us/wp-content/themes/unbound/css/radiantthemes-dynamic.css?ver=1675294044
198.44.48.18200 OK 3.2 kB URL HTTP/1.1 klargexports.us/wp-content/themes/unbound/css/radiantthemes-dynamic.css?ver=1675294044
IP 198.44.48.18:0
File type ASCII text, with very long lines (1094)
Hash 93e195422ecd0631f872b659073c8616
983ab23691909003514aa70bfed91ca0a1566bd4
cc9f55f799b8d980b0312d8a2f747fa746c4cd4b72ec878943b804876f4f10b5
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/unbound/css/radiantthemes-dynamic.css?ver=1675294044 HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:25 GMT
Server: Apache
Last-Modified: Wed, 01 Feb 2023 23:27:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:25 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3157
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
klargexports.us/wp-content/themes/unbound/css/radiantthemes-user-custom.css?ver=1675294044
198.44.48.18200 OK 3.5 kB URL HTTP/1.1 klargexports.us/wp-content/themes/unbound/css/radiantthemes-user-custom.css?ver=1675294044
IP 198.44.48.18:0
File type ASCII text, with very long lines (305)
Hash 66b2826a7f61a2b1ca6dd28900360f48
9788897a5cca766a4973e26f3f62ed2bc7b65307
a1f5431812e8ecb6389ae17c1f3db21c717ec02c3a0685eda63ea8c411cdf981
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/unbound/css/radiantthemes-user-custom.css?ver=1675294044 HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:25 GMT
Server: Apache
Last-Modified: Wed, 26 Sep 2018 16:26:36 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:25 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3512
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
klargexports.us/wp-content/plugins/radiantthemes-addons/button/css/radiantthemes-button-element-one.css?ver=6.1.1
198.44.48.18200 OK 702 B URL HTTP/1.1 klargexports.us/wp-content/plugins/radiantthemes-addons/button/css/radiantthemes-button-element-one.css?ver=6.1.1
IP 198.44.48.18:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 10becef5fd8c4fc249d7051d4ef4df6e
60dc7b4e6fb3860b55fbc8ceb5e3c6d3f9c4ec8d
4beacff6509d9fdfc64e13af025ca735645db4f517e608fbd5ab539c291a2c3a
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/radiantthemes-addons/button/css/radiantthemes-button-element-one.css?ver=6.1.1 HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:25 GMT
Server: Apache
Last-Modified: Mon, 18 Jan 2021 16:13:57 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:25 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 702
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
klargexports.us/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
198.44.48.18200 OK 31 kB URL HTTP/1.1 klargexports.us/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 198.44.48.18:0
File type ASCII text, with very long lines (65447)
Hash 1b5264c989379b828aff60f65a518a24
98641237f14ccb33ac114f54329a33bd0aa17eb7
6c8e7b78c6dbc13426810c905572db7589cf3e00264e30ce797fddb0b1092237
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:25 GMT
Server: Apache
Last-Modified: Mon, 19 Sep 2022 23:46:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:25 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 30995
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
klargexports.us/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
198.44.48.18200 OK 4.2 kB URL HTTP/1.1 klargexports.us/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 198.44.48.18:0
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:25 GMT
Server: Apache
Last-Modified: Wed, 18 Nov 2020 19:36:06 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:25 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4169
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
klargexports.us/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.3
198.44.48.18200 OK 18 kB URL HTTP/1.1 klargexports.us/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.3
IP 198.44.48.18:0
File type ASCII text, with very long lines (64614), with CRLF line terminators
Hash b300af7280cf82d31e7f0b75c128598c
66b506bb8254f08ffe57c2b1e42722b73464670f
feffecee338ad546654ada73f52882c96356f6882a3e59cb540878415d77db1d
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.3 HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:25 GMT
Server: Apache
Last-Modified: Wed, 17 Apr 2019 13:15:28 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:25 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 18090
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
klargexports.us/wp-content/themes/unbound/js/retina.min.js?ver=1
198.44.48.18200 OK 1.2 kB URL HTTP/1.1 klargexports.us/wp-content/themes/unbound/js/retina.min.js?ver=1
IP 198.44.48.18:0
File type ASCII text, with very long lines (2352)
Hash 19d9b071e784fd0b7dbef580571cbb84
7d88163fe9659f79184871bb56580064ec92f9be
c7b32ca632255758c637e137f9f7b613b91f96d4718c3a0536df0fbf6503e98a
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/unbound/js/retina.min.js?ver=1 HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:25 GMT
Server: Apache
Last-Modified: Thu, 21 Jun 2018 13:50:28 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:25 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1220
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
klargexports.us/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.5.0
198.44.48.18200 OK 46 kB URL HTTP/1.1 klargexports.us/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.5.0
IP 198.44.48.18:0
File type ASCII text, with very long lines (65358)
Hash 2fe906250b403a8535d316cdf1e8a808
7b84d27dd294fe145beec5801fc2d8d5a00d611b
655f96cc6f8ea662c046fd64382639c7a9b5c9a936645beb200653b4880e51e3
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.5.0 HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:25 GMT
Server: Apache
Last-Modified: Wed, 16 Dec 2020 09:24:25 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:25 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 45790
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
klargexports.us/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
198.44.48.18200 OK 5.0 kB URL HTTP/1.1 klargexports.us/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 198.44.48.18:0
File type ASCII text, with very long lines (15660)
Hash e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:25 GMT
Server: Apache
Last-Modified: Tue, 12 Apr 2022 15:26:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:25 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5009
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
klargexports.us/wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.5.0
198.44.48.18200 OK 3.7 kB URL HTTP/1.1 klargexports.us/wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.5.0
IP 198.44.48.18:0
File type ASCII text, with very long lines (51719)
Hash b56aabb4f35984f3e74659f7b23254bf
9e12c8b4c80428a847b50e922b1a8a38d807c23c
825101fe8abc67771f316bff138dbd33445065033cc7efb4b103a26b100bb464
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.5.0 HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:25 GMT
Server: Apache
Last-Modified: Wed, 16 Dec 2020 09:24:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:25 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3653
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
klargexports.us/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.3
198.44.48.18200 OK 38 kB URL HTTP/1.1 klargexports.us/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.3
IP 198.44.48.18:0
File type ASCII text, with very long lines (27287), with CRLF line terminators
Hash 33ad97fbd5f6d0ad97af5461cc857da3
a975057df83659e526059661a2dae1a5a4d23fe2
ba0476734001e6e0808e7882a24852cf298dacac37b2beaf2c17718d2032afb2
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.3 HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:25 GMT
Server: Apache
Last-Modified: Wed, 17 Apr 2019 13:15:28 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:25 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 38337
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
klargexports.us/wp-content/plugins/radiantthemes-addons/iconbox/css/radiantthemes-iconbox-element-one.css?ver=6.1.1
198.44.48.18200 OK 212 B URL HTTP/1.1 klargexports.us/wp-content/plugins/radiantthemes-addons/iconbox/css/radiantthemes-iconbox-element-one.css?ver=6.1.1
IP 198.44.48.18:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 0480023eaddc7969b5f7f764450a4ff7
1d8ab0dae48e514c8dce8e2031c664ab41817dfc
6db73307f37a95406a8f7a7a99567a8fb289063e1569f2df17b1e7a4ceebf7f9
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/radiantthemes-addons/iconbox/css/radiantthemes-iconbox-element-one.css?ver=6.1.1 HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:25 GMT
Server: Apache
Last-Modified: Mon, 18 Jan 2021 16:13:57 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:25 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 212
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
klargexports.us/wp-content/plugins/radiantthemes-addons/accordion/css/radiantthemes-accordion-element-one.css?ver=6.1.1
198.44.48.18200 OK 392 B URL HTTP/1.1 klargexports.us/wp-content/plugins/radiantthemes-addons/accordion/css/radiantthemes-accordion-element-one.css?ver=6.1.1
IP 198.44.48.18:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 7b754c005cfcab522c8f2f2264e65176
8e97148c1495fea3e1df710d69a162e8a3e2ef1f
c1b3e9c085774b2a352efa7cd15d0bf8b4595f49bc3d352a4bd3ac77a288efca
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/radiantthemes-addons/accordion/css/radiantthemes-accordion-element-one.css?ver=6.1.1 HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:25 GMT
Server: Apache
Last-Modified: Mon, 18 Jan 2021 16:13:57 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:25 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 392
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
klargexports.us/wp-content/themes/unbound/js/bootstrap.min.js?ver=6.1.1
198.44.48.18200 OK 9.8 kB URL HTTP/1.1 klargexports.us/wp-content/themes/unbound/js/bootstrap.min.js?ver=6.1.1
IP 198.44.48.18:0
File type ASCII text, with very long lines (32033)
Hash c83dab682eea0b37ac9522e2856cbb6b
db1fb35549a4ac9cc12811f09bc4b07b48c51434
a9611bc805de07c98225bb878876a24b063fa52559adaf2ba4e997566d5cf3a1
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/unbound/js/bootstrap.min.js?ver=6.1.1 HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:25 GMT
Server: Apache
Last-Modified: Thu, 21 Jun 2018 13:50:28 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:25 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 9833
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
klargexports.us/wp-content/themes/unbound/js/jquery.sidr.min.js?ver=6.1.1
198.44.48.18200 OK 2.6 kB URL HTTP/1.1 klargexports.us/wp-content/themes/unbound/js/jquery.sidr.min.js?ver=6.1.1
IP 198.44.48.18:0
File type ASCII text, with very long lines (6911)
Hash 607e2ec47e0820ea409fb9bcd26412f0
cce67536de15e4e1659749c9f8614e4308254d9d
319c3d7255565c5846e8bad209d3662be6051750029b7f9f1ce566ea92fdcf30
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/unbound/js/jquery.sidr.min.js?ver=6.1.1 HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:25 GMT
Server: Apache
Last-Modified: Thu, 21 Jun 2018 13:50:28 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:25 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2624
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
klargexports.us/wp-content/themes/unbound/js/jquery.matchHeight-min.js?ver=6.1.1
198.44.48.18200 OK 1.4 kB URL HTTP/1.1 klargexports.us/wp-content/themes/unbound/js/jquery.matchHeight-min.js?ver=6.1.1
IP 198.44.48.18:0
File type ASCII text, with very long lines (521)
Hash 6854ce63cc086200aa71576b39853b9e
730966815d508402656927acbe9cec04ade5653d
aa723b8c98664c269cce42764cb97dc72e0c76b21565532a68767f6f11c4c5ce
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/unbound/js/jquery.matchHeight-min.js?ver=6.1.1 HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:25 GMT
Server: Apache
Last-Modified: Thu, 21 Jun 2018 13:50:28 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:25 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1383
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
klargexports.us/wp-content/themes/unbound/js/wow.min.js?ver=6.1.1
198.44.48.18200 OK 2.7 kB URL HTTP/1.1 klargexports.us/wp-content/themes/unbound/js/wow.min.js?ver=6.1.1
IP 198.44.48.18:0
File type ASCII text, with very long lines (8385)
Hash 642cdb5c8cacc5096438747217356e26
096d52889973afaa9e73bb4b76463c6af8f69df0
c929db744440739263b08afd47af845626a5f7b5b879177c194a91d72f668f02
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/unbound/js/wow.min.js?ver=6.1.1 HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:25 GMT
Server: Apache
Last-Modified: Thu, 21 Jun 2018 13:50:28 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:25 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2741
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash df4a6d84addba49571d9f6ae44c61a3f
28c8093de27e27645cf6dfd5ae93a62fc77b9be5
cb6623b08b6245ea11bb871729613e453046d427d738a8c6431c5da8347e6e05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:27:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
klargexports.us/wp-content/plugins/radiantthemes-addons/assets/css/icofont.min.css?ver=6.1.1
198.44.48.18200 OK 17 kB URL HTTP/1.1 klargexports.us/wp-content/plugins/radiantthemes-addons/assets/css/icofont.min.css?ver=6.1.1
IP 198.44.48.18:0
File type ASCII text, with very long lines (65328)
Hash 3f98bba4da16708053af58e8cca4b3db
16946f3a67807d656db98c2cb6f959e0b0274495
0a0c49e014d2c39d45e8382d48bdf24041795f594d2d7d109a46132311e7d775
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/radiantthemes-addons/assets/css/icofont.min.css?ver=6.1.1 HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:25 GMT
Server: Apache
Last-Modified: Mon, 18 Jan 2021 16:13:57 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:25 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 16817
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
klargexports.us/wp-content/themes/unbound/js/jquery.nicescroll.min.js?ver=6.1.1
198.44.48.18200 OK 17 kB URL HTTP/1.1 klargexports.us/wp-content/themes/unbound/js/jquery.nicescroll.min.js?ver=6.1.1
IP 198.44.48.18:0
File type ASCII text, with very long lines (59928)
Hash 1c8f4bc0fb97f4491f4f222fb38684c9
c2bf318e40e1c902ec40027db030064afedc6a8d
6bdcbd177f49fce3da43d7cf4a2a294b3b7276286cd9cf7dc4c088770013c121
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/unbound/js/jquery.nicescroll.min.js?ver=6.1.1 HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:25 GMT
Server: Apache
Last-Modified: Thu, 21 Jun 2018 13:50:28 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:25 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 16791
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:27:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:27:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
216.58.207.227200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://klargexports.us
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 09:41:14 GMT
expires: Wed, 31 Jan 2024 09:41:14 GMT
cache-control: public, max-age=31536000
age: 135972
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
216.58.207.227200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://klargexports.us
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 02:42:35 GMT
expires: Wed, 31 Jan 2024 02:42:35 GMT
cache-control: public, max-age=31536000
age: 161091
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:27:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:27:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/rubik/v23/iJWKBXyIfDnIV7nBrXw.woff2
216.58.207.227200 OK 34 kB URL HTTP/2 fonts.gstatic.com/s/rubik/v23/iJWKBXyIfDnIV7nBrXw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 34112, version 1.0\012- data
Hash c21e7acd53a6d80fa451f1af92d9a492
4096e12b96fa2549e4f169044a49b6ec60214008
6a0d96c353719068401ebbedf7f58e3be1232756327243922b6ab9690a3591bd
GET /s/rubik/v23/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://klargexports.us
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34112
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 00:13:07 GMT
expires: Fri, 26 Jan 2024 00:13:07 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Dec 2022 18:11:50 GMT
content-type: font/woff2
age: 602059
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
216.58.207.227200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://klargexports.us
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 14:34:21 GMT
expires: Fri, 26 Jan 2024 14:34:21 GMT
cache-control: public, max-age=31536000
age: 550385
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/rubik/v23/iJWEBXyIfDnIV7nEnX661A.woff2
216.58.207.227200 OK 35 kB URL HTTP/2 fonts.gstatic.com/s/rubik/v23/iJWEBXyIfDnIV7nEnX661A.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 34700, version 1.0\012- data
Hash da9951c50d7ecfc6776ef499fa8fe877
f059522d5f9f3761029a82e79eeb7cca41b69301
2d59f1d5d598489dab3f6a322c2074409e3e669962b101d7c0580c3ce747f3de
GET /s/rubik/v23/iJWEBXyIfDnIV7nEnX661A.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://klargexports.us
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 02:06:03 GMT
expires: Sat, 27 Jan 2024 02:06:03 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Dec 2022 18:42:14 GMT
content-type: font/woff2
age: 508883
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
klargexports.us/wp-content/themes/unbound/js/jquery.sticky.min.js?ver=6.1.1
198.44.48.18200 OK 1.8 kB URL HTTP/1.1 klargexports.us/wp-content/themes/unbound/js/jquery.sticky.min.js?ver=6.1.1
IP 198.44.48.18:0
File type ASCII text, with very long lines (4325)
Hash 9d78a80cdeabe520a6529032d54aa128
896b2214d33c592d47dcccddb12715bfc3dc45c8
4039b9297108adaa216053baff45c6da481e38e262e04269854bb199e55b05ac
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/unbound/js/jquery.sticky.min.js?ver=6.1.1 HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:26 GMT
Server: Apache
Last-Modified: Thu, 21 Jun 2018 13:50:28 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:26 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1785
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:27:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
klargexports.us/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.5.0
198.44.48.18200 OK 5.8 kB URL HTTP/1.1 klargexports.us/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.5.0
IP 198.44.48.18:0
File type ASCII text, with very long lines (20421)
Hash 9a18ba220a1cfe950c090f7614d98167
f3a53f6251060940d84f9dea21cc7063a7a6ea3f
803ff0e4d506f0a13250a9877386eaa2572dedb0512b7bf824771be02d5ce453
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.5.0 HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:26 GMT
Server: Apache
Last-Modified: Wed, 16 Dec 2020 09:24:26 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:26 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5816
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
klargexports.us/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.5.0
198.44.48.18200 OK 2.8 kB URL HTTP/1.1 klargexports.us/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.5.0
IP 198.44.48.18:0
File type Unicode text, UTF-8 text, with very long lines (8853)
Hash bfbdca93ba95323d2d8a1420298f8429
5838f907c4898a5b092f4edd88190b2798f1a3c8
8a10fc2a3464e3c3a6d0015197004d70ebcb22c493bab35ac0bd23f5aa415722
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.5.0 HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:26 GMT
Server: Apache
Last-Modified: Wed, 16 Dec 2020 09:23:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:26 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2813
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
klargexports.us/wp-content/themes/unbound/js/radiantthemes-custom.js?ver=6.1.1
198.44.48.18200 OK 1.6 kB URL HTTP/1.1 klargexports.us/wp-content/themes/unbound/js/radiantthemes-custom.js?ver=6.1.1
IP 198.44.48.18:0
File type ASCII text, with CRLF line terminators
Hash 545bb3c7b7486d8004196b8f38383a4f
8056061ba6551350f504a02c91dc40bddc128bb8
1f25002bfca254cf132762b438045a896898adaf55eff0ed1e85cc5595046121
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/unbound/js/radiantthemes-custom.js?ver=6.1.1 HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:26 GMT
Server: Apache
Last-Modified: Mon, 06 Aug 2018 19:16:44 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:26 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1649
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
klargexports.us/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=6.5.0
198.44.48.18200 OK 5.7 kB URL HTTP/1.1 klargexports.us/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=6.5.0
IP 198.44.48.18:0
File type ASCII text, with very long lines (12478)
Hash 447ffa03d1b3cf19377462a29f67dda9
61a641356b04248c71a279c95e8b82eb03cb7272
22b685fa070eac918288737bcfb6ee8339ca25ac903b8203797f8db969b6b326
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=6.5.0 HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:26 GMT
Server: Apache
Last-Modified: Wed, 16 Dec 2020 09:24:26 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:26 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5725
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
klargexports.us/wp-content/plugins/radiantthemes-addons/accordion/js/radiantthemes-accordion-element-one.js?ver=6.1.1
198.44.48.18200 OK 240 B URL HTTP/1.1 klargexports.us/wp-content/plugins/radiantthemes-addons/accordion/js/radiantthemes-accordion-element-one.js?ver=6.1.1
IP 198.44.48.18:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 1c58c705d4d16c51cb6524135b2f69e3
843c3b9c534e2c4b88fcd70e541050f2a600f3dd
9eb47b3770c7591da118eb89069533b810dd39fd9c0e4e1c581b3d0d73fb841d
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/radiantthemes-addons/accordion/js/radiantthemes-accordion-element-one.js?ver=6.1.1 HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:26 GMT
Server: Apache
Last-Modified: Mon, 18 Jan 2021 16:13:57 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 23:27:26 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 240
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3305.4748321326197!2d-118.26087838478482!3d34.05734018060452!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x80c2c7ac26202321%3A0xa83c6d46a6ea622e!2s1221+W+3rd+St+%23139%2C+Los+Angeles%2C+CA+90017%2C+USA!5e0!3m2!1sen!2s!4v1555687684585!5m2!1sen!2s
142.250.74.164200 OK 903 B URL HTTP/2 www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3305.4748321326197!2d-118.26087838478482!3d34.05734018060452!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x80c2c7ac26202321%3A0xa83c6d46a6ea622e!2s1221+W+3rd+St+%23139%2C+Los+Angeles%2C+CA+90017%2C+USA!5e0!3m2!1sen!2s!4v1555687684585!5m2!1sen!2s
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1507)
Hash 1bf4901eaae862d0657c4d79af7ce8ff
820f39de6093a954573c78328fe2ce53fd7bd751
315b160d8e4ab187d71e00bfcd2a06cd8cf9a5df00c2e40af9e5888e49cea6d1
GET /maps/embed?pb=!1m18!1m12!1m3!1d3305.4748321326197!2d-118.26087838478482!3d34.05734018060452!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x80c2c7ac26202321%3A0xa83c6d46a6ea622e!2s1221+W+3rd+St+%23139%2C+Los+Angeles%2C+CA+90017%2C+USA!5e0!3m2!1sen!2s!4v1555687684585!5m2!1sen!2s HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-zZA6aHfC6HMOcJAoMTj2wQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 01 Feb 2023 23:27:26 GMT
server: scaffolding on HTTPServer2
content-length: 903
x-xss-protection: 0
x-content-type-options: nosniff
server-timing: gfet4t7; dur=208
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.227200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://klargexports.us
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 04:05:29 GMT
expires: Tue, 30 Jan 2024 04:05:29 GMT
cache-control: public, max-age=31536000
age: 242517
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
klargexports.us/wp-content/uploads/2019/04/klarg-logo-1.png
198.44.48.18200 OK 23 kB URL HTTP/1.1 klargexports.us/wp-content/uploads/2019/04/klarg-logo-1.png
IP 198.44.48.18:0
File type PNG image data, 378 x 260, 8-bit/color RGBA, non-interlaced\012- data
Hash c2f8808fe44f22161572b7031f40aa9f
9fc1e22e337eddc533eced841a6aa18a2c90ec35
39f18230e4b0f3c268b0c7f63e37d3280f8f632c997d174c46452fc2e0d2d231
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2019/04/klarg-logo-1.png HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:26 GMT
Server: Apache
Last-Modified: Thu, 18 Apr 2019 14:41:58 GMT
Accept-Ranges: bytes
Content-Length: 23054
Cache-Control: max-age=31536000
Expires: Thu, 01 Feb 2024 23:27:26 GMT
Vary: User-Agent
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
klargexports.us/wp-content/themes/unbound/fonts/fontawesome-webfont.woff2?v=4.7.0
198.44.48.18200 OK 77 kB URL HTTP/1.1 klargexports.us/wp-content/themes/unbound/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 198.44.48.18:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/unbound/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://klargexports.us/wp-content/themes/unbound/css/font-awesome.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:26 GMT
Server: Apache
Last-Modified: Thu, 21 Jun 2018 13:50:24 GMT
Accept-Ranges: bytes
Content-Length: 77160
Cache-Control: max-age=31536000
Expires: Thu, 01 Feb 2024 23:27:26 GMT
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: font/woff2
www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3305.4748321326197!2d-118.26087838478482!3d34.05734018060452!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x80c2c7ac26202321%3A0xa83c6d46a6ea622e!2s1221+W+3rd+St+%23139%2C+Los+Angeles%2C+CA+90017%2C+USA!5e0!3m2!1sen!2s!4v1555687684585!5m2!1sen!2s
142.250.74.164200 OK 901 B URL HTTP/2 www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3305.4748321326197!2d-118.26087838478482!3d34.05734018060452!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x80c2c7ac26202321%3A0xa83c6d46a6ea622e!2s1221+W+3rd+St+%23139%2C+Los+Angeles%2C+CA+90017%2C+USA!5e0!3m2!1sen!2s!4v1555687684585!5m2!1sen!2s
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1507)
Hash 7efbcb7e8dbb60b91761ad917f6a1a08
71af2b1dc6d16b9965a4ff01633c174a610aff6a
873ebafe327a90594a0652fb5c37b7a36e5b70bb530bb7aa7fafc844e8f82f71
GET /maps/embed?pb=!1m18!1m12!1m3!1d3305.4748321326197!2d-118.26087838478482!3d34.05734018060452!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x80c2c7ac26202321%3A0xa83c6d46a6ea622e!2s1221+W+3rd+St+%23139%2C+Los+Angeles%2C+CA+90017%2C+USA!5e0!3m2!1sen!2s!4v1555687684585!5m2!1sen!2s HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-LYiRuhgTfxjl0tqgWAGeSw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
pragma: no-cache
content-type: text/html; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 01 Feb 2023 23:27:26 GMT
server: scaffolding on HTTPServer2
content-length: 901
x-xss-protection: 0
x-content-type-options: nosniff
server-timing: gfet4t7; dur=202
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
klargexports.us/wp-content/uploads/2018/04/banner.jpg?id=3047
198.44.48.18200 OK 173 kB URL HTTP/1.1 klargexports.us/wp-content/uploads/2018/04/banner.jpg?id=3047
IP 198.44.48.18:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1920x692, components 3\012- data
Size 173 kB (172775 bytes)
Hash 2b2297bf66de167999cb1eb55cac655c
31227be182a41c07dd5d8601dee8a066fe8a1ad1
7537eccfd692e54b040c9556139160e82aba7dbbc3e001078051eb21e7f972af
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2018/04/banner.jpg?id=3047 HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:26 GMT
Server: Apache
Last-Modified: Wed, 17 Apr 2019 13:21:06 GMT
Accept-Ranges: bytes
Content-Length: 172775
Cache-Control: max-age=31536000
Expires: Thu, 01 Feb 2024 23:27:26 GMT
Vary: User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
klargexports.us/wp-content/uploads/2019/04/klarg-logo-100x100.png
198.44.48.18200 OK 9.6 kB URL HTTP/1.1 klargexports.us/wp-content/uploads/2019/04/klarg-logo-100x100.png
IP 198.44.48.18:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 2084c283067fa93d7596ecb2eac850f7
dc24d9143159b8ce537e9f37d99b926d40215554
148a0fc2bdd9998318a179ce0ba6fc3a8e59a9c69973a97d4554f2813df34ecc
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2019/04/klarg-logo-100x100.png HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:26 GMT
Server: Apache
Last-Modified: Thu, 18 Apr 2019 11:20:50 GMT
Accept-Ranges: bytes
Content-Length: 9574
Cache-Control: max-age=31536000
Expires: Thu, 01 Feb 2024 23:27:26 GMT
Vary: User-Agent
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
klargexports.us/wp-content/uploads/2019/04/klarg-logo.png
198.44.48.18200 OK 23 kB URL HTTP/1.1 klargexports.us/wp-content/uploads/2019/04/klarg-logo.png
IP 198.44.48.18:0
File type PNG image data, 378 x 260, 8-bit/color RGBA, non-interlaced\012- data
Hash c2f8808fe44f22161572b7031f40aa9f
9fc1e22e337eddc533eced841a6aa18a2c90ec35
39f18230e4b0f3c268b0c7f63e37d3280f8f632c997d174c46452fc2e0d2d231
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2019/04/klarg-logo.png HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:26 GMT
Server: Apache
Last-Modified: Thu, 18 Apr 2019 11:20:50 GMT
Accept-Ranges: bytes
Content-Length: 23054
Cache-Control: max-age=31536000
Expires: Thu, 01 Feb 2024 23:27:26 GMT
Vary: User-Agent
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png
klargexports.us/wp-content/uploads/2018/04/background01.jpg?id=3064
198.44.48.18200 OK 244 kB URL HTTP/1.1 klargexports.us/wp-content/uploads/2018/04/background01.jpg?id=3064
IP 198.44.48.18:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1250x478, components 3\012- data
Size 244 kB (244071 bytes)
Hash 2177d6156f8790ab443d63ee0f69c4cb
eef33c6de7ae55fd0ef379f0804fbeda5ab19101
b74139f4121aed7b739bae672ab38f86c0a5b82d499be0d45cb4946681b63e41
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2018/04/background01.jpg?id=3064 HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:26 GMT
Server: Apache
Last-Modified: Wed, 17 Apr 2019 13:21:08 GMT
Accept-Ranges: bytes
Content-Length: 244071
Cache-Control: max-age=31536000
Expires: Thu, 01 Feb 2024 23:27:26 GMT
Vary: User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
klargexports.us/wp-content/uploads/2018/04/Investment-image01.jpg?id=3052
198.44.48.18200 OK 220 kB URL HTTP/1.1 klargexports.us/wp-content/uploads/2018/04/Investment-image01.jpg?id=3052
IP 198.44.48.18:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 945x715, components 3\012- data
Size 220 kB (219963 bytes)
Hash 55b45982f45524295057803dc769aa51
3c1355d713de72722748f6383448e03fb6924b17
f3eae1cebcc34ff5721d48ad7b10c9c5fb61471aee0eea993505b2f63b3f50be
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2018/04/Investment-image01.jpg?id=3052 HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:26 GMT
Server: Apache
Last-Modified: Wed, 17 Apr 2019 13:21:06 GMT
Accept-Ranges: bytes
Content-Length: 219963
Cache-Control: max-age=31536000
Expires: Thu, 01 Feb 2024 23:27:26 GMT
Vary: User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
klargexports.us/wp-content/plugins/radiantthemes-addons/assets/fonts/icofont.woff
198.44.48.18200 OK 627 kB URL HTTP/1.1 klargexports.us/wp-content/plugins/radiantthemes-addons/assets/fonts/icofont.woff
IP 198.44.48.18:0
File type Web Open Font Format, TrueType, length 626972, version 0.0\012- data
Size 627 kB (626972 bytes)
Hash bbbe48eab72ba64852ac6ada87d448fc
e808c45d91700e8b61a4fb48aa2b1a2896355d6b
290b939a6c92bc4cb9703617e5ead06e6bb0f48b043f0ac04c3febfdbacf9ccd
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/radiantthemes-addons/assets/fonts/icofont.woff HTTP/1.1
Host: klargexports.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://klargexports.us/wp-content/plugins/radiantthemes-addons/assets/css/icofont.min.css?ver=6.1.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:27:26 GMT
Server: Apache
Last-Modified: Mon, 18 Jan 2021 16:13:57 GMT
Accept-Ranges: bytes
Content-Length: 626972
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: font/x-woff
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 21:48:03 GMT
expires: Fri, 26 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 524364
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 16:40:43 GMT
expires: Fri, 26 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 542804
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash a456cd9684a2ff020b854f178c06b509
b5a9e34f112cbe6d41b695ce7234cfe83de1356e
75b3ff1ea527598880cd41f65ebc03440b0ed019d53f8de1b4588de04bc4919e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:27:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:27:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.166200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.166:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 23:13:12 GMT
expires: Wed, 01 Feb 2023 23:28:12 GMT
cache-control: public, max-age=900
age: 856
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
216.58.207.194302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 216.58.207.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Wed, 01 Feb 2023 23:27:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 01 Feb 2023 23:27:28 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash a456cd9684a2ff020b854f178c06b509
b5a9e34f112cbe6d41b695ce7234cfe83de1356e
75b3ff1ea527598880cd41f65ebc03440b0ed019d53f8de1b4588de04bc4919e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:27:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash c6d6aac3a3c69c6ce7538463762525ca
c9ca8a2177201363180ef116581138c264152cdc
f86b2eab4713c346e33f9fd3f86ff7cd52921672dd4947de573160feb6bbbd6b
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 01 Feb 2023 23:27:28 GMT
server: ESF
cache-control: private
content-length: 30804
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:27:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id?slf_rd=1
216.58.207.194200 OK 120 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id?slf_rd=1
IP 216.58.207.194:0
Hash b08c855f793e022dba5c8dc145bcb061
9739fb03e953b76d1f490231df3eed85ae37e755
48541e0696332268ceeea90613e968ab5d7145280ac174f746d86538675f350d
GET /pagead/id?slf_rd=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Referer: https://www.youtube.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
content-type: application/json; charset=UTF-8
date: Wed, 01 Feb 2023 23:27:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 120
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 737fb1a7e54ea78dd56b4ac44a2c1de8
4fc7537db04c8cedc6a98ea38cfcaa6ba5c8a3a7
596cb4e532b0f523b844981b7e60fba87eb3a904b0a40dfdc3802a02650f790e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:27:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AL5GRJWQmM7HEGquvRsTz3eRuoVjnY7bVXixOElHhE2z0A=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 1.3 kB URL HTTP/2 yt3.ggpht.com/ytc/AL5GRJWQmM7HEGquvRsTz3eRuoVjnY7bVXixOElHhE2z0A=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 476b60798360d1dbd9255a6b9f2335fc
cf39d302954eae420aa3a28b5769a02bd8aef2b9
dcdb13fc0ccdf7a4a7a83a122032455dcbe4169868132551fe53e7544d7d306e
GET /ytc/AL5GRJWQmM7HEGquvRsTz3eRuoVjnY7bVXixOElHhE2z0A=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1308
x-xss-protection: 0
date: Wed, 01 Feb 2023 22:34:45 GMT
expires: Tue, 24 Jan 2023 13:55:17 GMT
cache-control: public, max-age=86400, no-transform
age: 3163
etag: "v310"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 737fb1a7e54ea78dd56b4ac44a2c1de8
4fc7537db04c8cedc6a98ea38cfcaa6ba5c8a3a7
596cb4e532b0f523b844981b7e60fba87eb3a904b0a40dfdc3802a02650f790e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:27:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.42200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 01 Feb 2023 23:27:28 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.42200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6b4ee82a377ea144aaeb18ddc3d8431e
c47ad6e092b43e5950016ad2956aae6459c64231
83043ee628a753ae70c2dacfce5c3ef2c71d34cef33e34090b53e3f6e5a54052
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1250
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 01 Feb 2023 23:27:28 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 4ddf1e26d48d3957b39836cb4c326c49
b11706bca99c369e14023bde040fa50e4e68eeac
e418a6b1da05ac32a6c96028e7e2f32fe1f8b78c86bccbcfb692dcb378aba9e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:27:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 4ddf1e26d48d3957b39836cb4c326c49
b11706bca99c369e14023bde040fa50e4e68eeac
e418a6b1da05ac32a6c96028e7e2f32fe1f8b78c86bccbcfb692dcb378aba9e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:27:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1675315648&ei=YPXaY6LhFuKB0u8P6bGlaA&ip=91.90.42.154&id=o-AIsCkH2nMZCIhqOeY8F-EdnEZgVlKGMc9l44X8RdDKtR&itag=251&source=youtube&requiressl=yes&mh=tj&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1628750&spc=H3gIhhE452o3bqTyQS7bQwlbGG70NyM&vprv=1&mime=audio%2Fwebm&ns=NWZErudGoiMNFS03C313YgML&gir=yes&clen=2519167&dur=159.861&lmt=1541067972571765&mt=1675293683&fvip=4&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5411222&n=W_LCnxpHmpKzCw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAIKtVhqSDu94ePda4R1WScxukkYEd4PktV28hIENg-vvAiByTnFouZGjBu2y8lTDEFXWUQ9xMw2Wgs_74xM_Vy07ig%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAPpPa1HXo4BIFaCgrlx30NAeDo3e1xbiAGV2xWhEj-IcAiAEFn2VFGAgc9BPB6olos4PXPiCweOL5rKJkej_CjsSWw%3D%3D&alr=yes&cpn=N0iYdHivFNba8TY5&cver=1.20230129.00.00&range=0-66070&rn=2&rbuf=0
91.90.45.172200 OK 1.0 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1675315648&ei=YPXaY6LhFuKB0u8P6bGlaA&ip=91.90.42.154&id=o-AIsCkH2nMZCIhqOeY8F-EdnEZgVlKGMc9l44X8RdDKtR&itag=251&source=youtube&requiressl=yes&mh=tj&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1628750&spc=H3gIhhE452o3bqTyQS7bQwlbGG70NyM&vprv=1&mime=audio%2Fwebm&ns=NWZErudGoiMNFS03C313YgML&gir=yes&clen=2519167&dur=159.861&lmt=1541067972571765&mt=1675293683&fvip=4&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5411222&n=W_LCnxpHmpKzCw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAIKtVhqSDu94ePda4R1WScxukkYEd4PktV28hIENg-vvAiByTnFouZGjBu2y8lTDEFXWUQ9xMw2Wgs_74xM_Vy07ig%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAPpPa1HXo4BIFaCgrlx30NAeDo3e1xbiAGV2xWhEj-IcAiAEFn2VFGAgc9BPB6olos4PXPiCweOL5rKJkej_CjsSWw%3D%3D&alr=yes&cpn=N0iYdHivFNba8TY5&cver=1.20230129.00.00&range=0-66070&rn=2&rbuf=0
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1023), with no line terminators
Hash 0d46ea63029aaebd07825dec435f194b
9f11a6a281996a689ed617e9fb463fe97ba872e0
60101a2647ebeef47b216cb320ca1fcd3841a9a831653e54434834d6028bfdb8
POST /videoplayback?expire=1675315648&ei=YPXaY6LhFuKB0u8P6bGlaA&ip=91.90.42.154&id=o-AIsCkH2nMZCIhqOeY8F-EdnEZgVlKGMc9l44X8RdDKtR&itag=251&source=youtube&requiressl=yes&mh=tj&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1628750&spc=H3gIhhE452o3bqTyQS7bQwlbGG70NyM&vprv=1&mime=audio%2Fwebm&ns=NWZErudGoiMNFS03C313YgML&gir=yes&clen=2519167&dur=159.861&lmt=1541067972571765&mt=1675293683&fvip=4&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5411222&n=W_LCnxpHmpKzCw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAIKtVhqSDu94ePda4R1WScxukkYEd4PktV28hIENg-vvAiByTnFouZGjBu2y8lTDEFXWUQ9xMw2Wgs_74xM_Vy07ig%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAPpPa1HXo4BIFaCgrlx30NAeDo3e1xbiAGV2xWhEj-IcAiAEFn2VFGAgc9BPB6olos4PXPiCweOL5rKJkej_CjsSWw%3D%3D&alr=yes&cpn=N0iYdHivFNba8TY5&cver=1.20230129.00.00&range=0-66070&rn=2&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Wed, 01 Feb 2023 23:27:28 GMT
Expires: Wed, 01 Feb 2023 23:27:28 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1023
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1675315648&ei=YPXaY6LhFuKB0u8P6bGlaA&ip=91.90.42.154&id=o-AIsCkH2nMZCIhqOeY8F-EdnEZgVlKGMc9l44X8RdDKtR&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=tj&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1628750&spc=H3gIhhE452o3bqTyQS7bQwlbGG70NyM&vprv=1&mime=video%2Fwebm&ns=NWZErudGoiMNFS03C313YgML&gir=yes&clen=8195809&dur=159.840&lmt=1541067562718005&mt=1675293683&fvip=4&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=W_LCnxpHmpKzCw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgIJBxkcLrQ5_c4Q9la2nOuzyjR8FSB_mLTB8y-tUPrgECIQDiitR54cvO_Wk_lDhVgjsRFnoaKCDCPPpyzmYGAreeAw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAPpPa1HXo4BIFaCgrlx30NAeDo3e1xbiAGV2xWhEj-IcAiAEFn2VFGAgc9BPB6olos4PXPiCweOL5rKJkej_CjsSWw%3D%3D&alr=yes&cpn=N0iYdHivFNba8TY5&cver=1.20230129.00.00&range=0-168627&rn=1&rbuf=0
91.90.45.172200 OK 1.1 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1675315648&ei=YPXaY6LhFuKB0u8P6bGlaA&ip=91.90.42.154&id=o-AIsCkH2nMZCIhqOeY8F-EdnEZgVlKGMc9l44X8RdDKtR&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=tj&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1628750&spc=H3gIhhE452o3bqTyQS7bQwlbGG70NyM&vprv=1&mime=video%2Fwebm&ns=NWZErudGoiMNFS03C313YgML&gir=yes&clen=8195809&dur=159.840&lmt=1541067562718005&mt=1675293683&fvip=4&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=W_LCnxpHmpKzCw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgIJBxkcLrQ5_c4Q9la2nOuzyjR8FSB_mLTB8y-tUPrgECIQDiitR54cvO_Wk_lDhVgjsRFnoaKCDCPPpyzmYGAreeAw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAPpPa1HXo4BIFaCgrlx30NAeDo3e1xbiAGV2xWhEj-IcAiAEFn2VFGAgc9BPB6olos4PXPiCweOL5rKJkej_CjsSWw%3D%3D&alr=yes&cpn=N0iYdHivFNba8TY5&cver=1.20230129.00.00&range=0-168627&rn=1&rbuf=0
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1131), with no line terminators
Hash 7f9ea15e57bafde2c9628b136f5fde73
5f6254bd949e033b00f18afecfa46831d0c847c0
dc733b383d1668e8c0ca7b6cac8737058d5c8101c4602ec246a48542d79748af
POST /videoplayback?expire=1675315648&ei=YPXaY6LhFuKB0u8P6bGlaA&ip=91.90.42.154&id=o-AIsCkH2nMZCIhqOeY8F-EdnEZgVlKGMc9l44X8RdDKtR&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=tj&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1628750&spc=H3gIhhE452o3bqTyQS7bQwlbGG70NyM&vprv=1&mime=video%2Fwebm&ns=NWZErudGoiMNFS03C313YgML&gir=yes&clen=8195809&dur=159.840&lmt=1541067562718005&mt=1675293683&fvip=4&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=W_LCnxpHmpKzCw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgIJBxkcLrQ5_c4Q9la2nOuzyjR8FSB_mLTB8y-tUPrgECIQDiitR54cvO_Wk_lDhVgjsRFnoaKCDCPPpyzmYGAreeAw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAPpPa1HXo4BIFaCgrlx30NAeDo3e1xbiAGV2xWhEj-IcAiAEFn2VFGAgc9BPB6olos4PXPiCweOL5rKJkej_CjsSWw%3D%3D&alr=yes&cpn=N0iYdHivFNba8TY5&cver=1.20230129.00.00&range=0-168627&rn=1&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Wed, 01 Feb 2023 23:27:28 GMT
Expires: Wed, 01 Feb 2023 23:27:28 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1131
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 4ddf1e26d48d3957b39836cb4c326c49
b11706bca99c369e14023bde040fa50e4e68eeac
e418a6b1da05ac32a6c96028e7e2f32fe1f8b78c86bccbcfb692dcb378aba9e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:27:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash b8a6daedb95c6be3828637ae417b1fe0
ff4214135eda8e24f0b09c960a94c5c44ecdbdab
279b874e9c27f6580160da452cdd22851271c92d496ee015ab90639ea095e15d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:27:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash b8a6daedb95c6be3828637ae417b1fe0
ff4214135eda8e24f0b09c960a94c5c44ecdbdab
279b874e9c27f6580160da452cdd22851271c92d496ee015ab90639ea095e15d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:27:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash df74d0c5bbc711a484e4508808c3357a
304f6b29d37c4f6ae20a4031ec6b3a879f9928c8
14200bd4d7eff065de2b62f1770c31edb357a95390c619867f00660a88e92ae8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:27:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/7e90gBu4pas/maxresdefault.webp
142.250.74.150200 OK 36 kB URL HTTP/2 i.ytimg.com/vi_webp/7e90gBu4pas/maxresdefault.webp
IP 142.250.74.150:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ed7a0439e9b28f4cc16a73d6c7bd682c
e330c3a16b8da13fb91257cd096ab2cd356293a2
a5d73ded258c6b9c67a3c71fa1d063d01e1d2df2fcc88274c5b0358d07830d46
GET /vi_webp/7e90gBu4pas/maxresdefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 35954
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 23:27:28 GMT
expires: Thu, 02 Feb 2023 01:27:28 GMT
cache-control: public, max-age=7200
etag: "1669011526"
content-type: image/webp
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rr4---sn-5go7ynlk.googlevideo.com/videoplayback?expire=1675315648&ei=YPXaY6LhFuKB0u8P6bGlaA&ip=91.90.42.154&id=o-AIsCkH2nMZCIhqOeY8F-EdnEZgVlKGMc9l44X8RdDKtR&itag=251&source=youtube&requiressl=yes&spc=H3gIhhE452o3bqTyQS7bQwlbGG70NyM&vprv=1&mime=audio%2Fwebm&ns=NWZErudGoiMNFS03C313YgML&gir=yes&clen=2519167&dur=159.861&lmt=1541067972571765&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5411222&n=W_LCnxpHmpKzCw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAIKtVhqSDu94ePda4R1WScxukkYEd4PktV28hIENg-vvAiByTnFouZGjBu2y8lTDEFXWUQ9xMw2Wgs_74xM_Vy07ig%3D%3D&alr=yes&cpn=N0iYdHivFNba8TY5&cver=1.20230129.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=tj&mm=29&mn=sn-5go7ynlk&ms=rdu&mt=1675293929&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgCmREoV9MAVpp7gytJcN0TZE0GkQ6KIFn351yxMXZG0sCIQD45OLsvpzRnXaz28yhGV9zmYfyvjYwsoj_OTBjb5yzaA%3D%3D&range=0-66070&rn=3&rbuf=0&pot=D6Cvstj5s7pqoJfaTZ-dxXS09mh_rPRzu9ZDaMak50EeN4S-pwvh-6qZ4MOdqPPfXRerGi5akes5DJ3xZZ-XvzK2_kPgPhjjZxVTFCAGeVOu652YaIDAsXXm9wzqQ5GhzhzsPas=
173.194.6.9200 OK 66 kB URL HTTP/1.1 rr4---sn-5go7ynlk.googlevideo.com/videoplayback?expire=1675315648&ei=YPXaY6LhFuKB0u8P6bGlaA&ip=91.90.42.154&id=o-AIsCkH2nMZCIhqOeY8F-EdnEZgVlKGMc9l44X8RdDKtR&itag=251&source=youtube&requiressl=yes&spc=H3gIhhE452o3bqTyQS7bQwlbGG70NyM&vprv=1&mime=audio%2Fwebm&ns=NWZErudGoiMNFS03C313YgML&gir=yes&clen=2519167&dur=159.861&lmt=1541067972571765&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5411222&n=W_LCnxpHmpKzCw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAIKtVhqSDu94ePda4R1WScxukkYEd4PktV28hIENg-vvAiByTnFouZGjBu2y8lTDEFXWUQ9xMw2Wgs_74xM_Vy07ig%3D%3D&alr=yes&cpn=N0iYdHivFNba8TY5&cver=1.20230129.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=tj&mm=29&mn=sn-5go7ynlk&ms=rdu&mt=1675293929&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgCmREoV9MAVpp7gytJcN0TZE0GkQ6KIFn351yxMXZG0sCIQD45OLsvpzRnXaz28yhGV9zmYfyvjYwsoj_OTBjb5yzaA%3D%3D&range=0-66070&rn=3&rbuf=0&pot=D6Cvstj5s7pqoJfaTZ-dxXS09mh_rPRzu9ZDaMak50EeN4S-pwvh-6qZ4MOdqPPfXRerGi5akes5DJ3xZZ-XvzK2_kPgPhjjZxVTFCAGeVOu652YaIDAsXXm9wzqQ5GhzhzsPas=
IP 173.194.6.9:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 90c6f9aa859579133b2cfeb17cd30fe6
ee4f99cbd9b9e603aa140f4f510b38bad6e5fe9e
1d1c84e9b04a43404973c3af0a53776ccb8751264c9ff9dddab7f85713c18972
POST /videoplayback?expire=1675315648&ei=YPXaY6LhFuKB0u8P6bGlaA&ip=91.90.42.154&id=o-AIsCkH2nMZCIhqOeY8F-EdnEZgVlKGMc9l44X8RdDKtR&itag=251&source=youtube&requiressl=yes&spc=H3gIhhE452o3bqTyQS7bQwlbGG70NyM&vprv=1&mime=audio%2Fwebm&ns=NWZErudGoiMNFS03C313YgML&gir=yes&clen=2519167&dur=159.861&lmt=1541067972571765&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5411222&n=W_LCnxpHmpKzCw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAIKtVhqSDu94ePda4R1WScxukkYEd4PktV28hIENg-vvAiByTnFouZGjBu2y8lTDEFXWUQ9xMw2Wgs_74xM_Vy07ig%3D%3D&alr=yes&cpn=N0iYdHivFNba8TY5&cver=1.20230129.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=tj&mm=29&mn=sn-5go7ynlk&ms=rdu&mt=1675293929&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgCmREoV9MAVpp7gytJcN0TZE0GkQ6KIFn351yxMXZG0sCIQD45OLsvpzRnXaz28yhGV9zmYfyvjYwsoj_OTBjb5yzaA%3D%3D&range=0-66070&rn=3&rbuf=0&pot=D6Cvstj5s7pqoJfaTZ-dxXS09mh_rPRzu9ZDaMak50EeN4S-pwvh-6qZ4MOdqPPfXRerGi5akes5DJ3xZZ-XvzK2_kPgPhjjZxVTFCAGeVOu652YaIDAsXXm9wzqQ5GhzhzsPas= HTTP/1.1
Host: rr4---sn-5go7ynlk.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 01 Nov 2018 10:26:12 GMT
Content-Type: audio/webm
Date: Wed, 01 Feb 2023 23:27:28 GMT
Expires: Wed, 01 Feb 2023 23:27:28 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 66071
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr4---sn-5go7ynlk.googlevideo.com/videoplayback?expire=1675315648&ei=YPXaY6LhFuKB0u8P6bGlaA&ip=91.90.42.154&id=o-AIsCkH2nMZCIhqOeY8F-EdnEZgVlKGMc9l44X8RdDKtR&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&spc=H3gIhhE452o3bqTyQS7bQwlbGG70NyM&vprv=1&mime=video%2Fwebm&ns=NWZErudGoiMNFS03C313YgML&gir=yes&clen=8195809&dur=159.840&lmt=1541067562718005&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=W_LCnxpHmpKzCw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgIJBxkcLrQ5_c4Q9la2nOuzyjR8FSB_mLTB8y-tUPrgECIQDiitR54cvO_Wk_lDhVgjsRFnoaKCDCPPpyzmYGAreeAw%3D%3D&alr=yes&cpn=N0iYdHivFNba8TY5&cver=1.20230129.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=tj&mm=29&mn=sn-5go7ynlk&ms=rdu&mt=1675293929&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgSHAlDrKHw-eQeaAnI868w48rEx9rVyU87iWyC3Z_v0ACIFDZKn01YJ-rVqnvhXoYq6hgUXV9b0OP15PYAlWKJ9BC&range=0-168627&rn=4&rbuf=0&pot=D6Cvstj5s7pqoJfaTZ-dxXS09mh_rPRzu9ZDaMak50EeN4S-pwvh-6qZ4MOdqPPfXRerGi5akes5DJ3xZZ-XvzK2_kPgPhjjZxVTFCAGeVOu652YaIDAsXXm9wzqQ5GhzhzsPas=
173.194.6.9200 OK 169 kB URL HTTP/1.1 rr4---sn-5go7ynlk.googlevideo.com/videoplayback?expire=1675315648&ei=YPXaY6LhFuKB0u8P6bGlaA&ip=91.90.42.154&id=o-AIsCkH2nMZCIhqOeY8F-EdnEZgVlKGMc9l44X8RdDKtR&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&spc=H3gIhhE452o3bqTyQS7bQwlbGG70NyM&vprv=1&mime=video%2Fwebm&ns=NWZErudGoiMNFS03C313YgML&gir=yes&clen=8195809&dur=159.840&lmt=1541067562718005&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=W_LCnxpHmpKzCw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgIJBxkcLrQ5_c4Q9la2nOuzyjR8FSB_mLTB8y-tUPrgECIQDiitR54cvO_Wk_lDhVgjsRFnoaKCDCPPpyzmYGAreeAw%3D%3D&alr=yes&cpn=N0iYdHivFNba8TY5&cver=1.20230129.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=tj&mm=29&mn=sn-5go7ynlk&ms=rdu&mt=1675293929&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgSHAlDrKHw-eQeaAnI868w48rEx9rVyU87iWyC3Z_v0ACIFDZKn01YJ-rVqnvhXoYq6hgUXV9b0OP15PYAlWKJ9BC&range=0-168627&rn=4&rbuf=0&pot=D6Cvstj5s7pqoJfaTZ-dxXS09mh_rPRzu9ZDaMak50EeN4S-pwvh-6qZ4MOdqPPfXRerGi5akes5DJ3xZZ-XvzK2_kPgPhjjZxVTFCAGeVOu652YaIDAsXXm9wzqQ5GhzhzsPas=
IP 173.194.6.9:0
File type WebM\012- EBML file, creator webmB\20\012- data
Size 169 kB (168628 bytes)
Hash 25df78b7df11ab292acc5f3f1742ce9e
57e8f32c324778c5db9e4933600ac912f3f047bf
5b913df9a14af564e2207d55c5c4df4480bbf1c54d478c83e630bf756abc3f8c
POST /videoplayback?expire=1675315648&ei=YPXaY6LhFuKB0u8P6bGlaA&ip=91.90.42.154&id=o-AIsCkH2nMZCIhqOeY8F-EdnEZgVlKGMc9l44X8RdDKtR&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&spc=H3gIhhE452o3bqTyQS7bQwlbGG70NyM&vprv=1&mime=video%2Fwebm&ns=NWZErudGoiMNFS03C313YgML&gir=yes&clen=8195809&dur=159.840&lmt=1541067562718005&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=W_LCnxpHmpKzCw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgIJBxkcLrQ5_c4Q9la2nOuzyjR8FSB_mLTB8y-tUPrgECIQDiitR54cvO_Wk_lDhVgjsRFnoaKCDCPPpyzmYGAreeAw%3D%3D&alr=yes&cpn=N0iYdHivFNba8TY5&cver=1.20230129.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=tj&mm=29&mn=sn-5go7ynlk&ms=rdu&mt=1675293929&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgSHAlDrKHw-eQeaAnI868w48rEx9rVyU87iWyC3Z_v0ACIFDZKn01YJ-rVqnvhXoYq6hgUXV9b0OP15PYAlWKJ9BC&range=0-168627&rn=4&rbuf=0&pot=D6Cvstj5s7pqoJfaTZ-dxXS09mh_rPRzu9ZDaMak50EeN4S-pwvh-6qZ4MOdqPPfXRerGi5akes5DJ3xZZ-XvzK2_kPgPhjjZxVTFCAGeVOu652YaIDAsXXm9wzqQ5GhzhzsPas= HTTP/1.1
Host: rr4---sn-5go7ynlk.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 01 Nov 2018 10:19:22 GMT
Content-Type: video/webm
Date: Wed, 01 Feb 2023 23:27:28 GMT
Expires: Wed, 01 Feb 2023 23:27:28 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 168628
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash b8a6daedb95c6be3828637ae417b1fe0
ff4214135eda8e24f0b09c960a94c5c44ecdbdab
279b874e9c27f6580160da452cdd22851271c92d496ee015ab90639ea095e15d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:27:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash df74d0c5bbc711a484e4508808c3357a
304f6b29d37c4f6ae20a4031ec6b3a879f9928c8
14200bd4d7eff065de2b62f1770c31edb357a95390c619867f00660a88e92ae8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:27:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type gzip compressed data, max compression\012- data
Hash 2c5e576c986fa3babe2c32f4a7ca3f3c
2f9f0aaf63ec000b07fc073c26fddfb6ab4e4466
f560931ec3844307c32fb2b1503925261fc99f30ecd22d27664b104e13e5567c
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 264329
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 07:51:59 GMT
expires: Thu, 01 Feb 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 56130
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79ec7db4-9aef-4e9e-a8d9-431c9085df2a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79ec7db4-9aef-4e9e-a8d9-431c9085df2a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b0ca0ccee69fbee57aac373f94120bb4
5d6309502ffd0c33f6199d46f0d14d0a22e3c752
bed9d4689ff57fa636ee08dab3eef3cdf6c4e0a7103e5185151afe8ddfb755f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79ec7db4-9aef-4e9e-a8d9-431c9085df2a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11552
x-amzn-requestid: 611f63cb-f058-493b-ac86-7e268b866fd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTvG9VIAMFgPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc17-78de7563537b111924100346;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lHLm3IkJRn59US_8SXKXQnNDUiCLIWnQ7QN-DWB3jkot9Ub3b6FUgA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:01:11 GMT
age: 5180
etag: "5d6309502ffd0c33f6199d46f0d14d0a22e3c752"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Rubik:300,400,500,700,900,300italic,400italic,500italic,700italic,900italic%7CPoppins:300,400,500,600,700&display=swap&ver=1651350316
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Rubik:300,400,500,700,900,300italic,400italic,500italic,700italic,900italic%7CPoppins:300,400,500,600,700&display=swap&ver=1651350316
IP 142.250.74.106:0
GET /css?family=Rubik:300,400,500,700,900,300italic,400italic,500italic,700italic,900italic%7CPoppins:300,400,500,600,700&display=swap&ver=1651350316 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 01 Feb 2023 23:27:25 GMT
date: Wed, 01 Feb 2023 23:27:25 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/iframe_api?ver=6.5.0
142.250.74.14200 OK 0 B URL HTTP/2 www.youtube.com/iframe_api?ver=6.5.0
IP 142.250.74.14:0
GET /iframe_api?ver=6.5.0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://klargexports.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Wed, 01 Feb 2023 23:27:25 GMT
date: Wed, 01 Feb 2023 23:27:25 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=3ti4TXptqKo; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TlRNek16RXpOakE1T0RZMU9EYzNNZz09EN3q654GGN3q654G; Domain=.youtube.com; Expires=Mon, 31-Jul-2023 23:27:25 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=PLqEngQ_K20; Domain=.youtube.com; Expires=Mon, 31-Jul-2023 23:27:25 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+317; expires=Fri, 31-Jan-2025 23:27:25 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2