| evgbin.com/cr38l3k.php?key=8ec3e9b48b1b607e7e46&clickId=GMvsAzj3kgNohIgrcLPdgwHoAbnvSPEBAAAAAAAAHED5ASlcj8L1KBRAgAKmgOD_hfrc0gE&Cost=0&zoneId=1193913&ageGroup=UNKNOWN&campaignId=705540&feed=0&browserVersion=0&os=windows&osVersion=win_10&carrier=Google+user-triggered+fetchers&creativeId=2158259&browser=Other | 157.90.94.62 | 307 Temporary Redirect | 0 B |
URL User Request GET HTTP/2evgbin.com/cr38l3k.php?key=8ec3e9b48b1b607e7e46&clickId=GMvsAzj3kgNohIgrcLPdgwHoAbnvSPEBAAAAAAAAHED5ASlcj8L1KBRAgAKmgOD_hfrc0gE&Cost=0&zoneId=1193913&ageGroup=UNKNOWN&campaignId=705540&feed=0&browserVersion=0&os=windows&osVersion=win_10&carrier=Google+user-triggered+fetchers&creativeId=2158259&browser=Other IP157.90.94.62:443 ASN#24940 Hetzner Online GmbH
CertificateIssuerLet's Encrypt Subjectevgbin.com Fingerprint90:93:79:5B:FE:E9:21:F5:D4:30:93:10:5D:19:CD:F8:13:1A:96:96 ValidityTue, 07 May 2024 12:59:35 GMT - Mon, 05 Aug 2024 12:59:34 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cr38l3k.php?key=8ec3e9b48b1b607e7e46&clickId=GMvsAzj3kgNohIgrcLPdgwHoAbnvSPEBAAAAAAAAHED5ASlcj8L1KBRAgAKmgOD_hfrc0gE&Cost=0&zoneId=1193913&ageGroup=UNKNOWN&campaignId=705540&feed=0&browserVersion=0&os=windows&osVersion=win_10&carrier=Google+user-triggered+fetchers&creativeId=2158259&browser=Other HTTP/1.1
Host: evgbin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
date: Fri, 10 May 2024 08:21:18 GMT
location: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
server: Caddy
set-cookie: uclick=nruMxVsIMNo11LX8bmCY5UqENDUH0/tkKMm84q+UROZFjZEdahWNlCigHLs+tVn99MGTGZnY; Max-Age=31536000; SameSite=Lax
bcid=couthvj4mbic7393ps40; Max-Age=31536000; SameSite=Lax
cid=couthvj4mbic7393ps40; Max-Age=31536000; SameSite=Lax
x-request-id: 1c53670a-d0c7-4ec8-a28a-754616fbcc77
content-length: 0
X-Firefox-Spdy: h2
|
|
| domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 | 185.254.198.31 | 200 OK | 4.0 kB |
URL User Request GET HTTP/1.1domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 IP185.254.198.31:443 ASN#30860 Virtual Systems LLC
CertificateIssuerLet's Encrypt Subjectdomagain.click Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34 ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash0a225335916773c7c6c3c1d2b9347fa2 80d7cce35be646fb22c4508de1f77e5e88bf1e22 da20e1aac402c6a58154f387915fbb1a9c22489be9c561712d3b3cb96cfa97f6
GET /Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: text/html
Content-Length: 4022
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-fb6"
Accept-Ranges: bytes
|
|
| domagain.click/Evg_LeftToSurvive/multilang/cookie.js | 185.254.198.31 | 200 OK | 2.4 kB |
URL GET HTTP/1.1domagain.click/Evg_LeftToSurvive/multilang/cookie.js IP185.254.198.31:443 ASN#30860 Virtual Systems LLC
Requested byhttps://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 CertificateIssuerLet's Encrypt Subjectdomagain.click Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34 ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT
File typeJavaScript source, ASCII text Hash6c3c07f6b4fceb0275703dc8de8abcaf e356f252f803d8a712738693dec21778170582be 3bd24fff093bf801351774ac038e07c046ebc272186c99b6e45c872b74d712d1
GET /Evg_LeftToSurvive/multilang/cookie.js HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: application/javascript
Content-Length: 2425
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-979"
Accept-Ranges: bytes
|
|
| push-sdk.net/f/sdk.js?z=1007153 | 178.63.248.57 | 200 OK | 15 kB |
URL GET HTTP/2push-sdk.net/f/sdk.js?z=1007153 IP178.63.248.57:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 CertificateIssuerLet's Encrypt Subjectpush-sdk.net FingerprintEF:07:FF:9E:FF:54:65:75:76:5D:48:DC:E3:45:59:45:0B:9A:86:95 ValiditySun, 14 Apr 2024 03:34:59 GMT - Sat, 13 Jul 2024 03:34:58 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (53344), with no line terminators Hashdf17f9793d0bbfbec3c9285f3dcc6200 12f0459f4095371bee63e6dd5f04ea9451cff933 1c60c387936024b9abb1b2514bba07be7725ffad25903c7faf23eecb61e222d7
GET /f/sdk.js?z=1007153 HTTP/1.1
Host: push-sdk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Angie
date: Fri, 10 May 2024 08:21:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 14884
content-encoding: gzip
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| domagain.click/Evg_LeftToSurvive/multilang/langs.js | 185.254.198.31 | 200 OK | 1.5 kB |
URL GET HTTP/1.1domagain.click/Evg_LeftToSurvive/multilang/langs.js IP185.254.198.31:443 ASN#30860 Virtual Systems LLC
Requested byhttps://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 CertificateIssuerLet's Encrypt Subjectdomagain.click Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34 ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT
File typeJavaScript source, ASCII text Hashcaf95d09b60756faedd74ca70a4800bb bb1832d27f4a2696fba6d900332edf292369c72a 988f11d3102dfe317d89827b316b8f2f077c1cd66ac611013da6b6ace31ff3a9
GET /Evg_LeftToSurvive/multilang/langs.js HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: application/javascript
Content-Length: 1481
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-5c9"
Accept-Ranges: bytes
|
|
| domagain.click/Evg_LeftToSurvive/style/style.css | 185.254.198.31 | 200 OK | 6.5 kB |
URL GET HTTP/1.1domagain.click/Evg_LeftToSurvive/style/style.css IP185.254.198.31:443 ASN#30860 Virtual Systems LLC
Requested byhttps://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 CertificateIssuerLet's Encrypt Subjectdomagain.click Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34 ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT
Hash0a73e4864395eb142ae72aef710f0869 76069abdffbb9978c7b9129ab4eca7d0f56dd106 b9011a4c8d263f8dfbc847058623d5ca54f1333264c3286c0b864d6c4a5f528e
GET /Evg_LeftToSurvive/style/style.css HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: text/css
Content-Length: 6535
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-1987"
Accept-Ranges: bytes
|
|
| domagain.click/Evg_LeftToSurvive/scripts/script.js | 185.254.198.31 | 200 OK | 822 B |
URL GET HTTP/1.1domagain.click/Evg_LeftToSurvive/scripts/script.js IP185.254.198.31:443 ASN#30860 Virtual Systems LLC
Requested byhttps://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 CertificateIssuerLet's Encrypt Subjectdomagain.click Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34 ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT
File typeASCII text, with CRLF line terminators Hashfb4b8ec18ebdc55173208fe7d476f7c0 b97e2ff70046a17f64a3b145552d3e1b84b50337 4e24bdf110e9be830a288b635a2162a36dea6af38a585247a0877df71a7fc372
GET /Evg_LeftToSurvive/scripts/script.js HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: application/javascript
Content-Length: 822
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-336"
Accept-Ranges: bytes
|
|
| domagain.click/Evg_LeftToSurvive/media/gb1.png | 185.254.198.31 | 200 OK | 13 kB |
URL GET HTTP/1.1domagain.click/Evg_LeftToSurvive/media/gb1.png IP185.254.198.31:443 ASN#30860 Virtual Systems LLC
Requested byhttps://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 CertificateIssuerLet's Encrypt Subjectdomagain.click Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34 ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT
File typePNG image data, 346 x 256, 8-bit colormap, non-interlaced Hash02969c3b8f167fba050928541169d755 7428e6abf487d5032104c276a3f011cb7ca6506f 529fecd014023e8319be1a82d085c86997f4aa276d0f430678a43d1d5d27470e
GET /Evg_LeftToSurvive/media/gb1.png HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: image/png
Content-Length: 13189
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-3385"
Accept-Ranges: bytes
|
|
| domagain.click/Evg_LeftToSurvive/media/pb1.png | 185.254.198.31 | 200 OK | 14 kB |
URL GET HTTP/1.1domagain.click/Evg_LeftToSurvive/media/pb1.png IP185.254.198.31:443 ASN#30860 Virtual Systems LLC
Requested byhttps://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 CertificateIssuerLet's Encrypt Subjectdomagain.click Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34 ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT
File typePNG image data, 346 x 256, 8-bit colormap, non-interlaced Hashb8fa6f41e58313127030c712256d0e20 a514365b9f12f790fa2a6503a9108d192da1aa5d 76a131ae0ae2e4fc408e547bafe576fa4b8e139588498d3aae3af11ba8bcb033
GET /Evg_LeftToSurvive/media/pb1.png HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: image/png
Content-Length: 13809
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-35f1"
Accept-Ranges: bytes
|
|
| domagain.click/Evg_LeftToSurvive/media/arrow-top.svg | 185.254.198.31 | 200 OK | 196 B |
URL GET HTTP/1.1domagain.click/Evg_LeftToSurvive/media/arrow-top.svg IP185.254.198.31:443 ASN#30860 Virtual Systems LLC
Requested byhttps://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 CertificateIssuerLet's Encrypt Subjectdomagain.click Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34 ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT
File typeSVG Scalable Vector Graphics image Hash53bed279e22a966de2e5660aa94f1b36 991389dc21ce9d849d471c1b59c8787203f26739 8690b38f581cfab1bd8c34ec3ee62ab9c15a2bacdd909084656f76077f6588d4
GET /Evg_LeftToSurvive/media/arrow-top.svg HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: image/svg+xml
Content-Length: 196
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-c4"
Accept-Ranges: bytes
|
|
| domagain.click/Evg_LeftToSurvive/media/gb3.png | 185.254.198.31 | 200 OK | 10 kB |
URL GET HTTP/1.1domagain.click/Evg_LeftToSurvive/media/gb3.png IP185.254.198.31:443 ASN#30860 Virtual Systems LLC
Requested byhttps://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 CertificateIssuerLet's Encrypt Subjectdomagain.click Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34 ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT
File typePNG image data, 346 x 256, 8-bit colormap, non-interlaced Hash3655fda4985e655f7e39e9d678b2df21 a783af53529a4f1f62cd21c63e89efb388482b48 208ad0a0943fd0c149ab1a41edd6e6d1043f1f998fa9a32b3ac4b5b323bd7629
GET /Evg_LeftToSurvive/media/gb3.png HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: image/png
Content-Length: 10506
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-290a"
Accept-Ranges: bytes
|
|
| domagain.click/Evg_LeftToSurvive/media/rb3.png | 185.254.198.31 | 200 OK | 18 kB |
URL GET HTTP/1.1domagain.click/Evg_LeftToSurvive/media/rb3.png IP185.254.198.31:443 ASN#30860 Virtual Systems LLC
Requested byhttps://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 CertificateIssuerLet's Encrypt Subjectdomagain.click Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34 ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT
File typePNG image data, 346 x 256, 8-bit colormap, non-interlaced Hash2f46c4c21c28ee3c9f403461d8305f04 c29fe152308c6692444b8dbd8b97b43bad5c1600 d257ff6bb14cb62d247e49eed9e029fa56dd98fbb38250a4702585e70dfc4290
GET /Evg_LeftToSurvive/media/rb3.png HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: image/png
Content-Length: 18149
Last-Modified: Thu, 09 May 2024 16:49:31 GMT
Connection: keep-alive
ETag: "663cfe9b-46e5"
Accept-Ranges: bytes
|
|
| domagain.click/Evg_LeftToSurvive/media/arrow-down.svg | 185.254.198.31 | 200 OK | 194 B |
URL GET HTTP/1.1domagain.click/Evg_LeftToSurvive/media/arrow-down.svg IP185.254.198.31:443 ASN#30860 Virtual Systems LLC
Requested byhttps://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 CertificateIssuerLet's Encrypt Subjectdomagain.click Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34 ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT
File typeSVG Scalable Vector Graphics image Hasha3d96d6455b745024b46e5575d810e1e e1a4c28b8418d807c83d4b1a89358187b6fb0d83 4a684a1b21f96233295e2d003a913e6aa0fe342f7dc20e2f53335a804bab4b71
GET /Evg_LeftToSurvive/media/arrow-down.svg HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: image/svg+xml
Content-Length: 194
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-c2"
Accept-Ranges: bytes
|
|
| push-sdk.net/event?z=1007153 | 178.63.248.57 | 200 OK | 0 B |
URL POST HTTP/2push-sdk.net/event?z=1007153 IP178.63.248.57:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 CertificateIssuerLet's Encrypt Subjectpush-sdk.net FingerprintEF:07:FF:9E:FF:54:65:75:76:5D:48:DC:E3:45:59:45:0B:9A:86:95 ValiditySun, 14 Apr 2024 03:34:59 GMT - Sat, 13 Jul 2024 03:34:58 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event?z=1007153 HTTP/1.1
Host: push-sdk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 101
Origin: https://domagain.click
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Angie
date: Fri, 10 May 2024 08:21:19 GMT
content-length: 0
access-control-allow-origin: https://domagain.click
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
expires: Tue, 11 Jan 1994 00:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
X-Firefox-Spdy: h2
|
|
| domagain.click/Evg_LeftToSurvive/media/rb1.png | 185.254.198.31 | 200 OK | 21 kB |
URL GET HTTP/1.1domagain.click/Evg_LeftToSurvive/media/rb1.png IP185.254.198.31:443 ASN#30860 Virtual Systems LLC
Requested byhttps://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 CertificateIssuerLet's Encrypt Subjectdomagain.click Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34 ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT
File typePNG image data, 346 x 256, 8-bit colormap, non-interlaced Hasha205de660a0416d3281509dbb537b224 f1d9df02b9ef7f931343e8dccc0dcb6d3df3d6e8 5747943f66b4ed2c2bb748c16e17d01a23f7d3cdf1365ef1e06e3450be06195e
GET /Evg_LeftToSurvive/media/rb1.png HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: image/png
Content-Length: 20767
Last-Modified: Thu, 09 May 2024 16:49:31 GMT
Connection: keep-alive
ETag: "663cfe9b-511f"
Accept-Ranges: bytes
|
|
| domagain.click/Evg_LeftToSurvive/media/pb2.png | 185.254.198.31 | 200 OK | 17 kB |
URL GET HTTP/1.1domagain.click/Evg_LeftToSurvive/media/pb2.png IP185.254.198.31:443 ASN#30860 Virtual Systems LLC
Requested byhttps://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 CertificateIssuerLet's Encrypt Subjectdomagain.click Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34 ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT
File typePNG image data, 346 x 256, 8-bit colormap, non-interlaced Hash4da59c000125d9e5d5949775e6b8f8a2 694c27a273ec552d29f6e65aae976471d3f42f9a cb6ce908a01902796ba5dc4ed81d6cb332ff9a3ab90382a75bc633634b4792cc
GET /Evg_LeftToSurvive/media/pb2.png HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: image/png
Content-Length: 16916
Last-Modified: Thu, 09 May 2024 16:49:31 GMT
Connection: keep-alive
ETag: "663cfe9b-4214"
Accept-Ranges: bytes
|
|
| domagain.click/Evg_LeftToSurvive/media/bb1.png | 185.254.198.31 | 200 OK | 12 kB |
URL GET HTTP/1.1domagain.click/Evg_LeftToSurvive/media/bb1.png IP185.254.198.31:443 ASN#30860 Virtual Systems LLC
Requested byhttps://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 CertificateIssuerLet's Encrypt Subjectdomagain.click Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34 ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT
File typePNG image data, 346 x 256, 8-bit colormap, non-interlaced Hash5c707e3bed3d24ac453381c66574cfc4 2ea4894d5d30234cc3ce92ddda468ac54d5b077c fbaf1a07b6736fae717dac846b28fe74ed0cbf2bc767b0241afca835bd382977
GET /Evg_LeftToSurvive/media/bb1.png HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: image/png
Content-Length: 12178
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-2f92"
Accept-Ranges: bytes
|
|
| domagain.click/Evg_LeftToSurvive/media/pb3.png | 185.254.198.31 | 200 OK | 15 kB |
URL GET HTTP/1.1domagain.click/Evg_LeftToSurvive/media/pb3.png IP185.254.198.31:443 ASN#30860 Virtual Systems LLC
Requested byhttps://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 CertificateIssuerLet's Encrypt Subjectdomagain.click Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34 ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT
File typePNG image data, 346 x 256, 8-bit colormap, non-interlaced Hashec208ace606d480270119a54cafc4ebe 43810f2b0c6fafc7b6378bea1cade574a7782783 191d36c860d53177845a0d3b04d619884c20304f983ad101b4ad81d7d975d6bc
GET /Evg_LeftToSurvive/media/pb3.png HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: image/png
Content-Length: 14599
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-3907"
Accept-Ranges: bytes
|
|
| domagain.click/Evg_LeftToSurvive/media/bb2.png | 185.254.198.31 | 200 OK | 15 kB |
URL GET HTTP/1.1domagain.click/Evg_LeftToSurvive/media/bb2.png IP185.254.198.31:443 ASN#30860 Virtual Systems LLC
Requested byhttps://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 CertificateIssuerLet's Encrypt Subjectdomagain.click Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34 ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT
File typePNG image data, 346 x 256, 8-bit colormap, non-interlaced Hash30c2eb15d00250eef647c013fb2ffee9 02031a135af3bb442561064239985f081fad4150 e63dad5c51b9e30185cc6864c4f6f6cdb369d182d1d7d6191d2b3a205f2df1af
GET /Evg_LeftToSurvive/media/bb2.png HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: image/png
Content-Length: 15288
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-3bb8"
Accept-Ranges: bytes
|
|
| domagain.click/Evg_LeftToSurvive/media/gb2.png | 185.254.198.31 | 200 OK | 13 kB |
URL GET HTTP/1.1domagain.click/Evg_LeftToSurvive/media/gb2.png IP185.254.198.31:443 ASN#30860 Virtual Systems LLC
Requested byhttps://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 CertificateIssuerLet's Encrypt Subjectdomagain.click Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34 ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT
File typePNG image data, 346 x 256, 8-bit colormap, non-interlaced Hash019c207196066f6fea10b80c79400578 12dcd9173a8cb0eb26bf9dae91cbc0ef11c1ec68 4461f96eb8d8c36573d7c4292eed3743eaa692aedd923b74b66d6621862f26f9
GET /Evg_LeftToSurvive/media/gb2.png HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: image/png
Content-Length: 12665
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-3179"
Accept-Ranges: bytes
|
|
| domagain.click/Evg_LeftToSurvive/media/gb4.png | 185.254.198.31 | 200 OK | 13 kB |
URL GET HTTP/1.1domagain.click/Evg_LeftToSurvive/media/gb4.png IP185.254.198.31:443 ASN#30860 Virtual Systems LLC
Requested byhttps://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 CertificateIssuerLet's Encrypt Subjectdomagain.click Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34 ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT
File typePNG image data, 346 x 256, 8-bit colormap, non-interlaced Hash0e5fa8d0ab79df3e0c1d8d920c5c8c10 b73c6125e150fdc049f160f309447d743d1cedb3 9b33c4462978507092feb08a847f9330edd030f8e1ab3a3460623db9ef974c8e
GET /Evg_LeftToSurvive/media/gb4.png HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: image/png
Content-Length: 12809
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-3209"
Accept-Ranges: bytes
|
|
| domagain.click/Evg_LeftToSurvive/media/bb3.png | 185.254.198.31 | 200 OK | 14 kB |
URL GET HTTP/1.1domagain.click/Evg_LeftToSurvive/media/bb3.png IP185.254.198.31:443 ASN#30860 Virtual Systems LLC
Requested byhttps://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 CertificateIssuerLet's Encrypt Subjectdomagain.click Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34 ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT
File typePNG image data, 346 x 256, 8-bit colormap, non-interlaced Hash03ee2660c343fd3c626b7b5e1e8f053b b953b103db983416c4bcd240124779c209961eeb 9c0c893c149d221eff9f000219f2f45c743fe2ad1357553859a631733b863ef9
GET /Evg_LeftToSurvive/media/bb3.png HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: image/png
Content-Length: 14273
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-37c1"
Accept-Ranges: bytes
|
|
| domagain.click/Evg_LeftToSurvive/media/rb2.png | 185.254.198.31 | 200 OK | 23 kB |
URL GET HTTP/1.1domagain.click/Evg_LeftToSurvive/media/rb2.png IP185.254.198.31:443 ASN#30860 Virtual Systems LLC
Requested byhttps://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 CertificateIssuerLet's Encrypt Subjectdomagain.click Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34 ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT
File typePNG image data, 346 x 256, 8-bit colormap, non-interlaced Hashf2af8793265743c28389f6034caa6221 8dd5db033f83fb547957226fcf7fcf7e5ec90ade e288953990d153643f53f22a91260a98ede7409965aad05b5b6fc17d6845c05b
GET /Evg_LeftToSurvive/media/rb2.png HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: image/png
Content-Length: 23046
Last-Modified: Thu, 09 May 2024 16:49:31 GMT
Connection: keep-alive
ETag: "663cfe9b-5a06"
Accept-Ranges: bytes
|
|
| domagain.click/Evg_LeftToSurvive/media/bg.jpg | 185.254.198.31 | 200 OK | 284 kB |
URL GET HTTP/1.1domagain.click/Evg_LeftToSurvive/media/bg.jpg IP185.254.198.31:443 ASN#30860 Virtual Systems LLC
Requested byhttps://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 CertificateIssuerLet's Encrypt Subjectdomagain.click Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34 ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=164, yresolution=172, resolutionunit=2], baseline, precision 8, 1920x1200, components 3 Size284 kB (283730 bytes) Hash6b67842584abd3cb78b6ae21ae9a8847 bb9208314daed01112c090d35642d71f8fca5714 6a3f7894cf2433491bde509e230d3d107e0946179ca027a1e7468049621fb01b
GET /Evg_LeftToSurvive/media/bg.jpg HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/style/style.css
Cookie: GoogleAccountsLocale_session=en; googtrans=/en/en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:19 GMT
Content-Type: image/jpeg
Content-Length: 283730
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-45452"
Accept-Ranges: bytes
|
|
| domagain.click/Evg_LeftToSurvive/media/favicon.ico | 185.254.198.31 | 200 OK | 4.3 kB |
URL GET HTTP/1.1domagain.click/Evg_LeftToSurvive/media/favicon.ico IP185.254.198.31:443 ASN#30860 Virtual Systems LLC
Requested byhttps://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 CertificateIssuerLet's Encrypt Subjectdomagain.click Fingerprint93:91:3A:8B:7A:6C:5A:F2:BE:ED:2D:B4:60:09:55:FB:0D:B8:79:34 ValidityThu, 09 May 2024 15:37:25 GMT - Wed, 07 Aug 2024 15:37:24 GMT
File typeMS Windows icon resource - 1 icon, 32x32, 32 bits/pixel Hash26127b8cf81c19439e9a42da9b6f9f95 4d99c0c0188823ec70e0ca8d7d9c50b807857d3d 66e88d1139311cdf8e39a0b8ba809f90a824eee2fb36e37c218f6b6b2e1ffba2
GET /Evg_LeftToSurvive/media/favicon.ico HTTP/1.1
Host: domagain.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40
Cookie: GoogleAccountsLocale_session=en; googtrans=/en/en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 08:21:20 GMT
Content-Type: image/x-icon
Content-Length: 4286
Last-Modified: Thu, 09 May 2024 16:49:30 GMT
Connection: keep-alive
ETag: "663cfe9a-10be"
Accept-Ranges: bytes
|
|
| www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=BgM/d=0/rs=AN8SPfq0d33yBxzMYYqNCamwNK0h9W1I4w/m=el_main_css | 142.250.74.131 | 200 OK | 4.0 kB |
URL GET HTTP/2www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=BgM/d=0/rs=AN8SPfq0d33yBxzMYYqNCamwNK0h9W1I4w/m=el_main_css IP142.250.74.131:443
Requested byhttps://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeASCII text, with very long lines (20367), with no line terminators Hash72d3a735ccca1027f6b3afba2c93e3a7 67f8eff8d17334c59c28fc1753bf451527c7490d c8c845f55e2346b89894ce0df8185ee182359e096bf29987d5cf1f8a7391bef1
GET /_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=BgM/d=0/rs=AN8SPfq0d33yBxzMYYqNCamwNK0h9W1I4w/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3960
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 May 2024 15:31:59 GMT
expires: Thu, 08 May 2025 15:31:59 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
age: 146961
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.ScQnttr3jIk.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfqJ0Hz8ni9nrsAXHpntm0qqHgqQCw/m=el_main | 216.58.211.10 | 200 OK | 73 kB |
URL GET HTTP/2translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.ScQnttr3jIk.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfqJ0Hz8ni9nrsAXHpntm0qqHgqQCw/m=el_main IP216.58.211.10:443
Requested byhttps://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, ASCII text, with very long lines (2297) Hashbf47475b5b52d458f577a3413e6643a5 97bc58b845b8be59fb4914a52f22ab23e83e60f1 3a4153a0531933048ae28d84e5426a3d725e89b6d41e6206c03cc5965280d8a4
GET /_/translate_http/_/js/k=translate_http.tr.no.ScQnttr3jIk.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfqJ0Hz8ni9nrsAXHpntm0qqHgqQCw/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 72582
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 17:15:50 GMT
expires: Fri, 09 May 2025 17:15:50 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 08 May 2024 17:11:28 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 54330
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/images/branding/product/2x/translate_24dp.png | 142.250.74.131 | 200 OK | 1.8 kB |
URL GET HTTP/3www.gstatic.com/images/branding/product/2x/translate_24dp.png IP142.250.74.131:443
Requested byhttps://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hashc69c796362406f9e11c7f4bf5bb628da e489ce95ab56208090868882113d7416abf46775 4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=BgM/d=0/rs=AN8SPfq0d33yBxzMYYqNCamwNK0h9W1I4w/m=el_main_css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 06:54:36 GMT
expires: Wed, 07 May 2025 06:54:36 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
age: 264404
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg | 142.250.74.163 | 200 OK | 3.3 kB |
URL GET HTTP/2fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg IP142.250.74.163:443
Requested byhttps://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeSVG Scalable Vector Graphics image Hash2bd5c073a88b83ed74db88282a56ddfb d0ebfc376f8c6a44a8d4cd216817dcd7d0c33650 ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
GET /s/i/productlogos/translate/v14/24px.svg HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 3340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 23:45:27 GMT
expires: Fri, 09 May 2025 23:45:27 GMT
cache-control: public, max-age=31536000
age: 30953
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback | 142.250.74.74 | | 1.4 kB |
URL translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback IP142.250.74.74:0
Hasha3eefe14b1b4698460d992bd1673a26b a2fca6ebb00b8bdcca3eda88654d02d2c165b9c4 87514750a90cd70dd22c8673cfa80d804ef55840bd0755950af2118d8d218067
GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 10 May 2024 08:21:20 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=514=cKODk07FDEel_2RLAyw6XpFbddd-H6YFEK93tgVExgnedOvQIycxzvUom4OS1IlfRT5Xaowt5x3IWgBycCgIlbLMbNJwB2KZTKijWjTVt66gmQQzdPOX8I5XWYovA-YfDtkwp964vdoc5rs4UGcFybvSc__Ao66TGyn_72_wxbg; expires=Sat, 09-Nov-2024 08:21:20 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
expires: Fri, 10 May 2024 08:21:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 | 216.58.211.10 | 200 OK | 0 B |
URL OPTIONS HTTP/3translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 IP216.58.211.10:443
Requested byhttps://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://domagain.click/
Origin: https://domagain.click
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://domagain.click
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 10 May 2024 08:21:30 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 | 216.58.211.10 | 200 OK | 131 B |
URL OPTIONS HTTP/3translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 IP216.58.211.10:443
Requested byhttps://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://domagain.click/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 1190
Origin: https://domagain.click
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://domagain.click
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Fri, 10 May 2024 08:21:30 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| translate.google.com/translate_a/element.js?cb=googleTranslateElementInit | 216.58.211.14 | 200 OK | 89 kB |
URL GET HTTP/2translate.google.com/translate_a/element.js?cb=googleTranslateElementInit IP216.58.211.14:443
Requested byhttps://domagain.click/Evg_LeftToSurvive/index.html?click_id=couthvj4mbic7393ps40 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJavaScript source, ASCII text, with very long lines (2064) Hash9de20623b82bc1cf3023d5c898180f37 084d83094721141cde06ca542d5c9c401f48b537 5c7857466946b28f88b1dbaa72a084ffc35ba8c978a88cac4e22a54e9d349bc8
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://domagain.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 10 May 2024 08:21:20 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|