Report - upload.ee/download/13094804/72c7cd4902ca1b8c7159/krt_club_3.1.0.29_repack_v6.21.4_fix5

Report Overview

Visited public
2024-09-25 20:31:28
Tags
URL
upload.ee/download/13094804/72c7cd4902ca1b8c7159/krt_club_3.1.0.29_repack_v6.21.4_fix5_rus.zip
Finishing URL
www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html
IP / ASN
57.129.39.102
#16276 OVH SAS
Title
UPLOAD.EE - KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip - Download

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
status.rapidssl.com	6946	2002-04-05	2018-06-15 22:49:00	2024-09-25 18:23:01	331 B	735 B	192.229.221.95
du0pud0sdlmzf.cloudfront.net	unknown	2008-04-25	2023-08-24 12:49:59	2024-09-25 12:16:02	1.8 kB	120 kB	143.204.42.48
accounts.google.com	81	1997-09-15	2016-03-20 13:44:49	2024-09-25 18:16:50	3.7 kB	15 kB	108.177.14.84
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-09-25 18:12:04	1.3 kB	3.5 kB	23.36.77.32
undefined	142677	unknown	2020-01-28 20:52:40	2023-07-23 07:59:56	937 B	0 B	0.0.0.0
www.upload.ee	981196	2010-07-04	2012-05-24 10:39:37	2024-09-25 10:16:02	4.7 kB	26 kB	57.129.39.102
ukankingwithea.com	unknown	2024-01-01	2024-09-07 02:18:13	2024-09-25 15:47:39	1.3 kB	105 kB	188.114.96.1
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-09-25 18:12:29	1.3 kB	3.5 kB	23.36.76.226
upload.ee	450367	2010-07-04	2015-01-15 12:52:19	2024-09-25 10:15:55	548 B	627 B	57.129.39.102
ftheusysianeduk.com	unknown	2024-07-08	2024-09-06 10:35:43	2024-09-25 12:16:02	2.7 kB	2.8 kB	188.114.96.1
o.pki.goog	unknown	2016-06-13	2024-04-24 13:44:57	2024-09-25 18:12:10	1.3 kB	2.8 kB	142.250.74.131
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2024-09-25 18:21:25	871 B	176 kB	142.250.74.168
runingamgladt.com	unknown	2024-07-08	2024-09-24 18:21:36	2024-09-25 15:47:39	1.9 kB	3.7 kB	108.157.214.55

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-09-25	medium	undefined	Sinkholed

ThreatFox

No alerts detected

JavaScript (11)

	URL	From	Size	First Seen	Last Seen
	www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html	ScriptElement	14 B	2023-03-09	2025-04-30
Pretty URL www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html IP 57.129.39.102 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 23:09 Last Seen2025-04-30 23:46 Times Seen3299 Hash 48e07e6b9e60fc36f21db6b71bf0b4b1 fb4085cc0058779b28e5c366a2b92cf242399c2f 3cbdc71216bd0aa119c93b4c5213941e9972e26ef16b3386c7c9cb32bcc60d64 Loading...

	www.upload.ee/js/js__file_upload.js	ScriptElement	26 kB	2023-10-24	2025-04-30
Pretty URL www.upload.ee/js/js__file_upload.js IP 57.129.39.102 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-24 16:45 Last Seen2025-04-30 23:46 Times Seen3204 Hash 66684709338f7239056ff3302e16bc4a 7dbd501434bdc062cdc8f6744e272a7d39ca5136 5163e50a8fe4549a8ca064e266de9c8e6aebd1d848185e0931959824a4d32c0f Loading...

	www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html	ScriptElement	57 B	2023-03-09	2025-04-30
Pretty URL www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html IP 57.129.39.102 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 23:09 Last Seen2025-04-30 23:46 Times Seen3297 Hash 63fa78e3d4ae4b7fc4cf5126264cb75e 65657518c61173b8205d4fb68aabfae6ae7270a0 a31d904d1ab6191632f68d0b375b622e4699c6e840f99ce53699df5d9f77ef6a Loading...

	du0pud0sdlmzf.cloudfront.net/?dupud=997369	ScriptElement	362 kB	2024-09-28	2024-09-28
Pretty URL du0pud0sdlmzf.cloudfront.net/?dupud=997369 IP 143.204.42.48 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-28 07:41 Last Seen2024-09-28 07:41 Times Seen3 Hash 5489de131420cbad6958cb8cfe259ddc 016a166f019d56f0c4b615fddf9a9d6df5367e50 abda4735023568e54deedbfaea1fb97f164b453ebc267a87bac7edb1c77181d6 Loading...

	www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html	ScriptElement	155 B	2023-03-09	2025-04-30
Pretty URL www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html IP 57.129.39.102 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 23:09 Last Seen2025-04-30 23:46 Times Seen3288 Hash ba71a86056b5c9ef37b625aade54337e 4769c2a07aa71c342dcb06dfa2950cff7ecae40f 65d96ab8cd224643e09a693cdc8fa0b76eb9c6cfe0a4be8b797136ca83a305c0 Loading...

	www.googletagmanager.com/gtag/js?id=UA-6703115-1	ScriptElement	208 kB	2024-09-28	2024-09-28
Pretty URL www.googletagmanager.com/gtag/js?id=UA-6703115-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-28 07:41 Last Seen2024-09-28 07:41 Times Seen3 Hash fdfc507fa33da759272089202be77149 891cec884575d87980078bb0ed7171af4d626aac 85072a78d2cebbb95770df0e883a5fef274935e37f27b486f4615f6e82e7e39c Loading...

	www.upload.ee/files/13094804/sandbox%20eval%20code		147 B	2023-04-11	2025-05-01
Pretty URL www.upload.ee/files/13094804/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-01 04:37 Times Seen339640 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-01
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-01 04:37 Times Seen338852 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c	ScriptElement	287 kB	2024-09-28	2024-09-28
Pretty URL www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-28 07:41 Last Seen2024-09-28 07:41 Times Seen2 Hash 2c2ed992223ab9d80775e18e0af13b51 6900e2fd5d87a4a9be97644f4a15e8f5a5b5f3e0 4f68a8605aeff0f20819ff6a400931cd19f977f37bf0a52839c0a3a786cdb39e Loading...

	www.upload.ee/files/13094804/sandbox%20eval%20code		128 B	2023-05-06	2025-05-01
Pretty URL www.upload.ee/files/13094804/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-06 01:21 Last Seen2025-05-01 00:39 Times Seen24164 Hash 23c336606ee3a6d444b305153fa0e2e2 473a2111970ae2a94b373e656d20c4bd4184d703 305375d5052f6a14434d2d338f852f0f4f04fb26495f88a5d62b6afde2e2cc60 Loading...

	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js	ScriptElement	1.6 kB	2023-05-06	2025-05-01
Pretty URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-06 01:21 Last Seen2025-05-01 00:39 Times Seen23961 Hash 2e9e391ad98fbe1b2de0b7b4fa9ca904 21d7771223e8286a06ad878af425094a40de32b5 1468d954f25ab75355f3c0f42cd9c84efd64a67922c47d3b69bdb6d0eb399e69 Loading...

HTTP Transactions (45)

URL IP Response Size

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
72e206e9b89445fb2fb4031a6abe6169
a18bebfb86a71685bd817c15e348cfb5ea438c72
856f85441e043130f88668be6cf68110187856f17999bddc4332437d383c79b6

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "856F85441E043130F88668BE6CF68110187856F17999BDDC4332437D383C79B6"
Last-Modified: Mon, 23 Sep 2024 09:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6374
Expires: Wed, 25 Sep 2024 22:17:15 GMT
Date: Wed, 25 Sep 2024 20:31:01 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
4d7d2c93c05c23af00bdd2de1aa8def8
5d690fe96336335097f6edc39f269282fc0c03d5
ad3bf98d190e8a00b304b608273e81b0d73805059020c0e08e318194738dbe08

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "AD3BF98D190E8A00B304B608273E81B0D73805059020C0E08E318194738DBE08"
Last-Modified: Wed, 25 Sep 2024 00:20:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6445
Expires: Wed, 25 Sep 2024 22:18:26 GMT
Date: Wed, 25 Sep 2024 20:31:01 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
e49ce6a2ffd1afe9fdb15fd32491f4c5
7def7bdba49613d39e69a640fbe216a4ffee38cb
6ddbcc3388c5458c7be8c867cbff8d6ae16d588349605db0c7b5996ea32de452

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "6DDBCC3388C5458C7BE8C867CBFF8D6AE16D588349605DB0C7B5996EA32DE452"
Last-Modified: Wed, 25 Sep 2024 19:04:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17296
Expires: Thu, 26 Sep 2024 01:19:17 GMT
Date: Wed, 25 Sep 2024 20:31:01 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
0db22d1bf08e17d0aa79837780ccb58e
8a1325f2825794922c84ae24bfa90fbef5c26c86
e7663af7161fb47ba9214420ac390365b05f832603cd07b2d71a5e58c21ff854

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "E7663AF7161FB47BA9214420AC390365B05F832603CD07B2D71A5E58C21FF854"
Last-Modified: Wed, 25 Sep 2024 01:06:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6149
Expires: Wed, 25 Sep 2024 22:13:30 GMT
Date: Wed, 25 Sep 2024 20:31:01 GMT
Connection: keep-alive

status.rapidssl.com/

192.229.221.95

471 B

URL
status.rapidssl.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ec229f89cd33a781504125354f6bc27c
c5be2e48b74143aa0c316162706d1a1d881f8c77
dacbd3517d926100c062a2d8ad6011e4bceb41e473de916236be7b457c2d0080

HTTP Headers

POST / HTTP/1.1
Host: status.rapidssl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4898
Cache-Control: max-age=7200
Content-Type: application/ocsp-response
Date: Wed, 25 Sep 2024 20:31:02 GMT
Last-Modified: Wed, 25 Sep 2024 19:09:24 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471

upload.ee/download/13094804/72c7cd4902ca1b8c7159/krt_club_3.1.0.29_repack_v6.21.4_fix5_rus.zip

57.129.39.102

313 B

URL
upload.ee/download/13094804/72c7cd4902ca1b8c7159/krt_club_3.1.0.29_repack_v6.21.4_fix5_rus.zip
IP
57.129.39.102:0
ASN
#16276 OVH SAS

File type
HTML document, ASCII text
Size
313 B (313 bytes)
Hash
41e243d38911050d7046b9648e007881
a18999ff2491211e6c79a86864634a83fc97d410
c2198405423868fdaabe29a563c846504d3cae8cd3a5dbefa567a9924be047e2

HTTP Headers

GET /download/13094804/72c7cd4902ca1b8c7159/krt_club_3.1.0.29_repack_v6.21.4_fix5_rus.zip HTTP/1.1
Host: upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Sep 2024 20:31:02 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 313
Connection: keep-alive
Keep-Alive: timeout=5
Location: http://www.upload.ee/download/13094804/72c7cd4902ca1b8c7159/krt_club_3.1.0.29_repack_v6.21.4_fix5_rus.zip

www.upload.ee/download/13094804/72c7cd4902ca1b8c7159/krt_club_3.1.0.29_repack_v6.21.4_fix5_rus.zip

57.129.39.102

0 B

URL
www.upload.ee/download/13094804/72c7cd4902ca1b8c7159/krt_club_3.1.0.29_repack_v6.21.4_fix5_rus.zip
IP
57.129.39.102:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /download/13094804/72c7cd4902ca1b8c7159/krt_club_3.1.0.29_repack_v6.21.4_fix5_rus.zip HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 25 Sep 2024 20:31:02 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
Location: https://www.upload.ee/download/13094804/72c7cd4902ca1b8c7159/krt_club_3.1.0.29_repack_v6.21.4_fix5_rus.zip

www.upload.ee/download/13094804/72c7cd4902ca1b8c7159/krt_club_3.1.0.29_repack_v6.21.4_fix5_rus.zip

57.129.39.102

441 B

URL
www.upload.ee/download/13094804/72c7cd4902ca1b8c7159/krt_club_3.1.0.29_repack_v6.21.4_fix5_rus.zip
IP
57.129.39.102:0
ASN
#16276 OVH SAS

File type
HTML document, ASCII text, with very long lines (441), with no line terminators
Size
441 B (441 bytes)
Hash
b0f3eeacc87d97d08b44b2eb0f94d153
80b7a999b559d6246a8a3351c4acabd8aa15f9d6
11369d63bcab08cd053483801718d7bf3d2528be02051a4051516382134a0dc7

HTTP Headers

GET /download/13094804/72c7cd4902ca1b8c7159/krt_club_3.1.0.29_repack_v6.21.4_fix5_rus.zip HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 25 Sep 2024 20:31:02 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 441
Connection: keep-alive
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
P3P: CP="CAO PSA OUR"

www.upload.ee/download/13094804/72c7cd4902ca1b8c7159/krt_club_3.1.0.29_repack_v6.21.4_fix5_rus.zip

57.129.39.102

441 B

URL
www.upload.ee/download/13094804/72c7cd4902ca1b8c7159/krt_club_3.1.0.29_repack_v6.21.4_fix5_rus.zip
IP
57.129.39.102:0
ASN
#16276 OVH SAS

File type
HTML document, ASCII text, with very long lines (441), with no line terminators
Size
441 B (441 bytes)
Hash
b0f3eeacc87d97d08b44b2eb0f94d153
80b7a999b559d6246a8a3351c4acabd8aa15f9d6
11369d63bcab08cd053483801718d7bf3d2528be02051a4051516382134a0dc7

HTTP Headers

GET /download/13094804/72c7cd4902ca1b8c7159/krt_club_3.1.0.29_repack_v6.21.4_fix5_rus.zip HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 25 Sep 2024 20:31:02 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 441
Connection: keep-alive
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
P3P: CP="CAO PSA OUR"

www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html

57.129.39.102

200 OK

8.3 kB

URL User Request GET HTTP/1.1
www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html
IP
57.129.39.102:443
ASN
#16276 OVH SAS

Certificate
IssuerDigiCert Inc
Subjectwww.upload.ee
Fingerprint2A:42:9A:2D:AB:74:0A:9E:21:D8:90:F6:D3:67:65:F2:CF:22:E0:2E
ValiditySun, 24 Mar 2024 00:00:00 GMT - Sat, 22 Mar 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (4526)
Size
8.3 kB (8339 bytes)
Hash
77179d45aac1553f1e4caacfd479b381
4ec519ccc51aa3445c6ca5c6e75b43c1d609ebae
b5571a7fa7130386b44b0ddccd0635c59e893c7ad3c0b2b6766341e478828811

HTTP Headers

GET /files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/download/13094804/72c7cd4902ca1b8c7159/krt_club_3.1.0.29_repack_v6.21.4_fix5_rus.zip
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Sep 2024 20:31:02 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 8339
Connection: keep-alive
Keep-Alive: timeout=20
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
P3P: CP="CAO PSA OUR"
Content-Encoding: gzip
Set-Cookie: lng=eng; expires=Wed, 23-Oct-2024 20:31:02 GMT; path=/; domain=www.upload.ee; secure; httponly; SameSite=None
Last-Modified: Wed, 25 Sep 2024 20:31:02 GMT

www.upload.ee/static/ubr__style.css

57.129.39.102

200 OK

2.8 kB

URL GET HTTP/1.1
www.upload.ee/static/ubr__style.css
IP
57.129.39.102:443
ASN
#16276 OVH SAS

Requested by
https://www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html
Certificate
IssuerDigiCert Inc
Subjectwww.upload.ee
Fingerprint2A:42:9A:2D:AB:74:0A:9E:21:D8:90:F6:D3:67:65:F2:CF:22:E0:2E
ValiditySun, 24 Mar 2024 00:00:00 GMT - Sat, 22 Mar 2025 23:59:59 GMT

File type
ASCII text, with very long lines (591), with CRLF line terminators
Size
2.8 kB (2841 bytes)
Hash
7b9692d4caecccf38e40d2333f8e00b0
8ecb4f873571250f02a5cc2ceff0a24aed25fc33
c4042306388924b75aa7d584c1e61165264967a52d09544ecba836f0d00eb9b9

HTTP Headers

GET /static/ubr__style.css HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html
Cookie: lng=eng
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Sep 2024 20:31:02 GMT
Content-Type: text/css
Last-Modified: Wed, 03 Jul 2024 13:31:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
ETag: W/"66855297-24da"
Expires: Wed, 02 Oct 2024 20:31:02 GMT
Cache-Control: max-age=604800
Vary: Accept-Encoding
Content-Encoding: gzip

du0pud0sdlmzf.cloudfront.net/?dupud=997369

143.204.42.48

200 OK

117 kB

URL GET HTTP/2
du0pud0sdlmzf.cloudfront.net/?dupud=997369
IP
143.204.42.48:443
ASN
#16509 AMAZON-02

Requested by
https://www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html
Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62
ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (15945)
Size
117 kB (117408 bytes)
Hash
5489de131420cbad6958cb8cfe259ddc
016a166f019d56f0c4b615fddf9a9d6df5367e50
abda4735023568e54deedbfaea1fb97f164b453ebc267a87bac7edb1c77181d6

HTTP Headers

GET /?dupud=997369 HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 117408
date: Wed, 25 Sep 2024 20:30:52 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: t0bR0yU9PeeDph13psaQLn3ipssvDCvbpdP_hYbUNkIGXDSwIkUNAQ==
age: 10
X-Firefox-Spdy: h2

www.upload.ee/js/js__file_upload.js

57.129.39.102

200 OK

7.7 kB

URL GET HTTP/1.1
www.upload.ee/js/js__file_upload.js
IP
57.129.39.102:443
ASN
#16276 OVH SAS

Requested by
https://www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html
Certificate
IssuerDigiCert Inc
Subjectwww.upload.ee
Fingerprint2A:42:9A:2D:AB:74:0A:9E:21:D8:90:F6:D3:67:65:F2:CF:22:E0:2E
ValiditySun, 24 Mar 2024 00:00:00 GMT - Sat, 22 Mar 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (1853)
Size
7.7 kB (7670 bytes)
Hash
66684709338f7239056ff3302e16bc4a
7dbd501434bdc062cdc8f6744e272a7d39ca5136
5163e50a8fe4549a8ca064e266de9c8e6aebd1d848185e0931959824a4d32c0f

HTTP Headers

GET /js/js__file_upload.js HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html
Cookie: lng=eng
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Sep 2024 20:31:02 GMT
Content-Type: application/javascript
Last-Modified: Wed, 03 Jul 2024 13:31:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
ETag: W/"66855297-651c"
Expires: Wed, 02 Oct 2024 20:31:02 GMT
Cache-Control: max-age=604800
Vary: Accept-Encoding
Content-Encoding: gzip

www.upload.ee/images/dl_.png

57.129.39.102

200 OK

1.9 kB

URL GET HTTP/1.1
www.upload.ee/images/dl_.png
IP
57.129.39.102:443
ASN
#16276 OVH SAS

Requested by
https://www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html
Certificate
IssuerDigiCert Inc
Subjectwww.upload.ee
Fingerprint2A:42:9A:2D:AB:74:0A:9E:21:D8:90:F6:D3:67:65:F2:CF:22:E0:2E
ValiditySun, 24 Mar 2024 00:00:00 GMT - Sat, 22 Mar 2025 23:59:59 GMT

File type
PNG image data, 154 x 32, 8-bit colormap, non-interlaced
Size
1.9 kB (1900 bytes)
Hash
f3e8f284a4e98cdb91b6abfc142d94a4
fa9e618c2f56bea752ddd7e45a372c5539dadda9
2f13919383f54ca21e5b87f5644df8a875b99815c821dcbbabea352d854c6882

HTTP Headers

GET /images/dl_.png HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html
Cookie: lng=eng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Sep 2024 20:31:02 GMT
Content-Type: image/png
Content-Length: 1900
Last-Modified: Wed, 03 Jul 2024 13:31:03 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "66855297-76c"
Expires: Wed, 02 Oct 2024 20:31:02 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes

www.upload.ee/images/arrow.gif

57.129.39.102

200 OK

59 B

URL GET HTTP/1.1
www.upload.ee/images/arrow.gif
IP
57.129.39.102:443
ASN
#16276 OVH SAS

Requested by
https://www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html
Certificate
IssuerDigiCert Inc
Subjectwww.upload.ee
Fingerprint2A:42:9A:2D:AB:74:0A:9E:21:D8:90:F6:D3:67:65:F2:CF:22:E0:2E
ValiditySun, 24 Mar 2024 00:00:00 GMT - Sat, 22 Mar 2025 23:59:59 GMT

File type
GIF image data, version 89a, 6 x 9
Size
59 B (59 bytes)
Hash
6675f814b94f13f91f1383707b250e36
31452650e8fce2095613a2010799bdb7548bdd51
061d01a0b85f948c6ec464870ecec4654c4bd2ff15cacda941bbbf16225ec411

HTTP Headers

GET /images/arrow.gif HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html
Cookie: lng=eng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Sep 2024 20:31:02 GMT
Content-Type: image/gif
Content-Length: 59
Last-Modified: Wed, 03 Jul 2024 13:31:03 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "66855297-3b"
Expires: Wed, 02 Oct 2024 20:31:02 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9f4b876a6b715d9bceb96f290389aac3
9d952be6f3815a65236998ef20138699e63c7533
b4591c73e6b0da67d322d218c61ad64e2ae5238d97f7a2df82491063f98d918b

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Sep 2024 20:31:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-6703115-1

142.250.74.168

200 OK

75 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-6703115-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint8F:FB:38:1E:52:FC:DC:A9:59:49:87:DE:AC:8B:98:2B:57:09:5D:BA
ValidityMon, 26 Aug 2024 06:33:47 GMT - Mon, 18 Nov 2024 06:33:46 GMT

File type
JavaScript source, ASCII text, with very long lines (2345)
Size
75 kB (74987 bytes)
Hash
fdfc507fa33da759272089202be77149
891cec884575d87980078bb0ed7171af4d626aac
85072a78d2cebbb95770df0e883a5fef274935e37f27b486f4615f6e82e7e39c

HTTP Headers

GET /gtag/js?id=UA-6703115-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 25 Sep 2024 20:31:02 GMT
expires: Wed, 25 Sep 2024 20:31:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 74987
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6756f46a84fa778fc14adb98ea91d50f
cd1c1c937b8f6530da2ca9f9ed24e47fe9eb2c75
1f7d36b0666cb68aaeeaf76d06a3aa9c106520eed9c191def4852b9ec18fc0c3

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Sep 2024 20:31:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

runingamgladt.com/Sk5qV1MrLAk6bCtzCHEmOCJXcmEMa1gRNz9+GiI3ej0OOz4wKEQ0PyU7DjEhJSAeeT0vOk9lFRIaLAEFKSM7IRwgPT8AKS12JwJqLio9HT4YCFsmGRktMhY9DycjMAUBATkCZgIfPzg2MA8yBjoTIyU/JB8tOWcCASIvFBkJGzgWATkUOj9nHgEyGjsJDygvCRIDDxUAAzcLEQIIBwANPBt+IyMeHio6AhQlJiAFYxotPgY0DTZaPRkJDwwTB380IxUdEAc+OCUNOQ0wHQIMKx49JnkwATcdKCJnJxt/PCcJIioyAT09ezoVJBgAIhU9GyYSZwo9YxoSBg0iBxFiLhkMFDAgGFs0HSgJJDQFDRgdDWMDCiEDCm98KB8GDGtYFRZ4KikBCzIiMBIZHC89Mz8MD1pyYQgDLho3AgkGORZ6OjkOPhw0KGY/c2gAJDwkPlcvFhJ7JCYjKSs9GzgmOR8

108.157.214.55

200 OK

1.2 kB

URL GET HTTP/2
runingamgladt.com/Sk5qV1MrLAk6bCtzCHEmOCJXcmEMa1gRNz9+GiI3ej0OOz4wKEQ0PyU7DjEhJSAeeT0vOk9lFRIaLAEFKSM7IRwgPT8AKS12JwJqLio9HT4YCFsmGRktMhY9DycjMAUBATkCZgIfPzg2MA8yBjoTIyU/JB8tOWcCASIvFBkJGzgWATkUOj9nHgEyGjsJDygvCRIDDxUAAzcLEQIIBwANPBt+IyMeHio6AhQlJiAFYxotPgY0DTZaPRkJDwwTB380IxUdEAc+OCUNOQ0wHQIMKx49JnkwATcdKCJnJxt/PCcJIioyAT09ezoVJBgAIhU9GyYSZwo9YxoSBg0iBxFiLhkMFDAgGFs0HSgJJDQFDRgdDWMDCiEDCm98KB8GDGtYFRZ4KikBCzIiMBIZHC89Mz8MD1pyYQgDLho3AgkGORZ6OjkOPhw0KGY/c2gAJDwkPlcvFhJ7JCYjKSs9GzgmOR8
IP
108.157.214.55:443
ASN
#16509 AMAZON-02

Requested by
https://www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html
Certificate
IssuerAmazon
Subjectruningamgladt.com
Fingerprint6F:30:7F:C6:04:BC:47:2E:BB:3E:E9:6A:E4:22:C1:D2:5E:E7:75:58
ValidityMon, 19 Aug 2024 00:00:00 GMT - Wed, 17 Sep 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (3049), with no line terminators
Size
1.2 kB (1201 bytes)
Hash
6bb99e9d008c3e60c423bc8cf3405dd6
bf6a1fb1b4095cadc65c2bd0a118ba7c9e84e10e
19dcf4a057d14551c1498d97ae603112349a53cdeae14c68badd33b5cccfbd9f

HTTP Headers

GET /Sk5qV1MrLAk6bCtzCHEmOCJXcmEMa1gRNz9+GiI3ej0OOz4wKEQ0PyU7DjEhJSAeeT0vOk9lFRIaLAEFKSM7IRwgPT8AKS12JwJqLio9HT4YCFsmGRktMhY9DycjMAUBATkCZgIfPzg2MA8yBjoTIyU/JB8tOWcCASIvFBkJGzgWATkUOj9nHgEyGjsJDygvCRIDDxUAAzcLEQIIBwANPBt+IyMeHio6AhQlJiAFYxotPgY0DTZaPRkJDwwTB380IxUdEAc+OCUNOQ0wHQIMKx49JnkwATcdKCJnJxt/PCcJIioyAT09ezoVJBgAIhU9GyYSZwo9YxoSBg0iBxFiLhkMFDAgGFs0HSgJJDQFDRgdDWMDCiEDCm98KB8GDGtYFRZ4KikBCzIiMBIZHC89Mz8MD1pyYQgDLho3AgkGORZ6OjkOPhw0KGY/c2gAJDwkPlcvFhJ7JCYjKSs9GzgmOR8 HTTP/1.1
Host: runingamgladt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1201
date: Wed, 25 Sep 2024 20:31:03 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 472198048b2177f6905d44f001875bcc.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: ix4kcr16zi6BTR-5LuBgxo48MGvkENwz1L68-sD47u5By1-_B89mxw==
X-Firefox-Spdy: h2

ftheusysianeduk.com/WDJEcEx3DScDcQlnHjUtDHh3FAQSYwUoGn0AAhQgP3QgQwYgajMpaixbIE11YQVwQXh+Qi0UcWkUNwQtLEc3TX1+WyoWI2UUMk19dgFwXn9uHHBWOWUDYgQ8OVV5QWooRjAccWkFdkd+YQR2Rn5hCnc

188.114.96.1

204 No Content

0 B

URL GET HTTP/2
ftheusysianeduk.com/WDJEcEx3DScDcQlnHjUtDHh3FAQSYwUoGn0AAhQgP3QgQwYgajMpaixbIE11YQVwQXh+Qi0UcWkUNwQtLEc3TX1+WyoWI2UUMk19dgFwXn9uHHBWOWUDYgQ8OVV5QWooRjAccWkFdkd+YQR2Rn5hCnc
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html
Certificate
IssuerGoogle Trust Services
Subjectftheusysianeduk.com
Fingerprint56:63:2B:26:BC:DC:05:6A:8F:2C:F1:87:B3:C0:B6:12:9E:4F:62:28
ValidityFri, 06 Sep 2024 05:54:49 GMT - Thu, 05 Dec 2024 05:54:48 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WDJEcEx3DScDcQlnHjUtDHh3FAQSYwUoGn0AAhQgP3QgQwYgajMpaixbIE11YQVwQXh+Qi0UcWkUNwQtLEc3TX1+WyoWI2UUMk19dgFwXn9uHHBWOWUDYgQ8OVV5QWooRjAccWkFdkd+YQR2Rn5hCnc HTTP/1.1
Host: ftheusysianeduk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Wed, 25 Sep 2024 20:31:03 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rm%2FcJzcoLru9QGezD324uJxvDlnAHRgH2MTyXtW%2FIsWj9xMYuL8Dg2uFeQKp2O9266zELL4Fu0FWxnuC2tn%2BntL7SaLW%2BCcl0ZjfyquyWdi2mAE3jt5o%2BVcNqzXRK7rOdO9a23Vy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c8dc68befb37272-HAM
X-Firefox-Spdy: h2

ftheusysianeduk.com/SFFCS0VnbiE4eAZgJgAQezoDKXY8PxYafD40BT8PCRYIcx8jImQ/LCxse3Jye2d7bTUhNX96YzslIz8wO2xzbSwmNy12Yz5sc2V2fH9xfWt8dzd2dG4lMioidWBkOzE8PX96cnpmcHJzemdwcndw

188.114.96.1

204 No Content

0 B

URL GET HTTP/2
ftheusysianeduk.com/SFFCS0VnbiE4eAZgJgAQezoDKXY8PxYafD40BT8PCRYIcx8jImQ/LCxse3Jye2d7bTUhNX96YzslIz8wO2xzbSwmNy12Yz5sc2V2fH9xfWt8dzd2dG4lMioidWBkOzE8PX96cnpmcHJzemdwcndw
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html
Certificate
IssuerGoogle Trust Services
Subjectftheusysianeduk.com
Fingerprint56:63:2B:26:BC:DC:05:6A:8F:2C:F1:87:B3:C0:B6:12:9E:4F:62:28
ValidityFri, 06 Sep 2024 05:54:49 GMT - Thu, 05 Dec 2024 05:54:48 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /SFFCS0VnbiE4eAZgJgAQezoDKXY8PxYafD40BT8PCRYIcx8jImQ/LCxse3Jye2d7bTUhNX96YzslIz8wO2xzbSwmNy12Yz5sc2V2fH9xfWt8dzd2dG4lMioidWBkOzE8PX96cnpmcHJzemdwcndw HTTP/1.1
Host: ftheusysianeduk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Wed, 25 Sep 2024 20:31:03 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9iDcSng%2BdX7eb54GPCaWIjp7lxcFmK3iEZPdD4S1je7Fh75nBfMa0CPlE%2BazVSDPHzPveVu1hAsJB1tAYhxx6dCt5oxz874VF59%2FPU06%2FhYrR0VkX%2BXO3zKJh02MA4uW0X6F3cPb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c8dc68befb07272-HAM
X-Firefox-Spdy: h2

runingamgladt.com/ejNjZ1cbUQAKaBsOAUEiCF9eQmU8FlEhMw8DExIzSkAHCzoAVU0EOxVGBwElFV0XSTkfR0ZVERh8NTUPN3QtBhgAXzQ/EkoKLhBmG3IkKT07ZQABHTllNSUGK1kqIjM0ZyA2YCJEKQMyEHk1NQE3XSwhYy5xIQhuG2clHhUtZQ0qL0JULzEFH3A7LmAvYlICNiJ1NSMBCkM5Dw45azc9Jjh2NSkdPlsBPzsdWzMMPDdgICJhLWEmAR4uai0jOyNGMwsgKmQrITseXzo/DTJ6IDIvP0A5ABE9cAs9LjtfLTEHLl8lIC8CXjlXPxh3FBM/OHY6LBEUHiokAkpACgQwN1oiIB1PciYINCBeBz8VFlxGVRE1cTU1MUhpDSYBN3k5MDQ4YQQTPDdlCDUPPnpXNBIjfyYKYz1nMgsuM1RSNHEQQAwJJ0d9CT4FMWJRMAc

108.157.214.55

200 OK

1.2 kB

URL GET HTTP/2
runingamgladt.com/ejNjZ1cbUQAKaBsOAUEiCF9eQmU8FlEhMw8DExIzSkAHCzoAVU0EOxVGBwElFV0XSTkfR0ZVERh8NTUPN3QtBhgAXzQ/EkoKLhBmG3IkKT07ZQABHTllNSUGK1kqIjM0ZyA2YCJEKQMyEHk1NQE3XSwhYy5xIQhuG2clHhUtZQ0qL0JULzEFH3A7LmAvYlICNiJ1NSMBCkM5Dw45azc9Jjh2NSkdPlsBPzsdWzMMPDdgICJhLWEmAR4uai0jOyNGMwsgKmQrITseXzo/DTJ6IDIvP0A5ABE9cAs9LjtfLTEHLl8lIC8CXjlXPxh3FBM/OHY6LBEUHiokAkpACgQwN1oiIB1PciYINCBeBz8VFlxGVRE1cTU1MUhpDSYBN3k5MDQ4YQQTPDdlCDUPPnpXNBIjfyYKYz1nMgsuM1RSNHEQQAwJJ0d9CT4FMWJRMAc
IP
108.157.214.55:443
ASN
#16509 AMAZON-02

Requested by
https://www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html
Certificate
IssuerAmazon
Subjectruningamgladt.com
Fingerprint6F:30:7F:C6:04:BC:47:2E:BB:3E:E9:6A:E4:22:C1:D2:5E:E7:75:58
ValidityMon, 19 Aug 2024 00:00:00 GMT - Wed, 17 Sep 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (3035), with no line terminators
Size
1.2 kB (1190 bytes)
Hash
c108a4a891cba8cbfbdb56de8ee145b3
8253d5b4156a56abb20d13bb1a9ff56ded518345
409007ce51cf628751c4412aa4c5c28f89fc7fcd49ea7f9240f5b4acf99b94eb

HTTP Headers

GET /ejNjZ1cbUQAKaBsOAUEiCF9eQmU8FlEhMw8DExIzSkAHCzoAVU0EOxVGBwElFV0XSTkfR0ZVERh8NTUPN3QtBhgAXzQ/EkoKLhBmG3IkKT07ZQABHTllNSUGK1kqIjM0ZyA2YCJEKQMyEHk1NQE3XSwhYy5xIQhuG2clHhUtZQ0qL0JULzEFH3A7LmAvYlICNiJ1NSMBCkM5Dw45azc9Jjh2NSkdPlsBPzsdWzMMPDdgICJhLWEmAR4uai0jOyNGMwsgKmQrITseXzo/DTJ6IDIvP0A5ABE9cAs9LjtfLTEHLl8lIC8CXjlXPxh3FBM/OHY6LBEUHiokAkpACgQwN1oiIB1PciYINCBeBz8VFlxGVRE1cTU1MUhpDSYBN3k5MDQ4YQQTPDdlCDUPPnpXNBIjfyYKYz1nMgsuM1RSNHEQQAwJJ0d9CT4FMWJRMAc HTTP/1.1
Host: runingamgladt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/html
content-length: 1190
date: Wed, 25 Sep 2024 20:31:03 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 472198048b2177f6905d44f001875bcc.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: CUTZP0WIG_vZ2By9OYpa-8ZF305RFmEw8YNZiHOry5tCM57E3bYZLQ==
X-Firefox-Spdy: h2

ftheusysianeduk.com/MUlRVHcedjInSmcRNSYWdC07BUYELzI5MWEcYGEOaHloNi8CBHcgHlV0aG1ABXlpcgdYLWxlTxc6JTUDRDpsZVFYJzc7Shc/bGVZAWdjekIXPGxlUUU5MDNKAG8hIANddGBjRQZ7aGJFB3toYUA

188.114.96.1

204 No Content

0 B

URL GET HTTP/2
ftheusysianeduk.com/MUlRVHcedjInSmcRNSYWdC07BUYELzI5MWEcYGEOaHloNi8CBHcgHlV0aG1ABXlpcgdYLWxlTxc6JTUDRDpsZVFYJzc7Shc/bGVZAWdjekIXPGxlUUU5MDNKAG8hIANddGBjRQZ7aGJFB3toYUA
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html
Certificate
IssuerGoogle Trust Services
Subjectftheusysianeduk.com
Fingerprint56:63:2B:26:BC:DC:05:6A:8F:2C:F1:87:B3:C0:B6:12:9E:4F:62:28
ValidityFri, 06 Sep 2024 05:54:49 GMT - Thu, 05 Dec 2024 05:54:48 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /MUlRVHcedjInSmcRNSYWdC07BUYELzI5MWEcYGEOaHloNi8CBHcgHlV0aG1ABXlpcgdYLWxlTxc6JTUDRDpsZVFYJzc7Shc/bGVZAWdjekIXPGxlUUU5MDNKAG8hIANddGBjRQZ7aGJFB3toYUA HTTP/1.1
Host: ftheusysianeduk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Wed, 25 Sep 2024 20:31:03 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VvsF7%2Fddc%2FeWsCGFYstVOwJrnqHlqLJSfOY5WZJARvrmrCEBdnnV5Nf604e5ZNnl%2BhnJSOgQSkIM9vJs58DCgEQ3Ot3tgmFI8rsGkhBemJ%2F3tgPEaV%2FC5FPFU0pvj3aNcE%2B83p82"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c8dc68c0fc87272-HAM
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c

142.250.74.168

200 OK

99 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint8F:FB:38:1E:52:FC:DC:A9:59:49:87:DE:AC:8B:98:2B:57:09:5D:BA
ValidityMon, 26 Aug 2024 06:33:47 GMT - Mon, 18 Nov 2024 06:33:46 GMT

File type
JavaScript source, ASCII text, with very long lines (3222)
Size
99 kB (98589 bytes)
Hash
2c2ed992223ab9d80775e18e0af13b51
6900e2fd5d87a4a9be97644f4a15e8f5a5b5f3e0
4f68a8605aeff0f20819ff6a400931cd19f977f37bf0a52839c0a3a786cdb39e

HTTP Headers

GET /gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 25 Sep 2024 20:31:03 GMT
expires: Wed, 25 Sep 2024 20:31:03 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 98589
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.upload.ee/favicon.ico

57.129.39.102

200 OK

1.2 kB

URL GET HTTP/1.1
www.upload.ee/favicon.ico
IP
57.129.39.102:443
ASN
#16276 OVH SAS

Requested by
https://www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html
Certificate
IssuerDigiCert Inc
Subjectwww.upload.ee
Fingerprint2A:42:9A:2D:AB:74:0A:9E:21:D8:90:F6:D3:67:65:F2:CF:22:E0:2E
ValiditySun, 24 Mar 2024 00:00:00 GMT - Sat, 22 Mar 2025 23:59:59 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
f299cf2e651c19e48d27900ced493ccb
c2d1086d517d7a26292e0d7b32da7c55b166c23b
115c8eb4840245f7aed0cb2a17fa7e91b86f79bb2f223a25af8cc533e1dedff1

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html
Cookie: lng=eng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Sep 2024 20:31:03 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Wed, 03 Jul 2024 13:31:03 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "66855297-47e"
Expires: Wed, 02 Oct 2024 20:31:03 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1e4705b2cb144879d4082a88667b1b4a
890c3276201d3f1216a6f1a82e8fc6855ae5c92e
0a44a27b4f5a15ebb17f7b83e4015cbc4af44c63f61852ae32c8936e377338d9

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Sep 2024 20:31:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ukankingwithea.com/asd100.bin

188.114.96.1

200 OK

103 kB

URL GET HTTP/2
ukankingwithea.com/asd100.bin
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html
Certificate
IssuerGoogle Trust Services
Subjectukankingwithea.com
Fingerprint1E:50:56:01:B8:4D:0D:64:A3:5D:F9:E4:4A:5D:AE:8D:5E:FC:FB:FC
ValidityThu, 05 Sep 2024 11:45:15 GMT - Wed, 04 Dec 2024 11:45:14 GMT

File type
data
Size
103 kB (102871 bytes)
Hash
2d017838c62d50b7bc3e169f52473f9e
b8d259daaeecfd83de413d2eaa2816b48c5ac673
2d81dbcab3aa00d8f0dfaba459ca796f7ba344d048aa4c4002a8880621645f66

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 25 Sep 2024 20:31:03 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://www.upload.ee
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 19
last-modified: Wed, 25 Sep 2024 20:30:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ut%2FTh1fuauy%2BuqyaxLNjssZf7sHnyAhLmMnPuGiHBOZavnZnunIHVStuL2mxxBfk%2FaX86Lj1EAcW95BonZXupsOMPv3tBFlaF3YDPqJykUNJbM3Z1qX68Mnzhn1WgyPrUNNGmFE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c8dc68dd89a0b3d-OSL
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail

108.177.14.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
108.177.14.84:443
ASN
#15169 GOOGLE

Requested by
https://www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint0B:C3:86:74:01:E6:62:4F:E1:8C:AE:A2:13:50:0B:FC:2A:E4:08:16
ValidityMon, 26 Aug 2024 07:15:53 GMT - Mon, 18 Nov 2024 07:15:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:PFmb8coHol1bj9DVRSpM445xiE6muw:nGGPuulJTmSGPEsu; Expires=Fri, 25-Sep-2026 20:31:03 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 25 Sep 2024 20:31:03 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ARpgrqeP77DEB9mpoGnky0hQGrsaQcMuhFYZfIAHPvo2DMhcuwZdQ0OctTcrW8Kr52qCN0syhe-exQ
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-4IXMiGQHr_Clh62BatwMug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

108.177.14.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
108.177.14.84:443
ASN
#15169 GOOGLE

Requested by
https://www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint0B:C3:86:74:01:E6:62:4F:E1:8C:AE:A2:13:50:0B:FC:2A:E4:08:16
ValidityMon, 26 Aug 2024 07:15:53 GMT - Mon, 18 Nov 2024 07:15:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:wLTzpJJLLNQx_UCiyimJZTGCfMUrSQ:wA49aH2zS-g3osuz; Expires=Fri, 25-Sep-2026 20:31:03 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 25 Sep 2024 20:31:03 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARpgrqdcEYiqWH8c9HRUUo33JaMdTlUX_tvx9nm7KG8m1sVv92TIiQmhJTfnafXoAI0Z1p-AvWP9rg
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-Wkr4nBdfm6CbcAwLSUNWaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ARpgrqeP77DEB9mpoGnky0hQGrsaQcMuhFYZfIAHPvo2DMhcuwZdQ0OctTcrW8Kr52qCN0syhe-exQ

108.177.14.84

302 Found

415 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ARpgrqeP77DEB9mpoGnky0hQGrsaQcMuhFYZfIAHPvo2DMhcuwZdQ0OctTcrW8Kr52qCN0syhe-exQ
IP
108.177.14.84:443
ASN
#15169 GOOGLE

Requested by
https://www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint0B:C3:86:74:01:E6:62:4F:E1:8C:AE:A2:13:50:0B:FC:2A:E4:08:16
ValidityMon, 26 Aug 2024 07:15:53 GMT - Mon, 18 Nov 2024 07:15:52 GMT

File type
HTML document, ASCII text, with very long lines (389)
Size
415 B (415 bytes)
Hash
dbdf491239e7daaf52b5433b529df7f3
f0ddeae26f7a291981fea037e324ca37b283a052
6f744e68e4105e8ab0835efff0c9ca8a471aa581b35c80d0a5d00a34a3798f15

HTTP Headers

GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ARpgrqeP77DEB9mpoGnky0hQGrsaQcMuhFYZfIAHPvo2DMhcuwZdQ0OctTcrW8Kr52qCN0syhe-exQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:7lfUMx1Mmn5raBvJNPOViqznlv6jYw:D4GDNi8JTCc3PVqW;Path=/;Expires=Fri, 25-Sep-2026 20:31:03 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 25 Sep 2024 20:31:03 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARpgrqfJfrasbZvocGRa5ZlC3n1_tswavdSaGoFMzP2TZ2WabZv2C_LyRtvbSblYWyLFwsgxD2ig2A&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S154677263%3A1727296263456872&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-9U30Czy99kUD1aiXmHIaPQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 415
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARpgrqdcEYiqWH8c9HRUUo33JaMdTlUX_tvx9nm7KG8m1sVv92TIiQmhJTfnafXoAI0Z1p-AvWP9rg

108.177.14.84

302 Found

423 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARpgrqdcEYiqWH8c9HRUUo33JaMdTlUX_tvx9nm7KG8m1sVv92TIiQmhJTfnafXoAI0Z1p-AvWP9rg
IP
108.177.14.84:443
ASN
#15169 GOOGLE

Requested by
https://www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint0B:C3:86:74:01:E6:62:4F:E1:8C:AE:A2:13:50:0B:FC:2A:E4:08:16
ValidityMon, 26 Aug 2024 07:15:53 GMT - Mon, 18 Nov 2024 07:15:52 GMT

File type
HTML document, ASCII text, with very long lines (393)
Size
423 B (423 bytes)
Hash
b65c3484c2ebd0a40b5196141fd73b2f
f5812c4353183ee5b8dbe885155576bdd3e17ed8
688177679d1650054b0770836b4dc8b45467fad1761e7e917faec876ad664da0

HTTP Headers

GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARpgrqdcEYiqWH8c9HRUUo33JaMdTlUX_tvx9nm7KG8m1sVv92TIiQmhJTfnafXoAI0Z1p-AvWP9rg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:u4VZodSrlSkb3Q8nYrdzdCQsS9y0kQ:cDrVWOXBtO1B9Btq;Path=/;Expires=Fri, 25-Sep-2026 20:31:03 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 25 Sep 2024 20:31:03 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARpgrqfcnG8ERI54B8JyfQLDhg-PqkzQHmAr_kf2EacpA_jN-A-us3rStSGGLw5N_lSkZYNW_zDlOg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S100715355%3A1727296263475074&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-P_BByMzJPbDBfz1bsmRF4A' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 423
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7e9f8f4f8816cec7a496c0b0d4261fef
c9ff0a5157dd9197507bcf7919e7041398f9a2b9
dc1701bc5ff7bdfc6ef0bfd8383020296cc933886990242714c263f6401900d4

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Sep 2024 20:31:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

du0pud0sdlmzf.cloudfront.net/bOVRXMGNaOzlWXE09Mw1aAGNjAVcfJCVVBQQjIEdNTCQ7XwJdejJVRVMnOF4TBBo9aTFyBWVnMx8gLVReCXI7UQ1eaXFVDVppZhYCXTZqBEVNJDhbXlghPkkMSCE6WREfITYNDlYuPlwPWHFldlYXZHICUxEsZgFGChZyAlNVPTlFGxxmZ0hbDwthBEYKFn-ICU0sicgMiAGJ5AEocZmdXBlo/OBVRf2ZnAVMJZWcBRgtkMVkRXDI4SEYLEm4GTQlyIg1S

143.204.42.48

572 B

URL
du0pud0sdlmzf.cloudfront.net/bOVRXMGNaOzlWXE09Mw1aAGNjAVcfJCVVBQQjIEdNTCQ7XwJdejJVRVMnOF4TBBo9aTFyBWVnMx8gLVReCXI7UQ1eaXFVDVppZhYCXTZqBEVNJDhbXlghPkkMSCE6WREfITYNDlYuPlwPWHFldlYXZHICUxEsZgFGChZyAlNVPTlFGxxmZ0hbDwthBEYKFn-ICU0sicgMiAGJ5AEocZmdXBlo/OBVRf2ZnAVMJZWcBRgtkMVkRXDI4SEYLEm4GTQlyIg1S
IP
143.204.42.48:0
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62
ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT

File type
ASCII text, with very long lines (809), with no line terminators
Size
572 B (572 bytes)
Hash
c1ae838b295592b2683ecfa99cdb2760
a7f27a576c053662d697857de4acb4cd5a351d0e
f062ba5b407842cb7741ccbb184348707672bd5aa91f11f782e83908e53a471f

HTTP Headers

GET /bOVRXMGNaOzlWXE09Mw1aAGNjAVcfJCVVBQQjIEdNTCQ7XwJdejJVRVMnOF4TBBo9aTFyBWVnMx8gLVReCXI7UQ1eaXFVDVppZhYCXTZqBEVNJDhbXlghPkkMSCE6WREfITYNDlYuPlwPWHFldlYXZHICUxEsZgFGChZyAlNVPTlFGxxmZ0hbDwthBEYKFn-ICU0sicgMiAGJ5AEocZmdXBlo/OBVRf2ZnAVMJZWcBRgtkMVkRXDI4SEYLEm4GTQlyIg1S HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://runingamgladt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 572
date: Wed, 25 Sep 2024 20:31:03 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bP5i2rzdgpqpkHAF3FiCfyqfKjX7P53oSTx7Lg3Nq5beQog2l1NUnw==
X-Firefox-Spdy: h2

du0pud0sdlmzf.cloudfront.net/XTFVVcmQvOjsUWzg8MU9ddWJmRF1qJScXAnEiIgVKOSU5HQUoezAXQiYmOhwUcS0QKlECJCURARsZPh4TOXMhCABxZXMeBSIyaFQBIjZoQ0ItMTdPUGohJR0PcTQgGx0jJCAfDT5zIBNZITovGwggNHBAInl7ZVdWfH0tQ1VpZhdXVnw5PBwRNHBnQhx0Yw-pEUGlmF1dWfCcjV1cNbGNcVGVwZ0IDKTY+HUF+E2dCVXxlZEJVaWdlFA0+MDMdHGlnE0tSYmVzB1l9

143.204.42.48

621 B

URL
du0pud0sdlmzf.cloudfront.net/XTFVVcmQvOjsUWzg8MU9ddWJmRF1qJScXAnEiIgVKOSU5HQUoezAXQiYmOhwUcS0QKlECJCURARsZPh4TOXMhCABxZXMeBSIyaFQBIjZoQ0ItMTdPUGohJR0PcTQgGx0jJCAfDT5zIBNZITovGwggNHBAInl7ZVdWfH0tQ1VpZhdXVnw5PBwRNHBnQhx0Yw-pEUGlmF1dWfCcjV1cNbGNcVGVwZ0IDKTY+HUF+E2dCVXxlZEJVaWdlFA0+MDMdHGlnE0tSYmVzB1l9
IP
143.204.42.48:0
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62
ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT

File type
ASCII text, with very long lines (887), with no line terminators
Size
621 B (621 bytes)
Hash
a5e637b62a7b6a759499b7011c5cda59
2e5c953b8c4ffdba99083b07bbf6ef9cf30f9049
48b36676fac70ed99f90febdf6d8256dd045d7063853b899d1fadd46606a187c

HTTP Headers

GET /XTFVVcmQvOjsUWzg8MU9ddWJmRF1qJScXAnEiIgVKOSU5HQUoezAXQiYmOhwUcS0QKlECJCURARsZPh4TOXMhCABxZXMeBSIyaFQBIjZoQ0ItMTdPUGohJR0PcTQgGx0jJCAfDT5zIBNZITovGwggNHBAInl7ZVdWfH0tQ1VpZhdXVnw5PBwRNHBnQhx0Yw-pEUGlmF1dWfCcjV1cNbGNcVGVwZ0IDKTY+HUF+E2dCVXxlZEJVaWdlFA0+MDMdHGlnE0tSYmVzB1l9 HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://runingamgladt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 621
date: Wed, 25 Sep 2024 20:31:03 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: l7GCwCyOYc-Lxom6jgZdR6tM82mXLpnvn43ziqoEJYbjErabZX-rcQ==
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARpgrqfcnG8ERI54B8JyfQLDhg-PqkzQHmAr_kf2EacpA_jN-A-us3rStSGGLw5N_lSkZYNW_zDlOg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S100715355%3A1727296263475074&ddm=0

108.177.14.84

403 Forbidden

871 B

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARpgrqfcnG8ERI54B8JyfQLDhg-PqkzQHmAr_kf2EacpA_jN-A-us3rStSGGLw5N_lSkZYNW_zDlOg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S100715355%3A1727296263475074&ddm=0
IP
108.177.14.84:443
ASN
#15169 GOOGLE

Requested by
https://www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint99:1A:E6:C6:9B:04:87:74:E3:DA:97:C8:29:09:15:16:CF:1F:6A:78
ValidityMon, 26 Aug 2024 06:33:47 GMT - Mon, 18 Nov 2024 06:33:46 GMT

File type
data
Size
871 B (871 bytes)
Hash
80ec2b1e7e1d8828b223122ce46f5ef8
199eb8f38f12aec9b7e8882898619bd5765345dc
f00adac94e2fdc730150794a91626f54dd3cf4d2b076da1cac9ff576e2f4d468

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARpgrqfcnG8ERI54B8JyfQLDhg-PqkzQHmAr_kf2EacpA_jN-A-us3rStSGGLw5N_lSkZYNW_zDlOg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S100715355%3A1727296263475074&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 25 Sep 2024 20:31:03 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-mfc-EnZ_MsSxQhC7sOQokA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.QGf5tTYhJFQ.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARpgrqfJfrasbZvocGRa5ZlC3n1_tswavdSaGoFMzP2TZ2WabZv2C_LyRtvbSblYWyLFwsgxD2ig2A&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S154677263%3A1727296263456872&ddm=0

108.177.14.84

403 Forbidden

812 B

URL GET HTTP/2
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARpgrqfJfrasbZvocGRa5ZlC3n1_tswavdSaGoFMzP2TZ2WabZv2C_LyRtvbSblYWyLFwsgxD2ig2A&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S154677263%3A1727296263456872&ddm=0
IP
108.177.14.84:443
ASN
#15169 GOOGLE

Requested by
https://www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint0B:C3:86:74:01:E6:62:4F:E1:8C:AE:A2:13:50:0B:FC:2A:E4:08:16
ValidityMon, 26 Aug 2024 07:15:53 GMT - Mon, 18 Nov 2024 07:15:52 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1654), with no line terminators
Size
812 B (812 bytes)
Hash
3957b520a8e955e170627708f83e4848
16cc08ae2b6999753f7a3691ab7e53549b3e7976
ab8e283ba524945f0dea21697ad146ccc1e0da2e78cb89aa8788886f48c13ab4

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARpgrqfJfrasbZvocGRa5ZlC3n1_tswavdSaGoFMzP2TZ2WabZv2C_LyRtvbSblYWyLFwsgxD2ig2A&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S154677263%3A1727296263456872&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 25 Sep 2024 20:31:03 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-RynhOG4gf8wldleC-clGkg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.QGf5tTYhJFQ.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
c16a3fe398c09ad4d309c60911d6a6b6
dc1148076d45d128cb6d0780ac0467aeba0902e9
5bd5f6cc031865b327cd4987c09f2266f9b994cc967eb6cf75bab5a58bcb7230

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5BD5F6CC031865B327CD4987C09F2266F9B994CC967EB6CF75BAB5A58BCB7230"
Last-Modified: Wed, 25 Sep 2024 02:39:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6806
Expires: Wed, 25 Sep 2024 22:24:29 GMT
Date: Wed, 25 Sep 2024 20:31:03 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
c16a3fe398c09ad4d309c60911d6a6b6
dc1148076d45d128cb6d0780ac0467aeba0902e9
5bd5f6cc031865b327cd4987c09f2266f9b994cc967eb6cf75bab5a58bcb7230

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5BD5F6CC031865B327CD4987C09F2266F9B994CC967EB6CF75BAB5A58BCB7230"
Last-Modified: Wed, 25 Sep 2024 02:39:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6806
Expires: Wed, 25 Sep 2024 22:24:29 GMT
Date: Wed, 25 Sep 2024 20:31:03 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
c16a3fe398c09ad4d309c60911d6a6b6
dc1148076d45d128cb6d0780ac0467aeba0902e9
5bd5f6cc031865b327cd4987c09f2266f9b994cc967eb6cf75bab5a58bcb7230

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5BD5F6CC031865B327CD4987C09F2266F9B994CC967EB6CF75BAB5A58BCB7230"
Last-Modified: Wed, 25 Sep 2024 02:39:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6806
Expires: Wed, 25 Sep 2024 22:24:29 GMT
Date: Wed, 25 Sep 2024 20:31:03 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
c16a3fe398c09ad4d309c60911d6a6b6
dc1148076d45d128cb6d0780ac0467aeba0902e9
5bd5f6cc031865b327cd4987c09f2266f9b994cc967eb6cf75bab5a58bcb7230

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5BD5F6CC031865B327CD4987C09F2266F9B994CC967EB6CF75BAB5A58BCB7230"
Last-Modified: Wed, 25 Sep 2024 02:39:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6806
Expires: Wed, 25 Sep 2024 22:24:29 GMT
Date: Wed, 25 Sep 2024 20:31:03 GMT
Connection: keep-alive

undefined/WGdaVWw5BTk4UzlaOHMZKgtncF4eQmgTCC1XKiAIaBQ+OQEiAXQ2ADcSPjMeNwkuewI9E39nKms0IAdfDlYbOjsgDCI3FmEDH2ccKAQ9GygCVTIhPhkyIxsCAiMbFi59VRgFBwkFFREpLiAyHBU8DhwdKxwMPTEBaAwdOA8hMzMAARYmIgQmCT4JMF9hNRMsAy4kDzEUCCQqNCkfF2gZADcyOzgqLDEIGF06P2IGLTI9Lh8AKykKPxs2MQwfAB4JbjQ+ay0zMBQvNwA4Ki0lIAMVAQkuDCQyDDYYFB4hACwEIiYzPQQCIG4dIgAtMzBcASU5OCETIw94Km0+HRw+CjA5ZiA0BDkaJA5SOT46Nj4CJikKCj49Dj89Ehg4M1IPBylsLB1hKxUwbzg2CTUIHAFpUXw/HzcJKmg1CyptLBYKFj4SCAo2GGUn

0.0.0.0

0 B

URL GET
undefined/WGdaVWw5BTk4UzlaOHMZKgtncF4eQmgTCC1XKiAIaBQ+OQEiAXQ2ADcSPjMeNwkuewI9E39nKms0IAdfDlYbOjsgDCI3FmEDH2ccKAQ9GygCVTIhPhkyIxsCAiMbFi59VRgFBwkFFREpLiAyHBU8DhwdKxwMPTEBaAwdOA8hMzMAARYmIgQmCT4JMF9hNRMsAy4kDzEUCCQqNCkfF2gZADcyOzgqLDEIGF06P2IGLTI9Lh8AKykKPxs2MQwfAB4JbjQ+ay0zMBQvNwA4Ki0lIAMVAQkuDCQyDDYYFB4hACwEIiYzPQQCIG4dIgAtMzBcASU5OCETIw94Km0+HRw+CjA5ZiA0BDkaJA5SOT46Nj4CJikKCj49Dj89Ehg4M1IPBylsLB1hKxUwbzg2CTUIHAFpUXw/HzcJKmg1CyptLBYKFj4SCAo2GGUn
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /WGdaVWw5BTk4UzlaOHMZKgtncF4eQmgTCC1XKiAIaBQ+OQEiAXQ2ADcSPjMeNwkuewI9E39nKms0IAdfDlYbOjsgDCI3FmEDH2ccKAQ9GygCVTIhPhkyIxsCAiMbFi59VRgFBwkFFREpLiAyHBU8DhwdKxwMPTEBaAwdOA8hMzMAARYmIgQmCT4JMF9hNRMsAy4kDzEUCCQqNCkfF2gZADcyOzgqLDEIGF06P2IGLTI9Lh8AKykKPxs2MQwfAB4JbjQ+ay0zMBQvNwA4Ki0lIAMVAQkuDCQyDDYYFB4hACwEIiYzPQQCIG4dIgAtMzBcASU5OCETIw94Km0+HRw+CjA5ZiA0BDkaJA5SOT46Nj4CJikKCj49Dj89Ehg4M1IPBylsLB1hKxUwbzg2CTUIHAFpUXw/HzcJKmg1CyptLBYKFj4SCAo2GGUn HTTP/1.1
Host: undefined
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

ukankingwithea.com/

188.114.96.1

200 OK

26 B

URL GET HTTP/2
ukankingwithea.com/
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html
Certificate
IssuerGoogle Trust Services
Subjectukankingwithea.com
Fingerprint1E:50:56:01:B8:4D:0D:64:A3:5D:F9:E4:4A:5D:AE:8D:5E:FC:FB:FC
ValidityThu, 05 Sep 2024 11:45:15 GMT - Wed, 04 Dec 2024 11:45:14 GMT

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
2b759b8cf705e024192dde029a485a4c
9f327ff64a9b66976241c5f4622ac9fc970d1976
8344d66ebc746eda207c702431bc41e0b2035d63448729640c2e32646e03082b

HTTP Headers

GET / HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 25 Sep 2024 20:31:03 GMT
content-type: text/plain
set-cookie: csu=275580352201342@1@1727296263; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://www.upload.ee
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DjWBfzxE0DQf6dRraB1rjQJdfxO6sgR3Ay0aJHdY8ptxYPKIQo3rIsIlreT8IP5bt%2FDwMRw80TCSE2GbFhv5j0Dkl5irH5ftBiFZjDVai104lzg2aw5d2RZuSHBxTF3zE3%2F9Yoc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c8dc68df8d50b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2

ukankingwithea.com/

188.114.96.1

200 OK

27 B

URL GET HTTP/2
ukankingwithea.com/
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html
Certificate
IssuerGoogle Trust Services
Subjectukankingwithea.com
Fingerprint1E:50:56:01:B8:4D:0D:64:A3:5D:F9:E4:4A:5D:AE:8D:5E:FC:FB:FC
ValidityThu, 05 Sep 2024 11:45:15 GMT - Wed, 04 Dec 2024 11:45:14 GMT

File type
ASCII text, with no line terminators
Size
27 B (27 bytes)
Hash
21f5547602a93a2f419ff07beeb39223
e6576118494abc7e9f0d037d4ab785270c5f6b4d
54676a36d8bba7b965e9f5551790d09d6159a7f22aeaee371990f1943fee7f63

HTTP Headers

GET / HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 25 Sep 2024 20:31:03 GMT
content-type: text/plain
set-cookie: csu=1005010760658171@1@1727296263; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://www.upload.ee
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JTk9WdBJAk2EuNOqv4RvYAyN6K%2FC5uYXdCj47NqLi25tRteKyQa%2FvGqH0n7%2FVeLsPdVpN20UPQxU40o29PIUxT0LD%2FtWU3bXTj7RjrqWsJan2YCvROY%2B8YP7Aks%2FvbVSnA%2F%2BLlQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c8dc68de8b60b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2

ftheusysianeduk.com/popunder.gif

0.0.0.0

0 B

URL GET
ftheusysianeduk.com/popunder.gif
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html
Certificate
IssuerGoogle Trust Services
Subjectftheusysianeduk.com
Fingerprint56:63:2B:26:BC:DC:05:6A:8F:2C:F1:87:B3:C0:B6:12:9E:4F:62:28
ValidityFri, 06 Sep 2024 05:54:49 GMT - Thu, 05 Dec 2024 05:54:48 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /popunder.gif HTTP/1.1
Host: ftheusysianeduk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 25 Sep 2024 20:31:03 GMT
content-type: image/gif
content-length: 58
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
content-encoding: gzip
cf-cache-status: HIT
age: 99517
last-modified: Tue, 24 Sep 2024 16:52:26 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oMRsbeDjL0X4fecsPvfhh0GJCFXl3cbqK1Ug2Mnvl7myjpBz4dxYI7%2Bax0995K2GOU7hGxxcvMMOcxrCGVgFQP6l5HHrbCenQauzNOffzh%2B75MOFe53yPYZ5BPnAfGHobFHz6XyH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c8dc6902cdd5688-OSL

ftheusysianeduk.com/UGhrSU1/Vwg6cAo/HwosKiI/HhUCOyofCwMLLSYLBVlSehUBMU09JDRVUnB6ZFlfbz05DFZ4ayMcCj04I1VYeX1hTgInKz9VW3l9YU4ddHx+W19nfmZGX284bVpcfHhoWFh8f2JYWnp5Yk4fOSw3VVpvPSQcB3R8Z1pce3RmWl16e2lc

188.114.96.1

204 No Content

0 B

URL GET HTTP/3
ftheusysianeduk.com/UGhrSU1/Vwg6cAo/HwosKiI/HhUCOyofCwMLLSYLBVlSehUBMU09JDRVUnB6ZFlfbz05DFZ4ayMcCj04I1VYeX1hTgInKz9VW3l9YU4ddHx+W19nfmZGX284bVpcfHhoWFh8f2JYWnp5Yk4fOSw3VVpvPSQcB3R8Z1pce3RmWl16e2lc
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.upload.ee/files/13094804/KRT_CLUB_3.1.0.29_RePack_v6.21.4_Fix5_Rus.zip.html
Certificate
IssuerGoogle Trust Services
Subjectftheusysianeduk.com
Fingerprint56:63:2B:26:BC:DC:05:6A:8F:2C:F1:87:B3:C0:B6:12:9E:4F:62:28
ValidityFri, 06 Sep 2024 05:54:49 GMT - Thu, 05 Dec 2024 05:54:48 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /UGhrSU1/Vwg6cAo/HwosKiI/HhUCOyofCwMLLSYLBVlSehUBMU09JDRVUnB6ZFlfbz05DFZ4ayMcCj04I1VYeX1hTgInKz9VW3l9YU4ddHx+W19nfmZGX284bVpcfHhoWFh8f2JYWnp5Yk4fOSw3VVpvPSQcB3R8Z1pce3RmWl16e2lc HTTP/1.1
Host: ftheusysianeduk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 204 No Content
date: Wed, 25 Sep 2024 20:31:03 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wo5GEAK4A%2BGAP%2F4S7XTpOXHk%2F%2BQTQJ94f%2Fwuj1L0L0K6xxpqdJeg4mXkmTwRlrxYqCNi3Dw%2F%2B7YcfjUGSd9O7JWoHrF8BbBqqS7I7gMUTvOb6Xqy6YvkStnVo6UBSAKu%2BO5A1535"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c8dc6904cf95688-OSL

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by