| www.filefactory.com/file/13hustf5pm6g/Kingdom.Two.Crowns.v1.1.17.r17369.zip | 95.211.200.52 | 301 Moved Permanently | 178 B |
URL HTTP/1.1www.filefactory.com/file/13hustf5pm6g/Kingdom.Two.Crowns.v1.1.17.r17369.zip IP95.211.200.52:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hashcd2e0e43980a00fb6a2742d3afd803b8 81ffbd1712afe8cdf138b570c0fc9934742c33c1 bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /file/13hustf5pm6g/Kingdom.Two.Crowns.v1.1.17.r17369.zip HTTP/1.1
Host: www.filefactory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 30 Jan 2023 15:42:58 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://filefactory.com/file/13hustf5pm6g/Kingdom.Two.Crowns.v1.1.17.r17369.zip
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash5eb7c9bc996a0ff420e58af45526f053 8c2614832b8efe1c9da0bbd465d6f3f172d95a9e c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2957
Expires: Mon, 30 Jan 2023 17:03:55 GMT
Date: Mon, 30 Jan 2023 16:14:38 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash0c35c3ec659d3a26ea97e68d787bb043 d97e3672244efec5b7814f2d8a734cd1a9387854 4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6863
Expires: Mon, 30 Jan 2023 18:09:01 GMT
Date: Mon, 30 Jan 2023 16:14:38 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash09ee4b0fe6cf4ca5ed31b24452338d00 7e62b6e20f0d4737f4a8d94f9818a0883027839e 56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9436
Expires: Mon, 30 Jan 2023 18:51:54 GMT
Date: Mon, 30 Jan 2023 16:14:38 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashdcd75ca6daca51c5e39d431468511793 07f76d3bf23d65c9110d810fa71a994e39e085d3 73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 15:43:12 GMT
content-type: application/json
age: 1886
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: bfuLplQMRlihgElSxbQ8M8O3r05w1B/tmc2ByKRcMBx0uwLJ2wqCm1ll1kzq5KBwpqGaJUsDJ2U=
x-amz-request-id: WPREQMAT5NZ6EBXW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 15:21:50 GMT
age: 3168
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp2.globalsign.com/gsalphasha2g2 | 104.18.21.226 | 200 OK | 1.4 kB |
URL HTTP/1.1ocsp2.globalsign.com/gsalphasha2g2 IP104.18.21.226:0
Hash366c673255f056bff83a866c23cbf7f5 e11c450517b236a9fdeb4255694f250c355896fd 4a0f977d7af4dd88ad514279bd2e4793f13795cbbbbb3a444d9d528d6d820a8b
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 16:14:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Fri, 03 Feb 2023 13:44:43 GMT
ETag: "e11c450517b236a9fdeb4255694f250c355896fd"
Last-Modified: Mon, 30 Jan 2023 13:44:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1516
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791b8071da2a0b45-OSL
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 16:14:38 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| filefactory.com/file/13hustf5pm6g/Kingdom.Two.Crowns.v1.1.17.r17369.zip | 95.211.200.52 | 301 Moved Permanently | 178 B |
URL HTTP/1.1filefactory.com/file/13hustf5pm6g/Kingdom.Two.Crowns.v1.1.17.r17369.zip IP95.211.200.52:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hashcd2e0e43980a00fb6a2742d3afd803b8 81ffbd1712afe8cdf138b570c0fc9934742c33c1 bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /file/13hustf5pm6g/Kingdom.Two.Crowns.v1.1.17.r17369.zip HTTP/1.1
Host: filefactory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 30 Jan 2023 15:42:59 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://www.filefactory.com/file/13hustf5pm6g/Kingdom.Two.Crowns.v1.1.17.r17369.zip
|
|
| www.filefactory.com/file/13hustf5pm6g/Kingdom.Two.Crowns.v1.1.17.r17369.zip | 95.211.200.52 | 200 OK | 5.0 kB |
URL HTTP/1.1www.filefactory.com/file/13hustf5pm6g/Kingdom.Two.Crowns.v1.1.17.r17369.zip IP95.211.200.52:0 ASN#60781 LeaseWeb Netherlands B.V.
Hash17abd0f2d06e5018785c4f1396681db9 c779b957e175280f3a86fe2ef52bbacd43b5c6be 1af76359239a64d5becbde30222cd5c912b5018670183f1ae63ecb09912bcf29
GET /file/13hustf5pm6g/Kingdom.Two.Crowns.v1.1.17.r17369.zip HTTP/1.1
Host: www.filefactory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:42:59 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 4981
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=604turr9v3hut2dimd07mcsde7; path=/
locale=en_US.utf8; expires=Tue, 31-Jan-2023 16:14:38 GMT; path=/; domain=.filefactory.com
LBPERSIST=persist_w4; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
|
|
| www.filefactory.com/css/vendor/bootstrap.min.css?v=004000000024 | 95.211.200.52 | 200 OK | 19 kB |
URL HTTP/1.1www.filefactory.com/css/vendor/bootstrap.min.css?v=004000000024 IP95.211.200.52:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeASCII text, with very long lines (65371) Hashd9c4e81d89198caf489562c850e6c515 e3da6be0dca0ea45d190dd5fe3ac3f7fda0219fb 8243a13ef5d4e10a2ff5b6f171137f74c77b1ccff30b1e7157779242196e04cd
GET /css/vendor/bootstrap.min.css?v=004000000024 HTTP/1.1
Host: www.filefactory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/13hustf5pm6g/Kingdom.Two.Crowns.v1.1.17.r17369.zip
Cookie: PHPSESSID=604turr9v3hut2dimd07mcsde7; locale=en_US.utf8; LBPERSIST=persist_w4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:42:59 GMT
Content-Type: text/css
Content-Length: 18734
Connection: keep-alive
Last-Modified: Tue, 10 Nov 2015 22:36:29 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Wed, 01 Mar 2023 16:14:38 GMT
|
|
| www.filefactory.com/css/filefactory.wp.css?v=004000000024 | 95.211.200.52 | 200 OK | 2.0 kB |
URL HTTP/1.1www.filefactory.com/css/filefactory.wp.css?v=004000000024 IP95.211.200.52:0 ASN#60781 LeaseWeb Netherlands B.V.
Hash8abbab6476fafabcaf7f435f4c498f21 86fce7af2f73e7dc00689c46ed7a7aa6ca777ff8 953878b3e7c4fe71dea5a70200582d38ef6a178f7f83095b677aa3f50dd37d38
GET /css/filefactory.wp.css?v=004000000024 HTTP/1.1
Host: www.filefactory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/13hustf5pm6g/Kingdom.Two.Crowns.v1.1.17.r17369.zip
Cookie: PHPSESSID=604turr9v3hut2dimd07mcsde7; locale=en_US.utf8; LBPERSIST=persist_w4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:42:59 GMT
Content-Type: text/css
Content-Length: 2030
Connection: keep-alive
Last-Modified: Tue, 14 Aug 2018 04:54:41 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Wed, 01 Mar 2023 16:14:38 GMT
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hash75bf326700e29b1b06e57fb96ee2b064 4f979f28905b65637a058cd44be6c25bb51a42e4 385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:14:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.filefactory.com/css/filefactory.wp.download.css?v=004000000024 | 95.211.200.52 | 200 OK | 651 B |
URL HTTP/1.1www.filefactory.com/css/filefactory.wp.download.css?v=004000000024 IP95.211.200.52:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeassembler source, ASCII text Hash67670bc7620a54bc2d4e7dec96399e77 3c84a45236e315a038a1598cc0a229c42d799c86 404089245c8aaa3a29cf57f852d664bbdb49f8aafd57708f3da51c18a35b5a43
GET /css/filefactory.wp.download.css?v=004000000024 HTTP/1.1
Host: www.filefactory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/13hustf5pm6g/Kingdom.Two.Crowns.v1.1.17.r17369.zip
Cookie: PHPSESSID=604turr9v3hut2dimd07mcsde7; locale=en_US.utf8; LBPERSIST=persist_w4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:42:59 GMT
Content-Type: text/css
Content-Length: 651
Connection: keep-alive
Last-Modified: Sat, 17 Jun 2017 04:44:44 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Wed, 01 Mar 2023 16:14:38 GMT
|
|
| www.filefactory.com/js/filefactory.common.js?v=004000000024 | 95.211.200.52 | 200 OK | 1.7 kB |
URL HTTP/1.1www.filefactory.com/js/filefactory.common.js?v=004000000024 IP95.211.200.52:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeASCII text, with very long lines (2383), with CRLF line terminators Hash2c07a42028cdc50efce1586cc7175ba8 dc1a5da5eb06d466cc8860cd593bc7a0cf2b99ac 31f1cf190e5db84a4eebafd0bcbb48f80c2d3f0c9346f6e00406937fc5b8ba7e
GET /js/filefactory.common.js?v=004000000024 HTTP/1.1
Host: www.filefactory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/13hustf5pm6g/Kingdom.Two.Crowns.v1.1.17.r17369.zip
Cookie: PHPSESSID=604turr9v3hut2dimd07mcsde7; locale=en_US.utf8; LBPERSIST=persist_w4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:42:59 GMT
Content-Type: application/javascript
Content-Length: 1700
Connection: keep-alive
Last-Modified: Tue, 07 May 2019 08:33:04 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Wed, 01 Mar 2023 16:14:38 GMT
|
|
| www.filefactory.com/js/vendor/bootstrap-dialog.js?v=004000000024 | 95.211.200.52 | 200 OK | 4.2 kB |
URL HTTP/1.1www.filefactory.com/js/vendor/bootstrap-dialog.js?v=004000000024 IP95.211.200.52:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeASCII text, with very long lines (16771), with no line terminators Hash2e9e8a0844e9bb269412720e30ec518c 4e1ef0cfa65000b885a1d9512e030edb354eff44 a94d3e76ce47a9501f02dbe231a9f7c4b1a8a9dae4a74497dd551a4aa349a58a
GET /js/vendor/bootstrap-dialog.js?v=004000000024 HTTP/1.1
Host: www.filefactory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/13hustf5pm6g/Kingdom.Two.Crowns.v1.1.17.r17369.zip
Cookie: PHPSESSID=604turr9v3hut2dimd07mcsde7; locale=en_US.utf8; LBPERSIST=persist_w4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:42:59 GMT
Content-Type: application/javascript
Content-Length: 4188
Connection: keep-alive
Last-Modified: Tue, 10 Nov 2015 22:36:41 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Wed, 01 Mar 2023 16:14:38 GMT
|
|
| www.filefactory.com/css/vendor/bootstrap-dialog.css?v=004000000024 | 95.211.200.52 | 200 OK | 516 B |
URL HTTP/1.1www.filefactory.com/css/vendor/bootstrap-dialog.css?v=004000000024 IP95.211.200.52:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeASCII text, with very long lines (2012), with no line terminators Hash0369f3f2323383c427de48d1826d3f36 c4badfee0621c82fc0a10920d3228cea11111378 47910de5c7f0bb200606b508202690a36dc0055805dffe7b6972fc037430a3c4
GET /css/vendor/bootstrap-dialog.css?v=004000000024 HTTP/1.1
Host: www.filefactory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/13hustf5pm6g/Kingdom.Two.Crowns.v1.1.17.r17369.zip
Cookie: PHPSESSID=604turr9v3hut2dimd07mcsde7; locale=en_US.utf8; LBPERSIST=persist_w4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:42:59 GMT
Content-Type: text/css
Content-Length: 516
Connection: keep-alive
Last-Modified: Tue, 10 Nov 2015 22:36:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Wed, 01 Mar 2023 16:14:38 GMT
|
|
| www.filefactory.com/js/vendor/bootstrap.min.js?v=004000000024 | 95.211.200.52 | 200 OK | 9.7 kB |
URL HTTP/1.1www.filefactory.com/js/vendor/bootstrap.min.js?v=004000000024 IP95.211.200.52:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeASCII text, with very long lines (36622), with no line terminators Hash19ffde9db3c06677e3c134246a77dc4a 4787610b6ee20909c031e97e5045c18496c8e4b7 12fae54989d035cf72a58295e88ede408b1470096bfa620fd31523e3c742bf45
GET /js/vendor/bootstrap.min.js?v=004000000024 HTTP/1.1
Host: www.filefactory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/13hustf5pm6g/Kingdom.Two.Crowns.v1.1.17.r17369.zip
Cookie: PHPSESSID=604turr9v3hut2dimd07mcsde7; locale=en_US.utf8; LBPERSIST=persist_w4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:42:59 GMT
Content-Type: application/javascript
Content-Length: 9691
Connection: keep-alive
Last-Modified: Tue, 10 Nov 2015 22:36:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Wed, 01 Mar 2023 16:14:38 GMT
|
|
| www.filefactory.com/js/vendor/jquery.cookie.js?v=004000000024 | 95.211.200.52 | 200 OK | 616 B |
URL HTTP/1.1www.filefactory.com/js/vendor/jquery.cookie.js?v=004000000024 IP95.211.200.52:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeASCII text, with very long lines (1143), with no line terminators Hash9dc410259b911c91103b71b0da4db1b4 8bbfe01b65bd9ba687c1407131f7dd4d31ca51e3 76c01394e846761a9d20c84a4919d42558cb6619ec2c44577681e72f495e853a
GET /js/vendor/jquery.cookie.js?v=004000000024 HTTP/1.1
Host: www.filefactory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/13hustf5pm6g/Kingdom.Two.Crowns.v1.1.17.r17369.zip
Cookie: PHPSESSID=604turr9v3hut2dimd07mcsde7; locale=en_US.utf8; LBPERSIST=persist_w4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:42:59 GMT
Content-Type: application/javascript
Content-Length: 616
Connection: keep-alive
Last-Modified: Tue, 10 Nov 2015 22:36:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Wed, 01 Mar 2023 16:14:38 GMT
|
|
| www.filefactory.com/js/vendor/countdown.js?v=004000000024 | 95.211.200.52 | 200 OK | 837 B |
URL HTTP/1.1www.filefactory.com/js/vendor/countdown.js?v=004000000024 IP95.211.200.52:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeASCII text, with very long lines (3495), with no line terminators Hash427a0fc92994a6b92d0f4b65d1bee5aa 4f59883fd8e3e861872e76095beaa05e59b9037a 39fda67bbaba8165bcb44293edde7410ff29e149866141fc25e9774d7bfd7327
GET /js/vendor/countdown.js?v=004000000024 HTTP/1.1
Host: www.filefactory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/13hustf5pm6g/Kingdom.Two.Crowns.v1.1.17.r17369.zip
Cookie: PHPSESSID=604turr9v3hut2dimd07mcsde7; locale=en_US.utf8; LBPERSIST=persist_w4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:42:59 GMT
Content-Type: application/javascript
Content-Length: 837
Connection: keep-alive
Last-Modified: Tue, 10 Nov 2015 22:36:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Wed, 01 Mar 2023 16:14:38 GMT
|
|
| www.filefactory.com/js/vendor/jquery.selectBoxIt.js?v=004000000024 | 95.211.200.52 | 200 OK | 7.1 kB |
URL HTTP/1.1www.filefactory.com/js/vendor/jquery.selectBoxIt.js?v=004000000024 IP95.211.200.52:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeASCII text, with very long lines (25709), with no line terminators Hash3418e0d552b349825bcbba8c5446d4c5 ac15f8e5059dd7f535538dbafb51d3dbb1aad877 6ee9075e709af09965a6b769d7fc6ca5825039dacad075112033b0235171f043
GET /js/vendor/jquery.selectBoxIt.js?v=004000000024 HTTP/1.1
Host: www.filefactory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/13hustf5pm6g/Kingdom.Two.Crowns.v1.1.17.r17369.zip
Cookie: PHPSESSID=604turr9v3hut2dimd07mcsde7; locale=en_US.utf8; LBPERSIST=persist_w4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:42:59 GMT
Content-Type: application/javascript
Content-Length: 7079
Connection: keep-alive
Last-Modified: Tue, 10 Nov 2015 22:36:55 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Wed, 01 Mar 2023 16:14:38 GMT
|
|
| www.filefactory.com/js/vendor/jquery.zclip.js?v=004000000024 | 95.211.200.52 | 200 OK | 2.6 kB |
URL HTTP/1.1www.filefactory.com/js/vendor/jquery.zclip.js?v=004000000024 IP95.211.200.52:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeASCII text, with very long lines (7482), with no line terminators Hash15514f102ce938370faf62a5935f98a4 9ab90f99b5113a7eacc89cf495e6d00bf7a97abf c8e2aebf568b1b0d4d96818f40020d0681a0ab5a7ff9ba2f61f546593559c9f1
GET /js/vendor/jquery.zclip.js?v=004000000024 HTTP/1.1
Host: www.filefactory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/13hustf5pm6g/Kingdom.Two.Crowns.v1.1.17.r17369.zip
Cookie: PHPSESSID=604turr9v3hut2dimd07mcsde7; locale=en_US.utf8; LBPERSIST=persist_w4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:42:59 GMT
Content-Type: application/javascript
Content-Length: 2603
Connection: keep-alive
Last-Modified: Tue, 10 Nov 2015 22:37:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Wed, 01 Mar 2023 16:14:38 GMT
|
|
| www.filefactory.com/js/vendor/countdown_plugins.js?v=004000000024 | 95.211.200.52 | 200 OK | 15 kB |
URL HTTP/1.1www.filefactory.com/js/vendor/countdown_plugins.js?v=004000000024 IP95.211.200.52:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeASCII text, with very long lines (45450), with no line terminators Hashf34475e9958e420955c700820b870ded ef50b2ea27da3fe99502e01c5320a8a0b80de17f 1205aa096ef6cdffe92d6705b7c0e1b1a963b1d3c5a86816c0a5362b6ab3d5b2
GET /js/vendor/countdown_plugins.js?v=004000000024 HTTP/1.1
Host: www.filefactory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/13hustf5pm6g/Kingdom.Two.Crowns.v1.1.17.r17369.zip
Cookie: PHPSESSID=604turr9v3hut2dimd07mcsde7; locale=en_US.utf8; LBPERSIST=persist_w4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:42:59 GMT
Content-Type: application/javascript
Content-Length: 14997
Connection: keep-alive
Last-Modified: Tue, 10 Nov 2015 22:36:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Wed, 01 Mar 2023 16:14:38 GMT
|
|
| www.filefactory.com/js/filefactory.download.js?v=004000000024 | 95.211.200.52 | 200 OK | 3.9 kB |
URL HTTP/1.1www.filefactory.com/js/filefactory.download.js?v=004000000024 IP95.211.200.52:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeASCII text, with very long lines (12559), with no line terminators Hash0e8beb3e9e301026a8696b9b8ac607d5 b0e8de3dc6fd295f87bbb4495639811a5ac02eae d25eddf5332fcc8d069e66ec73a005e34d8d59d0d98d09780758af14fb310eff
GET /js/filefactory.download.js?v=004000000024 HTTP/1.1
Host: www.filefactory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/13hustf5pm6g/Kingdom.Two.Crowns.v1.1.17.r17369.zip
Cookie: PHPSESSID=604turr9v3hut2dimd07mcsde7; locale=en_US.utf8; LBPERSIST=persist_w4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:42:59 GMT
Content-Type: application/javascript
Content-Length: 3941
Connection: keep-alive
Last-Modified: Tue, 10 Nov 2015 22:36:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Wed, 01 Mar 2023 16:14:38 GMT
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hash75bf326700e29b1b06e57fb96ee2b064 4f979f28905b65637a058cd44be6c25bb51a42e4 385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:14:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hash40bac282ee9730b7a7fde839fcf58736 be00063ec5c760560f34663d0a6a9cad87cfebe4 45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:14:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/jquery-ui.min.js | 172.217.21.170 | 200 OK | 64 kB |
URL HTTP/2ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/jquery-ui.min.js IP172.217.21.170:0
File typeASCII text, with very long lines (32119) Hash5fff368bebfbbc83919d7ddd9afac949 8b89f7c5ab4700ef0289ff30142082bd108e0354 a8969e8853f473ca839e9728872e08c1f0ac0851fe1431d29fa5ed7382910990
GET /ajax/libs/jqueryui/1.11.1/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 63865
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 03:25:44 GMT
expires: Mon, 29 Jan 2024 03:25:44 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 132534
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash826385f4d92846cb9b43d8dc3e2f4983 f094734ff5664e0c786834c1b4964c2cdc80d0ef 98c770f41f6ae58fbb4e055c070e8d766e769342631fc70c0df0bcb1def437b2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98C770F41F6AE58FBB4E055C070E8D766E769342631FC70C0DF0BCB1DEF437B2"
Last-Modified: Mon, 30 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7404
Expires: Mon, 30 Jan 2023 18:18:02 GMT
Date: Mon, 30 Jan 2023 16:14:38 GMT
Connection: keep-alive
|
|
| ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js | 172.217.21.170 | 200 OK | 33 kB |
URL HTTP/2ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js IP172.217.21.170:0
File typeASCII text, with very long lines (32086) Hash430e927c980ad4079de727fa59dd93f2 891aaada9a55a91292999f6d50fd300439905982 e8728df8617340bd8c10bc8d27d3a725a48871a269c850e8598689938ec6e2ed
GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:55:07 GMT
expires: Tue, 23 Jan 2024 18:55:07 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 595171
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasha0f93656aee513375928efd99fe07a54 50d0dd8041214ab08cfa27152f11ae5e7a8aab6b b16663f0943c7a6ca40df9da6ed85cc6f9d9c86f925e5f16f52a58b716341260
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B16663F0943C7A6CA40DF9DA6ED85CC6F9D9C86F925E5F16F52A58B716341260"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3938
Expires: Mon, 30 Jan 2023 17:20:16 GMT
Date: Mon, 30 Jan 2023 16:14:38 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hash75bf326700e29b1b06e57fb96ee2b064 4f979f28905b65637a058cd44be6c25bb51a42e4 385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:14:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| usingswhoring.com/r3ZwU3RRZQUni7/55128 | 23.109.82.46 | 200 OK | 25 B |
URL HTTP/1.1usingswhoring.com/r3ZwU3RRZQUni7/55128 IP23.109.82.46:0
File typeASCII text, with no line terminators Hash2339750dbbbcbd8fe83612a65b72e03d 672074d493c051cffcc96bce7d15f77ec6ef1889 1fa220e7725025343d910d83e9f0e663b82419a3422e5465dc73c092b0853ccd
GET /r3ZwU3RRZQUni7/55128 HTTP/1.1
Host: usingswhoring.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 16:14:39 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.filefactory.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Tue, 31-Jan-2023 16:14:39 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D; expires=Tue, 31-Jan-2023 16:14:39 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| www.filefactory.com/wp/img/filefactory-logo-white.svg | 95.211.200.52 | 200 OK | 6.2 kB |
URL HTTP/1.1www.filefactory.com/wp/img/filefactory-logo-white.svg IP95.211.200.52:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeSVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators Hash249acd65dbe7bf8bdf2477d1a7a1bdee f322b0d7e66ee18be95a820e463e957cc50e1238 8cd74251eda091402e01f67f217f5a466d87d0111cc9b5724a831cf21a938cd8
GET /wp/img/filefactory-logo-white.svg HTTP/1.1
Host: www.filefactory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/13hustf5pm6g/Kingdom.Two.Crowns.v1.1.17.r17369.zip
Cookie: PHPSESSID=604turr9v3hut2dimd07mcsde7; locale=en_US.utf8; LBPERSIST=persist_w4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:42:59 GMT
Content-Type: image/svg+xml
Content-Length: 6174
Connection: keep-alive
Last-Modified: Thu, 15 Jun 2017 23:34:39 GMT
Accept-Ranges: bytes
|
|
| henoticpipi.com/g9RbYoQO26rZA3R/55129 | 172.255.6.58 | 200 OK | 26 B |
URL HTTP/1.1henoticpipi.com/g9RbYoQO26rZA3R/55129 IP172.255.6.58:0
File typeASCII text, with no line terminators Hash4e5d65669f8dcd928dad06adf883f025 d771713d758c3348dd7e5b38bb40c7935399ae46 0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /g9RbYoQO26rZA3R/55129 HTTP/1.1
Host: henoticpipi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 16:14:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.filefactory.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Tue, 31-Jan-2023 16:14:39 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D; expires=Tue, 31-Jan-2023 16:14:39 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 15:41:41 GMT
age: 1978
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.filefactory.com/wp/img/icon-check.svg | 95.211.200.52 | 200 OK | 22 kB |
URL HTTP/1.1www.filefactory.com/wp/img/icon-check.svg IP95.211.200.52:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeSVG Scalable Vector Graphics image\012- , Unicode text, UTF-8 text, with very long lines (19596) Hash579390788f26cffc187c3b213e7d6de8 e59bf4557c47f482b1b354957151e6497b0d7ded ba629a33ef0767607e2539945008431805ea1d2d2ebc4ffd877ab3c3b23991a7
GET /wp/img/icon-check.svg HTTP/1.1
Host: www.filefactory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/13hustf5pm6g/Kingdom.Two.Crowns.v1.1.17.r17369.zip
Cookie: PHPSESSID=604turr9v3hut2dimd07mcsde7; locale=en_US.utf8; LBPERSIST=persist_w4
Sec-Fetch-Dest: embed
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:43:00 GMT
Content-Type: image/svg+xml
Content-Length: 22124
Connection: keep-alive
Last-Modified: Thu, 15 Jun 2017 23:34:39 GMT
Accept-Ranges: bytes
|
|
| www.filefactory.com/wp/img/icon-cloud.svg | 95.211.200.52 | 200 OK | 17 kB |
URL HTTP/1.1www.filefactory.com/wp/img/icon-cloud.svg IP95.211.200.52:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeSVG Scalable Vector Graphics image\012- , Unicode text, UTF-8 text, with very long lines (14564) Hash1036571f93a23865267246ebf737a0c2 5a08d068303aecabf2fdc2d203101f8063a3cc42 e751c9f7db67a14fa7e5c3a51a8c62a4e3a151a06cc2f0bcec8e11ca6c2c57fe
GET /wp/img/icon-cloud.svg HTTP/1.1
Host: www.filefactory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/13hustf5pm6g/Kingdom.Two.Crowns.v1.1.17.r17369.zip
Cookie: PHPSESSID=604turr9v3hut2dimd07mcsde7; locale=en_US.utf8; LBPERSIST=persist_w4
Sec-Fetch-Dest: embed
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:43:00 GMT
Content-Type: image/svg+xml
Content-Length: 17092
Connection: keep-alive
Last-Modified: Thu, 15 Jun 2017 23:34:39 GMT
Accept-Ranges: bytes
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hashdb3290a85d0ba4da27406ae9636aa618 4c69da45eddd66a1e26fce5562fc45eda7005309 19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:14:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hashdb3290a85d0ba4da27406ae9636aa618 4c69da45eddd66a1e26fce5562fc45eda7005309 19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:14:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe49be45273398a2ede5178fcf3f19954 6d8cc726891df48e40b46d8428114f40a9fd6609 f1a6eddf447ec41779c17ca03402c7ab8ee57171f3f7859b73811fe6744d72b6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F1A6EDDF447EC41779C17CA03402C7AB8EE57171F3F7859B73811FE6744D72B6"
Last-Modified: Sat, 28 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4586
Expires: Mon, 30 Jan 2023 17:31:05 GMT
Date: Mon, 30 Jan 2023 16:14:39 GMT
Connection: keep-alive
|
|
| fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 45 kB |
URL HTTP/2fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data Hash565ce506190ad3af920b40baf1794cec ad3cba5d06100e09449a864d3b5e58403b478b3d 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.filefactory.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:52:41 GMT
expires: Tue, 23 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 595318
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| chimpstatic.com/mcjs-connected/js/users/cc27616a935143f3234e68708/058c28910046bb6b1c91d8684.js | 96.6.17.210 | 200 OK | 1.2 kB |
URL HTTP/1.1chimpstatic.com/mcjs-connected/js/users/cc27616a935143f3234e68708/058c28910046bb6b1c91d8684.js IP96.6.17.210:0
Hash8273d84537cadc5b9a2e738d212a798d 2b428dac0ccadd8ad81471b89b983a6ab83cb58c 26b0237c699edce2075e43f5a8dd37c73e091a06ac0bee1de767bf0c4dbba16e
GET /mcjs-connected/js/users/cc27616a935143f3234e68708/058c28910046bb6b1c91d8684.js HTTP/1.1
Host: chimpstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Kw8NyVkAhaEzpbBAe1UULVkCfyhPyXiK6756y+dTLUGJM/92rDCGNMDIAFMZyiyf8eLaANJiM/w=
x-amz-request-id: BH396Q8W05D9PSXE
Last-Modified: Wed, 26 Oct 2022 04:19:23 GMT
ETag: "f93507267e71f50f984e4493f1eec056"
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
X-EdgeConnect-MidMile-RTT: 17
X-EdgeConnect-Origin-MEX-Latency: 96
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=677
Expires: Mon, 30 Jan 2023 16:25:56 GMT
Date: Mon, 30 Jan 2023 16:14:39 GMT
Content-Length: 1223
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hashdb3290a85d0ba4da27406ae9636aa618 4c69da45eddd66a1e26fce5562fc45eda7005309 19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:14:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash22b9916fc1fafc9bdc9bb37f9eac8a9a 86f640e134a741a0f906a8e3a0f5c6659dd0e394 a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5412
Expires: Mon, 30 Jan 2023 17:44:51 GMT
Date: Mon, 30 Jan 2023 16:14:39 GMT
Connection: keep-alive
|
|
| forgivenessimpact.com/b6/6f/f7/b66ff7c1636b152673f970d2464db83f.js | 192.243.59.13 | 200 OK | 21 kB |
URL HTTP/1.1forgivenessimpact.com/b6/6f/f7/b66ff7c1636b152673f970d2464db83f.js IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
File typeHTML document, ASCII text, with very long lines (60133), with no line terminators Hash40eae32d4a13a05dac869dc27bce11b2 76f29b9227ca858bf1fbed59a6c9a53d3902e9e3 5d678b06ca99537805ce25fe66e2afc1047607db9ff53ebf33002176cc930f55
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /b6/6f/f7/b66ff7c1636b152673f970d2464db83f.js HTTP/1.1
Host: forgivenessimpact.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 30 Jan 2023 16:14:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4d53fe32648f0307d8a5b746e6fdb7d8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| henoticpipi.com/g9RbYoQO26rZA3R/55129 | 172.255.6.58 | 200 OK | 26 B |
URL HTTP/1.1henoticpipi.com/g9RbYoQO26rZA3R/55129 IP172.255.6.58:0
File typeASCII text, with no line terminators Hash4e5d65669f8dcd928dad06adf883f025 d771713d758c3348dd7e5b38bb40c7935399ae46 0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /g9RbYoQO26rZA3R/55129 HTTP/1.1
Host: henoticpipi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 16:14:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.filefactory.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| push.services.mozilla.com/ | 44.229.130.57 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP44.229.130.57:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: sARQJr8tH7VRE+ZNNMNelQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VZ3Jja9TYqhJVQ26oYyR3Fk8coA=
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.100 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.100:0
Hashfaf1d8a7f1edd1251b55117f41d77161 7e6b55f7968cc7381b7aa4deeed12d2692f135a2 8c27b658d2267f2dd6d138e17751edaec11d04c9e0f6015212dd92fb583533bc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=169115
Date: Mon, 30 Jan 2023 16:14:39 GMT
Etag: "63d7c69b-1d7"
Expires: Wed, 01 Feb 2023 15:13:14 GMT
Last-Modified: Mon, 30 Jan 2023 13:31:07 GMT
Server: ECS (nyb/1D19)
X-Cache: Miss from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: dUoDZybERrd2uD2drus7WXtS1VeWvAQMB2yU8sxxItkBhoeTB9UmVA==
Age: 6127
|
|
| simplewebanalysis.com/stats | 3.120.47.42 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP3.120.47.42:0
File typeASCII text, with no line terminators Hash40f5e77975eefd2e883a180cff8997a2 8d731e6f0354e07348e32a40006cba0ebdae81a5 fd6791fab2af16dc9cf98a848b71556433c8c836b41b8c5a83b87bcfd665b9b9
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.filefactory.com
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:14:39 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.filefactory.com
access-control-allow-credentials: true
set-cookie: uid_id2=412c04e3-4f33-4e11-94ff-cc3094aa9042:3:1; expires=Thu, 27 Jan 2033 16:14:39 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashf8c63fa451de9b91fdd5654d02681757 e65cb3b5ab2ab137a4cd4df64a7b7ec6ff3b8a7e 06f62bdb1d3bd2a9ee1cd45fafa79ab1ee4eb8039a0693b1e34706c24ee86fc7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "06F62BDB1D3BD2A9EE1CD45FAFA79AB1EE4EB8039A0693B1E34706C24EE86FC7"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7638
Expires: Mon, 30 Jan 2023 18:21:57 GMT
Date: Mon, 30 Jan 2023 16:14:39 GMT
Connection: keep-alive
|
|
| downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js | 54.230.111.5 | 200 OK | 72 kB |
URL HTTP/1.1downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js IP54.230.111.5:0
File typeASCII text, with very long lines (65526) Hash50c001f21b833f062283a21b4ba2c63a 29f7aae5eb10307785a5704e64cd96cefd475f2c d6b818309ffc3c094eb7d4155c442519246ff7acaf5ba7f4c8c01aa5d27c4c62
GET /js/signup-forms/popup/unique-methods/embed.js HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 20 Jan 2023 18:27:57 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 30 Jan 2023 05:41:56 GMT
ETag: W/"3281ba63652083b7a938a78b62fe19d4"
X-Cache: Hit from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: eEP4lpkvB7imjAaEm2sm3AK5C6hjNrjgOo994RNoW0-kH6I-dlsWqA==
Age: 53457
Vary: Accept-Encoding, Origin
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashb9ca371a18b1afacc82e035f41dc2b86 8b4a87be43183e4f89e19ecac344915d60574950 8ac3da2f8ce052a3d27fee0dccc5712a55e917f9de8daff8db891d50249aba90
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8AC3DA2F8CE052A3D27FEE0DCCC5712A55E917F9DE8DAFF8DB891D50249ABA90"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7893
Expires: Mon, 30 Jan 2023 18:26:13 GMT
Date: Mon, 30 Jan 2023 16:14:40 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashc239475b53a2314c43c5922ef55e73f8 e30168fe4daa7e6ebe19591863e7175bf9ad784d 2f985a21771f800b54258c8b1e70a38c9249ef7b9bf2ec61e01d5717c2e204d4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5487
Cache-Control: max-age=122767
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:14:40 GMT
Etag: "63d71410-1d7"
Expires: Wed, 01 Feb 2023 02:20:47 GMT
Last-Modified: Mon, 30 Jan 2023 00:49:20 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hashd81f874741beb45c89de8bb5c6de438e a251ab903e654953631d84721479bbae55aa5cdf ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:14:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ssl.google-analytics.com/ga.js | 142.250.74.72 | 200 OK | 17 kB |
URL HTTP/2ssl.google-analytics.com/ga.js IP142.250.74.72:0
File typeASCII text, with very long lines (1305) Hash01d5892e6e243b52998310c2925b9f3a 58180151b6a6ee4af73583a214b68efb9e8844d4 7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Mon, 30 Jan 2023 14:41:16 GMT
expires: Mon, 30 Jan 2023 16:41:16 GMT
cache-control: public, max-age=7200
age: 5604
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| connect.facebook.net/en_US/fbevents.js | 31.13.72.12 | 200 OK | 28 kB |
URL HTTP/2connect.facebook.net/en_US/fbevents.js IP31.13.72.12:0
File typeASCII text, with very long lines (64348) Hash541db4f3f0ba067bfb58cdac34cb86f4 20e6883f068568888ce37c6b9ef8f5d12be257c0 83898f3b2da2a11996d2eb3a5115ef301255030fdf231b8bf7971916769bc7be
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 9R1GwusIBWYKqebp954WXIgMQz1w6gGed6BGem0qFKzMggSW3WMrg8fqulwlE13gicxKRwc3EKdNLgXfYhwfQw==
priority: u=3,i
content-length: 27815
x-fb-trip-id: 1904183273
date: Mon, 30 Jan 2023 16:14:40 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashc239475b53a2314c43c5922ef55e73f8 e30168fe4daa7e6ebe19591863e7175bf9ad784d 2f985a21771f800b54258c8b1e70a38c9249ef7b9bf2ec61e01d5717c2e204d4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5487
Cache-Control: max-age=122767
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:14:40 GMT
Etag: "63d71410-1d7"
Expires: Wed, 01 Feb 2023 02:20:47 GMT
Last-Modified: Mon, 30 Jan 2023 00:49:20 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
|
|
| www.filefactory.com/favicon.ico | 95.211.200.52 | 200 OK | 100 kB |
URL HTTP/1.1www.filefactory.com/favicon.ico IP95.211.200.52:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeMS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data Hash90e3dcc0cc6a5c4809b7dfd50e966015 17e2063b061ea56bc5bd7b65901765289b5b6824 3eacac1f0142be27236ddad54cf1450ffe8aa60175af254938e7f7c5f99532a9
GET /favicon.ico HTTP/1.1
Host: www.filefactory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/13hustf5pm6g/Kingdom.Two.Crowns.v1.1.17.r17369.zip
Cookie: PHPSESSID=604turr9v3hut2dimd07mcsde7; locale=en_US.utf8; LBPERSIST=persist_w4; dom3ic8zudi28v8lr6fgphwffqoz0j6c=412c04e3-4f33-4e11-94ff-cc3094aa9042%3A3%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:43:00 GMT
Content-Type: image/x-icon
Content-Length: 99678
Connection: keep-alive
Last-Modified: Thu, 22 Oct 2015 02:35:05 GMT
Accept-Ranges: bytes
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hashba2ca6af7b23ce2e11aa4f9d86e66269 212aef55d64b6add292dcf6241b16e7c93d1bae2 f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 16:14:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| excretekings.com/pixel/purst?dl=0&th=0&sc=0&rs=1610&rd=1610&fd=898&bv=22.10.v.9&tmpl=70 | 192.243.59.13 | 200 OK | 0 B |
URL HTTP/1.1excretekings.com/pixel/purst?dl=0&th=0&sc=0&rs=1610&rd=1610&fd=898&bv=22.10.v.9&tmpl=70 IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pixel/purst?dl=0&th=0&sc=0&rs=1610&rd=1610&fd=898&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: excretekings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 30 Jan 2023 16:14:40 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| banquetunarmedgrater.com/advertisers.js | 192.243.61.227 | 200 OK | 0 B |
URL HTTP/1.1banquetunarmedgrater.com/advertisers.js IP192.243.61.227:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 16:14:40 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 20ba7fd59827f10c0c828298fb9ab1c8
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| engagesrvr.filefactory.com/?938685878&keywords=guest | 95.211.140.208 | 200 OK | 821 B |
URL HTTP/2engagesrvr.filefactory.com/?938685878&keywords=guest IP95.211.140.208:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeJSON data\012- , ASCII text, with very long lines (2903), with no line terminators Hashddf6bbb9e622f3347dd3b5c781e96be2 c247bfb39ff63a8d8de5e4d131e14b22a00536f5 0abddb12df55f77012c9551baa230b94eee6ab30d04f8dca6748b17d20c6efd6
GET /?938685878&keywords=guest HTTP/1.1
Host: engagesrvr.filefactory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.filefactory.com
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:14:40 GMT
content-type: application/json
cache-control: no-store, no-cache, no-transform, must-revalidate, proxy-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-store, no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://www.filefactory.com
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: X-Requested-With, Content-Type, CSRFToken, Authorization
link: <//engagecdn.filefactory.com>; rel=dns-prefetch
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.facebook.com/tr/?id=559928301484091&ev=ff_member&dl=https%3A%2F%2Fwww.filefactory.com%2Ffile%2F13hustf5pm6g%2FKingdom.Two.Crowns.v1.1.17.r17369.zip&rl=&if=false&ts=1675095293125&cd[type]=free&cd[subends]=0&cd[subduration]=0&cd[files]=0&cd[filesdownloaded]=0&sw=1280&sh=1024&ud[country]=9390298f3fb0c5b160498935d79cb139aef28e1c47358b4bbba61862b9c26e59&ud[client_ip_address]=da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d&v=2.9.92&r=stable&ec=1&o=30&fbp=fb.1.1675095293121.1366224404&it=1675095292878&coo=false&rqm=GET | 31.13.72.36 | 200 OK | 0 B |
URL HTTP/2www.facebook.com/tr/?id=559928301484091&ev=ff_member&dl=https%3A%2F%2Fwww.filefactory.com%2Ffile%2F13hustf5pm6g%2FKingdom.Two.Crowns.v1.1.17.r17369.zip&rl=&if=false&ts=1675095293125&cd[type]=free&cd[subends]=0&cd[subduration]=0&cd[files]=0&cd[filesdownloaded]=0&sw=1280&sh=1024&ud[country]=9390298f3fb0c5b160498935d79cb139aef28e1c47358b4bbba61862b9c26e59&ud[client_ip_address]=da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d&v=2.9.92&r=stable&ec=1&o=30&fbp=fb.1.1675095293121.1366224404&it=1675095292878&coo=false&rqm=GET IP31.13.72.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=559928301484091&ev=ff_member&dl=https%3A%2F%2Fwww.filefactory.com%2Ffile%2F13hustf5pm6g%2FKingdom.Two.Crowns.v1.1.17.r17369.zip&rl=&if=false&ts=1675095293125&cd[type]=free&cd[subends]=0&cd[subduration]=0&cd[files]=0&cd[filesdownloaded]=0&sw=1280&sh=1024&ud[country]=9390298f3fb0c5b160498935d79cb139aef28e1c47358b4bbba61862b9c26e59&ud[client_ip_address]=da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d&v=2.9.92&r=stable&ec=1&o=30&fbp=fb.1.1675095293121.1366224404&it=1675095292878&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 30 Jan 2023 16:14:40 GMT
X-Firefox-Spdy: h2
|
|
| mc.us6.list-manage.com/subscribe/form-settings?u=cc27616a935143f3234e68708&id=7870230735&u=cc27616a935143f3234e68708&id=7870230735&c=dojo_request_script_callbacks.dojo_request_script0 | 104.110.24.122 | 200 OK | 6.2 kB |
URL HTTP/2mc.us6.list-manage.com/subscribe/form-settings?u=cc27616a935143f3234e68708&id=7870230735&u=cc27616a935143f3234e68708&id=7870230735&c=dojo_request_script_callbacks.dojo_request_script0 IP104.110.24.122:0
File typeASCII text, with very long lines (12781), with no line terminators Hashb4b632cc92b7497665a00ea7f4e4185d 5784a1a702feff336a9519e93cd53b8694b9b612 fec20cc62b53e3a458dadc074f5852889f18827319802df572056ce30bfdaa92
GET /subscribe/form-settings?u=cc27616a935143f3234e68708&id=7870230735&u=cc27616a935143f3234e68708&id=7870230735&c=dojo_request_script_callbacks.dojo_request_script0 HTTP/1.1
Host: mc.us6.list-manage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
content-type: application/json; charset=utf-8
content-length: 6179
x-ua-compatible: IE=edge,chrome=1
referrer-policy: same-origin
content-encoding: gzip
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 300
cache-control: max-age=300
expires: Mon, 30 Jan 2023 16:19:40 GMT
date: Mon, 30 Jan 2023 16:14:40 GMT
vary: Accept-Encoding
set-cookie: _mcid=1.8e069272843777239a8d5b91e6ada5bf.ecfff4e6504a9a6ce7a016bd925fbe4587ebd36ad457f7b99c830e03ab4e34cb; expires=Tue, 30-Jan-2024 16:14:40 GMT; Max-Age=31536000; path=/
_mc_anon_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
_abck=4A978FA2DBF1FA0AA800BE66F8BFFAAB~-1~YAAQrU0kF798+M6FAQAAzIt1AwlSAojQlDIn1AgSaByZJIi4pgDIGNDu9qj3Uc6mXr+9m6tir9emZm8N0XvHy/33MC1Aw0y9vZelB+5pqTjCV0TFCUIC1OVpxn26VTLXQrshWukafuQY1cafRzF9Xm7Eu0y6r0O5OHWCVMzmgbQkLNK7TRWKp/asPn/zLoISXV9ou7kK0vu9oxT+pA/+dpcSw9BCCF4Ynpowzs6Wb1jYsSGx/mtyp53Pk0ZTLqZM3kHRCSgqQ/W/feeo9zqdh/NAdAM2n8WDZym0dY0Jf5BFhzQodQSMSrdfr6niT5dJnps/QlMb4ldx0SIK/9tsw9VN5T3x3Zbi0NZQEOztGwQHB4APUumk/gR0q7BxX5tNCT4=~-1~-1~-1; Domain=.list-manage.com; Path=/; Expires=Tue, 30 Jan 2024 16:14:40 GMT; Max-Age=31536000; SameSite=None; Secure
ak_bmsc=93B33FC01AD9E11482FA23D4A260B242~000000000000000000000000000000~YAAQrU0kF8B8+M6FAQAAzIt1AxJRgfRfrqXEABLUJZM8ybzbb6SN1KUtq92o7/Pt1kkaryuroCxTlEEBXFmKBYFxkYna8DmA2a8Cf06gZcnqKpYUVBoW9uicheVQ9Y8kisQoVxkFTdjwzQZdhTYLRyfNb+kl0q7irbXcF7O8OKov6reaYARAbktP57A5RKD5xLXAyu/YctUP2aBxcKH8p5KmlujQOagYdgWucjgUHLI5BfJXFf2lMAAIwX0wejaW1OhkfXKrg9QmR/WmvdDc76tYeSdB80RFUR0eduBD+wX4RsxQ1yBA5jEDoknbpOgCLLBZtSG0Ro/54tI7qXErAGq7mjnK3ihhLFTIxqXRatp3yBkDm/GE2VpxKdRMR8h0Ztiqwnwf1AyI66BYZs13CuMm; Domain=.us6.list-manage.com; Path=/; Expires=Mon, 30 Jan 2023 18:14:40 GMT; Max-Age=7200; SameSite=None; Secure; HttpOnly
bm_sz=61B0F69A90AC9B54F67AF7EBB5F4CC35~YAAQrU0kF8F8+M6FAQAAzIt1AxKPmJ05dELt9Rm8H09kdJFs3w4jTX7+BShlGHno2wHjN4ZtLOLk42btk4VBrLTA+1e4cvpDNTI1PzdpSWVsi5pwmQZyq5XHvN+pgrjgj32YGHo3IiYbM1Cgu+9chH6hYw98+PyHlJSVX9hrSFZDdyWlJtNJjZEN7SDLeaiGP92JPE2iB8nfEkNkQrcgZY8kurtttLdOIFv9v4qo5FZ5bi7dVQzwAXpZX/1ApyvLsAL9IqHwrTB2I7J9CZNySZjWYIZd7q33WEcfwGEzTMdzRRBXN3OPyg==~3425602~3163206; Domain=.list-manage.com; Path=/; Expires=Mon, 30 Jan 2023 20:14:40 GMT; Max-Age=14400; SameSite=None; Secure
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash43bc5afe1d7330aa521e0efc78185a92 f53e9daa0a32e0acf7a10d9494fb383c1d039305 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10576
Expires: Mon, 30 Jan 2023 19:10:56 GMT
Date: Mon, 30 Jan 2023 16:14:40 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash43bc5afe1d7330aa521e0efc78185a92 f53e9daa0a32e0acf7a10d9494fb383c1d039305 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10576
Expires: Mon, 30 Jan 2023 19:10:56 GMT
Date: Mon, 30 Jan 2023 16:14:40 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash43bc5afe1d7330aa521e0efc78185a92 f53e9daa0a32e0acf7a10d9494fb383c1d039305 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10576
Expires: Mon, 30 Jan 2023 19:10:56 GMT
Date: Mon, 30 Jan 2023 16:14:40 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg | 34.120.237.76 | 200 OK | 8.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashfe31ee140c2fd62e616c8a1edc9e78bb 7aa5fbdc8156514770ae620e81f1afef1c77890f 799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UNub7Gd4S0ogn5EJhtJVu8q1qML5_4eL2lIPQXiAuXy_q-XiR4s-5w==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:55:21 GMT
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
age: 65959
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash65c02d8a1b0d6a210cb2a649c5c67469 027dbc7a104c922904f067ed15d696c363c11774 89d5443a1d313c632d09a583ef602aa4645a16986076387329f434262d15b0a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10997
x-amzn-requestid: a6fac0ab-1acf-4808-8785-3b4ec5e32edf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj30FX7IAMFa5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e698-005109ec2e76529e793678d6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: skGKI_MWvDwpAbGibUcr8wTlimgoPU9ZYhEHltd3uhdJZ_GoNznVAA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:53:08 GMT
age: 66092
etag: "027dbc7a104c922904f067ed15d696c363c11774"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash5190c0bdc6abe0ee258e9f8c20ddaf51 d60f280f8a742480527dbc32d08f321f972d4fcf 874b38a04aa3736e65aaef72da2cc2efceb208618267107a495bdfe51ec58e58
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12507
x-amzn-requestid: 85c9adcd-b997-48ca-bbfb-ccdeaf3e8cfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhklyFaJoAMFqKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7be-2bcdd8c353d8429d2b1e95f6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UDJKl99GiUxTW_EgWFDjLaJZbKFhfaJR-XRLsbQphwHuCXczDlxrDA==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:54:37 GMT
age: 66003
etag: "d60f280f8a742480527dbc32d08f321f972d4fcf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg | 34.120.237.76 | 200 OK | 9.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash3be81f83687ddb6c93d3ff3c09a9dba2 50a48e737310d3f31840db4301b25927fbcc12c5 e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 20:46:17 GMT
age: 70103
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg | 34.120.237.76 | 200 OK | 9.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash51aa950d5eed7b90cab6632107092edc e4388ced02e5576867e77547496dec1ac2338ef7 588830e5f725e8e56270565e40f817f2658b0ee7c0425d138e5f65a17ff40483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9457
x-amzn-requestid: 7c48e5ca-2128-43da-ba83-fd91568af1ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkBOGHVoAMFQtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6d4-1b850ffd543f51f92dec3894;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: soTFEnYjNcti77h3FpnztwzR7ypv68NbyoI6DxS0NhU412ykFsWAgA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:00:38 GMT
age: 65642
etag: "e4388ced02e5576867e77547496dec1ac2338ef7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg | 34.120.237.76 | 200 OK | 7.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash3e04b9eaf7449828136ad59e4c9d69f1 b820be4ed885dcf288eb6460c57e1fa7b1c7c476 df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Wx-qjsrMLYpLmE-8QmpR46BeRySbUGL2Rrr6LqhEQ8jaEEj_6Aj0qg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:52:09 GMT
age: 66151
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| engagecdn.filefactory.com/t246f07e0/img/e3t46_mb3stu_d89164f1.jpg | 89.149.201.79 | 200 OK | 46 kB |
URL HTTP/2engagecdn.filefactory.com/t246f07e0/img/e3t46_mb3stu_d89164f1.jpg IP89.149.201.79:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeJPEG image data, progressive, precision 8, 1920x1200, components 3\012- data Hash6553c5715ff3d308ac0a7ad8a46acf46 7808a13ac2d8edeb4aa45d8bfdc427d7b0fede20 afedeccceae04919b0fe264ed6fb2bd5264b84003cbb215290a2cab624d0024f
GET /t246f07e0/img/e3t46_mb3stu_d89164f1.jpg HTTP/1.1
Host: engagecdn.filefactory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Cookie: locale=en_US.utf8; __utma=140252452.1499277430.1675095293.1675095293.1675095293.1; __utmb=140252452.1.10.1675095293; __utmc=140252452; __utmz=140252452.1675095293.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; _fbp=fb.1.1675095293121.1366224404
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:14:40 GMT
content-type: image/jpeg
content-length: 45607
last-modified: Tue, 01 Nov 2022 02:20:10 GMT
expires: Tue, 30 Jan 2024 16:14:40 GMT
cache-control: max-age=31536000, public, no-transform
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| engagecdn.filefactory.com/t246f07e0/img/e3t46_huvsmw798b7sbtfd5wyk_bac6f6c2f517602ab8355add92356f9b.png | 89.149.201.79 | 200 OK | 122 kB |
URL HTTP/2engagecdn.filefactory.com/t246f07e0/img/e3t46_huvsmw798b7sbtfd5wyk_bac6f6c2f517602ab8355add92356f9b.png IP89.149.201.79:0 ASN#60781 LeaseWeb Netherlands B.V.
File typePNG image data, 580 x 200, 8-bit/color RGBA, non-interlaced\012- data Size122 kB (122137 bytes) Hashbac6f6c2f517602ab8355add92356f9b c8f5543e6256eea65c9711aeaeee099eca442718 88da400955be51edec77a77a57967be6716a7c223b7dda2064c9f7fa96f068b4
GET /t246f07e0/img/e3t46_huvsmw798b7sbtfd5wyk_bac6f6c2f517602ab8355add92356f9b.png HTTP/1.1
Host: engagecdn.filefactory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Cookie: locale=en_US.utf8; __utma=140252452.1499277430.1675095293.1675095293.1675095293.1; __utmb=140252452.1.10.1675095293; __utmc=140252452; __utmz=140252452.1675095293.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; _fbp=fb.1.1675095293121.1366224404
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:14:40 GMT
content-type: image/png
content-length: 122137
last-modified: Thu, 30 Apr 2020 18:25:15 GMT
expires: Tue, 30 Jan 2024 16:14:40 GMT
cache-control: max-age=31536000, public, no-transform
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| engagecdn.filefactory.com/t246f07e0/img/e3t46_y9xpahwmhh6thebrpad8_119dcd8feba6b47633b0f8e26a998027.png | 89.149.201.79 | 200 OK | 157 kB |
URL HTTP/2engagecdn.filefactory.com/t246f07e0/img/e3t46_y9xpahwmhh6thebrpad8_119dcd8feba6b47633b0f8e26a998027.png IP89.149.201.79:0 ASN#60781 LeaseWeb Netherlands B.V.
File typePNG image data, 800 x 800, 8-bit/color RGBA, non-interlaced\012- data Size157 kB (156933 bytes) Hash119dcd8feba6b47633b0f8e26a998027 5b1b226e63d8ee9c9ccc5903fcbe9b15a43df2d0 813f24e8c59b30d1edc389e726d1deecadb686f0e6f1936fc6a0cee4c05a35f2
GET /t246f07e0/img/e3t46_y9xpahwmhh6thebrpad8_119dcd8feba6b47633b0f8e26a998027.png HTTP/1.1
Host: engagecdn.filefactory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Cookie: locale=en_US.utf8; __utma=140252452.1499277430.1675095293.1675095293.1675095293.1; __utmb=140252452.1.10.1675095293; __utmc=140252452; __utmz=140252452.1675095293.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; _fbp=fb.1.1675095293121.1366224404
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 16:14:40 GMT
content-type: image/png
content-length: 156933
last-modified: Thu, 30 Apr 2020 18:25:15 GMT
expires: Tue, 30 Jan 2024 16:14:40 GMT
cache-control: max-age=31536000, public, no-transform
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| downloads.mailchimp.com/js/signup-forms/popup/unique-methods/73bf20a8fe762dee6abd0173cd576e53d748a0df/popup.js | 54.230.111.5 | 200 OK | 29 kB |
URL HTTP/1.1downloads.mailchimp.com/js/signup-forms/popup/unique-methods/73bf20a8fe762dee6abd0173cd576e53d748a0df/popup.js IP54.230.111.5:0
File typeASCII text, with very long lines (65526) Hash3e47231a473991ad53e00cef561ef2d5 cda21d3007bdfb78858b135d9f5260eb3938753d e53ab8aa4e993a4315ad2eaffab6009665c54f86e38b7be8be1ed024ac3d16f8
GET /js/signup-forms/popup/unique-methods/73bf20a8fe762dee6abd0173cd576e53d748a0df/popup.js HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sun, 29 Jan 2023 19:23:10 GMT
Last-Modified: Thu, 29 Sep 2022 15:39:29 GMT
ETag: W/"d3149280c831cbf6538770c71a916f43"
Server: AmazonS3
Content-Encoding: br
X-Cache: Hit from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8qsqc2n82kB0bpxoIYEnYtOZMGdU0f7eCco5GbdKRyvuNrDK-ZKpIA==
Age: 75090
Vary: Accept-Encoding, Origin
|
|
| downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/common.css | 54.230.111.5 | 200 OK | 2.4 kB |
URL HTTP/1.1downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/common.css IP54.230.111.5:0
Hashd19b18b64fe30a64762d4a50ca861b1c cf0b39c5e4a85fa9cb916f074c62ec2315528c95 ddc117511a02d7e507e26304afa0f9877c6644f43ec83ca8a15ff81b00c1e79e
GET /css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/common.css HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 30 Jan 2023 01:07:12 GMT
Last-Modified: Thu, 29 Sep 2022 15:39:29 GMT
ETag: W/"82e72d627b04e1654282023cca1d1e69"
Server: AmazonS3
Content-Encoding: br
X-Cache: Hit from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6Qp_ABleK4P_mcieWb0bkT08WrwIKlV8dMyBHnF9txG4eBVKIdntWw==
Age: 54449
Vary: Accept-Encoding, Origin
|
|
| downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/banner.css | 54.230.111.5 | 200 OK | 348 B |
URL HTTP/1.1downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/banner.css IP54.230.111.5:0
Hash7dc952a02aac2296639b02e8b693f1ca 141d2c58d397b253795db7e070d0846e4cb67d37 4768822ea5fd24c1368db661e02e9e2119f98351068a5531c3ae6e7a762f5e9a
GET /css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/banner.css HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sun, 29 Jan 2023 22:35:12 GMT
Last-Modified: Thu, 29 Sep 2022 15:39:29 GMT
ETag: W/"78d1bdd981816cfbeb6954a85f9efa58"
Server: AmazonS3
Content-Encoding: br
X-Cache: Hit from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: G7PCoTVsl1G4jWmXt9Jr5zNPXrOcVybl2S0_1U8pc3BedUS6q4nSWQ==
Age: 63569
Vary: Accept-Encoding, Origin
|
|
| downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/layout-2.css | 54.230.111.5 | 200 OK | 455 B |
URL HTTP/1.1downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/layout-2.css IP54.230.111.5:0
Hashcf00c7e6b7868062bf758deaa7b83864 cff15cad13c248593f1810ca4ee885e1c883c684 0557ff79eeacb19e8553149dd9c71e906d41f4646cb88005fc08df4ee485a5d4
GET /css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/layout-2.css HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 15:39:29 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 30 Jan 2023 09:47:14 GMT
ETag: W/"38f50a83c6d5d15facb231447fa1ac56"
X-Cache: Hit from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gnfgbIHVPD7c1GGPt8PczR8UC7ywEWfpojxa5RvmVmPIopCbKEgnDA==
Age: 53095
Vary: Accept-Encoding, Origin
|
|
| downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/modal.css | 54.230.111.5 | 200 OK | 940 B |
URL HTTP/1.1downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/modal.css IP54.230.111.5:0
Hashd67b9dcb001d0ed64cbc0ba9da2d77a1 a0320024d0421b2834df9ea7032087b648576ae3 493abf97f7246bde2ad899d82171edf77edca18bfdad04d8097f16134f582d26
GET /css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/modal.css HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 15:39:29 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 30 Jan 2023 15:20:33 GMT
ETag: W/"aa6f4416185bd7f299dd89e11dac117f"
X-Cache: Hit from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: bD9mpwUgwUo-AtGKmeN2ftFbQfCtmZMqh_hPT7BDJ2pAtznkV2XaZw==
Age: 9467
Vary: Accept-Encoding, Origin
|
|
| fonts.googleapis.com/css?family=Open+Sans:400,600,700,800 | 142.250.74.106 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Open+Sans:400,600,700,800 IP142.250.74.106:0
GET /css?family=Open+Sans:400,600,700,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 30 Jan 2023 16:14:38 GMT
date: Mon, 30 Jan 2023 16:14:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|