Report - xxxa.work/download

Report Overview

Visited public
2023-12-04 06:52:54
Tags
URL
xxxa.work/download
Finishing URL
xxxa.work/download
IP / ASN
104.21.23.48
#13335 CLOUDFLARENET
Title
XXXA

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-12-03 07:56:40	3.4 kB	820 kB	142.250.74.3
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2023-11-19 18:48:38	2.3 kB	77 kB	142.250.74.132
ka-f.fontawesome.com	3598	2012-10-18	2019-12-17 07:36:13	2023-12-03 12:57:01	1.5 kB	93 kB	172.64.204.20
kit.fontawesome.com	1868	2012-10-18	2019-12-16 20:51:31	2023-12-03 05:09:04	439 B	12 kB	172.64.147.188
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-03 06:08:10	453 B	12 kB	142.250.74.106
xxxa.work	unknown	unknown	No data	No data	8.9 kB	773 kB	172.67.209.49
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-03 05:48:43	1.1 kB	65 kB	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-04 06:52:39	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .work TLD
2023-12-04 06:52:39	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .work TLD

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
xxxa.work/static/assets/download_page/Thumbs.db
IP
172.67.209.49
ASN
#13335 CLOUDFLARENET

File type
Composite Document File V2 Document, Can't read SAT\012- OLE 2 Compound Document, v3.62, SecID 0x1, 41 FAT sectors, Mini FAT start sector 0x2 : Windows thumbnail database 256\012- data
Size
8.7 kB (8688 bytes)
Hash
6708672524e04f18aae59f49ad8043ab
5e00c92bdeba301b58d8fd1d1becdd02fdf59568
0147b89bea705f10cb0a1418c20810bbe04f224c03a8eee4a8862f508d37b4fc

JavaScript (21)

	URL	From	Size	First Seen	Last Seen
	www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfeyCMUAAAAAPU41Y53AxU65-qYjk_FohFzWyan	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfeyCMUAAAAAPU41Y53AxU65-qYjk_FohFzWyan IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 12:01 Times Seen4654061 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js	ScriptElement	476 kB	2023-11-14	2024-08-20
Pretty URL www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js IP 142.250.74.3 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-14 09:02 Last Seen2024-08-20 19:39 Times Seen12206 Hash 23b9dd721490a4062ba8d01454ef6ba9 efdbb7331585411f7d397dacbf51fd3e95f3031d 4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7 Loading...

	xxxa.work/download	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL xxxa.work/download IP 172.67.209.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 12:01 Times Seen4654061 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	xxxa.work/static/assets/js/core/popper.min.js	ScriptElement	20 kB	2023-07-06	2025-05-07
Pretty URL xxxa.work/static/assets/js/core/popper.min.js IP 172.67.209.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-06 22:14 Last Seen2025-05-07 12:54 Times Seen9 Hash 8ad5a4459800325ed64b5c360b123e02 a3464a5493ddd215c075801d20c4bf0be0cc7684 2ab8897a2d0471a8d9a40ed0b29a051287c98248f4232584bd0f39352bf18f0c Loading...

	unknown	ScriptElement	247 B	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:51 Last Seen2024-08-20 16:51 Times Seen1 Hash c858355f3f8a824552f2b31f69702234 24c6f7963ca81442de01d6e4cb3af3d5b39bb62d b45f8f01bd1460288d7ac73a974150a848fb8e77a368584ea91b18645a586f97 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LfeyCMUAAAAAPU41Y53AxU65-qYjk_FohFzWyan&co=aHR0cHM6Ly94eHhhLndvcms6NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=p9elsdwhtsc	ScriptElement	69 B	2023-03-07	2025-05-11
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LfeyCMUAAAAAPU41Y53AxU65-qYjk_FohFzWyan&co=aHR0cHM6Ly94eHhhLndvcms6NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=p9elsdwhtsc IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 12:01 Times Seen116397 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	xxxa.work/static/assets/js/plugins/smooth-scrollbar.min.js	ScriptElement	48 kB	2024-08-20	2024-08-20
Pretty URL xxxa.work/static/assets/js/plugins/smooth-scrollbar.min.js IP 172.67.209.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:51 Last Seen2024-08-20 16:51 Times Seen1 Hash d34835ad01049e52d0ee96e26819e6c7 b9710bc5587d3dcf16e4adb9e62199dc2a7b581a 037ad71c9a261a2c24659c8795874c574af0dfb6bc7ec9fa336f5c6b32e1c381 Loading...

	xxxa.work/download	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL xxxa.work/download IP 172.67.209.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 12:01 Times Seen4654061 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	xxxa.work/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	7.4 kB	2023-12-04	2023-12-04
Pretty URL xxxa.work/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 172.67.209.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 07:53 Last Seen2023-12-04 07:53 Times Seen1 Hash 135a2be6cc05a2260b4e673f276eb5b8 f11ef04ba292ffa157c1d70e32d641e5827ee34d 85edc147630709fea920ddac38fb3b4b36111ee4cf10c94f9e67526c128f4d94 Loading...

	kit.fontawesome.com/42d5adcbca.js	ScriptElement	12 kB	2023-12-04	2024-08-20
Pretty URL kit.fontawesome.com/42d5adcbca.js IP 172.64.147.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 02:34 Last Seen2024-08-20 16:52 Times Seen34 Hash 76d889c487dfda7b9cc4c771cd78ff08 c9a41cf90152956e8aba6122bd9b8d1a2bc8d916 6dc03394c410b465031aaf12d8d4e3595633c006f79c30956f2c266a52be4dda Loading...

	www.google.com/recaptcha/api.js	ScriptElement	850 B	2023-11-14	2024-08-20
Pretty URL www.google.com/recaptcha/api.js IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-14 09:30 Last Seen2024-08-20 19:39 Times Seen3579 Hash 57e10dcd72dd2953878092014eae522b 95ba7e48825c26c5d9395ef2edb73e790bce6fa7 c7b54326365940d062bce26ed41579eebcb4946a86ba280790b603926692bd59 Loading...

	xxxa.work/static/assets/js/core/bootstrap.min.js	ScriptElement	60 kB	2023-12-04	2025-01-13
Pretty URL xxxa.work/static/assets/js/core/bootstrap.min.js IP 172.67.209.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 07:53 Last Seen2025-01-13 14:04 Times Seen2 Hash 566a14b1d43bf79686cd3984c00e8008 323b35b7c55597bc95448694bbdeaaf6863418c0 3a98ab794c90fed2c629d7d62801f5289e7334f45176fd3b41801dca25bdb835 Loading...

	xxxa.work/static/assets/js/argon-dashboard.min.js?v=2.0.4	ScriptElement	16 kB	2023-12-04	2024-08-20
Pretty URL xxxa.work/static/assets/js/argon-dashboard.min.js?v=2.0.4 IP 172.67.209.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 07:53 Last Seen2024-08-20 16:51 Times Seen2 Hash d42743053bf634bb92f56b06e0fa5eb1 1e14bc8f90458deaa41c6a50fc8f045eefbc6615 1f5d39ff1ee8eaefeba688ac3ca71184022b0f17c9a5adef7be2e08f35ec011e Loading...

	xxxa.work/static/assets/js/plugins/perfect-scrollbar.min.js	ScriptElement	19 kB	2023-12-04	2023-12-04
Pretty URL xxxa.work/static/assets/js/plugins/perfect-scrollbar.min.js IP 172.67.209.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 07:53 Last Seen2023-12-04 07:53 Times Seen1 Hash b28fb90dcfec8c00c701f00b83ca4a5d d2c413ebe4635d68d9df80a646e0c60ba6af226e 52f16f55116ccb47164e19c3f782cfac476801d61d76e2c60795d38229ae4fe4 Loading...

	xxxa.work/download	ScriptElement	1.1 kB	2024-08-20	2024-08-20
Pretty URL xxxa.work/download IP 172.67.209.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:51 Last Seen2024-08-20 16:51 Times Seen1 Hash 0909da829501644b974938dc6a773297 b38f52478532aef1d832d7f9ffa1d8a283391d1c 07821d9072815cdc9b26a84ecc4bc7e6aef0c1ccf4c89182899c59a3066cfe71 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LfeyCMUAAAAAPU41Y53AxU65-qYjk_FohFzWyan&co=aHR0cHM6Ly94eHhhLndvcms6NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=p9elsdwhtsc	ScriptElement	54 kB	2024-08-20	2024-08-20
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LfeyCMUAAAAAPU41Y53AxU65-qYjk_FohFzWyan&co=aHR0cHM6Ly94eHhhLndvcms6NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=p9elsdwhtsc IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:51 Last Seen2024-08-20 16:51 Times Seen1 Hash e249fab6adeeef42adca98f1b8900f63 f656fed60d92a20ee84dd052ea8ad720c2a17fcf 6cb947b19aec76a19c9d2049d0d05fe4b1f9c3d4ed9cd09f4253272a269b3b59 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 8d799e5e3b9450dd4c1aef6e122df0de	22 B	2023-11-07 15:55	2024-08-20 20:32
Pretty Observations First Seen2023-11-07 15:55 Last Seen2024-08-20 20:32 Times Seen3187 Hash 8d799e5e3b9450dd4c1aef6e122df0de 1c074fc167af588bc86e54b4ceb4017ce0a7791a e69ebca4238490aa2b0c08845343b95b35a04efaca3e62b2732e1ca661bb3374 Loading...

	#2 Eval - 224ac2edd48a4d27399a35d4a94d8f17	22 B	2023-11-07 15:55	2024-08-20 20:32
Pretty Observations First Seen2023-11-07 15:55 Last Seen2024-08-20 20:32 Times Seen3194 Hash 224ac2edd48a4d27399a35d4a94d8f17 33a0fd7fc8561e1cca8737032f7b24d32c47d171 bd86e6f419efd867fc86701b061f5cab02b0f38086c64d9a8e8f00b98bbc96cb Loading...

	#3 Eval - cf876ca4f502b2fa2671272b6f64b213	17 kB	2023-11-07 15:55	2024-08-20 20:32
Pretty Observations First Seen2023-11-07 15:55 Last Seen2024-08-20 20:32 Times Seen3188 Hash cf876ca4f502b2fa2671272b6f64b213 ab94320e0991ce49c95343610f2d38b5e8c8f28a 8d333c3dd690fdf8b52bf7827ca62cf9e923b844bfae8155bf33b5200b376d92 Loading...

	#4 Eval - 9b7ec418cd2fa3c49f2bb6a580e306d3	21 kB	2023-12-03 21:11	2024-08-20 16:54
Pretty Observations First Seen2023-12-03 21:11 Last Seen2024-08-20 16:54 Times Seen2 Hash 9b7ec418cd2fa3c49f2bb6a580e306d3 743d835dc832c4e2f876a54a426e426dfa31d46c 4ba50a07f71bb567cceadf278448d1f5074f98b9e9cef13d2d2457ddccac1cd4 Loading...

	#5 Eval - cf1dd8609868435e7eb1006b517c1abb	64 B	2023-11-07 15:55	2024-08-20 20:32
Pretty Observations First Seen2023-11-07 15:55 Last Seen2024-08-20 20:32 Times Seen3193 Hash cf1dd8609868435e7eb1006b517c1abb 0fb005e6e00be62e448385d3ff0a2513e49f4806 a01b7ce49084f117d7034cc7571519fd95e62401da4c9976d4275da0dd08f8e9 Loading...

HTTP Transactions (33)

	URL	IP	Response	Size
	xxxa.work/static/assets/css/nucleo-icons.css	172.67.209.49	200 OK	50 kB
URL GET HTTP/3 xxxa.work/static/assets/css/nucleo-icons.css IP 172.67.209.49:443 ASN #13335 CLOUDFLARENET Requested by https://xxxa.work/download Certificate IssuerLet's Encrypt Subjectxxxa.work FingerprintE9:49:F1:36:52:21:AC:CA:20:4B:E5:84:48:3B:8C:3D:55:C1:80:95 ValidityTue, 21 Nov 2023 14:33:09 GMT - Mon, 19 Feb 2024 14:33:08 GMT File type troff or preprocessor input, ASCII text, with CRLF line terminators Size 50 kB (50394 bytes) Hash 925726edffd608f76beb06a4cffeecee b8d407bf8cdf4f2935ff9894696bdaacde03b97d 10166a9a117d11d9863803bf7dd7a1c53b5a5426d26f971d2e105cfcf655884c HTTP Headers GET /static/assets/css/nucleo-icons.css HTTP/1.1 Host: xxxa.work User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://xxxa.work/download Cookie: session=eyJfZnJlc2giOmZhbHNlLCJjc3JmX3Rva2VuIjoiNjY0ZDA2MmM1M2ZmMzEyZmU3OTAyYzgxMmU4NjYwMmEzY2E5ZGIxZiJ9.ZW13Mg.eZVjWQ4KJz_63qIXcc2iR3Hvbvc Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Mon, 04 Dec 2023 06:52:35 GMT content-type: text/css; charset=utf-8 content-disposition: inline; filename=nucleo-icons.css last-modified: Sun, 05 Feb 2023 21:59:56 GMT cache-control: max-age=14400 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zfv0GM0iXKEqA7sHy7MR7WAKXrJbyMx9Edga6Y0%2B6TWx2h70U6SfgZFHlhN7GLShKAzPpBjcPt%2BAHnjzwPJZp17mRRgKbGnsh43xaiRK8dAQvL5sENBUGeeYyT4%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 830220a00ce3569f-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2	216.58.207.227	200 OK	48 kB
URL GET HTTP/2 fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP 216.58.207.227:443 ASN #15169 GOOGLE Requested by https://xxxa.work/download Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT File type Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data Size 48 kB (48432 bytes) Hash e2d74c5e631bc53a7240bbfe4be99c8f eb513857bb01cc4f7249067fc7e969bef415fc90 9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5 HTTP Headers GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://xxxa.work DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 48432 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 30 Nov 2023 05:00:58 GMT expires: Fri, 29 Nov 2024 05:00:58 GMT cache-control: public, max-age=31536000 age: 352299 last-modified: Thu, 14 Sep 2023 00:40:31 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js	142.250.74.3	200 OK	191 kB
URL GET HTTP/3 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js IP 142.250.74.3:443 ASN #15169 GOOGLE Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfeyCMUAAAAAPU41Y53AxU65-qYjk_FohFzWyan Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT File type ASCII text, with very long lines (563) Size 191 kB (190682 bytes) Hash 23b9dd721490a4062ba8d01454ef6ba9 efdbb7331585411f7d397dacbf51fd3e95f3031d 4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7 HTTP Headers `GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://xxxa.work DNT: 1 Connection: keep-alive Referer: https://xxxa.work/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha" report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-length: 190682 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sun, 03 Dec 2023 11:52:30 GMT expires: Mon, 02 Dec 2024 11:52:30 GMT cache-control: public, max-age=31536000 last-modified: Tue, 14 Nov 2023 05:42:11 GMT content-type: text/javascript vary: Accept-Encoding age: 68407 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css	142.250.74.3	200 OK	25 kB
URL GET HTTP/3 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css IP 142.250.74.3:443 ASN #15169 GOOGLE Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfeyCMUAAAAAPU41Y53AxU65-qYjk_FohFzWyan&co=aHR0cHM6Ly94eHhhLndvcms6NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=p9elsdwhtsc Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT File type ASCII text, with very long lines (56398), with no line terminators Size 25 kB (24606 bytes) Hash eb4bc511f79f7a1573b45f5775b3a99b d910fb51ad7316aa54f055079374574698e74b35 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 HTTP Headers `GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.google.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes content-encoding: gzip content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha" report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-length: 24606 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sun, 03 Dec 2023 19:06:15 GMT expires: Mon, 02 Dec 2024 19:06:15 GMT cache-control: public, max-age=31536000 last-modified: Tue, 14 Nov 2023 05:42:11 GMT content-type: text/css vary: Accept-Encoding age: 42382 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js	142.250.74.3	200 OK	191 kB
URL GET HTTP/3 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js IP 142.250.74.3:443 ASN #15169 GOOGLE Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfeyCMUAAAAAPU41Y53AxU65-qYjk_FohFzWyan Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT File type ASCII text, with very long lines (563) Size 191 kB (190682 bytes) Hash 23b9dd721490a4062ba8d01454ef6ba9 efdbb7331585411f7d397dacbf51fd3e95f3031d 4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7 HTTP Headers `GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.google.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha" report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-length: 190682 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sun, 03 Dec 2023 11:52:30 GMT expires: Mon, 02 Dec 2024 11:52:30 GMT cache-control: public, max-age=31536000 last-modified: Tue, 14 Nov 2023 05:42:11 GMT content-type: text/javascript vary: Accept-Encoding age: 68408 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	xxxa.work/static/assets/img/favicon.png	172.67.209.49	200 OK	3.9 kB
URL GET HTTP/3 xxxa.work/static/assets/img/favicon.png IP 172.67.209.49:443 ASN #13335 CLOUDFLARENET Requested by https://xxxa.work/download Certificate IssuerLet's Encrypt Subjectxxxa.work FingerprintE9:49:F1:36:52:21:AC:CA:20:4B:E5:84:48:3B:8C:3D:55:C1:80:95 ValidityTue, 21 Nov 2023 14:33:09 GMT - Mon, 19 Feb 2024 14:33:08 GMT File type PNG image data, 32 x 32, 8-bit/color RGB, non-interlaced\012- data Size 3.9 kB (3941 bytes) Hash aa51a6a7828735405b41c51a988ee8b2 cbe4ec532dc3ad929f1317343016dad905f65b6b dacc6d736d194e6d2e476781efe4b01a3a835348a178620bd536fed9250623f4 HTTP Headers GET /static/assets/img/favicon.png HTTP/1.1 Host: xxxa.work User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://xxxa.work/download Cookie: session=eyJfZnJlc2giOmZhbHNlLCJjc3JmX3Rva2VuIjoiNjY0ZDA2MmM1M2ZmMzEyZmU3OTAyYzgxMmU4NjYwMmEzY2E5ZGIxZiJ9.ZW13Mg.eZVjWQ4KJz_63qIXcc2iR3Hvbvc Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Mon, 04 Dec 2023 06:52:38 GMT content-type: image/png content-length: 3941 content-disposition: inline; filename=favicon.png last-modified: Wed, 08 Feb 2023 15:04:46 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FirmPMZOy%2FRHa6LbJH3%2FJgpRC4I9NjYuEAXKa1Pey3mHRjhJ4Ct%2BzHHC6nNR6tabeM5D1i3VgyCBSB%2FBD%2B1OF8ptqQkQ7jaYDiQNvrOm2vOHkmV%2FFB2AdBPoAUo%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 830220aeadaf569f-OSL alt-svc: h3=":443"; ma=86400

	www.google.com/recaptcha/api.js	142.250.74.132	200 OK	4.5 kB
URL GET HTTP/2 www.google.com/recaptcha/api.js IP 142.250.74.132:443 ASN #15169 GOOGLE Requested by https://xxxa.work/download Certificate IssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1 ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT File type gzip compressed data\012- data Size 4.5 kB (4526 bytes) Hash 1e47324813c3c89eb58d62ad23c3fdd2 bcfad39ee48af7ebb337c55b5a1fad2a58e29b9b 0f6e78e1f8ded636fd2bc529b97480c970dd337aeedf4a4aba4544d3e65352ce HTTP Headers `GET /recaptcha/api.js HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://xxxa.work/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK content-type: text/javascript; charset=utf-8 expires: Mon, 04 Dec 2023 06:52:35 GMT date: Mon, 04 Dec 2023 06:52:35 GMT cache-control: private, max-age=300 cross-origin-resource-policy: cross-origin content-encoding: gzip x-content-type-options: nosniff x-frame-options: SAMEORIGIN content-security-policy: frame-ancestors 'self' x-xss-protection: 1; mode=block server: GSE alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2	216.58.207.227	200 OK	15 kB
URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP 216.58.207.227:443 ASN #15169 GOOGLE Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfeyCMUAAAAAPU41Y53AxU65-qYjk_FohFzWyan&co=aHR0cHM6Ly94eHhhLndvcms6NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=p9elsdwhtsc Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data Size 15 kB (15344 bytes) Hash 5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc HTTP Headers GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.google.com DNT: 1 Connection: keep-alive Referer: https://www.google.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15344 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 30 Nov 2023 10:04:07 GMT expires: Fri, 29 Nov 2024 10:04:07 GMT cache-control: public, max-age=31536000 last-modified: Mon, 16 Oct 2017 17:32:55 GMT content-type: font/woff2 age: 334111 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.gstatic.com/recaptcha/api2/logo_48.png	142.250.74.3	200 OK	2.2 kB
URL GET HTTP/3 www.gstatic.com/recaptcha/api2/logo_48.png IP 142.250.74.3:443 ASN #15169 GOOGLE Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfeyCMUAAAAAPU41Y53AxU65-qYjk_FohFzWyan&co=aHR0cHM6Ly94eHhhLndvcms6NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=p9elsdwhtsc Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data Size 2.2 kB (2228 bytes) Hash ef9941290c50cd3866e2ba6b793f010d 4736508c795667dcea21f8d864233031223b7832 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a HTTP Headers GET /recaptcha/api2/logo_48.png HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK accept-ranges: bytes content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha" report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-length: 2228 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 29 Nov 2023 21:37:43 GMT expires: Wed, 06 Dec 2023 21:37:43 GMT cache-control: public, max-age=604800 age: 378895 last-modified: Tue, 03 Mar 2020 20:15:00 GMT content-type: image/png alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js	142.250.74.3	200 OK	191 kB
URL GET HTTP/3 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js IP 142.250.74.3:443 ASN #15169 GOOGLE Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfeyCMUAAAAAPU41Y53AxU65-qYjk_FohFzWyan Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT File type ASCII text, with very long lines (563) Size 191 kB (190682 bytes) Hash 23b9dd721490a4062ba8d01454ef6ba9 efdbb7331585411f7d397dacbf51fd3e95f3031d 4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7 HTTP Headers `GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.google.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha" report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-length: 190682 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sun, 03 Dec 2023 11:52:30 GMT expires: Mon, 02 Dec 2024 11:52:30 GMT cache-control: public, max-age=31536000 last-modified: Tue, 14 Nov 2023 05:42:11 GMT content-type: text/javascript vary: Accept-Encoding age: 68408 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css	142.250.74.3	200 OK	25 kB
URL GET HTTP/3 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css IP 142.250.74.3:443 ASN #15169 GOOGLE Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfeyCMUAAAAAPU41Y53AxU65-qYjk_FohFzWyan&co=aHR0cHM6Ly94eHhhLndvcms6NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=p9elsdwhtsc Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT File type ASCII text, with very long lines (56398), with no line terminators Size 25 kB (24606 bytes) Hash eb4bc511f79f7a1573b45f5775b3a99b d910fb51ad7316aa54f055079374574698e74b35 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 HTTP Headers `GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.google.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes content-encoding: gzip content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha" report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-length: 24606 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sun, 03 Dec 2023 19:06:15 GMT expires: Mon, 02 Dec 2024 19:06:15 GMT cache-control: public, max-age=31536000 last-modified: Tue, 14 Nov 2023 05:42:11 GMT content-type: text/css vary: Accept-Encoding age: 42383 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js	142.250.74.3	200 OK	191 kB
URL GET HTTP/3 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js IP 142.250.74.3:443 ASN #15169 GOOGLE Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfeyCMUAAAAAPU41Y53AxU65-qYjk_FohFzWyan Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT File type ASCII text, with very long lines (563) Size 191 kB (190682 bytes) Hash 23b9dd721490a4062ba8d01454ef6ba9 efdbb7331585411f7d397dacbf51fd3e95f3031d 4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7 HTTP Headers `GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.google.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha" report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-length: 190682 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sun, 03 Dec 2023 11:52:30 GMT expires: Mon, 02 Dec 2024 11:52:30 GMT cache-control: public, max-age=31536000 last-modified: Tue, 14 Nov 2023 05:42:11 GMT content-type: text/javascript vary: Accept-Encoding age: 68408 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	xxxa.work/download	172.67.209.49	200 OK	5.0 kB
URL User Request GET HTTP/2 xxxa.work/download IP 172.67.209.49:443 ASN #13335 CLOUDFLARENET Certificate IssuerLet's Encrypt Subjectxxxa.work FingerprintE9:49:F1:36:52:21:AC:CA:20:4B:E5:84:48:3B:8C:3D:55:C1:80:95 ValidityTue, 21 Nov 2023 14:33:09 GMT - Mon, 19 Feb 2024 14:33:08 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5197), with no line terminators Size 5.0 kB (5035 bytes) Hash f364a5eef5e3576d48d6111a51f867fa 132fc77c1deff7f7dd396584a3b135d43c224f1e 72ea6edd37c94ee7970f67a35de37ef3b43e637c1e50c32500ffd6721f83d126 HTTP Headers `GET /download HTTP/1.1 Host: xxxa.work User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Mon, 04 Dec 2023 06:52:35 GMT content-type: text/html; charset=utf-8 vary: Cookie set-cookie: session=eyJfZnJlc2giOmZhbHNlLCJjc3JmX3Rva2VuIjoiNjY0ZDA2MmM1M2ZmMzEyZmU3OTAyYzgxMmU4NjYwMmEzY2E5ZGIxZiJ9.ZW13Mg.eZVjWQ4KJz_63qIXcc2iR3Hvbvc; HttpOnly; Path=/ cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8NMrGGttzizor65q%2F88jHg%2BZFKwHSDrnI6D3pg%2Bm7%2FSdgZzGMLrXv4Z1NXu6eC2kFPNbicqyihM8Jpd%2BNvHcKyQsTh%2FQFGxDpMv%2FAANAv%2FLgajNz6RqgrHIbI2Q%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 8302209b0fa3b4ed-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	xxxa.work/static/assets/js/plugins/smooth-scrollbar.min.js	172.67.209.49	200 OK	48 kB
URL GET HTTP/3 xxxa.work/static/assets/js/plugins/smooth-scrollbar.min.js IP 172.67.209.49:443 ASN #13335 CLOUDFLARENET Requested by https://xxxa.work/download Certificate IssuerLet's Encrypt Subjectxxxa.work FingerprintE9:49:F1:36:52:21:AC:CA:20:4B:E5:84:48:3B:8C:3D:55:C1:80:95 ValidityTue, 21 Nov 2023 14:33:09 GMT - Mon, 19 Feb 2024 14:33:08 GMT File type Size 48 kB (48446 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /static/assets/js/plugins/smooth-scrollbar.min.js HTTP/1.1 Host: xxxa.work User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://xxxa.work/download Cookie: session=eyJfZnJlc2giOmZhbHNlLCJjc3JmX3Rva2VuIjoiNjY0ZDA2MmM1M2ZmMzEyZmU3OTAyYzgxMmU4NjYwMmEzY2E5ZGIxZiJ9.ZW13Mg.eZVjWQ4KJz_63qIXcc2iR3Hvbvc Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Mon, 04 Dec 2023 06:52:36 GMT content-type: text/javascript; charset=utf-8 content-disposition: inline; filename=smooth-scrollbar.min.js last-modified: Sun, 05 Feb 2023 22:00:00 GMT cache-control: max-age=14400 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8o391P0deaM1kkhPz4VBhvcl3ELipYlvi7ZArtAzEwB0Bj%2Befl1URDyjMhOXFARYu%2FkVwQIo5Vzd3XGmkchqHullP0Fsx7IyvyJLTqJRo2rkOU2uTrS775xDnv4%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 830220a01cf3569f-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	xxxa.work/static/assets/download_page/Thumbs.db	172.67.209.49	200 OK	8.7 kB
URL GET HTTP/3 xxxa.work/static/assets/download_page/Thumbs.db IP 172.67.209.49:443 ASN #13335 CLOUDFLARENET Requested by https://xxxa.work/download Certificate IssuerLet's Encrypt Subjectxxxa.work FingerprintE9:49:F1:36:52:21:AC:CA:20:4B:E5:84:48:3B:8C:3D:55:C1:80:95 ValidityTue, 21 Nov 2023 14:33:09 GMT - Mon, 19 Feb 2024 14:33:08 GMT File type Composite Document File V2 Document, Can't read SAT\012- OLE 2 Compound Document, v3.62, SecID 0x1, 41 FAT sectors, Mini FAT start sector 0x2 : Windows thumbnail database 256\012- data Size 8.7 kB (8688 bytes) Hash 6708672524e04f18aae59f49ad8043ab 5e00c92bdeba301b58d8fd1d1becdd02fdf59568 0147b89bea705f10cb0a1418c20810bbe04f224c03a8eee4a8862f508d37b4fc HTTP Headers GET /static/assets/download_page/Thumbs.db HTTP/1.1 Host: xxxa.work User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://xxxa.work/download Cookie: session=eyJfZnJlc2giOmZhbHNlLCJjc3JmX3Rva2VuIjoiNjY0ZDA2MmM1M2ZmMzEyZmU3OTAyYzgxMmU4NjYwMmEzY2E5ZGIxZiJ9.ZW13Mg.eZVjWQ4KJz_63qIXcc2iR3Hvbvc Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Mon, 04 Dec 2023 06:52:37 GMT content-type: application/octet-stream content-length: 2659840 content-disposition: inline; filename=Thumbs.db last-modified: Tue, 18 Jul 2023 18:25:36 GMT cache-control: no-cache cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dfbv5smYgvkY0R%2FAv%2FQxVS3jL%2B3tF68PnxMjWNr2o2Cw3rkXm1buHZ1VAXrGdrm%2BU3MtekaBy6N%2FSDbfsoOcr85fV1BkmpgWyVRpznRoU7gZ0urtxre4BmuUn38%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 830220adad22569f-OSL alt-svc: h3=":443"; ma=86400

	xxxa.work/static/assets/css/argon-dashboard.css?v=2.0.4	172.67.209.49	200 OK	509 kB
URL GET HTTP/3 xxxa.work/static/assets/css/argon-dashboard.css?v=2.0.4 IP 172.67.209.49:443 ASN #13335 CLOUDFLARENET Requested by https://xxxa.work/download Certificate IssuerLet's Encrypt Subjectxxxa.work FingerprintE9:49:F1:36:52:21:AC:CA:20:4B:E5:84:48:3B:8C:3D:55:C1:80:95 ValidityTue, 21 Nov 2023 14:33:09 GMT - Mon, 19 Feb 2024 14:33:08 GMT File type ASCII text, with very long lines (560), with CRLF line terminators Size 509 kB (509380 bytes) Hash 00c8b1f970b96c82bdee7b36932ebf16 7ad2183dbe4d8117ddc540a575cedf6c9e493a2b c1a5d3d2d1591b434b96746c06b2a9c713c9f33a875f3d7dc05a235ba19623e5 HTTP Headers GET /static/assets/css/argon-dashboard.css?v=2.0.4 HTTP/1.1 Host: xxxa.work User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://xxxa.work/download Cookie: session=eyJfZnJlc2giOmZhbHNlLCJjc3JmX3Rva2VuIjoiNjY0ZDA2MmM1M2ZmMzEyZmU3OTAyYzgxMmU4NjYwMmEzY2E5ZGIxZiJ9.ZW13Mg.eZVjWQ4KJz_63qIXcc2iR3Hvbvc Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Mon, 04 Dec 2023 06:52:37 GMT content-type: text/css; charset=utf-8 content-disposition: inline; filename=argon-dashboard.css last-modified: Sat, 18 Mar 2023 12:40:30 GMT cache-control: max-age=14400 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mz%2BpOBximgpEJ5xaRs4TfCQRNgUc%2FakPLj0hcwf%2BvuxlAQ4IY1Evlc%2F1%2FMFxD20Ow4%2F%2FAQ4NOckUkX3H3wKAnRaE9xbKZRbJ1vYpi69ap3UMNRJBzQw%2Fl1gwLbA%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 830220a00ce7569f-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	xxxa.work/cdn-cgi/challenge-platform/scripts/jsd/main.js	172.67.209.49	302 Found	7.4 kB
URL GET HTTP/3 xxxa.work/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 172.67.209.49:443 ASN #13335 CLOUDFLARENET Requested by https://xxxa.work/download Certificate IssuerLet's Encrypt Subjectxxxa.work FingerprintE9:49:F1:36:52:21:AC:CA:20:4B:E5:84:48:3B:8C:3D:55:C1:80:95 ValidityTue, 21 Nov 2023 14:33:09 GMT - Mon, 19 Feb 2024 14:33:08 GMT File type Size 7.4 kB (7389 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1 Host: xxxa.work User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: session=eyJfZnJlc2giOmZhbHNlLCJjc3JmX3Rva2VuIjoiNjY0ZDA2MmM1M2ZmMzEyZmU3OTAyYzgxMmU4NjYwMmEzY2E5ZGIxZiJ9.ZW13Mg.eZVjWQ4KJz_63qIXcc2iR3Hvbvc Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 302 Found date: Mon, 04 Dec 2023 06:52:37 GMT access-control-allow-origin: * location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js cache-control: max-age=300, public vary: accept-encoding report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=96nUJF1Posmm0VfqoxUuuAaNfVyjsxr0%2BY9KBRIv7zxWxz%2BJXT9OKPdtrIzLZelZ%2Fmz5Ltdwi9PNRN7toaeMxVCWMUO8%2FrkNshx5x0vLw7KhBvgSaGCUS0Bwzos%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 830220ae1d58569f-OSL alt-svc: h3=":443"; ma=86400

	xxxa.work/static/assets/css/nucleo-svg.css	172.67.209.49	200 OK	2.4 kB
URL GET HTTP/3 xxxa.work/static/assets/css/nucleo-svg.css IP 172.67.209.49:443 ASN #13335 CLOUDFLARENET Requested by https://xxxa.work/download Certificate IssuerLet's Encrypt Subjectxxxa.work FingerprintE9:49:F1:36:52:21:AC:CA:20:4B:E5:84:48:3B:8C:3D:55:C1:80:95 ValidityTue, 21 Nov 2023 14:33:09 GMT - Mon, 19 Feb 2024 14:33:08 GMT File type ASCII text, with very long lines (2655), with no line terminators Size 2.4 kB (2387 bytes) Hash 621b13e3a4bc9ed975f2009b033c8aac ddc9a2a416ff4ce65701bc0ac5e04b6b3cd0d992 c45fbdab83c07e263b14029d1ad6c48168a28347c0b3cec302991b8c60dd6a82 HTTP Headers GET /static/assets/css/nucleo-svg.css HTTP/1.1 Host: xxxa.work User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://xxxa.work/download Cookie: session=eyJfZnJlc2giOmZhbHNlLCJjc3JmX3Rva2VuIjoiNjY0ZDA2MmM1M2ZmMzEyZmU3OTAyYzgxMmU4NjYwMmEzY2E5ZGIxZiJ9.ZW13Mg.eZVjWQ4KJz_63qIXcc2iR3Hvbvc Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Mon, 04 Dec 2023 06:52:35 GMT content-type: text/css; charset=utf-8 content-disposition: inline; filename=nucleo-svg.css last-modified: Sun, 05 Feb 2023 21:59:56 GMT cache-control: max-age=14400 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DgL1s4DUzGQEWizdzJe9BKr29%2BcRAJd%2BHLnXdw10FFgNCawp%2BKrQzgQZAg0%2BkSBbndOWCkfJwznw9Vp9RUv2WOa7C10z19dkKshPqKzjjXlUaoZmVApMHNBfbaA%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 830220a00ce4569f-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	xxxa.work/static/assets/js/argon-dashboard.min.js?v=2.0.4	172.67.209.49	200 OK	16 kB
URL GET HTTP/3 xxxa.work/static/assets/js/argon-dashboard.min.js?v=2.0.4 IP 172.67.209.49:443 ASN #13335 CLOUDFLARENET Requested by https://xxxa.work/download Certificate IssuerLet's Encrypt Subjectxxxa.work FingerprintE9:49:F1:36:52:21:AC:CA:20:4B:E5:84:48:3B:8C:3D:55:C1:80:95 ValidityTue, 21 Nov 2023 14:33:09 GMT - Mon, 19 Feb 2024 14:33:08 GMT File type ASCII text, with very long lines (16051), with CRLF line terminators Size 16 kB (16126 bytes) Hash d42743053bf634bb92f56b06e0fa5eb1 1e14bc8f90458deaa41c6a50fc8f045eefbc6615 1f5d39ff1ee8eaefeba688ac3ca71184022b0f17c9a5adef7be2e08f35ec011e HTTP Headers GET /static/assets/js/argon-dashboard.min.js?v=2.0.4 HTTP/1.1 Host: xxxa.work User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://xxxa.work/download Cookie: session=eyJfZnJlc2giOmZhbHNlLCJjc3JmX3Rva2VuIjoiNjY0ZDA2MmM1M2ZmMzEyZmU3OTAyYzgxMmU4NjYwMmEzY2E5ZGIxZiJ9.ZW13Mg.eZVjWQ4KJz_63qIXcc2iR3Hvbvc Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Mon, 04 Dec 2023 06:52:36 GMT content-type: text/javascript; charset=utf-8 content-disposition: inline; filename=argon-dashboard.min.js last-modified: Sun, 05 Feb 2023 21:59:58 GMT cache-control: max-age=14400 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ptcBNLp8iPXNi3QdY118%2BYBYAAPp3F34qe6ifmWn24U8cBsLXALkEhNN4Bb6MNn3RI2kWb17vBy92EoSLSggFh71IzvrYIa1Dq%2BDlT8IVD2k6eXcc0hwV2CKDHs%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 830220a01cf4569f-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=42d5adcbca	172.64.204.20	200 OK	60 kB
URL GET HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=42d5adcbca IP 172.64.204.20:443 ASN #13335 CLOUDFLARENET Requested by https://xxxa.work/download Certificate IssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com FingerprintBC:9B:12:21:8D:67:FE:B5:D3:76:65:FC:D3:F7:91:AE:B4:65:CA:81 ValidityWed, 08 Nov 2023 07:11:36 GMT - Tue, 06 Feb 2024 07:11:35 GMT File type ASCII text, with very long lines (60130) Size 60 kB (60312 bytes) Hash a12ec7ebe75a4d59a5dd6b79e2ba2e16 28f5dcc595ee6d4163481ef64170180502c8629b fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda HTTP Headers `GET /releases/v5.15.4/css/free.min.css?token=42d5adcbca HTTP/1.1 Host: ka-f.fontawesome.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://xxxa.work/ Origin: https://xxxa.work DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Mon, 04 Dec 2023 06:52:35 GMT content-type: text/css access-control-allow-origin: * access-control-allow-methods: GET access-control-max-age: 3000 last-modified: Wed, 04 Aug 2021 18:53:09 GMT etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16" cache-control: max-age=31556926 access-control-allow-headers: fa-kit-token vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 cdd8daeefcf66738f6e908663e79c33e.cloudfront.net (CloudFront) x-amz-cf-pop: LHR50-P1 x-amz-cf-id: 3HefLv3C26IIfXjy3KNGlhzA5bToCGJdf0lqOcofxAAorFElGKdi7Q== cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8XzH0ZMfl5IiDVCWgpuawZX1VfWmlL3BoU3oITi7URa305KI4JnrhWS7HZCW68P2UVLnH16sgeXjXBPd4pmp8tuUB02sWVUX9wVdovfti6aYq95HiQMTvWrhtZYwDqpD3P4KwhbMA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 830220a4ae167463-LHR content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	xxxa.work/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js	172.67.209.49	200 OK	7.4 kB
URL GET HTTP/3 xxxa.work/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js IP 172.67.209.49:443 ASN #13335 CLOUDFLARENET Requested by https://xxxa.work/download Certificate IssuerLet's Encrypt Subjectxxxa.work FingerprintE9:49:F1:36:52:21:AC:CA:20:4B:E5:84:48:3B:8C:3D:55:C1:80:95 ValidityTue, 21 Nov 2023 14:33:09 GMT - Mon, 19 Feb 2024 14:33:08 GMT File type ASCII text, with very long lines (7389), with no line terminators Size 7.4 kB (7389 bytes) Hash 135a2be6cc05a2260b4e673f276eb5b8 f11ef04ba292ffa157c1d70e32d641e5827ee34d 85edc147630709fea920ddac38fb3b4b36111ee4cf10c94f9e67526c128f4d94 HTTP Headers GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js HTTP/1.1 Host: xxxa.work User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: session=eyJfZnJlc2giOmZhbHNlLCJjc3JmX3Rva2VuIjoiNjY0ZDA2MmM1M2ZmMzEyZmU3OTAyYzgxMmU4NjYwMmEzY2E5ZGIxZiJ9.ZW13Mg.eZVjWQ4KJz_63qIXcc2iR3Hvbvc Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Mon, 04 Dec 2023 06:52:37 GMT content-type: application/javascript; charset=UTF-8 cache-control: max-age=14400, public x-content-type-options: nosniff vary: accept-encoding report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wk0GVelWGRGWvEsfKti0Hu40k%2BDl%2FEQzJo082gkA1dhz31aLuesyx0gniofzC%2Ft3T4LO6e9cOTm46527Z75U%2FPSB5qNjU6S09qPgVzSd4%2FG6Xkk8J2YXJk19l8%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 830220ae3d72569f-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfeyCMUAAAAAPU41Y53AxU65-qYjk_FohFzWyan	142.250.74.132	200 OK	7.3 kB
URL GET HTTP/3 www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfeyCMUAAAAAPU41Y53AxU65-qYjk_FohFzWyan IP 142.250.74.132:443 ASN #15169 GOOGLE Requested by https://xxxa.work/download Certificate IssuerGoogle Trust Services LLC Subject.google.com Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95 ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7483), with no line terminators Size 7.3 kB (7252 bytes) Hash 20590ddb020f9de89ae3fa5e3a532cd8 301b1b4453c01734132717d0e3104119651fadef bcaab0e5b60cd5a4328181e3ee115a2e6098eadaeb854e12bd7aab2636ffe9fd HTTP Headers GET /recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfeyCMUAAAAAPU41Y53AxU65-qYjk_FohFzWyan HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://xxxa.work/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK content-type: text/html; charset=utf-8 cross-origin-resource-policy: cross-origin cross-origin-embedder-policy: require-corp report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Mon, 04 Dec 2023 06:52:38 GMT content-security-policy: script-src 'nonce-kLrLId5KobwrfmgHASDqeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding: gzip x-content-type-options: nosniff x-xss-protection: 1; mode=block server: GSE alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	xxxa.work/static/assets/js/core/bootstrap.min.js	172.67.209.49	200 OK	60 kB
URL GET HTTP/3 xxxa.work/static/assets/js/core/bootstrap.min.js IP 172.67.209.49:443 ASN #13335 CLOUDFLARENET Requested by https://xxxa.work/download Certificate IssuerLet's Encrypt Subjectxxxa.work FingerprintE9:49:F1:36:52:21:AC:CA:20:4B:E5:84:48:3B:8C:3D:55:C1:80:95 ValidityTue, 21 Nov 2023 14:33:09 GMT - Mon, 19 Feb 2024 14:33:08 GMT File type ASCII text, with very long lines (59770), with CRLF line terminators Size 60 kB (60018 bytes) Hash 566a14b1d43bf79686cd3984c00e8008 323b35b7c55597bc95448694bbdeaaf6863418c0 3a98ab794c90fed2c629d7d62801f5289e7334f45176fd3b41801dca25bdb835 HTTP Headers GET /static/assets/js/core/bootstrap.min.js HTTP/1.1 Host: xxxa.work User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://xxxa.work/download Cookie: session=eyJfZnJlc2giOmZhbHNlLCJjc3JmX3Rva2VuIjoiNjY0ZDA2MmM1M2ZmMzEyZmU3OTAyYzgxMmU4NjYwMmEzY2E5ZGIxZiJ9.ZW13Mg.eZVjWQ4KJz_63qIXcc2iR3Hvbvc Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Mon, 04 Dec 2023 06:52:36 GMT content-type: text/javascript; charset=utf-8 content-disposition: inline; filename=bootstrap.min.js last-modified: Sun, 05 Feb 2023 21:59:58 GMT cache-control: max-age=14400 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=omKRjQxV4Kpu2u%2FHGttGk%2FfdM0myIoGXQww9da3eBXezq3EzZsqt9AjKN2U6VqKlS68186audiOFYBNDXHxUgBo3QEpWobYHO7N6%2BLOWwjbYfG0lFVPEHCpevZY%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 830220a01cf1569f-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	xxxa.work/static/assets/js/plugins/perfect-scrollbar.min.js	172.67.209.49	200 OK	19 kB
URL GET HTTP/3 xxxa.work/static/assets/js/plugins/perfect-scrollbar.min.js IP 172.67.209.49:443 ASN #13335 CLOUDFLARENET Requested by https://xxxa.work/download Certificate IssuerLet's Encrypt Subjectxxxa.work FingerprintE9:49:F1:36:52:21:AC:CA:20:4B:E5:84:48:3B:8C:3D:55:C1:80:95 ValidityTue, 21 Nov 2023 14:33:09 GMT - Mon, 19 Feb 2024 14:33:08 GMT File type ASCII text, with very long lines (8460), with CRLF line terminators Size 19 kB (19430 bytes) Hash b28fb90dcfec8c00c701f00b83ca4a5d d2c413ebe4635d68d9df80a646e0c60ba6af226e 52f16f55116ccb47164e19c3f782cfac476801d61d76e2c60795d38229ae4fe4 HTTP Headers GET /static/assets/js/plugins/perfect-scrollbar.min.js HTTP/1.1 Host: xxxa.work User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://xxxa.work/download Cookie: session=eyJfZnJlc2giOmZhbHNlLCJjc3JmX3Rva2VuIjoiNjY0ZDA2MmM1M2ZmMzEyZmU3OTAyYzgxMmU4NjYwMmEzY2E5ZGIxZiJ9.ZW13Mg.eZVjWQ4KJz_63qIXcc2iR3Hvbvc Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Mon, 04 Dec 2023 06:52:36 GMT content-type: text/javascript; charset=utf-8 content-disposition: inline; filename=perfect-scrollbar.min.js last-modified: Sun, 05 Feb 2023 22:00:00 GMT cache-control: max-age=14400 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2mGWVIRuETqzRliKLsdGDyul2Uql2EHFQjX2epEG2VBdyfgBXETYbJgCJADtdTXGJMYnm%2BpjwgItuLTd04FepZWi7Wj4Z0ESDCscjs9Q3Nr4Q%2FjQ1LyV8PVUOJM%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 830220a01cf2569f-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	xxxa.work/static/assets/img/apple-icon.png	172.67.209.49	200 OK	4.0 kB
URL GET HTTP/3 xxxa.work/static/assets/img/apple-icon.png IP 172.67.209.49:443 ASN #13335 CLOUDFLARENET Requested by https://xxxa.work/download Certificate IssuerLet's Encrypt Subjectxxxa.work FingerprintE9:49:F1:36:52:21:AC:CA:20:4B:E5:84:48:3B:8C:3D:55:C1:80:95 ValidityTue, 21 Nov 2023 14:33:09 GMT - Mon, 19 Feb 2024 14:33:08 GMT File type PNG image data, 32 x 32, 8-bit/color RGB, non-interlaced\012- data Size 4.0 kB (3971 bytes) Hash d8d07baf4a26f81cb256c87ececcc7eb 634a7cad96310eef4f5fde1a3af5815068cfef7f d19f0ee6b3585ebd65cf3e753685779d15ca1dca9b7fb75759719e239cf9dbf4 HTTP Headers GET /static/assets/img/apple-icon.png HTTP/1.1 Host: xxxa.work User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://xxxa.work/download Cookie: session=eyJfZnJlc2giOmZhbHNlLCJjc3JmX3Rva2VuIjoiNjY0ZDA2MmM1M2ZmMzEyZmU3OTAyYzgxMmU4NjYwMmEzY2E5ZGIxZiJ9.ZW13Mg.eZVjWQ4KJz_63qIXcc2iR3Hvbvc Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Mon, 04 Dec 2023 06:52:38 GMT content-type: image/png content-length: 3971 content-disposition: inline; filename=apple-icon.png last-modified: Wed, 08 Feb 2023 15:04:46 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yneqYZSF3DNYIoT8pcjJDeSdZOEZy2136v8I0N28JeDTD5iLbNM7NJ4prMkXadHsoO7hheGsGwvHdgrGhgxScUJnjUAP8YNwu88AFYxWbLppzAU0buT%2Flv2dYUo%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 830220aeadae569f-OSL alt-svc: h3=":443"; ma=86400

	xxxa.work/cdn-cgi/challenge-platform/h/b/jsd/r/8302209b0fa3b4ed	172.67.209.49	200 OK	0 B
URL POST HTTP/3 xxxa.work/cdn-cgi/challenge-platform/h/b/jsd/r/8302209b0fa3b4ed IP 172.67.209.49:443 ASN #13335 CLOUDFLARENET Requested by https://xxxa.work/download Certificate IssuerLet's Encrypt Subjectxxxa.work FingerprintE9:49:F1:36:52:21:AC:CA:20:4B:E5:84:48:3B:8C:3D:55:C1:80:95 ValidityTue, 21 Nov 2023 14:33:09 GMT - Mon, 19 Feb 2024 14:33:08 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /cdn-cgi/challenge-platform/h/b/jsd/r/8302209b0fa3b4ed HTTP/1.1 Host: xxxa.work User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 12177 Origin: https://xxxa.work DNT: 1 Connection: keep-alive Referer: https://xxxa.work/download Cookie: session=eyJfZnJlc2giOmZhbHNlLCJjc3JmX3Rva2VuIjoiNjY0ZDA2MmM1M2ZmMzEyZmU3OTAyYzgxMmU4NjYwMmEzY2E5ZGIxZiJ9.ZW13Mg.eZVjWQ4KJz_63qIXcc2iR3Hvbvc Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Mon, 04 Dec 2023 06:52:37 GMT content-type: text/plain; charset=UTF-8 set-cookie: cf_clearance=xeNZdBD4fB7gia9prKgOqr9Y5GZc.HQl48i2lZ3HrY8-1701672757-0-1-730ca2d2.73a07051.5b213570-0.2.1701672757; path=/; expires=Tue, 03-Dec-24 06:52:37 GMT; domain=.xxxa.work; HttpOnly; Secure; SameSite=None report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wy8LVoVJbYCMCuj6Fcs9WItspMS6pwdyKAuIKkr91LCVI5pK6t%2BPpeYnPqPnS0KZJjLeZxjPrEC%2FeIBdKBas6UC5R6wXg1L5irtfb%2F1kblwo0jWJrjhDyjfwfdg%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 830220af5e11569f-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	kit.fontawesome.com/42d5adcbca.js	172.64.147.188	200 OK	12 kB
URL GET HTTP/2 kit.fontawesome.com/42d5adcbca.js IP 172.64.147.188:443 ASN #13335 CLOUDFLARENET Requested by https://xxxa.work/download Certificate IssuerDigiCert Inc Subject.fontawesome.com Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT File type ASCII text, with very long lines (11461) Size 12 kB (11892 bytes) Hash 76d889c487dfda7b9cc4c771cd78ff08 c9a41cf90152956e8aba6122bd9b8d1a2bc8d916 6dc03394c410b465031aaf12d8d4e3595633c006f79c30956f2c266a52be4dda HTTP Headers `GET /42d5adcbca.js HTTP/1.1 Host: kit.fontawesome.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://xxxa.work DNT: 1 Connection: keep-alive Referer: https://xxxa.work/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Mon, 04 Dec 2023 06:52:35 GMT content-type: text/javascript access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token access-control-allow-methods: GET, OPTIONS access-control-allow-origin: * access-control-max-age: 3000 cache-control: max-age=60, public, stale-while-revalidate=30 vary: origin, accept-encoding, access-control-request-headers, access-control-request-method x-request-id: F52OWucqV5POm9SXohBB cf-cache-status: MISS server: cloudflare cf-ray: 830220a02dd956bf-OSL content-encoding: gzip X-Firefox-Spdy: h2

	ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=42d5adcbca	172.64.204.20	200 OK	3.0 kB
URL GET HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=42d5adcbca IP 172.64.204.20:443 ASN #13335 CLOUDFLARENET Requested by https://xxxa.work/download Certificate IssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com FingerprintBC:9B:12:21:8D:67:FE:B5:D3:76:65:FC:D3:F7:91:AE:B4:65:CA:81 ValidityWed, 08 Nov 2023 07:11:36 GMT - Tue, 06 Feb 2024 07:11:35 GMT File type ASCII text, with very long lines (3007), with no line terminators Size 3.0 kB (2956 bytes) Hash 164aeedbf1c90c5467de5320f9f2d89e 63fdf9f59785c7b84dc82523cc76d81773e9c60b 676748e7bec72f0310e785f353d6b9e33305b577b57a08c57f98d1ce9e77ed25 HTTP Headers `GET /releases/v5.15.4/css/free-v4-font-face.min.css?token=42d5adcbca HTTP/1.1 Host: ka-f.fontawesome.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://xxxa.work/ Origin: https://xxxa.work DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Mon, 04 Dec 2023 06:52:35 GMT content-type: text/css access-control-allow-origin: * access-control-allow-methods: GET access-control-max-age: 3000 last-modified: Wed, 04 Aug 2021 18:53:09 GMT etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59" cache-control: max-age=31556926 access-control-allow-headers: fa-kit-token vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 76cca2ef798b9dc955bb151bf3bff218.cloudfront.net (CloudFront) x-amz-cf-pop: LHR50-P1 x-amz-cf-id: UEedjsY_YTPrpJ1L2dgDBSsJwb1vgikXTcuK03qS_za2uvK-CgOjIw== cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJaVZjGbAdTLe3N9Fhyk6EONJiP5%2FvQJ7ipdVeQAsOR3qSiESSwNSmtYDlIALKEooUtu5mNduqjdcwyW9WEZ0%2Fp09Ymv2iVaB9dcqWd6vr12oEL1mENTWHJz2ZRvJTX3P78Zlp1JrQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 830220a4be197463-LHR content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LfeyCMUAAAAAPU41Y53AxU65-qYjk_FohFzWyan&co=aHR0cHM6Ly94eHhhLndvcms6NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=p9elsdwhtsc	142.250.74.132	200 OK	62 kB
URL GET HTTP/3 www.google.com/recaptcha/api2/anchor?ar=1&k=6LfeyCMUAAAAAPU41Y53AxU65-qYjk_FohFzWyan&co=aHR0cHM6Ly94eHhhLndvcms6NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=p9elsdwhtsc IP 142.250.74.132:443 ASN #15169 GOOGLE Requested by https://xxxa.work/download Certificate IssuerGoogle Trust Services LLC Subject.google.com Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95 ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (53693) Size 62 kB (62218 bytes) Hash af7b5b8d697a1a230a48235c91f440f6 a24e0549a8b8ad0c2a524088e5504fe6defe1330 6c3ded21772630fab1b5b0fb73b89e9a54d04f12071905a74a26db371859c1a5 HTTP Headers GET /recaptcha/api2/anchor?ar=1&k=6LfeyCMUAAAAAPU41Y53AxU65-qYjk_FohFzWyan&co=aHR0cHM6Ly94eHhhLndvcms6NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=p9elsdwhtsc HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://xxxa.work/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK content-type: text/html; charset=utf-8 cross-origin-resource-policy: cross-origin cross-origin-embedder-policy: require-corp report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Mon, 04 Dec 2023 06:52:37 GMT content-security-policy: script-src 'nonce-9kH94xCwm0TJAdT4ETpmrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding: gzip x-content-type-options: nosniff x-xss-protection: 1; mode=block server: GSE alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed	142.250.74.132	200 OK	102 B
URL GET HTTP/3 www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed IP 142.250.74.132:443 ASN #15169 GOOGLE Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfeyCMUAAAAAPU41Y53AxU65-qYjk_FohFzWyan&co=aHR0cHM6Ly94eHhhLndvcms6NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=p9elsdwhtsc Certificate IssuerGoogle Trust Services LLC Subject.google.com Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95 ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT File type ASCII text, with no line terminators Size 102 B (102 bytes) Hash b581f6e6ac7eb4d572233bdd384918f8 12a90cd14cfea2286982801538560f638670eaff b62f36160407c81030404ab242125afd42fa0da6626ef11e5f406dda12acf144 HTTP Headers GET /recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfeyCMUAAAAAPU41Y53AxU65-qYjk_FohFzWyan&co=aHR0cHM6Ly94eHhhLndvcms6NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=p9elsdwhtsc Sec-Fetch-Dest: worker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK content-type: text/javascript; charset=utf-8 cross-origin-embedder-policy: require-corp report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires: Mon, 04 Dec 2023 06:52:38 GMT date: Mon, 04 Dec 2023 06:52:38 GMT cache-control: private, max-age=300 content-encoding: gzip x-content-type-options: nosniff x-frame-options: SAMEORIGIN content-security-policy: frame-ancestors 'self' x-xss-protection: 1; mode=block server: GSE alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	fonts.googleapis.com/css?family=Open+Sans:300,400,600,700	142.250.74.106	200 OK	11 kB
URL GET HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,400,600,700 IP 142.250.74.106:443 ASN #15169 GOOGLE Requested by https://xxxa.work/download Certificate IssuerGoogle Trust Services LLC Subjectupload.video.google.com FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42 ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT File type ASCII text Size 11 kB (11008 bytes) Hash 913a405cc0fe7aff9fdf74a52e76d9b5 15e43177f3e5d516836ff707568651bc09b6319d 575bbbf8b2076fd27f1020084ed48b141c1045ad0165c4154643bc1ae0476a65 HTTP Headers `GET /css?family=Open+Sans:300,400,600,700 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://xxxa.work/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Mon, 04 Dec 2023 06:52:35 GMT date: Mon, 04 Dec 2023 06:52:35 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	xxxa.work/static/assets/js/core/popper.min.js	172.67.209.49	200 OK	20 kB
URL GET HTTP/3 xxxa.work/static/assets/js/core/popper.min.js IP 172.67.209.49:443 ASN #13335 CLOUDFLARENET Requested by https://xxxa.work/download Certificate IssuerLet's Encrypt Subjectxxxa.work FingerprintE9:49:F1:36:52:21:AC:CA:20:4B:E5:84:48:3B:8C:3D:55:C1:80:95 ValidityTue, 21 Nov 2023 14:33:09 GMT - Mon, 19 Feb 2024 14:33:08 GMT File type ASCII text, with very long lines (19678), with CRLF line terminators Size 20 kB (19731 bytes) Hash 8ad5a4459800325ed64b5c360b123e02 a3464a5493ddd215c075801d20c4bf0be0cc7684 2ab8897a2d0471a8d9a40ed0b29a051287c98248f4232584bd0f39352bf18f0c HTTP Headers GET /static/assets/js/core/popper.min.js HTTP/1.1 Host: xxxa.work User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://xxxa.work/download Cookie: session=eyJfZnJlc2giOmZhbHNlLCJjc3JmX3Rva2VuIjoiNjY0ZDA2MmM1M2ZmMzEyZmU3OTAyYzgxMmU4NjYwMmEzY2E5ZGIxZiJ9.ZW13Mg.eZVjWQ4KJz_63qIXcc2iR3Hvbvc Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Mon, 04 Dec 2023 06:52:36 GMT content-type: text/javascript; charset=utf-8 content-disposition: inline; filename=popper.min.js last-modified: Sun, 05 Feb 2023 21:59:58 GMT cache-control: max-age=14400 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4QeutIvLsPm%2F8pRzvKIf00zEs4aSyzGfGyDnDhRj%2FS%2FD0OqPAjOTUWlv%2Byg%2F9OIxdGvrftbufcWJuckIaqToCymJL0Rew50hM6r8%2BD7qhY1IdCWiSXt8v1EiA%2FI%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 830220a01cea569f-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=42d5adcbca	172.64.204.20	200 OK	27 kB
URL GET HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=42d5adcbca IP 172.64.204.20:443 ASN #13335 CLOUDFLARENET Requested by https://xxxa.work/download Certificate IssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com FingerprintBC:9B:12:21:8D:67:FE:B5:D3:76:65:FC:D3:F7:91:AE:B4:65:CA:81 ValidityWed, 08 Nov 2023 07:11:36 GMT - Tue, 06 Feb 2024 07:11:35 GMT File type ASCII text, with very long lines (26500) Size 27 kB (26682 bytes) Hash 76f34b71fc9fb641507ff6a822cc07f5 73ed2f8f21cd40fb496e61306acbb5849d4dbff4 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8 HTTP Headers `GET /releases/v5.15.4/css/free-v4-shims.min.css?token=42d5adcbca HTTP/1.1 Host: ka-f.fontawesome.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://xxxa.work/ Origin: https://xxxa.work DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Mon, 04 Dec 2023 06:52:35 GMT content-type: text/css access-control-allow-origin: * access-control-allow-methods: GET access-control-max-age: 3000 last-modified: Wed, 04 Aug 2021 18:53:09 GMT etag: W/"76f34b71fc9fb641507ff6a822cc07f5" cache-control: max-age=31556926 access-control-allow-headers: fa-kit-token vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 329cb27be8d7871661ed5a94ecaacb28.cloudfront.net (CloudFront) x-amz-cf-pop: LHR50-P1 x-amz-cf-id: 5ZUwidjoh1sABTJYj0ZtuqwF4FQ9PRDmUn9ipY4gs8ihjctYWmv9ww== cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4%2B08Yl%2BNtznfsiWtfV96IdV6J2N2J98wWYlWPaVptQiaDqAAhipvaShRLUU%2FiDK2LzdurTYA%2BH87DQWI%2F5g2oEWGQgc5oOIW38Jmzg1f28%2BEGHGfPiHMJ2HoeAQadma5oonLwLIRg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 830220a4be1b7463-LHR content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash