| usaupload.com/5zse/ganpower.7z?download_token=a5bc426bb3dd7174b3784c5df16d7dfba18fbeff222c84cc0f2129f96bb776bb | 65.109.18.14 | 301 Moved Permanently | 162 B |
URL HTTP/1.1usaupload.com/5zse/ganpower.7z?download_token=a5bc426bb3dd7174b3784c5df16d7dfba18fbeff222c84cc0f2129f96bb776bb IP 65.109.18.14:0
ASN#24940 Hetzner Online GmbH
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /5zse/ganpower.7z?download_token=a5bc426bb3dd7174b3784c5df16d7dfba18fbeff222c84cc0f2129f96bb776bb HTTP/1.1
Host: usaupload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 24 Dec 2022 16:46:03 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://usaupload.com/5zse/ganpower.7z?download_token=a5bc426bb3dd7174b3784c5df16d7dfba18fbeff222c84cc0f2129f96bb776bb
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP 23.33.119.27:0
ASN#20940 Akamai International B.V.
Hash7e300ca7d2d586dd1ca0c185ef6b0da5 3914cfd3b7aa6e1d1117bf509319479e489ed2a4 91c8810ad137faf4393f7d15f9c619c06d124a7aaebfa21290dca614db2c7757
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "91C8810AD137FAF4393F7D15F9C619C06D124A7AAEBFA21290DCA614DB2C7757"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12195
Expires: Sat, 24 Dec 2022 20:09:18 GMT
Date: Sat, 24 Dec 2022 16:46:03 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP 23.33.119.27:0
ASN#20940 Akamai International B.V.
Hashd6a971d765338f107fe9d2c67fa4bbdf a72bdf191446a37fa0420cc9d7c087aaff757cd6 dc5291c136b0b81621a02679a31f6b7c852e2803429d54c2a9afcc8edf031328
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC5291C136B0B81621A02679A31F6B7C852E2803429D54C2A9AFCC8EDF031328"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10992
Expires: Sat, 24 Dec 2022 19:49:15 GMT
Date: Sat, 24 Dec 2022 16:46:03 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP 23.33.119.27:0
ASN#20940 Akamai International B.V.
Hash6b1d63d9d906daa309dc263b4991bbe9 04680ddd86781d46dfe6a9671571b3ad1f3758f3 46fff7230b88de4cd81dfb0feb783d2dec27e49041f9257d2fb891030781bf6c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46FFF7230B88DE4CD81DFB0FEB783D2DEC27E49041F9257D2FB891030781BF6C"
Last-Modified: Fri, 23 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4740
Expires: Sat, 24 Dec 2022 18:05:03 GMT
Date: Sat, 24 Dec 2022 16:46:03 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashdcd75ca6daca51c5e39d431468511793 07f76d3bf23d65c9110d810fa71a994e39e085d3 73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 24 Dec 2022 16:34:54 GMT
content-type: application/json
age: 669
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain IP 34.160.144.191:0
File typePEM certificate\012- , ASCII text Hashb1fcd419a4245617397846e8d17233f6 2a037ce244587640b27ead9a0ec2af4f862d91b2 e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: z2pPg0Sv2qQJ7WHOfZm43o+1gVib7TPnMeOGK2kEeEK2xH6vDVrj5olQIjRMrS+qxKJnCiGdUmUhIHnpmDnUeA==
x-amz-request-id: HET00EJ46HKKAJD5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 24 Dec 2022 15:54:32 GMT
age: 3091
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 16:46:03 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| usaupload.com/themes/spirit/assets/frontend/css/bootstrap.min.css | 65.109.18.14 | 200 OK | 77 kB |
URL HTTP/2usaupload.com/themes/spirit/assets/frontend/css/bootstrap.min.css IP 65.109.18.14:0
ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (65324) Hashbc48830f50049b0cbbe3dd417755a347 e5cdb6545f9b4bce4eeda78f64a714e2de4d0e09 7d56baeec9679114562cdc56d3f28cb9a43263cada11b1f64809851e7a8b1419
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /themes/spirit/assets/frontend/css/bootstrap.min.css HTTP/1.1
Host: usaupload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usaupload.com/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=nfjvornfooohfeaq9ct9akre32
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 16:46:04 GMT
content-type: text/css
content-length: 76917
last-modified: Mon, 28 Sep 2020 14:26:44 GMT
etag: "5f71f2a4-12c75"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| usaupload.com/themes/spirit/assets/frontend/css/stack-interface.css | 65.109.18.14 | 200 OK | 3.1 kB |
URL HTTP/2usaupload.com/themes/spirit/assets/frontend/css/stack-interface.css IP 65.109.18.14:0
ASN#24940 Hetzner Online GmbH
Hash6406d626f8bfc1e6815698bfecf9a2f8 a918901be3ab1b9bb4ce9980db521eb4731bb82b f620d1bf10d3f45a7b19edd4f863090c5dd5031411918508493634c4018e81b7
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /themes/spirit/assets/frontend/css/stack-interface.css HTTP/1.1
Host: usaupload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usaupload.com/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=nfjvornfooohfeaq9ct9akre32
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 16:46:04 GMT
content-type: text/css
content-length: 3082
last-modified: Mon, 28 Sep 2020 14:26:44 GMT
etag: "5f71f2a4-c0a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| usaupload.com/themes/spirit/assets/frontend/css/socicon.css | 65.109.18.14 | 200 OK | 9.3 kB |
URL HTTP/2usaupload.com/themes/spirit/assets/frontend/css/socicon.css IP 65.109.18.14:0
ASN#24940 Hetzner Online GmbH
Hashb23fff7d228bbe8796ad8b3d280e3401 1a9861031bda4d3c1cb58564107d8b777982750b 17beb90ae4f385180d6b7d184dcb640ccd2a360e4ee03af0254c83b00ef87202
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /themes/spirit/assets/frontend/css/socicon.css HTTP/1.1
Host: usaupload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usaupload.com/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=nfjvornfooohfeaq9ct9akre32
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 16:46:04 GMT
content-type: text/css
content-length: 9283
last-modified: Mon, 28 Sep 2020 14:26:44 GMT
etag: "5f71f2a4-2443"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| usaupload.com/themes/spirit/assets/frontend/css/lightbox.min.css | 65.109.18.14 | 200 OK | 3.7 kB |
URL HTTP/2usaupload.com/themes/spirit/assets/frontend/css/lightbox.min.css IP 65.109.18.14:0
ASN#24940 Hetzner Online GmbH
Hash40cab6b747df96a8a66f5c0ac4e034dd 85dd24bc614fb1ecaeb873f4e686213aa53927c3 798da60d899fcd9aa5074834d88b63c398dd72af5711ed48d7f68dde8dc8db5e
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /themes/spirit/assets/frontend/css/lightbox.min.css HTTP/1.1
Host: usaupload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usaupload.com/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=nfjvornfooohfeaq9ct9akre32
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 16:46:04 GMT
content-type: text/css
content-length: 3668
last-modified: Mon, 28 Sep 2020 14:26:46 GMT
etag: "5f71f2a6-e54"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| usaupload.com/themes/spirit/assets/frontend/css/flickity.css | 65.109.18.14 | 200 OK | 2.4 kB |
URL HTTP/2usaupload.com/themes/spirit/assets/frontend/css/flickity.css IP 65.109.18.14:0
ASN#24940 Hetzner Online GmbH
Hash5439695b076327f53edcda86d192856b d938327051f0bf044bc65b68721ad3193bd2ef12 1709404c1e9beb94953cc95fcc3477e7cb4213e03bfe9bbe0f8a37877c1c6e42
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /themes/spirit/assets/frontend/css/flickity.css HTTP/1.1
Host: usaupload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usaupload.com/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=nfjvornfooohfeaq9ct9akre32
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 16:46:04 GMT
content-type: text/css
content-length: 2392
last-modified: Mon, 28 Sep 2020 14:26:44 GMT
etag: "5f71f2a4-958"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| usaupload.com/themes/spirit/assets/frontend/css/jquery.steps.css | 65.109.18.14 | 200 OK | 5.6 kB |
URL HTTP/2usaupload.com/themes/spirit/assets/frontend/css/jquery.steps.css IP 65.109.18.14:0
ASN#24940 Hetzner Online GmbH
Hasha0ed38e9ba9498867df1f62407377def 6d2278f924b80328695e8fe5213b252ae499fc77 70110803124af60b1e1dc1ea3c0408353947b4a0d7000f47873c85287de875d5
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /themes/spirit/assets/frontend/css/jquery.steps.css HTTP/1.1
Host: usaupload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usaupload.com/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=nfjvornfooohfeaq9ct9akre32
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 16:46:04 GMT
content-type: text/css
content-length: 5638
last-modified: Mon, 28 Sep 2020 14:26:44 GMT
etag: "5f71f2a4-1606"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| usaupload.com/themes/spirit/assets/frontend/css/cookiealert.css | 65.109.18.14 | 200 OK | 12 kB |
URL HTTP/2usaupload.com/themes/spirit/assets/frontend/css/cookiealert.css IP 65.109.18.14:0
ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (11486), with CRLF line terminators Hash3d2946aeae3cc8f43e2acf82ea029bd4 c25a0bd445ff9e6034d34e8f388f5565515a2783 705d9fc8952ac3bf3d9300e3d9ea6753284cdd920c34be0213ec8bc862df7a28
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /themes/spirit/assets/frontend/css/cookiealert.css HTTP/1.1
Host: usaupload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usaupload.com/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=nfjvornfooohfeaq9ct9akre32
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 16:46:04 GMT
content-type: text/css
content-length: 12369
last-modified: Mon, 28 Sep 2020 14:26:44 GMT
etag: "5f71f2a4-3051"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| usaupload.com/themes/spirit/assets/frontend/css/iconsmind.css | 65.109.18.14 | 200 OK | 96 kB |
URL HTTP/2usaupload.com/themes/spirit/assets/frontend/css/iconsmind.css IP 65.109.18.14:0
ASN#24940 Hetzner Online GmbH
Hash39aa385af1cfd640bac73a09de3ac9fe 6d17dff21d04138cd8ab3ef9dfe1eae79994834c 0909de268b3276cb7464acb2f86701f62974a893dd374312908a3f8efc363438
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /themes/spirit/assets/frontend/css/iconsmind.css HTTP/1.1
Host: usaupload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usaupload.com/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=nfjvornfooohfeaq9ct9akre32
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 16:46:04 GMT
content-type: text/css
content-length: 96447
last-modified: Mon, 28 Sep 2020 14:26:44 GMT
etag: "5f71f2a4-178bf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| usaupload.com/themes/spirit/assets/frontend/css/font-awesome.min.css | 65.109.18.14 | 200 OK | 59 kB |
URL HTTP/2usaupload.com/themes/spirit/assets/frontend/css/font-awesome.min.css IP 65.109.18.14:0
ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (58929) Hash66e407beb68fdbb8bacd87d91ddf7829 5ed55601e30871fb757dc4b78a40a432f9a3600b eb98a660b34391ce502005c6b8553af83defcf0832489134efb499498051d1d9
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /themes/spirit/assets/frontend/css/font-awesome.min.css HTTP/1.1
Host: usaupload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usaupload.com/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=nfjvornfooohfeaq9ct9akre32
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 16:46:04 GMT
content-type: text/css
content-length: 59115
last-modified: Mon, 28 Sep 2020 14:26:44 GMT
etag: "5f71f2a4-e6eb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| usaupload.com/themes/spirit/assets/frontend/css/custom.css | 65.109.18.14 | 200 OK | 8.9 kB |
URL HTTP/2usaupload.com/themes/spirit/assets/frontend/css/custom.css IP 65.109.18.14:0
ASN#24940 Hetzner Online GmbH
File typeassembler source, ASCII text, with CRLF line terminators Hash65417cde74809cb9b9e66d0ab4adc448 9729ccac013729aed790fdc25d71d858f50a137b c8dee41785c1f45859a70f3bb9a65b3cba83d866dd46ca0096d07067fec9d280
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /themes/spirit/assets/frontend/css/custom.css HTTP/1.1
Host: usaupload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usaupload.com/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=nfjvornfooohfeaq9ct9akre32
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 16:46:04 GMT
content-type: text/css
content-length: 8936
last-modified: Thu, 04 Feb 2021 16:28:50 GMT
etag: "601c20c2-22e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| usaupload.com/themes/spirit/assets/frontend/js/flickity.min.js | 65.109.18.14 | 200 OK | 54 kB |
URL HTTP/2usaupload.com/themes/spirit/assets/frontend/js/flickity.min.js IP 65.109.18.14:0
ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (32032) Hash81a84001ccd9bdd589d1b4f187311b15 5cdf8cb0d97b5b16a5f812e1541ad387a7cb8af5 5a28889b1faf91d12eeb5b5d173c50135eefd7fdc29a951b365340cf473bd9b2
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /themes/spirit/assets/frontend/js/flickity.min.js HTTP/1.1
Host: usaupload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usaupload.com/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=nfjvornfooohfeaq9ct9akre32
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 16:46:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 53861
last-modified: Mon, 28 Sep 2020 14:26:40 GMT
etag: "5f71f2a0-d265"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| usaupload.com/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js | 65.109.18.14 | 200 OK | 87 kB |
URL HTTP/2usaupload.com/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js IP 65.109.18.14:0
ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (32030) Hashe071abda8fe61194711cfc2ab99fe104 f647a6d37dc4ca055ced3cf64bbc1f490070acba 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /themes/spirit/assets/frontend/js/jquery-3.1.1.min.js HTTP/1.1
Host: usaupload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usaupload.com/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=nfjvornfooohfeaq9ct9akre32
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 16:46:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 86709
last-modified: Mon, 28 Sep 2020 14:26:40 GMT
etag: "5f71f2a0-152b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| usaupload.com/themes/spirit/assets/frontend/js/jquery.dataTables.min.js | 65.109.18.14 | 200 OK | 70 kB |
URL HTTP/2usaupload.com/themes/spirit/assets/frontend/js/jquery.dataTables.min.js IP 65.109.18.14:0
ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (768) Hash737f853e9fd6a31d62f5028e88663c9f cf144f2ab49f53a69fbfe10d3588fc23437d2736 6c3ca64b7acfdd29b3ca6f1b9b46696369abd462d4546182085c347f72211841
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /themes/spirit/assets/frontend/js/jquery.dataTables.min.js HTTP/1.1
Host: usaupload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usaupload.com/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=nfjvornfooohfeaq9ct9akre32
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 16:46:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 69604
last-modified: Mon, 28 Sep 2020 14:26:40 GMT
etag: "5f71f2a0-10fe4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| usaupload.com/themes/spirit/assets/frontend/js/typed.min.js | 65.109.18.14 | 200 OK | 3.9 kB |
URL HTTP/2usaupload.com/themes/spirit/assets/frontend/js/typed.min.js IP 65.109.18.14:0
ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (3949), with no line terminators Hash2f6185a8a32a50b2b3e04849f44359d4 0e5501588c5c0d1c9462f34b0d56c21abff5bfef 914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /themes/spirit/assets/frontend/js/typed.min.js HTTP/1.1
Host: usaupload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usaupload.com/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=nfjvornfooohfeaq9ct9akre32
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 16:46:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 3949
last-modified: Mon, 28 Sep 2020 14:26:40 GMT
etag: "5f71f2a0-f6d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| usaupload.com/themes/spirit/assets/frontend/js/datepicker.js | 65.109.18.14 | 200 OK | 21 kB |
URL HTTP/2usaupload.com/themes/spirit/assets/frontend/js/datepicker.js IP 65.109.18.14:0
ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (12692), with CRLF line terminators Hash8cfe207a6a21c7495cfb751c761217a6 35d686a6c4ecc9946c35444ce93e110cb0e1611c 804e3c2608de23694fa71684178e2f9815115d56ee022ec770e1fcb208847acc
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /themes/spirit/assets/frontend/js/datepicker.js HTTP/1.1
Host: usaupload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usaupload.com/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=nfjvornfooohfeaq9ct9akre32
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 16:46:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 20975
last-modified: Mon, 28 Sep 2020 14:26:40 GMT
etag: "5f71f2a0-51ef"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| usaupload.com/themes/spirit/assets/frontend/js/granim.min.js | 65.109.18.14 | 200 OK | 11 kB |
URL HTTP/2usaupload.com/themes/spirit/assets/frontend/js/granim.min.js IP 65.109.18.14:0
ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (10573) Hash2c16a9a724563fc0c306abb5bdeb03fe 90c2032537714e66059a3eaa150b93f3c9c80163 997a15cf01d5118cb0106587f441c32de2074c8dc12d85cf7c7dc430e2ee342e
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /themes/spirit/assets/frontend/js/granim.min.js HTTP/1.1
Host: usaupload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usaupload.com/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=nfjvornfooohfeaq9ct9akre32
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 16:46:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 10634
last-modified: Mon, 28 Sep 2020 14:26:40 GMT
etag: "5f71f2a0-298a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| usaupload.com/themes/spirit/assets/frontend/js/jquery.steps.min.js | 65.109.18.14 | 200 OK | 14 kB |
URL HTTP/2usaupload.com/themes/spirit/assets/frontend/js/jquery.steps.min.js IP 65.109.18.14:0
ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (13686) Hash4c5e9f4e84d32b7df69af7420b355e03 14e1e287ec98e8cc0a992ee996783b0c42f9ec0f c9459a9e11e4c63fb7a30d2a644e80b733fc9599302ef3da8142cbe8f9d9333d
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /themes/spirit/assets/frontend/js/jquery.steps.min.js HTTP/1.1
Host: usaupload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usaupload.com/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=nfjvornfooohfeaq9ct9akre32
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 16:46:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 13857
last-modified: Mon, 28 Sep 2020 14:26:40 GMT
etag: "5f71f2a0-3621"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| usaupload.com/themes/spirit/assets/frontend/js/countdown.min.js | 65.109.18.14 | 200 OK | 5.3 kB |
URL HTTP/2usaupload.com/themes/spirit/assets/frontend/js/countdown.min.js IP 65.109.18.14:0
ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (4136) Hash5d3ff3c3fbaa67cc639501f44eeb07be bd66e4cd58de09c198e7abc77fa4c883955d189e 2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /themes/spirit/assets/frontend/js/countdown.min.js HTTP/1.1
Host: usaupload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usaupload.com/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=nfjvornfooohfeaq9ct9akre32
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 16:46:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 5339
last-modified: Mon, 28 Sep 2020 14:26:40 GMT
etag: "5f71f2a0-14db"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| usaupload.com/themes/spirit/assets/frontend/js/smooth-scroll.min.js | 65.109.18.14 | 200 OK | 6.0 kB |
URL HTTP/2usaupload.com/themes/spirit/assets/frontend/js/smooth-scroll.min.js IP 65.109.18.14:0
ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (4887) Hashb67e171349c4716dd7bb15c018a2c8c1 60b204148c0eed83b06043897d1cbd54709eab66 8daef829c397c41e42a1f9faffc25aa4834334e5305805419933a1b44b6c1e30
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /themes/spirit/assets/frontend/js/smooth-scroll.min.js HTTP/1.1
Host: usaupload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usaupload.com/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=nfjvornfooohfeaq9ct9akre32
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 16:46:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 6006
last-modified: Mon, 28 Sep 2020 14:26:40 GMT
etag: "5f71f2a0-1776"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| usaupload.com/cache/themes/spirit/logo_inverse.png | 65.109.18.14 | 200 OK | 47 kB |
URL HTTP/2usaupload.com/cache/themes/spirit/logo_inverse.png IP 65.109.18.14:0
ASN#24940 Hetzner Online GmbH
File typePNG image data, 2395 x 523, 8-bit/color RGBA, non-interlaced\012- data Hash4a27d711f28aba5323cc3ec041fa5b02 d9085bc35de1f67fcc747a4e65326211da1a325b 2d8eee896b0e8b89f72080dc107998f372efb2e311ab8110e589b2e12ab3e357
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /cache/themes/spirit/logo_inverse.png HTTP/1.1
Host: usaupload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usaupload.com/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=nfjvornfooohfeaq9ct9akre32
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 16:46:04 GMT
content-type: image/png
content-length: 46999
last-modified: Thu, 07 Apr 2022 17:42:41 GMT
etag: "624f2291-b797"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| usaupload.com/cache/themes/spirit/logo.png | 65.109.18.14 | 200 OK | 45 kB |
URL HTTP/2usaupload.com/cache/themes/spirit/logo.png IP 65.109.18.14:0
ASN#24940 Hetzner Online GmbH
File typePNG image data, 2395 x 523, 8-bit/color RGBA, non-interlaced\012- data Hashe772ff8c144c6dab2b01cc460c09ed46 cc3d762f0be3af03b5d47e559cf1a941273126c3 8fd6aa3f0b8b3d4211fff4f800eeed179c4edd178a90c55848d9d063c76d39c4
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /cache/themes/spirit/logo.png HTTP/1.1
Host: usaupload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usaupload.com/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=nfjvornfooohfeaq9ct9akre32
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 16:46:04 GMT
content-type: image/png
content-length: 44604
last-modified: Thu, 07 Apr 2022 17:58:15 GMT
etag: "624f2637-ae3c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| usaupload.com/themes/spirit/assets/frontend/js/scripts.js | 65.109.18.14 | 200 OK | 112 kB |
URL HTTP/2usaupload.com/themes/spirit/assets/frontend/js/scripts.js IP 65.109.18.14:0
ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (914) Size112 kB (111905 bytes) Hashccd6c308b2b8e36ae154d7bacea4240d f7d2f7195150771246dd599dbb4ff3bc2f0f2179 fc2a8bf60f1e7577697c0b457c01aeeecfd2b18ea68c93e2d374bf6d95fbe7a0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /themes/spirit/assets/frontend/js/scripts.js HTTP/1.1
Host: usaupload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usaupload.com/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=nfjvornfooohfeaq9ct9akre32
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 16:46:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 111905
last-modified: Wed, 14 Oct 2020 16:17:02 GMT
etag: "5f87247e-1b521"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| usaupload.com/themes/spirit/assets/frontend/css/theme.css | 65.109.18.14 | 200 OK | 197 kB |
URL HTTP/2usaupload.com/themes/spirit/assets/frontend/css/theme.css IP 65.109.18.14:0
ASN#24940 Hetzner Online GmbH
File typeassembler source text\012- assembler source, ASCII text Size197 kB (197080 bytes) Hash0070ae7b5bb75d59ef0f36de1f3cb4b4 58b9bcb364df74184f35e8dc0231b3573cb9c332 db7c96fb23e5c19f26d7de6f407cef6c779c2a207c8c2e16615e8e9b3e89efd8
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /themes/spirit/assets/frontend/css/theme.css HTTP/1.1
Host: usaupload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usaupload.com/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=nfjvornfooohfeaq9ct9akre32
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 16:46:04 GMT
content-type: text/css
content-length: 197080
last-modified: Mon, 28 Sep 2020 14:26:44 GMT
etag: "5f71f2a4-301d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| usaupload.com/themes/spirit/assets/frontend/js/cookiealert.js | 65.109.18.14 | 200 OK | 1.8 kB |
URL HTTP/2usaupload.com/themes/spirit/assets/frontend/js/cookiealert.js IP 65.109.18.14:0
ASN#24940 Hetzner Online GmbH
File typeASCII text, with CRLF line terminators Hash81279e22c8ece9e1d0536a402484daa3 911797507fb12d4f451d5900e32db96ad697c401 5c6237178e88ab7f1c6e26c9e99547e58782450b8f2a182129448ff4d99e89ab
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /themes/spirit/assets/frontend/js/cookiealert.js HTTP/1.1
Host: usaupload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usaupload.com/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=nfjvornfooohfeaq9ct9akre32
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 16:46:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 1836
last-modified: Mon, 28 Sep 2020 14:26:40 GMT
etag: "5f71f2a0-72c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP 142.250.74.131:0
Hashdc2725df0fb812e32298bb7faaf0c231 4ce4ac649b05b8eedab5bda51f4baf5f98417689 1a60eb1f9b71718c2061dfeb9de8241bef6fecab5d48adbc8ce3a89d1dddb8f5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:46:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP 142.250.74.131:0
Hash5100021a7f8224edae91cf7c15ece4b2 2b0877c1cde0483463babb806f610158761489c7 701becec3ebad5661cfc231ad96cd17d95c4453206036fd3d05a246db72debef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:46:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP 142.250.74.131:0
Hash305e61785b6a439d62cc6d1eb782acf0 51c1e3e213b20326f9b0a6089a07d64559945d85 b04548c1d4e00ddc872aad4bd3b532cade0bf423138620e351a6d58a2e8f19fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:46:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.googletagmanager.com/gtag/js?id=UA-163791795-1 | 142.250.74.40 | 200 OK | 44 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=UA-163791795-1 IP 142.250.74.40:0
File typeASCII text, with very long lines (1921) Hash5dd278b14dd9c4ce9786e9c20bf9fa68 b3e24f18b6cba9b9dd16d770ebd1635108a62ef0 7eead814767fce77b259ba1326f360a80372116b66bbf484d9d0c9f1ee4629bc
GET /gtag/js?id=UA-163791795-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usaupload.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 24 Dec 2022 16:46:04 GMT
expires: Sat, 24 Dec 2022 16:46:04 GMT
cache-control: private, max-age=900
last-modified: Sat, 24 Dec 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43631
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP 142.250.74.131:0
Hashdc2725df0fb812e32298bb7faaf0c231 4ce4ac649b05b8eedab5bda51f4baf5f98417689 1a60eb1f9b71718c2061dfeb9de8241bef6fecab5d48adbc8ce3a89d1dddb8f5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:46:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP 142.250.74.131:0
Hash305e61785b6a439d62cc6d1eb782acf0 51c1e3e213b20326f9b0a6089a07d64559945d85 b04548c1d4e00ddc872aad4bd3b532cade0bf423138620e351a6d58a2e8f19fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:46:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| usaupload.com/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631 | 65.109.18.14 | 200 OK | 4.3 kB |
URL HTTP/2usaupload.com/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631 IP 65.109.18.14:0
ASN#24940 Hetzner Online GmbH
File typeWeb Open Font Format (Version 2), TrueType, length 4292, version 1.0\012- data Hashae072782b361d2afdbf43db08d3cfb73 f3db2e65b53d97491672f8631e21d6d05905cc88 31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631 HTTP/1.1
Host: usaupload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://usaupload.com/themes/spirit/assets/frontend/css/stack-interface.css
Cookie: filehosting=nfjvornfooohfeaq9ct9akre32
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 16:46:04 GMT
content-type: font/woff2
content-length: 4292
last-modified: Mon, 28 Sep 2020 14:26:44 GMT
etag: "5f71f2a4-10c4"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP 142.250.74.131:0
Hash9527d889a5b94c28b4dcd8809ffba513 b2ee81348df6ebc3f72fcd64b7767df0a1903fb5 9d3cfbc6c96f2da85420d44bdd58f8e860487d3cbf1ffda4d21477b566f23059
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:46:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP 142.250.74.131:0
Hashb9643a377daeefa9e867de25d84d90a4 7ab8aade6752606edfa9a6e68248fdbdca76dae8 0265378147b5eaa4ad2c4f570790b2b71b1abe8386e674c565bf0885396c04d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:46:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP 142.250.74.131:0
Hash9527d889a5b94c28b4dcd8809ffba513 b2ee81348df6ebc3f72fcd64b7767df0a1903fb5 9d3cfbc6c96f2da85420d44bdd58f8e860487d3cbf1ffda4d21477b566f23059
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:46:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| usaupload.com/themes/spirit/assets/images/flags/us.png | 65.109.18.14 | 200 OK | 471 B |
URL HTTP/2usaupload.com/themes/spirit/assets/images/flags/us.png IP 65.109.18.14:0
ASN#24940 Hetzner Online GmbH
Hashb9643a377daeefa9e867de25d84d90a4 7ab8aade6752606edfa9a6e68248fdbdca76dae8 0265378147b5eaa4ad2c4f570790b2b71b1abe8386e674c565bf0885396c04d0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /themes/spirit/assets/images/flags/us.png HTTP/1.1
Host: usaupload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usaupload.com/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=nfjvornfooohfeaq9ct9akre32
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 16:46:04 GMT
content-type: image/png
content-length: 609
last-modified: Mon, 28 Sep 2020 14:27:40 GMT
etag: "5f71f2dc-261"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP 142.250.74.131:0
Hashb9643a377daeefa9e867de25d84d90a4 7ab8aade6752606edfa9a6e68248fdbdca76dae8 0265378147b5eaa4ad2c4f570790b2b71b1abe8386e674c565bf0885396c04d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:46:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Pragma, Last-Modified, Expires, Alert, Content-Type, Retry-After, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 24 Dec 2022 16:08:04 GMT
age: 2280
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 45 kB |
URL HTTP/2fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP 216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data Hash565ce506190ad3af920b40baf1794cec ad3cba5d06100e09449a864d3b5e58403b478b3d 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://usaupload.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Dec 2022 18:52:41 GMT
expires: Tue, 19 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 424403
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 | 216.58.207.227 | 200 OK | 18 kB |
URL HTTP/2fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 IP 216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 17820, version 1.0\012- data Hash3d5107abaf7bf4df5478bd04625c0929 b04d394caabf6ea3e500b74781dc2bfd54f3c18d 9ad0a22b0c58240a7a92b4c01aa31f39a5918dea6a8fdfa77e63042abc4fca31
GET /s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://usaupload.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Dec 2022 18:56:07 GMT
expires: Tue, 19 Dec 2023 18:56:07 GMT
cache-control: public, max-age=31536000
age: 424197
last-modified: Mon, 15 Aug 2022 18:13:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP 142.250.74.131:0
Hashb9643a377daeefa9e867de25d84d90a4 7ab8aade6752606edfa9a6e68248fdbdca76dae8 0265378147b5eaa4ad2c4f570790b2b71b1abe8386e674c565bf0885396c04d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:46:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| usaupload.com/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png | 65.109.18.14 | 200 OK | 5.0 kB |
URL HTTP/2usaupload.com/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png IP 65.109.18.14:0
ASN#24940 Hetzner Online GmbH
File typePNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data Hasha9a8c24cea41bed7ef78ed1d12d48291 cd86d71e15b97ab602e0e39bb6e9bbaf6779f4d7 3b379c83d1c0b117cec88debed9390723daffc2fb99cf51cc2175c47169d190e
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png HTTP/1.1
Host: usaupload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usaupload.com/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=nfjvornfooohfeaq9ct9akre32
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 16:46:04 GMT
content-type: image/png
content-length: 5016
last-modified: Mon, 28 Sep 2020 14:26:42 GMT
etag: "5f71f2a2-1398"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| usaupload.com/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png | 65.109.18.14 | 200 OK | 447 B |
URL HTTP/2usaupload.com/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png IP 65.109.18.14:0
ASN#24940 Hetzner Online GmbH
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data Hashf3d5da06fe8d5a2425d5d229285e5eea 01032b864f3c74bbf44771e2ba41eeb2251fad90 d11d596429d3543bfb07191a87a67a8c22e198113c6f3a109158a5a85bf82f26
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /themes/spirit/assets/frontend/img/favicon/favicon-16x16.png HTTP/1.1
Host: usaupload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usaupload.com/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=nfjvornfooohfeaq9ct9akre32
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 16:46:04 GMT
content-type: image/png
content-length: 447
last-modified: Mon, 28 Sep 2020 14:26:40 GMT
etag: "5f71f2a0-1bf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.google-analytics.com/analytics.js | 142.250.74.14 | 200 OK | 20 kB |
URL HTTP/2www.google-analytics.com/analytics.js IP 142.250.74.14:0
File typeASCII text, with very long lines (1325) Hash47e6f374ca946fddd5b59871b325736c baa9282efc8785e84d247c3bff518eaa45f101c4 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usaupload.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 24 Dec 2022 15:34:02 GMT
expires: Sat, 24 Dec 2022 17:34:02 GMT
cache-control: public, max-age=7200
age: 4322
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP 142.250.74.131:0
Hashe2b94572412cbd6dec9120f26fbd8edd 4ded5a76d85e2c35e8d3b1c5c196fa58159ba2a5 1371df100af0981a2cc1a7d9796c06dd16b71bd3e94f3439d7f789281853bb82
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:46:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3146060301369196 | 216.58.207.194 | 200 OK | 50 kB |
URL HTTP/2pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3146060301369196 IP 216.58.207.194:0
File typeASCII text, with very long lines (4885) Hash08e29db159b2e1ce2fec3b6f147376d9 adc3a760793d8ce8ab87f4a53cca72a1491a0841 bdd9814827eccc48851ef01500baf0769c9b8d41e1861b510d2d569c61b9efb0
GET /pagead/js/adsbygoogle.js?client=ca-pub-3146060301369196 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://usaupload.com
Connection: keep-alive
Referer: https://usaupload.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 24 Dec 2022 16:46:04 GMT
expires: Sat, 24 Dec 2022 16:46:04 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 7734636589448807432
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49661
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP 93.184.220.29:0
Hashd7938ab2263405a708c44813f3e16cb8 3ba9f4363ecc2834ea1211f761ce2d04e0077ab3 8a8ef4218bcd8ecb1f12ecdb74f3f453a7093be8dd3c233615577dcc9b40fa92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6172
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:46:04 GMT
Last-Modified: Sat, 24 Dec 2022 15:03:12 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP 142.250.74.131:0
Hashe2b94572412cbd6dec9120f26fbd8edd 4ded5a76d85e2c35e8d3b1c5c196fa58159ba2a5 1371df100af0981a2cc1a7d9796c06dd16b71bd3e94f3439d7f789281853bb82
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:46:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| push.services.mozilla.com/ | 34.215.91.121 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP 34.215.91.121:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DOVj+ODM7WyMmx0/q0KiHg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IE1p6TCVJvFadphftxto/v150zY=
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP 142.250.74.131:0
Hashf7f2b50924cb51d78846516218c0d2f1 941c96085efcd6e7ce220915c24e4c745b0df4b0 53069cf94e26aaa3c21328f02ec0fa9878f80f42e893a9257fb5830c40f2b90d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:46:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP 142.250.74.131:0
Hash6e4ad12f0a4020607ebcc3cd728864cd d405baf5d17ef5849f9f271dfe764cdd45841466 3e445cacabac36c6fed01834aac33077988cad9183357ba06fce2a8121ae7639
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:46:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP 142.250.74.131:0
Hashf37c9faffd8b6d93a4994c02ff1d3d21 b41b823e9b33d7fff8c1670cf510edda28f7082b 7494a95cab50f2a0409796d95e999fc5add96030fba70be912c1c80124169bc6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:46:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP 142.250.74.131:0
Hashb9e17fae8e9b08b0f8b1424a9a62a36f 4c8cbf014cf2c86b62782d7722339e0a56fa64ba 974089d8226c3e6858a54fa7b4dae361662c86462864e8500250bd8660ac6bba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:46:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| adservice.google.com/adsid/integrator.js?domain=usaupload.com | 142.250.74.66 | 200 OK | 100 B |
URL HTTP/2adservice.google.com/adsid/integrator.js?domain=usaupload.com IP 142.250.74.66:0
File typeASCII text, with no line terminators Hash917951a58be8c6c6f3680159550ba3c2 21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4 cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=usaupload.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usaupload.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 24 Dec 2022 16:46:05 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| adservice.google.no/adsid/integrator.js?domain=usaupload.com | 142.250.74.66 | 200 OK | 100 B |
URL HTTP/2adservice.google.no/adsid/integrator.js?domain=usaupload.com IP 142.250.74.66:0
File typeASCII text, with no line terminators Hash917951a58be8c6c6f3680159550ba3c2 21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4 cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=usaupload.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usaupload.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 24 Dec 2022 16:46:05 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP 142.250.74.131:0
Hashb9e17fae8e9b08b0f8b1424a9a62a36f 4c8cbf014cf2c86b62782d7722339e0a56fa64ba 974089d8226c3e6858a54fa7b4dae361662c86462864e8500250bd8660ac6bba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:46:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP 142.250.74.131:0
Hash5ec1233b7456781e4e2fb3e8dfea4860 bf61533c9ec2a6310d80457b1231400cf8631868 820ff717f6d3609bf61e238fda2ecfd8fd9aaf77e85760c0154f72461b33de6e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:46:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| adservice.google.no/adsid/integrator.js?domain=usaupload.com | 142.250.74.66 | 200 OK | 100 B |
URL HTTP/2adservice.google.no/adsid/integrator.js?domain=usaupload.com IP 142.250.74.66:0
File typeASCII text, with no line terminators Hash917951a58be8c6c6f3680159550ba3c2 21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4 cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=usaupload.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usaupload.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 24 Dec 2022 16:46:05 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP 142.250.74.131:0
Hash9564eb6f71fa10a5170c928454387a4a 592668eae50f9d76fc000075682e5b5c35bf1235 e9addf356cb7baa6e8846428c22dfa6f130fcd0f32a87a8bf9be7b086bf3ff5a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:46:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP 142.250.74.131:0
Hash9564eb6f71fa10a5170c928454387a4a 592668eae50f9d76fc000075682e5b5c35bf1235 e9addf356cb7baa6e8846428c22dfa6f130fcd0f32a87a8bf9be7b086bf3ff5a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:46:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js | 216.58.211.1 | 200 OK | 9.4 kB |
URL HTTP/2tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js IP 216.58.211.1:0
File typeASCII text, with very long lines (1592) Hash5a5aa8d035ffaad9c0b8653b0a412d2f f09fe4da7a3d328089a611e314d326aa5cb598f5 de6d29b666b737e039c2de5bedaf81dda437c47a79e17d0d10f188358916187a
GET /pagead/js/r20221207/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 9443
x-xss-protection: 0
date: Sat, 24 Dec 2022 13:34:48 GMT
expires: Sat, 07 Jan 2023 13:34:48 GMT
cache-control: public, max-age=1209600
age: 11477
etag: 9828741834572772835
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js | 216.58.211.1 | 200 OK | 7.5 kB |
URL HTTP/2tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js IP 216.58.211.1:0
File typeASCII text, with very long lines (1542) Hash6f59900fa87e133bae329372aebefe36 260937d2934233c07b112f3564ec9eca7b529fd7 156c12ec7d6973b5742504716567b70740dd66bee9cc0e1a1608df56e77011fd
GET /pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7480
x-xss-protection: 0
date: Fri, 23 Dec 2022 22:01:24 GMT
expires: Fri, 06 Jan 2023 22:01:24 GMT
cache-control: public, max-age=1209600
age: 67481
etag: 15631949847000551034
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 | 142.250.74.98 | 200 OK | 48 kB |
URL HTTP/2www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 IP 142.250.74.98:0
File typeASCII text, with very long lines (3501) Hash0aea457deb170b60b680d7d723b4a6e2 3acbe700c709c2c5c07d6fb145ea7b448cc07a90 86c662679bc2508be7e8064c91055a3c5be7db2c24d58e5f27676f35702ba339
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 47725
date: Sat, 24 Dec 2022 16:46:05 GMT
expires: Sat, 24 Dec 2022 16:46:05 GMT
cache-control: private, max-age=3000
etag: "1670417373259609"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP 142.250.74.131:0
Hashca9512237f87f9b258f470a0569c483e 81d7f7b1e8ab5657d33944a55a07ac22af57f473 faf3fce2abb109bb79e5e808a7de6ae04ba070a115b6ac6c8dbb393d3bd0069b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:46:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019 | 216.58.211.3 | 200 OK | 14 kB |
URL HTTP/2www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019 IP 216.58.211.3:0
File typeC++ source, ASCII text, with very long lines (1833) Hashd423039334318b32567d199ce1d9238e e9ecb9be252647406e9ac7d57645beb00f22a8f1 4ea40f24181f3b9df05fd0b365a5a679de8ab34489f81127420075a618b297e1
GET /mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 14213
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Dec 2022 16:20:25 GMT
expires: Fri, 24 Mar 2023 16:20:25 GMT
cache-control: public, max-age=7776000
age: 1541
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.google.com/ads/measurement/l?ebcid=ALh7CaQsFsF6KT7mpfVuu_wIhmpw1wJXQ1gZSISMkbxET5HMpobm4HjdBlZA43o5X7UGjpCvXpthoYhfYrx4vnIFJw8KtCHFfg | 216.58.211.4 | 204 No Content | 0 B |
URL HTTP/2www.google.com/ads/measurement/l?ebcid=ALh7CaQsFsF6KT7mpfVuu_wIhmpw1wJXQ1gZSISMkbxET5HMpobm4HjdBlZA43o5X7UGjpCvXpthoYhfYrx4vnIFJw8KtCHFfg IP 216.58.211.4:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads/measurement/l?ebcid=ALh7CaQsFsF6KT7mpfVuu_wIhmpw1wJXQ1gZSISMkbxET5HMpobm4HjdBlZA43o5X7UGjpCvXpthoYhfYrx4vnIFJw8KtCHFfg HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 24 Dec 2022 16:46:06 GMT
server: jumble_frontend_server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png | 216.58.211.3 | 200 OK | 205 B |
URL HTTP/2www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png IP 216.58.211.3:0
File typePNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data Hash4087858e2c9db9aa8f6a840aedcfb533 d1ffe861da6bd0e95fd1a365b0c3d3ceb6cd58a3 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
GET /images/icons/material/system/2x/feedback_grey600_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 205
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Dec 2022 18:18:56 GMT
expires: Thu, 21 Dec 2023 18:18:56 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 253630
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png | 216.58.211.3 | 200 OK | 604 B |
URL HTTP/2www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png IP 216.58.211.3:0
File typePNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data Hash7bd42e5a35b5fb3ff852d6ea9191ca83 8a141eb392a05a2dea3dcd83b97940ef70a81ebc 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
GET /images/icons/material/system/2x/settings_grey600_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Dec 2022 20:12:01 GMT
expires: Fri, 22 Dec 2023 20:12:01 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 160445
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.google.com/ads/measurement/l?ebcid=ALh7CaTXUBAZxDq2GiZyjdUAoyvc5qWtHlnoylZyrJ9J3XRbQ64wIxACVqn8J_gLqek77FUcFbGCxuqDxbmcNVp86WOENz-vaQ | 216.58.211.4 | 204 No Content | 0 B |
URL HTTP/2www.google.com/ads/measurement/l?ebcid=ALh7CaTXUBAZxDq2GiZyjdUAoyvc5qWtHlnoylZyrJ9J3XRbQ64wIxACVqn8J_gLqek77FUcFbGCxuqDxbmcNVp86WOENz-vaQ IP 216.58.211.4:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads/measurement/l?ebcid=ALh7CaTXUBAZxDq2GiZyjdUAoyvc5qWtHlnoylZyrJ9J3XRbQ64wIxACVqn8J_gLqek77FUcFbGCxuqDxbmcNVp86WOENz-vaQ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 24 Dec 2022 16:46:06 GMT
server: jumble_frontend_server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 IP 216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data Hashb9c29351c46f3e8c8631c4002457f48a e57e59c5780995ff2937ab2b511a769212974a87 f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Dec 2022 19:34:15 GMT
expires: Thu, 21 Dec 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 249111
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP 216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Dec 2022 13:33:13 GMT
expires: Sat, 23 Dec 2023 13:33:13 GMT
cache-control: public, max-age=31536000
age: 97973
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP 216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Dec 2022 19:33:54 GMT
expires: Thu, 21 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 249132
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP 23.33.119.27:0
ASN#20940 Akamai International B.V.
Hash6ce699bd0db3ee9d3a4ef6dcf941f9f1 14d813942d74d801024c42e2a4628ecd9306d2ad 060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3639
Expires: Sat, 24 Dec 2022 17:46:45 GMT
Date: Sat, 24 Dec 2022 16:46:06 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP 23.33.119.27:0
ASN#20940 Akamai International B.V.
Hash6ce699bd0db3ee9d3a4ef6dcf941f9f1 14d813942d74d801024c42e2a4628ecd9306d2ad 060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3639
Expires: Sat, 24 Dec 2022 17:46:45 GMT
Date: Sat, 24 Dec 2022 16:46:06 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP 23.36.76.226:0
ASN#20940 Akamai International B.V.
Hash6ce699bd0db3ee9d3a4ef6dcf941f9f1 14d813942d74d801024c42e2a4628ecd9306d2ad 060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4161
Expires: Sat, 24 Dec 2022 17:55:27 GMT
Date: Sat, 24 Dec 2022 16:46:06 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP 23.33.119.27:0
ASN#20940 Akamai International B.V.
Hash6ce699bd0db3ee9d3a4ef6dcf941f9f1 14d813942d74d801024c42e2a4628ecd9306d2ad 060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3639
Expires: Sat, 24 Dec 2022 17:46:45 GMT
Date: Sat, 24 Dec 2022 16:46:06 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 1.1 kB |
IP 23.36.76.226:0
ASN#20940 Akamai International B.V.
File typegzip compressed data, max compression\012- data Hash6e98427164f283c7b3d7948c2bcb6620 6aac2f2610ba80dd45a8927becba58a1023efbc8 2bd42a872de566a6407273653e19374af01db181f846c885f34553583fa94820
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4161
Expires: Sat, 24 Dec 2022 17:55:27 GMT
Date: Sat, 24 Dec 2022 16:46:06 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdce5468-cf1b-4a55-968b-1aaa101e60d6.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdce5468-cf1b-4a55-968b-1aaa101e60d6.jpeg IP 34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash38cc82b5e5d8c2fee6f51021e156ec81 eafb4e029313caabcdbdc1002abcab95f66e91b1 b8cad011e1a98ee4e896f00263495aab7f9cab986736a7a5b4187b8e94c46493
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdce5468-cf1b-4a55-968b-1aaa101e60d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11939
x-amzn-requestid: a00e5ab5-ad16-4576-b046-381e36456998
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dkUhqE94oAMFu5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4ce0a-28687ad51eea1f6f3ce8cc86;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 21:37:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: GZ4CbztfUpuPUplTacPrTbsufySu214BVAvkmxZe_PA2t89nsTFCdw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:37:34 GMT
age: 68912
etag: "eafb4e029313caabcdbdc1002abcab95f66e91b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg | 34.120.237.76 | 200 OK | 5.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg IP 34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash2d4cf077d410b94f1326e942304f9e9b 98fb13feecfada3cc8b467aa48d7cdf1ed8ab001 ec82cd83bfd4da849888b0535c9764cd4d462ef9e12c5934512858375908dfe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5659
x-amzn-requestid: bc225a93-868b-42d4-aa94-c8fa16ef2c64
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dk33gHUqIAMFg1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a50696-7710727f0f086a791a0e7939;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 01:38:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Es7YaIRVfiybyKGY41ZE5UYSN0bfn6LmOUqcYZASi9QsXQqR9NSwTA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Dec 2022 05:20:54 GMT
age: 41112
etag: "98fb13feecfada3cc8b467aa48d7cdf1ed8ab001"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f2370a8-14bd-40e5-9d9f-63e8b4b4e9f3.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f2370a8-14bd-40e5-9d9f-63e8b4b4e9f3.jpeg IP 34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashfae75097a9e461f59779e2725dd153d9 95b1e2797d9d047ca71f60851976937e83c804be 63981e99d995c1c79028f5e2205883a13ef9b1b96f3aa47cde2f4aa08ae6badb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f2370a8-14bd-40e5-9d9f-63e8b4b4e9f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10613
x-amzn-requestid: da298549-e2ce-47b1-9efa-ed817c6c416c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnniXE12oAMF-Jw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61fa8-2b396ad16595c0b349fdb450;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:37:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _C8_4MMvadzwCZt0X_zX1Ors5vXDfS3NUMZAYFYwMXwZZOhpwsBdhA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:46:08 GMT
age: 68398
etag: "95b1e2797d9d047ca71f60851976937e83c804be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d8a813d-10ee-4216-bb6b-8bcd1d8141e4.jpeg | 34.120.237.76 | 200 OK | 7.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d8a813d-10ee-4216-bb6b-8bcd1d8141e4.jpeg IP 34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6d90b80ebad103c48c3043c8d5e4c3ca ab36c9309ce13b2a3d075461c2445f76bfc582aa 2287a6db0a6a58c570930c1f94c3b36d7acf383b26cdfa42261eb254598fa7c2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d8a813d-10ee-4216-bb6b-8bcd1d8141e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7669
x-amzn-requestid: 4b35e79d-21c8-48d7-b11b-44bd820e29d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnnROG4UoAMFZdA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61f3a-765739ad7e9063781ccb12b2;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:35:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lhQA2yVBNtJ04goTms0KXhX6Q4v86TEe4EUioQs3eJzzMsCxbVmykw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:39:58 GMT
age: 68768
etag: "ab36c9309ce13b2a3d075461c2445f76bfc582aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e532075-b8a0-41ff-8f08-8512cbb1b3d4.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e532075-b8a0-41ff-8f08-8512cbb1b3d4.jpeg IP 34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash3071a834e874a992c3b14f7a3f91b30f 559014c7e6e5019097b7da8b3a820a80a1f55b6c 4f8e29303936b4168f0ad765d8a2773a7247f249396147f68f6f9639b1ad1208
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e532075-b8a0-41ff-8f08-8512cbb1b3d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10356
x-amzn-requestid: 32dbf731-a18f-4150-b3cd-f30d2ab3c6a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnoi1GY2oAMFesg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a62145-55a5f14a6ea6e7dc3754a8be;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:44:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: I-X2fEUZq8ogVCK-SeYSAgdEupzhzeBxgZv0WaVunieB4pgXxjqn2w==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:48:16 GMT
age: 68270
etag: "559014c7e6e5019097b7da8b3a820a80a1f55b6c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ebee3d-1399-4100-87ce-23d8990b97d2.jpeg | 34.120.237.76 | 200 OK | 7.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ebee3d-1399-4100-87ce-23d8990b97d2.jpeg IP 34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash33d7fa2f0af62e65eb23c36297749038 d28362f2babfde4ca02f309b80be75bfc520de9a 070da72e06d4492a954b130ff6bef5ca5fd625f0fcfee81e801ef26a03d07e2f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ebee3d-1399-4100-87ce-23d8990b97d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7478
x-amzn-requestid: b9f7f6d8-fada-45fd-80a7-3ac122dae6fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnoYlEbVIAMF_lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a62103-15601045320b166c295d24d2;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:43:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZhfcPqJ8RN-si9JrtR_1eTK_ipOrXOgs7CusvSevQSfpSOoVB5Hm7Q==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:48:09 GMT
age: 68277
etag: "d28362f2babfde4ca02f309b80be75bfc520de9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env | 216.58.207.194 | 200 OK | 11 kB |
URL HTTP/2pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env IP 216.58.207.194:0
File typeJSON data\012- , ASCII text, with very long lines (14746), with no line terminators Hash6b0ebb493b89ac34041b508d3dee6536 f8a12bea0900b50dec1598894adfe60a93b5bda1 89f18885269c8f00577348924415c711d54e8c8f0c6551c3ac09534f0712b8c5
GET /getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://usaupload.com
Connection: keep-alive
Referer: https://usaupload.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sat, 24 Dec 2022 16:46:06 GMT
server: cafe
content-length: 11130
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsswB5tD1pKGIUy2gYjwRulKcvsS-N3vafoheewbfxXPhxn_nqnm6JOjDxkffAWjHi8ppZk4R1pQp-iDg5BQf5nbKwPJPig7BW6ydTkl8f2NNCfA5B0CUO45l7mIaefDQ2w1qjZjpx0&sai=AMfl-YTQ-OdPL2LWUZ5LP8qio0vDquqH_Spei5dgonkZtr6R1ngE2oZn90Z5_9zMpuUbnZbxu7iHIJRi3eodkrZmMOtzgaNOkLf-57LvWXagqlDggk0NeLYTY07NNIs11rCtmA&sig=Cg0ArKJSzGNPak_KUeepEAE&cid=CAQSPgDq26N9nNez73zV3YPBdZUMVER65wAsPQ5VPnASrSf6KZnlzE8z7hZqHcWbCy1thk7_5Yq-Ec8HqAhKh5eVGAEgEw&id=lidar2&mcvt=1000&p=35,0,315,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1213588912&rs=2&la=1&cr=0&vs=4&r=v&rst=1671900363162&rpt=1036&met=mue&wmsd=0&pbe=0 | 216.58.207.194 | 200 OK | 42 B |
URL HTTP/2pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsswB5tD1pKGIUy2gYjwRulKcvsS-N3vafoheewbfxXPhxn_nqnm6JOjDxkffAWjHi8ppZk4R1pQp-iDg5BQf5nbKwPJPig7BW6ydTkl8f2NNCfA5B0CUO45l7mIaefDQ2w1qjZjpx0&sai=AMfl-YTQ-OdPL2LWUZ5LP8qio0vDquqH_Spei5dgonkZtr6R1ngE2oZn90Z5_9zMpuUbnZbxu7iHIJRi3eodkrZmMOtzgaNOkLf-57LvWXagqlDggk0NeLYTY07NNIs11rCtmA&sig=Cg0ArKJSzGNPak_KUeepEAE&cid=CAQSPgDq26N9nNez73zV3YPBdZUMVER65wAsPQ5VPnASrSf6KZnlzE8z7hZqHcWbCy1thk7_5Yq-Ec8HqAhKh5eVGAEgEw&id=lidar2&mcvt=1000&p=35,0,315,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1213588912&rs=2&la=1&cr=0&vs=4&r=v&rst=1671900363162&rpt=1036&met=mue&wmsd=0&pbe=0 IP 216.58.207.194:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pcs/activeview?xai=AKAOjsswB5tD1pKGIUy2gYjwRulKcvsS-N3vafoheewbfxXPhxn_nqnm6JOjDxkffAWjHi8ppZk4R1pQp-iDg5BQf5nbKwPJPig7BW6ydTkl8f2NNCfA5B0CUO45l7mIaefDQ2w1qjZjpx0&sai=AMfl-YTQ-OdPL2LWUZ5LP8qio0vDquqH_Spei5dgonkZtr6R1ngE2oZn90Z5_9zMpuUbnZbxu7iHIJRi3eodkrZmMOtzgaNOkLf-57LvWXagqlDggk0NeLYTY07NNIs11rCtmA&sig=Cg0ArKJSzGNPak_KUeepEAE&cid=CAQSPgDq26N9nNez73zV3YPBdZUMVER65wAsPQ5VPnASrSf6KZnlzE8z7hZqHcWbCy1thk7_5Yq-Ec8HqAhKh5eVGAEgEw&id=lidar2&mcvt=1000&p=35,0,315,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1213588912&rs=2&la=1&cr=0&vs=4&r=v&rst=1671900363162&rpt=1036&met=mue&wmsd=0&pbe=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://googleads.g.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Sat, 24 Dec 2022 16:46:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/icon?family=Material+Icons | 142.250.74.106 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/icon?family=Material+Icons IP 142.250.74.106:0
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usaupload.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 24 Dec 2022 16:46:04 GMT
date: Sat, 24 Dec 2022 16:46:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| usaupload.com/5zse/ganpower.7z?download_token=a5bc426bb3dd7174b3784c5df16d7dfba18fbeff222c84cc0f2129f96bb776bb | 65.109.18.14 | 302 Found | 0 B |
URL HTTP/2usaupload.com/5zse/ganpower.7z?download_token=a5bc426bb3dd7174b3784c5df16d7dfba18fbeff222c84cc0f2129f96bb776bb IP 65.109.18.14:0
ASN#24940 Hetzner Online GmbH
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /5zse/ganpower.7z?download_token=a5bc426bb3dd7174b3784c5df16d7dfba18fbeff222c84cc0f2129f96bb776bb HTTP/1.1
Host: usaupload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
content-type: text/html; charset=UTF-8
location: https://usaupload.com/error?e=File+can+not+be+located%2C+please+try+again+later.
set-cookie: filehosting=nfjvornfooohfeaq9ct9akre32; expires=Sun, 25-Dec-2022 16:46:03 GMT; Max-Age=86400; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, no-cache
date: Sat, 24 Dec 2022 16:46:03 GMT
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i | 142.250.74.106 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i IP 142.250.74.106:0
GET /css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://usaupload.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 24 Dec 2022 16:46:04 GMT
date: Sat, 24 Dec 2022 16:46:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|