| r3.o.lencr.org/ |  23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash03c3cfc567661cca575e54ad505acd08 e73f7955b0c794a9cf8ff77b3ecaf436354521fe 50017e6eb57c5bcaa8dc74af6e3967362ec6b8f177a5bf722dd2d215698c4fa9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50017E6EB57C5BCAA8DC74AF6E3967362EC6B8F177A5BF722DD2D215698C4FA9"
Last-Modified: Sun, 09 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9463
Expires: Sun, 09 Oct 2022 13:06:24 GMT
Date: Sun, 09 Oct 2022 10:28:41 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ |  54.230.111.65 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP54.230.111.65:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash3f17af4e8a1739eda4a518039f4892f9 c3feba08ae7e8f57e0fe9bcd2ebedea6bda67cbb c485b09cad08b5233fe8753682faf59219fe0d18fcc34d90dc88fb0971295f5f
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 09 Oct 2022 09:43:44 GMT
Expires: Sun, 09 Oct 2022 10:24:45 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 22CsgPx7N_QH0IFOS-OmlhMmOxVE2-74OF1wRiJdE8fvKMFC_ltLAg==
Age: 2697
|
|
| autogrowcrypto.net/agc-upg1 |  104.16.14.194 | 301 Moved Permanently | 481 B |
URL HTTP/1.1autogrowcrypto.net/agc-upg1 IP104.16.14.194:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (466) Hashcc8621e3cf126bd6b758c9163811135b 2538001d7f710e827097b9e7af531b2a1bb49d24 b28e508b5d2b62cbe3746660141259401b7e599ea9111b078e48feb072b1e904
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | | | quad9 | Sinkholed | |
GET /agc-upg1 HTTP/1.1
Host: autogrowcrypto.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 09 Oct 2022 10:28:41 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://autogrowcrypto.net/agc-upg1
CF-Ray: 75766e4e5803b517-OSL
Access-Control-Allow-Origin: *
Cache-Control: max-age=60, public, s-maxage=600, r-maxage=10
Last-Modified: Wed, 02 Mar 2022 14:40:17 GMT
Vary: Accept-Encoding
CF-Cache-Status: MISS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Status: 301 Moved Permanently
X-Content-Digest: ce38afde9a1250438be2c02b338ea10b074533ce
X-Frame-Options: ALLOWALL
X-Powered-By: Phusion Passenger Enterprise 6.0.7
X-Rack-Cache: miss, store
X-Request-Id: b5af174dec5e2a81421af9b10a0791b8
X-Runtime: 0.087319
Set-Cookie: __cf_bm=Be6ManBEqsx5DLff6RNKzWg6Xfup4qedED3_9VH0EJo-1665311321-0-AUWsVBJ4IrEe+xsZMBUXFKIrCn5YQmjWxSiXqxJzIZ4QiTfGW29aYIIgq7zMZf5XONezHtHpBUpPtYJeKQeSmd89In06OpSk6O9D3vBr8Ayb; path=/; expires=Sun, 09-Oct-22 10:58:41 GMT; domain=.autogrowcrypto.net; HttpOnly; SameSite=None
Server: cloudflare
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash7cba6aada5c0a04c1c0644769c09f64e ed02f174a9b718951911343af8ec181c6d205b1d ba863e734d5d38ed160758ab0b09d1b0f44fc795dcbcee4199329b011fcd1bd1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BA863E734D5D38ED160758AB0B09D1B0F44FC795DCBCEE4199329B011FCD1BD1"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3945
Expires: Sun, 09 Oct 2022 11:34:26 GMT
Date: Sun, 09 Oct 2022 10:28:41 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash67d5a988edcda47bc3b3b3f65d32b4b6 d4f0e0da8b3690cc7da925026d3414b68c7d954f 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ls/JVpK0Z9vBOka/ubvDHNp19wAflBZ8dnA5d9W0b4ckZOHVrqiwyZlf4/ZziBJ6msevHP7jnTo=
x-amz-request-id: 9SDJJ18CPN1306HP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 09 Oct 2022 09:59:58 GMT
age: 1723
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 09 Oct 2022 10:28:41 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| autogrowcrypto.net/hosted/images/15/5d72ef8aa54f8bbbf400735ab286a5/Auto-Grow-Crypto-Option-1.png | 104.16.14.194 | 200 OK | 11 kB |
URL HTTP/2autogrowcrypto.net/hosted/images/15/5d72ef8aa54f8bbbf400735ab286a5/Auto-Grow-Crypto-Option-1.png IP104.16.14.194:0
File typePNG image data, 500 x 300, 8-bit/color RGBA, non-interlaced\012- data Hash866914ed353cf8366cbd4abd206c4e5b 501645022931b687bc8f79838b23d6015a265761 6b332407fe2a62573fcf7e84a23a90bf0b6e67d8397bd4ae8b2f76f0b5445a58
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /hosted/images/15/5d72ef8aa54f8bbbf400735ab286a5/Auto-Grow-Crypto-Option-1.png HTTP/1.1
Host: autogrowcrypto.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autogrowcrypto.net/agc-upg1
Cookie: __cf_bm=Xtxbycle9twbZoV6bV8l_ZCemMQfJ4jpHq0xrAgMCqU-1665311321-0-AYLiV3dxg79hSRfrw/Qxks7PlGa4iDwImoyhyuI1mUISC/dgoujg6Atjag8YlvyPf4UvyemJwg0d95A9sfQwfrI/kSlwYF7ajk3MbxPOSTjn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 09 Oct 2022 10:28:41 GMT
content-type: image/png
content-length: 10949
cf-ray: 75766e51ef62b529-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "866914ed353cf8366cbd4abd206c4e5b"
last-modified: Wed, 23 Feb 2022 14:59:14 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-P1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
|
|
| assets.clickfunnels.com/images/closemodal.png | 104.16.14.194 | 200 OK | 672 B |
URL HTTP/2assets.clickfunnels.com/images/closemodal.png IP104.16.14.194:0
File typeRIFF (little-endian) data, Web/P image\012- data Hash19754ed4d508cf576c80cf36e0db8c50 f459beac714e5be68aa75349fa806a5642af456a 5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
GET /images/closemodal.png HTTP/1.1
Host: assets.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autogrowcrypto.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 09 Oct 2022 10:28:41 GMT
content-type: image/webp
content-length: 672
cf-ray: 75766e521a7a0b59-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 2120363
cache-control: public, max-age=2678400
content-disposition: inline; filename="closemodal.webp"
etag: "630e9cfc-314"
expires: Wed, 09 Nov 2022 10:28:41 GMT
last-modified: Tue, 30 Aug 2022 23:27:56 GMT
strict-transport-security: max-age=0
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=788
set-cookie: __cf_bm=Qd1U9QRkF3muHHiTmbpqB3Ba3F3Ck6YHXuqbzZSSfgE-1665311321-0-AQxSzSO4R7hqCxthgVXTWwfucD82s9MFLOyhgXGO12aF4SSLLfHLyiDiSgsWMI2HuGOSAyP0Bg/e8SoauZ8qTxsJYIPCYwY1xat425AffL0A; path=/; expires=Sun, 09-Oct-22 10:58:41 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=eXMXM4ysQFg8ebtC2mY2m5IXdSxUAiDDcjSknUFbfXM-1665311321-0-Ad1FlcAe98d5ScBUhEJzLxSU5R6_70YeElf9uYR4UBpAK4Zg6bTGWT4MXfAWv9QJudQx5Tg_vW91BpZ2BV7UXsiExxOOh81gIvNwZJV0dlQY"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=eXMXM4ysQFg8ebtC2mY2m5IXdSxUAiDDcjSknUFbfXM-1665311321-0-Ad1FlcAe98d5ScBUhEJzLxSU5R6_70YeElf9uYR4UBpAK4Zg6bTGWT4MXfAWv9QJudQx5Tg_vW91BpZ2BV7UXsiExxOOh81gIvNwZJV0dlQY; report-to cf-csp-endpoint
server: cloudflare
X-Firefox-Spdy: h2
|
|
| autogrowcrypto.net/hosted/images/52/a99b4e9e9a4cb8852aadf7c97009a6/james-renouf-jeremy-kennedy.png | 104.16.14.194 | 200 OK | 208 kB |
URL HTTP/2autogrowcrypto.net/hosted/images/52/a99b4e9e9a4cb8852aadf7c97009a6/james-renouf-jeremy-kennedy.png IP104.16.14.194:0
File typePNG image data, 750 x 430, 8-bit/color RGBA, non-interlaced\012- data Size208 kB (208268 bytes) Hash839a33372b52dd980a24da6bee3003b0 7861d2e6865c936f97725186999aaf256bf27026 28091be7dd0135caee7ac63f27888ae3240b98ef6165677d654d2dce43268669
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /hosted/images/52/a99b4e9e9a4cb8852aadf7c97009a6/james-renouf-jeremy-kennedy.png HTTP/1.1
Host: autogrowcrypto.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autogrowcrypto.net/agc-upg1
Cookie: __cf_bm=Xtxbycle9twbZoV6bV8l_ZCemMQfJ4jpHq0xrAgMCqU-1665311321-0-AYLiV3dxg79hSRfrw/Qxks7PlGa4iDwImoyhyuI1mUISC/dgoujg6Atjag8YlvyPf4UvyemJwg0d95A9sfQwfrI/kSlwYF7ajk3MbxPOSTjn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 09 Oct 2022 10:28:41 GMT
content-type: image/png
content-length: 208268
cf-ray: 75766e51ef68b529-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "839a33372b52dd980a24da6bee3003b0"
last-modified: Thu, 13 Aug 2020 02:53:04 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-P1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashee96d771e1664e3afe56cf32bfe45eee 3ab9109d6f7a952cf2f7071ecb5ee186f9eebf6a df7a23267a1a0bddc477d2b3f4c870b6a6ab7b4dca5fc38164d814ccae2b2fdd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 10:28:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashee96d771e1664e3afe56cf32bfe45eee 3ab9109d6f7a952cf2f7071ecb5ee186f9eebf6a df7a23267a1a0bddc477d2b3f4c870b6a6ab7b4dca5fc38164d814ccae2b2fdd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 10:28:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashb9f0247fb5bf6e6458f14094551436e1 0ac483f7caef89a55829041189790c8fc7eb8cd7 1b157a9bf613ddbf329225759780db82a249f8502b1b7cb6742907224b4c775e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 10:28:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 54.230.111.65 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP54.230.111.65:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sun, 09 Oct 2022 09:29:41 GMT
Cache-Control: max-age=3600
Expires: Sun, 09 Oct 2022 10:24:42 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: n_wpo7xLmsKJKEu2pJHkqXRSpqe46H9BiMfcl0k5D6pwG-wplEHH3A==
Age: 3541
|
|
| use.fontawesome.com/releases/v5.9.0/css/all.css | 172.64.133.15 | 200 OK | 13 kB |
URL HTTP/2use.fontawesome.com/releases/v5.9.0/css/all.css IP172.64.133.15:0
File typeASCII text, with very long lines (55782) Hash664026b9389b4bef9cf6ab8d0012f02a c3855f48b41cc98c5fa0226bacc23d6f242261e3 fa6cb4a5b0facef86b3af72caf59324e2525f7f491ecc4a51c2f4557ee1cfd1b
GET /releases/v5.9.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autogrowcrypto.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 09 Oct 2022 10:28:42 GMT
content-type: text/css
x-amz-id-2: vC8KBN503iyWKZzHxfJc5rs99Ocw4DSTaifdaL1SsWTbuhhIHZc4Cm+BPlh6dJ7ueugjQrc5cWE=
x-amz-request-id: F0PHW7H6699FG8TW
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 30078344
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vmrLLNw610QKqO3SviGP2gzHPSXKWUcwWWXupUJ5YH0dMosSobhnu8xcvC7klvm%2BlEFMOh%2BfcGm3yFY9eyAaWMHPloRK0ic6a6rPx3X24vpAUv1S6f2fYa1SXAVmVw688NSh0uaM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75766e528fad7192-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| autogrowcrypto.net/assets/userevents/application.js | 104.16.14.194 | 200 OK | 2.2 kB |
URL HTTP/2autogrowcrypto.net/assets/userevents/application.js IP104.16.14.194:0
File typeASCII text, with very long lines (4947), with no line terminators Hash4cee6ada2bc33e05f13357320b03bc83 c3b2054ccd1f0a0aeb541030c0ebc7ac51877ea4 a46ab0817f77911c5b54d952847dfd966467f8fb0486b61a16483f9d607554a5
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | | | quad9 | Sinkholed | |
GET /assets/userevents/application.js HTTP/1.1
Host: autogrowcrypto.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autogrowcrypto.net/agc-upg1
Cookie: __cf_bm=Xtxbycle9twbZoV6bV8l_ZCemMQfJ4jpHq0xrAgMCqU-1665311321-0-AYLiV3dxg79hSRfrw/Qxks7PlGa4iDwImoyhyuI1mUISC/dgoujg6Atjag8YlvyPf4UvyemJwg0d95A9sfQwfrI/kSlwYF7ajk3MbxPOSTjn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 09 Oct 2022 10:28:41 GMT
content-type: application/x-javascript
cf-ray: 75766e51df5db529-OSL
access-control-allow-origin: *
age: 91
cache-control: public, max-age=1200
etag: W/"633e0697-1353"
expires: Sun, 09 Oct 2022 10:48:41 GMT
last-modified: Wed, 05 Oct 2022 22:35:03 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=JzNIRrn.8Wi2N3m.qTfjBK0YIyoF2nmdOlqBj_QHRGs-1665311321-0-AbIUdKPcdCtlvTU9TnqyhO6QqFpV33b9AUHyssfzDKmixxcRqa8KnmIW4Iqt4iHYXFnjj7PGi0dFfU4nAJxoji1cgQxMh5EbH2Pb3q7lEzCZ"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=JzNIRrn.8Wi2N3m.qTfjBK0YIyoF2nmdOlqBj_QHRGs-1665311321-0-AbIUdKPcdCtlvTU9TnqyhO6QqFpV33b9AUHyssfzDKmixxcRqa8KnmIW4Iqt4iHYXFnjj7PGi0dFfU4nAJxoji1cgQxMh5EbH2Pb3q7lEzCZ; report-to cf-csp-endpoint
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| autogrowcrypto.net/hosted/images/1d/b766baed6b4af9a4d1e4a96af8f026/sky-bg.png | 104.16.14.194 | 200 OK | 907 kB |
URL HTTP/2autogrowcrypto.net/hosted/images/1d/b766baed6b4af9a4d1e4a96af8f026/sky-bg.png IP104.16.14.194:0
File typePNG image data, 2000 x 1063, 8-bit/color RGB, non-interlaced\012- data Size907 kB (907051 bytes) Hash5b0f028d5c53cbddbb16e2c47930e7d9 631d19d5fe136328cfa58267f38472028d232bc0 be68eee9fb40ded1b042133feda34ed8040e1462b3b18b18f42ab5952d027e1c
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /hosted/images/1d/b766baed6b4af9a4d1e4a96af8f026/sky-bg.png HTTP/1.1
Host: autogrowcrypto.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autogrowcrypto.net/agc-upg1
Cookie: __cf_bm=Xtxbycle9twbZoV6bV8l_ZCemMQfJ4jpHq0xrAgMCqU-1665311321-0-AYLiV3dxg79hSRfrw/Qxks7PlGa4iDwImoyhyuI1mUISC/dgoujg6Atjag8YlvyPf4UvyemJwg0d95A9sfQwfrI/kSlwYF7ajk3MbxPOSTjn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 09 Oct 2022 10:28:42 GMT
content-type: image/png
content-length: 907051
cf-ray: 75766e5328dcb529-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "5b0f028d5c53cbddbb16e2c47930e7d9"
last-modified: Wed, 23 Feb 2022 15:05:14 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-P1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/releases/v5.9.0/css/v4-shims.css | 172.64.133.15 | 200 OK | 4.7 kB |
URL HTTP/2use.fontawesome.com/releases/v5.9.0/css/v4-shims.css IP172.64.133.15:0
File typeASCII text, with very long lines (26440) Hash168ea95697bfb46ec74ad858a797b5f3 b0f37515799e9b54b1da68d74dcf4fa8f50bc5d4 3c5d10a797b0803e049c09dbe8b75aa28c04e0d6bc11df67f93fa152fe619981
GET /releases/v5.9.0/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autogrowcrypto.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 09 Oct 2022 10:28:41 GMT
content-type: text/css
x-amz-id-2: HpuDfuJOnoRBIn1oGWh6kpnFISyPAhBcUuSh2sgaSOixf+diILYpFUsoF1uDkiR93wgKGECAn7k=
x-amz-request-id: F0PPGVAN5CXAHSGM
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"e140a7d32f343530f016095df3cc2ae4"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 30078343
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2By2Bb7mgxjlkBFCs9sr6yyERf%2BOgJQgXrCWEY%2FbZhdoyFQBL84hXHA4VuR0%2F5RnNqxJfONNrwL8cSqZJmJy4Eh%2BBm%2FS7RsVFSnirjnBf82T%2BplaO7SevF6g%2FMs8bvMLHGN5TdTL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75766e526f757192-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash8a2449aeb44e755b2e6897d30993dda0 16cd83b0e0975ebf09e7035c26bbda168af42ac8 fd80527f810be13b70107c447b6f6f226c6145fbcc3b5446f9c834bca2f1597b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 10:28:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash8a2449aeb44e755b2e6897d30993dda0 16cd83b0e0975ebf09e7035c26bbda168af42ac8 fd80527f810be13b70107c447b6f6f226c6145fbcc3b5446f9c834bca2f1597b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 10:28:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/ubuntumono/v15/KFOjCneDtsqEr0keqCMhbCc6CsQ.woff2 | 216.58.207.195 | 200 OK | 27 kB |
URL HTTP/2fonts.gstatic.com/s/ubuntumono/v15/KFOjCneDtsqEr0keqCMhbCc6CsQ.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 27384, version 1.0\012- data Hash8d1b929856b2ef150dc86f2f38a5dc5b e583803593916547b1101a56c216526fa2d26d1c b07e4ebe8e46bb19ad150b2b52a9c2ea0a00bf9e188bbb44c553578f058de00d
GET /s/ubuntumono/v15/KFOjCneDtsqEr0keqCMhbCc6CsQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://autogrowcrypto.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27384
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 22:10:19 GMT
expires: Thu, 05 Oct 2023 22:10:19 GMT
cache-control: public, max-age=31536000
age: 303503
last-modified: Wed, 27 Apr 2022 15:53:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 | 216.58.207.195 | 200 OK | 18 kB |
URL HTTP/2fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 17908, version 1.0\012- data Hashe46b4e2e3b47cc232937ebf72b4c537e 2675bc06ee643b8c935370325a327efb74746e6a d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
GET /s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://autogrowcrypto.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 21:38:37 GMT
expires: Tue, 03 Oct 2023 21:38:37 GMT
cache-control: public, max-age=31536000
age: 478205
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash8a2449aeb44e755b2e6897d30993dda0 16cd83b0e0975ebf09e7035c26bbda168af42ac8 fd80527f810be13b70107c447b6f6f226c6145fbcc3b5446f9c834bca2f1597b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 10:28:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hasha5bb2ca079b8c15c921933d39c57ae47 7ae6e38c3e12ef05164b04df7f2a65be3a3ec440 336607c0f56b4a97511339d2437520aa8c9d6cb07b5b5ddf535efe65561d2890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 10:28:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash0e2d9e91637474eeaf391312eed441bd 5d29603c731b75308f7d1f584b3ac4c263c96a9e 7da864345088083e1a6fec2d95e07186ef8dbcef8505570e547844c556dfe3be
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 531
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 10:28:42 GMT
Last-Modified: Sun, 09 Oct 2022 10:19:51 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.39 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.39:0
Hashc70d162a410de06f3f755ff56cdef8a1 72745d29a1284a5f1d6beb8f97adf9c5f1a3ea77 8d1b23b4eaa0d19621e5f94794ac53058aab470f2d2c917db19974bc880fc664
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 09 Oct 2022 10:28:42 GMT
Last-Modified: Sun, 09 Oct 2022 09:53:17 GMT
Server: ECS (nyb/1D1D)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zOPmDrihQL6uEdzxmyw58tLWgCNbc3B8Naz3WXtO8z8COPpj_NQ17A==
Age: 2125
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.195 | 200 OK | 15 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 08 Oct 2022 12:31:58 GMT
expires: Sun, 08 Oct 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 79004
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| autogrowcrypto.net/vendor.js | 104.16.14.194 | 200 OK | 8.3 kB |
URL HTTP/2autogrowcrypto.net/vendor.js IP104.16.14.194:0
Hash95ae6cdaafcfa7a861db0f8738486113 726dfd97e7d0619183ddc42e7da948f242f23b3c a6f893d26681c4e3e2a2287c9016dbc789cd89c465671b004fb8b01856ef42e9
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | | | quad9 | Sinkholed | |
GET /vendor.js HTTP/1.1
Host: autogrowcrypto.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autogrowcrypto.net/agc-upg1
Cookie: __cf_bm=Xtxbycle9twbZoV6bV8l_ZCemMQfJ4jpHq0xrAgMCqU-1665311321-0-AYLiV3dxg79hSRfrw/Qxks7PlGa4iDwImoyhyuI1mUISC/dgoujg6Atjag8YlvyPf4UvyemJwg0d95A9sfQwfrI/kSlwYF7ajk3MbxPOSTjn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 09 Oct 2022 10:28:42 GMT
content-type: application/javascript
cf-ray: 75766e557b76b529-OSL
access-control-allow-origin: *
cache-control: max-age=900, public
etag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-content-digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: fresh
x-request-id: afc6a8d4256a6219918a91c76c26b284
x-runtime: 0.055671
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 216.58.207.195 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 07 Oct 2022 00:48:31 GMT
expires: Sat, 07 Oct 2023 00:48:31 GMT
cache-control: public, max-age=31536000
age: 207611
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 52.27.12.161 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.27.12.161:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FlhX2JWgaNGf+XofU2PR6A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kTBLYmQTDOCm/j5s4DsDAXQKeM0=
|
|
| s3-us-west-2.amazonaws.com/jsstore/a/V3VH3EQ/ge.js | 52.218.177.88 | 200 OK | 0 B |
URL HTTP/1.1s3-us-west-2.amazonaws.com/jsstore/a/V3VH3EQ/ge.js IP52.218.177.88:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jsstore/a/V3VH3EQ/ge.js HTTP/1.1
Host: s3-us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autogrowcrypto.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: LN5ygffPqKFaWmO6ILRqmwV4VrgUrpeMolfTaFWezb/JQZzhVR0Agm0QVbR1RYY2eYDIWBUO0Fg=
x-amz-request-id: P1ME1S5AFRA6NGFV
Date: Sun, 09 Oct 2022 10:28:43 GMT
Last-Modified: Fri, 16 Sep 2022 14:22:35 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 0
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash89a17c02cdf926b852220408f32d6ad4 c22fb94c77a74cfc00d6b2cc88643afa0563abbe 2a4d9286d35271838cb99d265e2c8dbb851fa80ac2ca293571125188e684a7e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 10:28:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.com/pagead/conversion_async.js | 142.250.74.164 | 200 OK | 15 kB |
URL HTTP/2www.google.com/pagead/conversion_async.js IP142.250.74.164:0
File typeASCII text, with very long lines (1654) Hash8766c5a801f08afceca9b66ff9097e6a ce7640d1d166eddeb9d40be642ec34652f790713 f448f99b4ad9a9b50daa9c38054cf16ab2b9fcb5d83ddad60571fb6a8a432a99
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autogrowcrypto.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 09 Oct 2022 10:28:42 GMT
expires: Sun, 09 Oct 2022 10:28:42 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 17557423932572341828
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15187
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash1615a59f732d50dbd386c89f599fe0d5 ee4fae75b28e7a30ed404cf10e6f0830bd0b69f7 48574ec51753d230b28f90dd3cfd4862d307de1d507b2bb5a7bddf5a294876f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 10:28:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash0aca7edf23f6d8fb3c0b5a89400d3118 67e4a61460cb43d6882f3378d0455835d323c63f acf66c6d19fa651d5a9a59b67b3e4c116485a2f60a5dd4d753afa411811019e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 10:28:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| app.clickfunnels.com/userevents/?funnel_id=VDErTkxsKzJzdGRTY1YrSkN0THE0Zz09LS0wTTRpK1pEdDdYRmlvSDIrSFBwc1FBPT0%3D--b3d137a079b6d3ae6185820ea31d198fe77b8b50&page_id=S3Z3YkVNNlc5MlBFOXdxVm8zWXZaUT09LS0wZ2x1QVdxRWdaalUrcVVQU3ExZlRBPT0%3D--44c427ccc4f72d2d6f9349bc9ab6d245c6efdcfc&funnel_step_id=c1VuUEFDdmRNZGZmSnVrTDBNNXJOUT09LS1ZR0FoSXVYWGU4WC91VEVhRGJiZHB3PT0%3D--bf6df24b3cedabc378417c76c0e1a7c27213e9f5&user_id=VVFHTEFEZ2hNWGFWazd5eHhCa2x3QT09LS1keEpsdmNqam5mNTQ3RXBySEcxK1dnPT0%3D--3f449fd586032eae6c060080e2c6fc3201f9a9e4&account_id=SDRMMWJETEpoVlU0SWxveXUyc25GQT09LS1pSFhzTjBuVTlmenpOQW56ZktXYWFBPT0%3D--3b3517e49c6debe2a2e7221ad10ff402be7485f6&page_code=NTMzNzk5NTk%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=593a0112-8a61-4242-b7e2-fd8bddde4d62&url=https%3A%2F%2Fautogrowcrypto.net%2Fagc-upg1 | 104.16.15.194 | 202 Accepted | 472 B |
URL HTTP/2app.clickfunnels.com/userevents/?funnel_id=VDErTkxsKzJzdGRTY1YrSkN0THE0Zz09LS0wTTRpK1pEdDdYRmlvSDIrSFBwc1FBPT0%3D--b3d137a079b6d3ae6185820ea31d198fe77b8b50&page_id=S3Z3YkVNNlc5MlBFOXdxVm8zWXZaUT09LS0wZ2x1QVdxRWdaalUrcVVQU3ExZlRBPT0%3D--44c427ccc4f72d2d6f9349bc9ab6d245c6efdcfc&funnel_step_id=c1VuUEFDdmRNZGZmSnVrTDBNNXJOUT09LS1ZR0FoSXVYWGU4WC91VEVhRGJiZHB3PT0%3D--bf6df24b3cedabc378417c76c0e1a7c27213e9f5&user_id=VVFHTEFEZ2hNWGFWazd5eHhCa2x3QT09LS1keEpsdmNqam5mNTQ3RXBySEcxK1dnPT0%3D--3f449fd586032eae6c060080e2c6fc3201f9a9e4&account_id=SDRMMWJETEpoVlU0SWxveXUyc25GQT09LS1pSFhzTjBuVTlmenpOQW56ZktXYWFBPT0%3D--3b3517e49c6debe2a2e7221ad10ff402be7485f6&page_code=NTMzNzk5NTk%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=593a0112-8a61-4242-b7e2-fd8bddde4d62&url=https%3A%2F%2Fautogrowcrypto.net%2Fagc-upg1 IP104.16.15.194:0
Hash0aca7edf23f6d8fb3c0b5a89400d3118 67e4a61460cb43d6882f3378d0455835d323c63f acf66c6d19fa651d5a9a59b67b3e4c116485a2f60a5dd4d753afa411811019e4
GET /userevents/?funnel_id=VDErTkxsKzJzdGRTY1YrSkN0THE0Zz09LS0wTTRpK1pEdDdYRmlvSDIrSFBwc1FBPT0%3D--b3d137a079b6d3ae6185820ea31d198fe77b8b50&page_id=S3Z3YkVNNlc5MlBFOXdxVm8zWXZaUT09LS0wZ2x1QVdxRWdaalUrcVVQU3ExZlRBPT0%3D--44c427ccc4f72d2d6f9349bc9ab6d245c6efdcfc&funnel_step_id=c1VuUEFDdmRNZGZmSnVrTDBNNXJOUT09LS1ZR0FoSXVYWGU4WC91VEVhRGJiZHB3PT0%3D--bf6df24b3cedabc378417c76c0e1a7c27213e9f5&user_id=VVFHTEFEZ2hNWGFWazd5eHhCa2x3QT09LS1keEpsdmNqam5mNTQ3RXBySEcxK1dnPT0%3D--3f449fd586032eae6c060080e2c6fc3201f9a9e4&account_id=SDRMMWJETEpoVlU0SWxveXUyc25GQT09LS1pSFhzTjBuVTlmenpOQW56ZktXYWFBPT0%3D--3b3517e49c6debe2a2e7221ad10ff402be7485f6&page_code=NTMzNzk5NTk%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=593a0112-8a61-4242-b7e2-fd8bddde4d62&url=https%3A%2F%2Fautogrowcrypto.net%2Fagc-upg1 HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://autogrowcrypto.net
Connection: keep-alive
Referer: https://autogrowcrypto.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Sun, 09 Oct 2022 10:28:42 GMT
content-type: text/html
cf-ray: 75766e55df9ab524-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 3d1fc8a3eb6a454e9e6535c73d43a6e8
x-runtime: 0.036137
set-cookie: __cf_bm=KTaLKWmaVgBmpgEUH26HpWXe8cM5ZzcxFkOnjTaneDU-1665311322-0-AQU2cU6y1jdrrhE0SM4eDLn5rz8zNQy2iRaXOTcIXgtniDX7BofENmPiD3w7XlHFtCJ6395uAS1j4JQOXEn2r0vh6D7n0lq09ewrJqvjzyQH; path=/; expires=Sun, 09-Oct-22 10:58:42 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=uSxOn1j4IIgOv3rZGKHL3ALq..YprMupAwrA.e37MrY-1665311322-0-Ac07c1qEik7fbWRG43LZmdJ0bicuWVqlWmtgajoWZm8_2nQSkailK_ErvqXFAbkTT6LXx7P-7FBuT-r04NyJnREsi-u9tRMhPnzSSsIN--13"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=uSxOn1j4IIgOv3rZGKHL3ALq..YprMupAwrA.e37MrY-1665311322-0-Ac07c1qEik7fbWRG43LZmdJ0bicuWVqlWmtgajoWZm8_2nQSkailK_ErvqXFAbkTT6LXx7P-7FBuT-r04NyJnREsi-u9tRMhPnzSSsIN--13; report-to cf-csp-endpoint
server: cloudflare
X-Firefox-Spdy: h2
|
|
| static.doubleclick.net/instream/ad_status.js | 142.250.74.166 | 200 OK | 29 B |
URL HTTP/2static.doubleclick.net/instream/ad_status.js IP142.250.74.166:0
Hash1fa71744db23d0f8df9cce6719defcb7 e4be9b7136697942a036f97cf26ebaf703ad2067 eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 09 Oct 2022 10:27:37 GMT
expires: Sun, 09 Oct 2022 10:42:37 GMT
cache-control: public, max-age=900
age: 66
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| autogrowcrypto.net/favicon.ico | 104.16.14.194 | 200 OK | 3.3 kB |
URL HTTP/2autogrowcrypto.net/favicon.ico IP104.16.14.194:0
File typeMS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data Hash4adf052a02436ab3ea286df50506beea 022b2cbd61ed5c02a7077f3b1e9ca2b1c9696443 8d74261189f7c2c0805fb4472aef95390bec8fc06775818a4d5ec75a0c4bf842
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /favicon.ico HTTP/1.1
Host: autogrowcrypto.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autogrowcrypto.net/agc-upg1
Cookie: __cf_bm=Xtxbycle9twbZoV6bV8l_ZCemMQfJ4jpHq0xrAgMCqU-1665311321-0-AYLiV3dxg79hSRfrw/Qxks7PlGa4iDwImoyhyuI1mUISC/dgoujg6Atjag8YlvyPf4UvyemJwg0d95A9sfQwfrI/kSlwYF7ajk3MbxPOSTjn; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTMzNzk5NTk=:visited=true; cf:visitor_id=95d45f22-7923-404c-8be7-7b268cb55af8; addevent_track_cookie=3dd0afd8-de6e-4b00-e4b0-be9594556ab9; _gcl_au=1.1.472691401.1665311323
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 09 Oct 2022 10:28:43 GMT
content-type: image/x-icon
cf-ray: 75766e585ef3b529-OSL
access-control-allow-origin: *
etag: W/"633e0697-3aee"
last-modified: Wed, 05 Oct 2022 22:35:03 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| googleads.g.doubleclick.net/pagead/id | 142.250.74.130 | 302 Found | 0 B |
URL HTTP/2googleads.g.doubleclick.net/pagead/id IP142.250.74.130:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sun, 09 Oct 2022 10:28:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| app.clickfunnels.com/userevents/?funnel_id=VDErTkxsKzJzdGRTY1YrSkN0THE0Zz09LS0wTTRpK1pEdDdYRmlvSDIrSFBwc1FBPT0%3D--b3d137a079b6d3ae6185820ea31d198fe77b8b50&page_id=S3Z3YkVNNlc5MlBFOXdxVm8zWXZaUT09LS0wZ2x1QVdxRWdaalUrcVVQU3ExZlRBPT0%3D--44c427ccc4f72d2d6f9349bc9ab6d245c6efdcfc&funnel_step_id=c1VuUEFDdmRNZGZmSnVrTDBNNXJOUT09LS1ZR0FoSXVYWGU4WC91VEVhRGJiZHB3PT0%3D--bf6df24b3cedabc378417c76c0e1a7c27213e9f5&user_id=VVFHTEFEZ2hNWGFWazd5eHhCa2x3QT09LS1keEpsdmNqam5mNTQ3RXBySEcxK1dnPT0%3D--3f449fd586032eae6c060080e2c6fc3201f9a9e4&account_id=SDRMMWJETEpoVlU0SWxveXUyc25GQT09LS1pSFhzTjBuVTlmenpOQW56ZktXYWFBPT0%3D--3b3517e49c6debe2a2e7221ad10ff402be7485f6&page_code=NTMzNzk5NTk%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=9e5565ce-279d-4288-b7d4-705d96ada3f2&url=https%3A%2F%2Fautogrowcrypto.net%2Fagc-upg1 | 104.16.15.194 | 202 Accepted | 472 B |
URL HTTP/2app.clickfunnels.com/userevents/?funnel_id=VDErTkxsKzJzdGRTY1YrSkN0THE0Zz09LS0wTTRpK1pEdDdYRmlvSDIrSFBwc1FBPT0%3D--b3d137a079b6d3ae6185820ea31d198fe77b8b50&page_id=S3Z3YkVNNlc5MlBFOXdxVm8zWXZaUT09LS0wZ2x1QVdxRWdaalUrcVVQU3ExZlRBPT0%3D--44c427ccc4f72d2d6f9349bc9ab6d245c6efdcfc&funnel_step_id=c1VuUEFDdmRNZGZmSnVrTDBNNXJOUT09LS1ZR0FoSXVYWGU4WC91VEVhRGJiZHB3PT0%3D--bf6df24b3cedabc378417c76c0e1a7c27213e9f5&user_id=VVFHTEFEZ2hNWGFWazd5eHhCa2x3QT09LS1keEpsdmNqam5mNTQ3RXBySEcxK1dnPT0%3D--3f449fd586032eae6c060080e2c6fc3201f9a9e4&account_id=SDRMMWJETEpoVlU0SWxveXUyc25GQT09LS1pSFhzTjBuVTlmenpOQW56ZktXYWFBPT0%3D--3b3517e49c6debe2a2e7221ad10ff402be7485f6&page_code=NTMzNzk5NTk%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=9e5565ce-279d-4288-b7d4-705d96ada3f2&url=https%3A%2F%2Fautogrowcrypto.net%2Fagc-upg1 IP104.16.15.194:0
Hash1615a59f732d50dbd386c89f599fe0d5 ee4fae75b28e7a30ed404cf10e6f0830bd0b69f7 48574ec51753d230b28f90dd3cfd4862d307de1d507b2bb5a7bddf5a294876f1
GET /userevents/?funnel_id=VDErTkxsKzJzdGRTY1YrSkN0THE0Zz09LS0wTTRpK1pEdDdYRmlvSDIrSFBwc1FBPT0%3D--b3d137a079b6d3ae6185820ea31d198fe77b8b50&page_id=S3Z3YkVNNlc5MlBFOXdxVm8zWXZaUT09LS0wZ2x1QVdxRWdaalUrcVVQU3ExZlRBPT0%3D--44c427ccc4f72d2d6f9349bc9ab6d245c6efdcfc&funnel_step_id=c1VuUEFDdmRNZGZmSnVrTDBNNXJOUT09LS1ZR0FoSXVYWGU4WC91VEVhRGJiZHB3PT0%3D--bf6df24b3cedabc378417c76c0e1a7c27213e9f5&user_id=VVFHTEFEZ2hNWGFWazd5eHhCa2x3QT09LS1keEpsdmNqam5mNTQ3RXBySEcxK1dnPT0%3D--3f449fd586032eae6c060080e2c6fc3201f9a9e4&account_id=SDRMMWJETEpoVlU0SWxveXUyc25GQT09LS1pSFhzTjBuVTlmenpOQW56ZktXYWFBPT0%3D--3b3517e49c6debe2a2e7221ad10ff402be7485f6&page_code=NTMzNzk5NTk%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=9e5565ce-279d-4288-b7d4-705d96ada3f2&url=https%3A%2F%2Fautogrowcrypto.net%2Fagc-upg1 HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://autogrowcrypto.net
Connection: keep-alive
Referer: https://autogrowcrypto.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Sun, 09 Oct 2022 10:28:42 GMT
content-type: text/html
cf-ray: 75766e55df8db524-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 73d9f4f270cf78154771dedfec6e6b08
x-runtime: 0.042496
set-cookie: __cf_bm=JLA.yNWsjAvFVhOUb5hV2Vps1YMnlkhQnqDUGbWspIE-1665311322-0-AYfwvIBQPJs8PdUIUg1EKazjM+LTMgVOFfpBbHMDrGM0qhLkJWYLil14OANJycObGUKX+pKNQjWj6YyYC82V2qw8Q9gaqMO/JdTphoP72BFj; path=/; expires=Sun, 09-Oct-22 10:58:42 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 142.250.74.42 | 200 OK | 0 B |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP142.250.74.42:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 09 Oct 2022 10:28:43 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash0aca7edf23f6d8fb3c0b5a89400d3118 67e4a61460cb43d6882f3378d0455835d323c63f acf66c6d19fa651d5a9a59b67b3e4c116485a2f60a5dd4d753afa411811019e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 10:28:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 142.250.74.42 | 200 OK | 31 kB |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP142.250.74.42:0
File typeJSON data\012- , ASCII text, with very long lines (65536), with no line terminators Hashaca18bfe303f261ec72fc5eda9d4ccf4 7f95ee7c3525a27468faad51832be67a4c6ab520 2fde004a70760c2045423eda6d2d8439a9334292fb0e20d934a8aba5c758e4af
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 09 Oct 2022 10:28:43 GMT
server: ESF
cache-control: private
content-length: 31115
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash1b523949818a5a16753637f9ad58584b 5d31dd0a86b616b95aa2855ced5ddc1b5d088213 6d4dc5c21d9a3ae5f2d4f259250be56bf1852336fa674f9ab926cdd395c1a107
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 10:28:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash6c98d1159d4d0e4886d03d837d873a86 295ee171e920021e2bd27ebd661f069bb2cc3f52 c701935caa68be37b1fb2448162ee0ebc3131d7a4843fb35faa2da1da05c1500
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 10:28:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| yt3.ggpht.com/vRs-HbXHSB6C6J4BsdtCu4NkBjOtMUPbR_jp3eVwtBV6T33s_U2c-L9xYikgoleLq25X4dPBBQ=s68-c-k-c0x00ffffff-no-rj | 142.250.74.161 | 200 OK | 1.7 kB |
URL HTTP/2yt3.ggpht.com/vRs-HbXHSB6C6J4BsdtCu4NkBjOtMUPbR_jp3eVwtBV6T33s_U2c-L9xYikgoleLq25X4dPBBQ=s68-c-k-c0x00ffffff-no-rj IP142.250.74.161:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data Hash1431e0794d2f51f841e2b33bc9ce7b87 95e0e3933854a457ee81406d1723413aa9ea3110 8c5caa7d548c461d1d682970efe326661477b33a885fdc1e963e4fb1847bd25b
GET /vRs-HbXHSB6C6J4BsdtCu4NkBjOtMUPbR_jp3eVwtBV6T33s_U2c-L9xYikgoleLq25X4dPBBQ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1688
x-xss-protection: 0
date: Sun, 09 Oct 2022 10:28:43 GMT
expires: Sun, 02 Oct 2022 22:59:38 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| i.ytimg.com/vi_webp/YdKPurYbl7Y/maxresdefault.webp | 142.250.74.150 | 200 OK | 35 kB |
URL HTTP/2i.ytimg.com/vi_webp/YdKPurYbl7Y/maxresdefault.webp IP142.250.74.150:0
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Hash567ba0bc7014e11e23828f5744c01e5a be80006c8a51783438ede3dfe97a18bd65ef20e1 827be68b93ab23c566d4450019ed46881ca2c4126ca1aea8250a962b81f99087
GET /vi_webp/YdKPurYbl7Y/maxresdefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 34668
date: Sun, 09 Oct 2022 10:28:43 GMT
expires: Sun, 09 Oct 2022 12:28:43 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash1b523949818a5a16753637f9ad58584b 5d31dd0a86b616b95aa2855ced5ddc1b5d088213 6d4dc5c21d9a3ae5f2d4f259250be56bf1852336fa674f9ab926cdd395c1a107
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 10:28:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash07e328c57909afc5a9e79d7d6907e7cf 38f1cc086938281fb5fbbd1877edf17263ae1fda 76c5865adaa292511aeeea981863ca4acbb44f82980998b6aafe64c1f6feedcb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 10:28:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash6c98d1159d4d0e4886d03d837d873a86 295ee171e920021e2bd27ebd661f069bb2cc3f52 c701935caa68be37b1fb2448162ee0ebc3131d7a4843fb35faa2da1da05c1500
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 10:28:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.no/pagead/1p-user-list/727407173/?random=1665311322991&cv=9&fst=1665309600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaa50&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fautogrowcrypto.net%2Fagc-upg1&tiba=Auto%20Grow%20Crypto&async=1&fmt=3&is_vtc=1&random=3529227367&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y | 142.250.74.3 | 200 OK | 42 B |
URL HTTP/2www.google.no/pagead/1p-user-list/727407173/?random=1665311322991&cv=9&fst=1665309600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaa50&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fautogrowcrypto.net%2Fagc-upg1&tiba=Auto%20Grow%20Crypto&async=1&fmt=3&is_vtc=1&random=3529227367&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y IP142.250.74.3:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/727407173/?random=1665311322991&cv=9&fst=1665309600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaa50&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fautogrowcrypto.net%2Fagc-upg1&tiba=Auto%20Grow%20Crypto&async=1&fmt=3&is_vtc=1&random=3529227367&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autogrowcrypto.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 09 Oct 2022 10:28:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash07e328c57909afc5a9e79d7d6907e7cf 38f1cc086938281fb5fbbd1877edf17263ae1fda 76c5865adaa292511aeeea981863ca4acbb44f82980998b6aafe64c1f6feedcb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 10:28:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash42ce7c34fdc275b2f972223772146c64 fab0b21bb1662563533a391c80dca7ab7b6fa350 884975d638b0fdf58c0ae37c6d63eb768c48346db8b147ba9b2962509632b5f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "884975D638B0FDF58C0AE37C6D63EB768C48346DB8B147BA9B2962509632B5F1"
Last-Modified: Sun, 09 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9093
Expires: Sun, 09 Oct 2022 13:00:16 GMT
Date: Sun, 09 Oct 2022 10:28:43 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash42ce7c34fdc275b2f972223772146c64 fab0b21bb1662563533a391c80dca7ab7b6fa350 884975d638b0fdf58c0ae37c6d63eb768c48346db8b147ba9b2962509632b5f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "884975D638B0FDF58C0AE37C6D63EB768C48346DB8B147BA9B2962509632B5F1"
Last-Modified: Sun, 09 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9093
Expires: Sun, 09 Oct 2022 13:00:16 GMT
Date: Sun, 09 Oct 2022 10:28:43 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6e9aa9808428e5fd81ac9d61d6f7c708 3a8d76badce50dd98938885082dcb6e30363ae88 d8f7c48a1cbe04af2f7e0455d1ef7af9b63506b9ae343ebf14ece8689bb06bf6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11800
x-amzn-requestid: 7bfb4e15-ea64-48b6-9e38-5d3e2d553863
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZQObZFveoAMFzpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63365de2-620d4fc015ad475203e906e9;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 03:09:22 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: btYc3mHTigZv3Bzl32D1z777hMKwf-pstyTS7Bp2eGmzbmGI4pIQXA==
via: 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 08 Oct 2022 21:42:19 GMT
age: 45984
etag: "3a8d76badce50dd98938885082dcb6e30363ae88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe8b331e-bfda-41c1-ba28-37b8830016ea.jpeg | 34.120.237.76 | 200 OK | 5.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe8b331e-bfda-41c1-ba28-37b8830016ea.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash49e54a4a59a61533078f561c32f254e3 6396e8bf68251d60f0c9949cb99b6f3f46b61d34 3dc5081efa3b7456e91eb8b437789246f7cbd4176b2042e6801dcbd5a145e83c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe8b331e-bfda-41c1-ba28-37b8830016ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5282
x-amzn-requestid: 16029133-8119-4249-9447-f1d02ef00f76
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zj7n_GNtIAMFUlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e3fcc-6b5982c06383d5182132d5c6;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 02:39:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dc3qlfhgiv1MpP5aox0rAd24KDkiTRkyTjxtrPL01MpbnaVfZ7cmAA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 08 Oct 2022 21:49:29 GMT
age: 45554
etag: "6396e8bf68251d60f0c9949cb99b6f3f46b61d34"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F58ddd605-8bb7-489e-88f0-51ba1cc6095c.jpeg | 34.120.237.76 | 200 OK | 5.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F58ddd605-8bb7-489e-88f0-51ba1cc6095c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash5cbd50295a4fbc6734f47c8f4ef6f94c bb9122e3f153a3100b89688c6c08ba938a7e7db3 97ae4592605581e855fda6e523760f600a34dd5f10a4195d0c8df8e220fdd77e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F58ddd605-8bb7-489e-88f0-51ba1cc6095c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4957
x-amzn-requestid: 97457aca-e435-437e-a326-59e317bec853
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZtHgaFrjoAMFslw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6341ec68-2ca87ddb370532f75b236149;Sampled=0
x-amzn-remapped-date: Sat, 08 Oct 2022 21:32:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XenzEoRSNQwOe0HuMcMT132V0ofdwUBJfnYrAuMdo7VR_mGtgoiJhw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 08 Oct 2022 21:44:20 GMT
etag: "bb9122e3f153a3100b89688c6c08ba938a7e7db3"
content-type: image/jpeg
age: 45863
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe24091eb-e938-48e0-9fb8-79f02e0cab61.jpeg | 34.120.237.76 | 200 OK | 5.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe24091eb-e938-48e0-9fb8-79f02e0cab61.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashce49a7a41382dc582440d497afb9ca5e 37cdb545e4a8be57aa4d5d9545adc0f934545f74 c026d3f791cb5c186a916f60d9c01b36b46b7cab476e0a7260b1a7332cde0f53
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe24091eb-e938-48e0-9fb8-79f02e0cab61.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5851
x-amzn-requestid: af2c5f7e-b9b6-4bc4-bfdc-0f2043ce4478
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZnSMfG-DoAMFi1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f971c-355de3da1bfd68f768bb381e;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 03:03:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: R6wcyKrY8dT2yE_s-wYEj3mKcF9XB0l3Y0AzAUIK_cCDEqvfTJPXug==
via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 09 Oct 2022 03:41:13 GMT
age: 24450
etag: "37cdb545e4a8be57aa4d5d9545adc0f934545f74"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F829a81b7-8a2b-4381-a830-9c534e3312fe.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F829a81b7-8a2b-4381-a830-9c534e3312fe.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash2b15495e3e13c06fd0d67523870405ed 3cb8b43735e86c93733affa10818c47693c80fce f65edddef18295076f79a48e9a6c95d07ed244a2ae618cb4229b6c1bd434cd57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F829a81b7-8a2b-4381-a830-9c534e3312fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12187
x-amzn-requestid: 9768886f-0e17-4958-bdaf-e17385eb21d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjqJCHyNoAMFmDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e23d3-288e1d28057753a16893d6b5;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 00:39:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: jm9hynO1KfuT2luShwOU_Ps2ZHxUAPwymP1Bi-V49MWWJ3ooQq7qVg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sat, 08 Oct 2022 22:26:18 GMT
age: 43345
etag: "3cb8b43735e86c93733affa10818c47693c80fce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ade344-507f-44c8-8fe3-b03ac965aee2.jpeg | 34.120.237.76 | 200 OK | 7.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ade344-507f-44c8-8fe3-b03ac965aee2.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashff8cfe3904cca89e3bdfa8186ae382ba 0b9dce744f5facad9a0a136d81cf24e928211856 a6f0925a9666a43d018c05d717310f57b86316290fb4a7cdd309c35842e557a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ade344-507f-44c8-8fe3-b03ac965aee2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7674
x-amzn-requestid: 126f9400-fa43-413b-b496-338908efb777
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZeqScHUVoAMFrRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633c240f-1b7cff3e3415299a4d17e19e;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 12:16:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BjBiRKpvs2LQznegxhvMFrczSZGWXGSMvk3bxR8UPpcthRUUA2eTBg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sat, 08 Oct 2022 21:56:13 GMT
age: 45150
etag: "0b9dce744f5facad9a0a136d81cf24e928211856"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| js-agent.newrelic.com/nr-1216.min.js |  151.101.86.137 | 200 OK | 14 kB |
URL HTTP/2js-agent.newrelic.com/nr-1216.min.js IP151.101.86.137:0
File typeASCII text, with very long lines (32022) Hashb7c09cc097b2847f9edc784adba62dcb 5aa648623cf5e3b4b215fe5d068a7904c59f2925 6da450b6a3ba53bdab36f6529e987a245cdfca9a37b77790f06dfd8d5797bdaa
GET /nr-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autogrowcrypto.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Vf9xsFZHH0UI6bmTnW+KeBzegICGOxvtMLIWtbljNKoJtdkUEk/MfmbYPFui+bgtiUf/4lC5dk8=
x-amz-request-id: 4AV5AVKCCR961CNG
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 09 Oct 2022 10:28:43 GMT
via: 1.1 varnish
x-served-by: cache-bma1646-BMA
x-cache: HIT
x-cache-hits: 4785
x-timer: S1665311324.956093,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 14391
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 142.250.74.42 | 200 OK | 0 B |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP142.250.74.42:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 09 Oct 2022 10:28:44 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 142.250.74.42 | 200 OK | 110 B |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP142.250.74.42:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23d120bc88e8e201af47a1637bf26bb1 1f8551bdac373bc87cf8470334f21b10f3a7b793 e2924e09a435baa7577995cdb7e62b5906ec4c80e6c560031d162b9b22b0d2b0
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 980
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 09 Oct 2022 10:28:44 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2986&ck=1&ref=https://autogrowcrypto.net/agc-upg1&ap=386&be=554&fe=2605&dc=1208&perf=%7B%22timing%22:%7B%22of%22:1665311321244,%22n%22:0,%22f%22:330,%22dn%22:350,%22dne%22:350,%22c%22:350,%22s%22:353,%22ce%22:368,%22rq%22:368,%22rp%22:506,%22rpe%22:506,%22dl%22:534,%22di%22:1186,%22ds%22:1208,%22de%22:1301,%22dc%22:2604,%22l%22:2604,%22le%22:2715%7D,%22navigation%22:%7B%7D%7D&fcp=928&jsonp=NREUM.setToken | 162.247.241.14 | 200 OK | 77 B |
URL HTTP/1.1bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2986&ck=1&ref=https://autogrowcrypto.net/agc-upg1&ap=386&be=554&fe=2605&dc=1208&perf=%7B%22timing%22:%7B%22of%22:1665311321244,%22n%22:0,%22f%22:330,%22dn%22:350,%22dne%22:350,%22c%22:350,%22s%22:353,%22ce%22:368,%22rq%22:368,%22rp%22:506,%22rpe%22:506,%22dl%22:534,%22di%22:1186,%22ds%22:1208,%22de%22:1301,%22dc%22:2604,%22l%22:2604,%22le%22:2715%7D,%22navigation%22:%7B%7D%7D&fcp=928&jsonp=NREUM.setToken IP162.247.241.14:0
File typeASCII text, with no line terminators Hashf1442f5831dbbe0210da2d7a4180d6b8 2ade23c6c7a001c66f0c0a9a101ec152747b434e c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2986&ck=1&ref=https://autogrowcrypto.net/agc-upg1&ap=386&be=554&fe=2605&dc=1208&perf=%7B%22timing%22:%7B%22of%22:1665311321244,%22n%22:0,%22f%22:330,%22dn%22:350,%22dne%22:350,%22c%22:350,%22s%22:353,%22ce%22:368,%22rq%22:368,%22rp%22:506,%22rpe%22:506,%22dl%22:534,%22di%22:1186,%22ds%22:1208,%22de%22:1301,%22dc%22:2604,%22l%22:2604,%22le%22:2715%7D,%22navigation%22:%7B%7D%7D&fcp=928&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autogrowcrypto.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 09 Oct 2022 10:28:44 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 75766e60ed5db51e-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=fb0d4cc608f8b9f4; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb691d24b-df85-4807-a45e-6f1df3dae19e.jpeg | 34.120.237.76 | 200 OK | 6.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb691d24b-df85-4807-a45e-6f1df3dae19e.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashbd33e72bf6e13474c0de9416183abaca 983fd9399b9c0185397df731d8ca947ea7fb9297 5b6be8262aa496beac391c5dbf4b754dc4bc5356107a3dce1217030e698f9021
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb691d24b-df85-4807-a45e-6f1df3dae19e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6069
x-amzn-requestid: fec1f21d-1f6e-4575-9866-ea4af1b1468e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZtHbeGh2IAMFl7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6341ec49-3cb0ec0c5b42d0b620e9ddb6;Sampled=0
x-amzn-remapped-date: Sat, 08 Oct 2022 21:31:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3b-dFJTUJ_FNQfN1RGEWfDgCrICUctYJBeO-Rdfz83wyOzynrloT_w==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 08 Oct 2022 21:44:18 GMT
age: 45872
etag: "983fd9399b9c0185397df731d8ca947ea7fb9297"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Oswald+sans-serif%7CUbuntu+Mono%7COswald+sans-serif%7CUbuntu+Mono%7COswald+sans-serif%7CUbuntu+Mono%7COswald+sans-serif%7C%7C | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Oswald+sans-serif%7CUbuntu+Mono%7COswald+sans-serif%7CUbuntu+Mono%7COswald+sans-serif%7CUbuntu+Mono%7COswald+sans-serif%7C%7C IP142.250.74.10:0
GET /css?family=Oswald+sans-serif%7CUbuntu+Mono%7COswald+sans-serif%7CUbuntu+Mono%7COswald+sans-serif%7CUbuntu+Mono%7COswald+sans-serif%7C%7C HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autogrowcrypto.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 09 Oct 2022 10:28:42 GMT
date: Sun, 09 Oct 2022 10:28:42 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| autogrowcrypto.net/images/background.png?_unique=0.5151900321233762&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//autogrowcrypto.net/agc-upg1&_title=Auto%20Grow%20Crypto&_key=s5c8s5wh&_page_key=jjjxpfkxikd6k3j1&_fid=11879236&_fspos=2&_fvrs=1&_funnel_stat=0&_location=https://autogrowcrypto.net/agc-upg1&_referrer= | 104.16.14.194 | 200 OK | 0 B |
URL HTTP/2autogrowcrypto.net/images/background.png?_unique=0.5151900321233762&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//autogrowcrypto.net/agc-upg1&_title=Auto%20Grow%20Crypto&_key=s5c8s5wh&_page_key=jjjxpfkxikd6k3j1&_fid=11879236&_fspos=2&_fvrs=1&_funnel_stat=0&_location=https://autogrowcrypto.net/agc-upg1&_referrer= IP104.16.14.194:0
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /images/background.png?_unique=0.5151900321233762&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//autogrowcrypto.net/agc-upg1&_title=Auto%20Grow%20Crypto&_key=s5c8s5wh&_page_key=jjjxpfkxikd6k3j1&_fid=11879236&_fspos=2&_fvrs=1&_funnel_stat=0&_location=https://autogrowcrypto.net/agc-upg1&_referrer= HTTP/1.1
Host: autogrowcrypto.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autogrowcrypto.net/agc-upg1
Cookie: __cf_bm=Xtxbycle9twbZoV6bV8l_ZCemMQfJ4jpHq0xrAgMCqU-1665311321-0-AYLiV3dxg79hSRfrw/Qxks7PlGa4iDwImoyhyuI1mUISC/dgoujg6Atjag8YlvyPf4UvyemJwg0d95A9sfQwfrI/kSlwYF7ajk3MbxPOSTjn; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTMzNzk5NTk=:visited=true; cf:visitor_id=95d45f22-7923-404c-8be7-7b268cb55af8; addevent_track_cookie=3dd0afd8-de6e-4b00-e4b0-be9594556ab9; _gcl_au=1.1.472691401.1665311323
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 09 Oct 2022 10:28:44 GMT
content-type: text/javascript; charset=utf-8
cf-ray: 75766e5e5e4db529-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store, private
strict-transport-security: max-age=0
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
status: 200 OK
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: db0cc5ce15321b526b2e029d5bb6dc0f
x-runtime: 0.035557
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| autogrowcrypto.net/agc-upg1 | 104.16.14.194 | 200 OK | 0 B |
URL HTTP/2autogrowcrypto.net/agc-upg1 IP104.16.14.194:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | | | quad9 | Sinkholed | |
GET /agc-upg1 HTTP/1.1
Host: autogrowcrypto.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 09 Oct 2022 10:28:41 GMT
content-type: text/html; charset=utf-8
cf-ray: 75766e504daab529-OSL
access-control-allow-origin: *
cache-control: max-age=60, public, s-maxage=600, r-maxage=10
last-modified: Wed, 02 Mar 2022 14:40:17 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-content-digest: 76604f08f77ef02cf5b28c11da18d61a421a3146
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: fresh
x-request-id: 170726260e0675af4bd95cff737f572d
x-runtime: 0.379768
set-cookie: __cf_bm=Xtxbycle9twbZoV6bV8l_ZCemMQfJ4jpHq0xrAgMCqU-1665311321-0-AYLiV3dxg79hSRfrw/Qxks7PlGa4iDwImoyhyuI1mUISC/dgoujg6Atjag8YlvyPf4UvyemJwg0d95A9sfQwfrI/kSlwYF7ajk3MbxPOSTjn; path=/; expires=Sun, 09-Oct-22 10:58:41 GMT; domain=.autogrowcrypto.net; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| autogrowcrypto.net/assets/lander.css | 104.16.14.194 | 200 OK | 0 B |
URL HTTP/2autogrowcrypto.net/assets/lander.css IP104.16.14.194:0
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /assets/lander.css HTTP/1.1
Host: autogrowcrypto.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autogrowcrypto.net/agc-upg1
Cookie: __cf_bm=Xtxbycle9twbZoV6bV8l_ZCemMQfJ4jpHq0xrAgMCqU-1665311321-0-AYLiV3dxg79hSRfrw/Qxks7PlGa4iDwImoyhyuI1mUISC/dgoujg6Atjag8YlvyPf4UvyemJwg0d95A9sfQwfrI/kSlwYF7ajk3MbxPOSTjn
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 09 Oct 2022 10:28:41 GMT
content-type: text/css
cf-ray: 75766e51df53b529-OSL
access-control-allow-origin: *
age: 88
cache-control: public, max-age=1200
etag: W/"633e0697-6a514"
expires: Sun, 09 Oct 2022 10:48:41 GMT
last-modified: Wed, 05 Oct 2022 22:35:03 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| app.clickfunnels.com/userevents/?funnel_id=VDErTkxsKzJzdGRTY1YrSkN0THE0Zz09LS0wTTRpK1pEdDdYRmlvSDIrSFBwc1FBPT0%3D--b3d137a079b6d3ae6185820ea31d198fe77b8b50&page_id=S3Z3YkVNNlc5MlBFOXdxVm8zWXZaUT09LS0wZ2x1QVdxRWdaalUrcVVQU3ExZlRBPT0%3D--44c427ccc4f72d2d6f9349bc9ab6d245c6efdcfc&funnel_step_id=c1VuUEFDdmRNZGZmSnVrTDBNNXJOUT09LS1ZR0FoSXVYWGU4WC91VEVhRGJiZHB3PT0%3D--bf6df24b3cedabc378417c76c0e1a7c27213e9f5&user_id=VVFHTEFEZ2hNWGFWazd5eHhCa2x3QT09LS1keEpsdmNqam5mNTQ3RXBySEcxK1dnPT0%3D--3f449fd586032eae6c060080e2c6fc3201f9a9e4&account_id=SDRMMWJETEpoVlU0SWxveXUyc25GQT09LS1pSFhzTjBuVTlmenpOQW56ZktXYWFBPT0%3D--3b3517e49c6debe2a2e7221ad10ff402be7485f6&page_code=NTMzNzk5NTk%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=3908cc93-6838-406a-8a99-7330b13506de&url=https%3A%2F%2Fautogrowcrypto.net%2Fagc-upg1 | 104.16.15.194 | 202 Accepted | 0 B |
URL HTTP/2app.clickfunnels.com/userevents/?funnel_id=VDErTkxsKzJzdGRTY1YrSkN0THE0Zz09LS0wTTRpK1pEdDdYRmlvSDIrSFBwc1FBPT0%3D--b3d137a079b6d3ae6185820ea31d198fe77b8b50&page_id=S3Z3YkVNNlc5MlBFOXdxVm8zWXZaUT09LS0wZ2x1QVdxRWdaalUrcVVQU3ExZlRBPT0%3D--44c427ccc4f72d2d6f9349bc9ab6d245c6efdcfc&funnel_step_id=c1VuUEFDdmRNZGZmSnVrTDBNNXJOUT09LS1ZR0FoSXVYWGU4WC91VEVhRGJiZHB3PT0%3D--bf6df24b3cedabc378417c76c0e1a7c27213e9f5&user_id=VVFHTEFEZ2hNWGFWazd5eHhCa2x3QT09LS1keEpsdmNqam5mNTQ3RXBySEcxK1dnPT0%3D--3f449fd586032eae6c060080e2c6fc3201f9a9e4&account_id=SDRMMWJETEpoVlU0SWxveXUyc25GQT09LS1pSFhzTjBuVTlmenpOQW56ZktXYWFBPT0%3D--3b3517e49c6debe2a2e7221ad10ff402be7485f6&page_code=NTMzNzk5NTk%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=3908cc93-6838-406a-8a99-7330b13506de&url=https%3A%2F%2Fautogrowcrypto.net%2Fagc-upg1 IP104.16.15.194:0
GET /userevents/?funnel_id=VDErTkxsKzJzdGRTY1YrSkN0THE0Zz09LS0wTTRpK1pEdDdYRmlvSDIrSFBwc1FBPT0%3D--b3d137a079b6d3ae6185820ea31d198fe77b8b50&page_id=S3Z3YkVNNlc5MlBFOXdxVm8zWXZaUT09LS0wZ2x1QVdxRWdaalUrcVVQU3ExZlRBPT0%3D--44c427ccc4f72d2d6f9349bc9ab6d245c6efdcfc&funnel_step_id=c1VuUEFDdmRNZGZmSnVrTDBNNXJOUT09LS1ZR0FoSXVYWGU4WC91VEVhRGJiZHB3PT0%3D--bf6df24b3cedabc378417c76c0e1a7c27213e9f5&user_id=VVFHTEFEZ2hNWGFWazd5eHhCa2x3QT09LS1keEpsdmNqam5mNTQ3RXBySEcxK1dnPT0%3D--3f449fd586032eae6c060080e2c6fc3201f9a9e4&account_id=SDRMMWJETEpoVlU0SWxveXUyc25GQT09LS1pSFhzTjBuVTlmenpOQW56ZktXYWFBPT0%3D--3b3517e49c6debe2a2e7221ad10ff402be7485f6&page_code=NTMzNzk5NTk%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=3908cc93-6838-406a-8a99-7330b13506de&url=https%3A%2F%2Fautogrowcrypto.net%2Fagc-upg1 HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://autogrowcrypto.net
Connection: keep-alive
Referer: https://autogrowcrypto.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Sun, 09 Oct 2022 10:28:42 GMT
content-type: text/html
cf-ray: 75766e55df90b524-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 6f974c97162587a00656fb80503e4aa1
x-runtime: 0.032643
set-cookie: __cf_bm=aH.CuHCiK0QcpZmV2TUoSNU6r2lftkGJWZK3fTky1Y4-1665311322-0-AbhRL+pNNDY4TiUmYYJKcpP933HDz8IILuBInNArvo1jJ4M7ymLji3Jk3Gz+w89QN2rS+2NWimgp+Lv1Prih/tMPgRTYK6JOVA9blrDpPUD9; path=/; expires=Sun, 09-Oct-22 10:58:42 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
|
|
| autogrowcrypto.net/cdn-cgi/rum? | 104.16.14.194 | 200 OK | 0 B |
URL HTTP/2autogrowcrypto.net/cdn-cgi/rum? IP104.16.14.194:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | | | quad9 | Sinkholed | |
POST /cdn-cgi/rum? HTTP/1.1
Host: autogrowcrypto.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 12849
Origin: https://autogrowcrypto.net
Connection: keep-alive
Referer: https://autogrowcrypto.net/agc-upg1
Cookie: __cf_bm=Xtxbycle9twbZoV6bV8l_ZCemMQfJ4jpHq0xrAgMCqU-1665311321-0-AYLiV3dxg79hSRfrw/Qxks7PlGa4iDwImoyhyuI1mUISC/dgoujg6Atjag8YlvyPf4UvyemJwg0d95A9sfQwfrI/kSlwYF7ajk3MbxPOSTjn; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTMzNzk5NTk=:visited=true; cf:visitor_id=95d45f22-7923-404c-8be7-7b268cb55af8; addevent_track_cookie=3dd0afd8-de6e-4b00-e4b0-be9594556ab9; _gcl_au=1.1.472691401.1665311323
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 09 Oct 2022 10:28:44 GMT
content-type: text/plain
access-control-allow-origin: https://autogrowcrypto.net
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 75766e5f0f28b529-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 | 104.18.47.230 | 200 OK | 0 B |
URL HTTP/2static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 IP104.18.47.230:0
GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://autogrowcrypto.net
Connection: keep-alive
Referer: https://autogrowcrypto.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 09 Oct 2022 10:28:42 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 75766e525aa40b51-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| autogrowcrypto.net/assets/pushcrew.js | 104.16.14.194 | 200 OK | 0 B |
URL HTTP/2autogrowcrypto.net/assets/pushcrew.js IP104.16.14.194:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | | | quad9 | Sinkholed | |
GET /assets/pushcrew.js HTTP/1.1
Host: autogrowcrypto.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autogrowcrypto.net/agc-upg1
Cookie: __cf_bm=Xtxbycle9twbZoV6bV8l_ZCemMQfJ4jpHq0xrAgMCqU-1665311321-0-AYLiV3dxg79hSRfrw/Qxks7PlGa4iDwImoyhyuI1mUISC/dgoujg6Atjag8YlvyPf4UvyemJwg0d95A9sfQwfrI/kSlwYF7ajk3MbxPOSTjn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 09 Oct 2022 10:28:41 GMT
content-type: application/x-javascript
cf-ray: 75766e51ef70b529-OSL
access-control-allow-origin: *
age: 759
cache-control: public, max-age=1200
etag: W/"633e0696-27d"
expires: Sun, 09 Oct 2022 10:48:41 GMT
last-modified: Wed, 05 Oct 2022 22:35:02 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| autogrowcrypto.net/assets/lander.js | 104.16.14.194 | 200 OK | 0 B |
URL HTTP/2autogrowcrypto.net/assets/lander.js IP104.16.14.194:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | | | quad9 | Sinkholed | |
GET /assets/lander.js HTTP/1.1
Host: autogrowcrypto.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autogrowcrypto.net/agc-upg1
Cookie: __cf_bm=Xtxbycle9twbZoV6bV8l_ZCemMQfJ4jpHq0xrAgMCqU-1665311321-0-AYLiV3dxg79hSRfrw/Qxks7PlGa4iDwImoyhyuI1mUISC/dgoujg6Atjag8YlvyPf4UvyemJwg0d95A9sfQwfrI/kSlwYF7ajk3MbxPOSTjn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 09 Oct 2022 10:28:41 GMT
content-type: application/x-javascript
cf-ray: 75766e51ef6eb529-OSL
access-control-allow-origin: *
age: 902
cache-control: public, max-age=1200
etag: W/"633e0702-239130"
expires: Sun, 09 Oct 2022 10:48:41 GMT
last-modified: Wed, 05 Oct 2022 22:36:50 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.youtube.com/embed/YdKPurYbl7Y?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent | 172.217.21.174 | 200 OK | 0 B |
URL HTTP/2www.youtube.com/embed/YdKPurYbl7Y?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent IP172.217.21.174:0
GET /embed/YdKPurYbl7Y?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autogrowcrypto.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 09 Oct 2022 10:28:42 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=Liy5m8mqtYk; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=Bx9E2O1soA0; Domain=.youtube.com; Expires=Fri, 07-Apr-2023 10:28:42 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+446; expires=Tue, 08-Oct-2024 10:28:42 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| warriorplus.com/o2/btn/fn210011000/md0czf/x21nqx/297501 | 104.26.4.97 | 200 OK | 0 B |
URL HTTP/2warriorplus.com/o2/btn/fn210011000/md0czf/x21nqx/297501 IP104.26.4.97:0
GET /o2/btn/fn210011000/md0czf/x21nqx/297501 HTTP/1.1
Host: warriorplus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autogrowcrypto.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 09 Oct 2022 10:28:43 GMT
content-type: image/png
x-powered-by: PHP/7.0.33-6+ubuntu14.04.1+deb.sury.org+3
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: warriorplus=7fsdpgknejvk4dvtj1b28i99h0; path=/
rqtok=ae4ad64f31b5fe299c4f; expires=Mon, 10-Oct-2022 10:28:43 GMT; Max-Age=86400; path=/
TOKEN=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
TOKEN=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
PASSWORD=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
PASSWORD=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
notifications=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
notifications_aff=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
notifications_sales=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
wpg=gkgnsc1g7qmrytbx; expires=Mon, 09-Oct-2023 10:28:43 GMT; Max-Age=31536000; path=/
wpg=gkgnsc1g7qmrytbx; expires=Mon, 09-Oct-2023 10:28:43 GMT; Max-Age=31536000; path=/
last-modified: Sun, 09 Oct 2022 10:28:43 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=17xWO%2BnsWqE9SdO5h%2F6ghLgHlw2OtGgZMk%2BCCxESISRafupDpJhxleglvJAqIZoOtMKlkqM6M7EiPqsimgnSPj8nDsrTtmLupCCZ52VZMt2ItLuGYCUtabXR39mUQz8fyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75766e561ef9b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
104.16.12.194