Report - cidanaty1972.blogspot.com/

Report Overview

Submitted URL
cidanaty1972.blogspot.com/
IP
216.58.207.193
ASN
#15169 GOOGLE
Submitted
2024-05-10 05:47:28
Access
public
Website Title
Banned
Final URL
gg.gg/gtha2
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
6
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
gg.gg	172656	2003-06-30	2013-04-18	2024-03-22	12 kB	175 kB	91.215.42.31
apis.google.com	105	1997-09-15	2013-05-06	2024-05-09	4.0 kB	147 kB	142.250.74.110
o.pki.goog	unknown	2016-06-13	2024-04-24	2024-05-09	650 B	1.4 kB	142.250.74.131
ssl.gstatic.com	unknown	2008-02-11	2012-05-23	2024-05-09	435 B	5.7 kB	142.250.74.35
accounts.google.com	81	1997-09-15	2016-03-20	2024-05-09	704 B	1.3 kB	74.125.131.84
cidanaty1972.blogspot.com	unknown	unknown	No data	No data	923 B	6.4 kB	216.58.207.193
www.blogger.com	8975	1999-06-22	2012-05-22	2024-05-09	1.4 kB	61 kB	216.58.207.233

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-05-10 05:47:01	medium	Client IP	192.169.69.26	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2024-05-10 05:47:09	medium	Client IP	192.169.69.26	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2024-05-10 05:47:09	medium	Client IP	192.169.69.26	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2024-05-10 05:47:15	medium	Client IP	192.169.69.26	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2024-05-10 05:47:19	medium	Client IP	192.169.69.26	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2024-05-10 05:47:25	medium	Client IP	192.169.69.26	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	gg.gg/js/jquery-1.7.2.min.js	95 kB	2023-03-07	2024-05-20
Pretty URL gg.gg/js/jquery-1.7.2.min.js IP 91.215.42.31 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:23 Last Seen2024-05-20 15:45:53 Times Seen14192 Hash b8d64d0bc142b3f670cc0611b0aebcae abcd2ba13348f178b17141b445bc99f1917d47af 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4 Loading...

	gg.gg/js/jquery.zclip.min.js	7.4 kB	2023-03-07	2024-05-10
Pretty URL gg.gg/js/jquery.zclip.min.js IP 91.215.42.31 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:51 Last Seen2024-05-10 07:47:35 Times Seen548 Hash ed3ba6e9aeed8aa665844e5ade17576e 8c8b08b8592734439278e62bf913646b61412f23 ae63c897e26d3cab90b28bd9fa6adde37fc323582619ad9318f48e117cbf64ab Loading...

	gg.gg/gtha2	0 B	2023-03-07	2024-05-20
Pretty URL gg.gg/gtha2 IP 91.215.42.31 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 19:12:29 Times Seen37888372 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ssl.gstatic.com/accounts/o/3604799710-postmessagerelay.js	11 kB	2024-04-19	2024-05-20
Pretty URL ssl.gstatic.com/accounts/o/3604799710-postmessagerelay.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 09:16:40 Last Seen2024-05-20 17:55:49 Times Seen230 Hash 40aaadf2a7451d276b940cddefb2d0ed b2fc8129a4f5e5a0c8cb631218f40a4230444d9e 4b515a19e688085b55f51f1eda7bc3e51404e8f59b64652e094994baf7be28f2 Loading...

	gg.gg/js/jquery.cookie.js	1.9 kB	2023-03-07	2024-05-10
Pretty URL gg.gg/js/jquery.cookie.js IP 91.215.42.31 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:11 Last Seen2024-05-10 07:47:35 Times Seen549 Hash 3291194034b434bb51afaa5aabd2313a ee31f8edef296efe486218e3b434e816612ef848 d6f218e7eb673e6264b7b6c71d9a46c2379cb2f396c3317d7ecedbf0b99ab2c9 Loading...

	gg.gg/js/jquery.tag-it.js	16 kB	2023-03-07	2024-05-10
Pretty URL gg.gg/js/jquery.tag-it.js IP 91.215.42.31 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:11 Last Seen2024-05-10 07:47:35 Times Seen511 Hash 8387a9ca0459e0568fdd3bd15e1bd1bf bba149f9979530786fbb8069bcaa340eeef3712d 04a595cb9eae0a734d474bde7cba253390a5cd5f5a6b6234c88df9bcf36e7e15 Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_1?le=scs	102 kB	2024-04-23	2024-05-20
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_1?le=scs IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-23 18:10:08 Last Seen2024-05-20 17:55:49 Times Seen98 Hash 2194126651ec918368e1c172f3003494 44cbf3b9bd5ac4f5c95cfcc8ad31844ba9f67c48 f3bed417a7effbce45e190fabd36fba0d906f4d39a893231eaf61c0801d0fbca Loading...

	gg.gg/js/jquery-ui-1.8.21.custom.min.js	207 kB	2023-03-07	2024-05-10
Pretty URL gg.gg/js/jquery-ui-1.8.21.custom.min.js IP 91.215.42.31 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:11 Last Seen2024-05-10 07:47:35 Times Seen603 Hash 03afe455536a9c44ad82cf1425e354b6 4d6a5f3a7e2ff4bcdabfcd3fef8b2e8e05197480 da8edc2a2b29e48e48480a779d36a1eeef6ad155120bdd1b7eb36d4d8fadd32b Loading...

	gg.gg/js/jquery.corners.min.js	10 kB	2023-03-07	2024-05-10
Pretty URL gg.gg/js/jquery.corners.min.js IP 91.215.42.31 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:11 Last Seen2024-05-10 07:47:35 Times Seen521 Hash 0425d5aca5c038781800b103ef65c5d8 11c0ed86f1ae8a990ae7c5a6c721f1dcb352af8f a450356c7550c1c8bd4ef8c10aea93a62de7b22bb1005141aff41110a02d11ad Loading...

	gg.gg/js/logic.js?v3	6.2 kB	2023-03-07	2024-05-10
Pretty URL gg.gg/js/logic.js?v3 IP 91.215.42.31 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:11 Last Seen2024-05-10 07:47:35 Times Seen500 Hash 6115f85479309c9e6fc03c3e06c06698 8f1627afb2bca580a6c52b69b549f5290c3efeb7 2fcb1a03d5580a3486e27d980930554e63ffdb730e7ab67c9c9c50c26a100fa9 Loading...

	apis.google.com/js/plusone.js	56 kB	2024-04-23	2024-05-20
Pretty URL apis.google.com/js/plusone.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-23 01:08:16 Last Seen2024-05-20 17:55:48 Times Seen284 Hash fb86282646c76d835cd2e6c49b8625f7 d1b33142b0ce10c3e883e4799dcb0a2f9ddaa3d0 638374c6c6251af66fe3f5018eb3ff62b47df830a0137afb51e36ac3279d8109 Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs	161 kB	2024-04-23	2024-05-20
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-23 01:08:16 Last Seen2024-05-20 17:55:49 Times Seen251 Hash a07a0041143bc11d11c2fe0d37a5ded7 cb14b39ec6f8a362a08d1957af211d81f750d54d 233746b5d7f58579f0d5ea21e4907fdb5be5469f05dd7691633448aead77fc98 Loading...

	apis.google.com/js/rpc:shindig_random.js?onload=init	15 kB	2024-04-23	2024-05-20
Pretty URL apis.google.com/js/rpc:shindig_random.js?onload=init IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-23 10:05:22 Last Seen2024-05-20 17:55:49 Times Seen211 Hash 23a7ab8d8ba33d255e61be9fc36b1d16 042d8431d552c81f4e504644ac88adce7bf2b76f 127ffe5850ed564a98f7ac65c81f0d71c163ea45df74f130841f78d4ac5afad5 Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs	66 kB	2024-04-23	2024-05-20
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-23 10:05:23 Last Seen2024-05-20 17:55:49 Times Seen207 Hash 63e5a0b45632b3dde3694ffcaf0e3f7a 923736d0cdc308331d5cfaa0ea159bfedc83d53f 889109910477919b3457416e7764bcd0add19fd959848253026125c7c35c43db Loading...

HTTP Transactions (30)

	URL	IP	Response	Size
	cidanaty1972.blogspot.com/	216.58.207.193		3.2 kB
URL cidanaty1972.blogspot.com/ IP 216.58.207.193:0 ASN #15169 GOOGLE File type HTML document, ASCII text, with very long lines (4055) Size 3.2 kB (3205 bytes) Hash ac598e8be9cf840ed20da6a35984392a ca6f3e94e6e2e16773cf4dcf00b6a98f4003f3f7 fcc97849af740b9c7fe6c7863faa3cf6101432dd510259bf52b7eb749ec221f0 HTTP Headers `GET / HTTP/1.1 Host: cidanaty1972.blogspot.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK content-type: text/html; charset=UTF-8 expires: Fri, 10 May 2024 05:47:02 GMT date: Fri, 10 May 2024 05:47:02 GMT cache-control: private, max-age=0 last-modified: Tue, 12 Mar 2024 23:44:47 GMT etag: W/"f79cf0d7c46a9d2fae34fe1746d93426db6cd076646f1a1de058ed2d4458e077" content-encoding: gzip x-content-type-options: nosniff x-xss-protection: 1; mode=block content-length: 3205 server: GSE alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	cidanaty1972.blogspot.com/js/cookienotice.js	216.58.207.193		2.0 kB
URL cidanaty1972.blogspot.com/js/cookienotice.js IP 216.58.207.193:0 ASN #15169 GOOGLE File type JavaScript source, ASCII text Size 2.0 kB (2026 bytes) Hash a705132a2174f88e196ec3610d68faa8 3bad57a48d973a678fec600d45933010f6edc659 068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568 HTTP Headers `GET /js/cookienotice.js HTTP/1.1 Host: cidanaty1972.blogspot.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://cidanaty1972.blogspot.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip content-type: text/javascript cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech" report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]} content-length: 2026 date: Fri, 10 May 2024 05:47:03 GMT expires: Fri, 17 May 2024 05:47:03 GMT cache-control: public, max-age=604800 last-modified: Fri, 10 May 2024 03:54:38 GMT x-content-type-options: nosniff server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css	216.58.207.233		6.6 kB
URL www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css IP 216.58.207.233:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (30596) Size 6.6 kB (6620 bytes) Hash e3f09df1bc175f411d1ec3dfb5afb17b 3994ec3efe3c2447e7bbfdd97bb7e190dd1658f9 1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617 HTTP Headers `GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1 Host: www.blogger.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://cidanaty1972.blogspot.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech" report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]} content-length: 6620 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 09 May 2024 18:17:50 GMT expires: Fri, 09 May 2025 18:17:50 GMT cache-control: public, max-age=31536000 last-modified: Thu, 09 May 2024 14:53:06 GMT content-type: text/css vary: Accept-Encoding age: 41353 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.blogger.com/static/v1/widgets/4290687098-widgets.js	216.58.207.233		51 kB
URL www.blogger.com/static/v1/widgets/4290687098-widgets.js IP 216.58.207.233:0 ASN #15169 GOOGLE File type JavaScript source, ASCII text, with very long lines (1941) Size 51 kB (51402 bytes) Hash 30490c5bf1c9a62c3f7aaf45de530b69 89fdf91f40944a3babf7d9f485cbfbcc32454d50 b7c68fe77654ca4d42928e0a0ea49c642de2887b1ef65e5123105f5359390d49 HTTP Headers `GET /static/v1/widgets/4290687098-widgets.js HTTP/1.1 Host: www.blogger.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://cidanaty1972.blogspot.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech" report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]} content-length: 51402 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 09 May 2024 02:08:26 GMT expires: Fri, 09 May 2025 02:08:26 GMT cache-control: public, max-age=31536000 last-modified: Wed, 08 May 2024 07:54:36 GMT content-type: text/javascript vary: Accept-Encoding age: 99517 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.blogger.com/dyn-css/authorization.css?targetBlogID=7289224151680028463&zx=dd5db196-9be0-491d-8a15-c8d354d7881a	216.58.207.233		21 B
URL www.blogger.com/dyn-css/authorization.css?targetBlogID=7289224151680028463&zx=dd5db196-9be0-491d-8a15-c8d354d7881a IP 216.58.207.233:0 ASN #15169 GOOGLE File type very short file (no magic) Size 21 B (21 bytes) Hash 68b329da9893e34099c7d8ad5cb9c940 adc83b19e793491b1c6ea0fd8b46cd9f32e592fc 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b HTTP Headers GET /dyn-css/authorization.css?targetBlogID=7289224151680028463&zx=dd5db196-9be0-491d-8a15-c8d354d7881a HTTP/1.1 Host: www.blogger.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://cidanaty1972.blogspot.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info." content-security-policy: script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport content-type: text/css; charset=UTF-8 cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Fri, 10 May 2024 05:47:03 GMT last-modified: Fri, 10 May 2024 05:47:03 GMT content-encoding: gzip x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block content-length: 21 server: GSE alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	gg.gg/css/style.css	91.215.42.31	200 OK	1.3 kB
URL GET HTTP/2 gg.gg/css/style.css IP 91.215.42.31:443 ASN #57724 Ddos-Guard Ltd Requested by https://gg.gg/gtha2 Certificate IssuerLet's Encrypt Subjectgg.gg Fingerprint65:79:91:51:F6:2D:9D:92:EE:9F:E5:E7:30:20:1B:53:B2:FB:77:CC ValidityMon, 06 May 2024 03:28:16 GMT - Sun, 04 Aug 2024 03:28:15 GMT File type ASCII text Size 1.3 kB (1290 bytes) Hash 7050466f624102e49c29bfcd467e6b87 b0e912666bf9c290c80c72a01e31189d417dbf95 c9440417b262120588747906842f117d26a2059e5e8f0f7d8229f4c4a9f4cefb HTTP Headers GET /css/style.css HTTP/1.1 Host: gg.gg User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gg.gg/gtha2 Cookie: __ddg1_=SZhTOjcPSswsMTgECv5Q; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22f73c0b941c7e2fe4f849357c587bd684%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%22186.2.160.14%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1715320023%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D3fee8f538901093fef937b9662dba47c Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: ddos-guard date: Mon, 06 May 2024 07:13:37 GMT last-modified: Thu, 17 Oct 2019 13:01:34 GMT etag: W/"14a06e2-182d-5951ad12f30d6" accept-ranges: bytes content-type: text/css content-encoding: br vary: Accept-Encoding age: 340406 content-length: 1290 ddg-cache-status: HIT X-Firefox-Spdy: h2`

	gg.gg/css/smoothness/jquery-ui-1.8.21.custom.css	91.215.42.31	200 OK	5.6 kB
URL GET HTTP/2 gg.gg/css/smoothness/jquery-ui-1.8.21.custom.css IP 91.215.42.31:443 ASN #57724 Ddos-Guard Ltd Requested by https://gg.gg/gtha2 Certificate IssuerLet's Encrypt Subjectgg.gg Fingerprint65:79:91:51:F6:2D:9D:92:EE:9F:E5:E7:30:20:1B:53:B2:FB:77:CC ValidityMon, 06 May 2024 03:28:16 GMT - Sun, 04 Aug 2024 03:28:15 GMT File type ASCII text, with very long lines (1399) Size 5.6 kB (5609 bytes) Hash e0397da131c6668e91fcc2b0db05ee37 ffdf4d0c1b66bdab6320d1a8c50fa08582391759 be90631a7374f3ef53207c04e3c119de36e54096a41958da787a7e2c68293e21 HTTP Headers GET /css/smoothness/jquery-ui-1.8.21.custom.css HTTP/1.1 Host: gg.gg User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gg.gg/gtha2 Cookie: __ddg1_=SZhTOjcPSswsMTgECv5Q; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22f73c0b941c7e2fe4f849357c587bd684%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%22186.2.160.14%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1715320023%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D3fee8f538901093fef937b9662dba47c Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: ddos-guard date: Tue, 07 May 2024 00:59:08 GMT last-modified: Wed, 20 Jun 2012 21:28:26 GMT etag: W/"14c003f-81e3-4c2ee14559280" accept-ranges: bytes content-type: text/css content-encoding: br vary: Accept-Encoding age: 276476 content-length: 5609 ddg-cache-status: HIT X-Firefox-Spdy: h2`

	gg.gg/gtha2	91.215.42.31	200 OK	1.7 kB
URL User Request GET HTTP/2 gg.gg/gtha2 IP 91.215.42.31:443 ASN #57724 Ddos-Guard Ltd Certificate IssuerLet's Encrypt Subjectgg.gg Fingerprint65:79:91:51:F6:2D:9D:92:EE:9F:E5:E7:30:20:1B:53:B2:FB:77:CC ValidityMon, 06 May 2024 03:28:16 GMT - Sun, 04 Aug 2024 03:28:15 GMT File type HTML document, Unicode text, UTF-8 text Size 1.7 kB (1669 bytes) Hash 110ad7ae739a4d3af1f98a2647d1d125 10abbc4857b8be145a2b1cb91363743ca69d66a7 9742a7b5da86d52a1407827fe562c49dda1fbed08fe4143bd4a06dea455c6d50 HTTP Headers `GET /gtha2 HTTP/1.1 Host: gg.gg User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: ddos-guard date: Fri, 10 May 2024 05:47:03 GMT x-powered-by: PHP/5.3.3 set-cookie: __ddg1_=SZhTOjcPSswsMTgECv5Q; Domain=.gg.gg; HttpOnly; Path=/; Expires=Sat, 10-May-2025 05:47:03 GMT ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22f73c0b941c7e2fe4f849357c587bd684%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%22186.2.160.14%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1715320023%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D3fee8f538901093fef937b9662dba47c; expires=Fri, 10-May-2024 07:47:03 GMT; path=/ content-type: text/html; charset=UTF-8 content-encoding: br vary: Accept-Encoding X-Firefox-Spdy: h2

	gg.gg/js/jquery-ui-1.8.21.custom.min.js	91.215.42.31	200 OK	50 kB
URL GET HTTP/2 gg.gg/js/jquery-ui-1.8.21.custom.min.js IP 91.215.42.31:443 ASN #57724 Ddos-Guard Ltd Requested by https://gg.gg/gtha2 Certificate IssuerLet's Encrypt Subjectgg.gg Fingerprint65:79:91:51:F6:2D:9D:92:EE:9F:E5:E7:30:20:1B:53:B2:FB:77:CC ValidityMon, 06 May 2024 03:28:16 GMT - Sun, 04 Aug 2024 03:28:15 GMT File type JavaScript source, ASCII text, with very long lines (18608) Size 50 kB (50149 bytes) Hash 03afe455536a9c44ad82cf1425e354b6 4d6a5f3a7e2ff4bcdabfcd3fef8b2e8e05197480 da8edc2a2b29e48e48480a779d36a1eeef6ad155120bdd1b7eb36d4d8fadd32b HTTP Headers GET /js/jquery-ui-1.8.21.custom.min.js HTTP/1.1 Host: gg.gg User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gg.gg/gtha2 Cookie: __ddg1_=SZhTOjcPSswsMTgECv5Q; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22f73c0b941c7e2fe4f849357c587bd684%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%22186.2.160.14%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1715320023%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D3fee8f538901093fef937b9662dba47c Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: ddos-guard date: Tue, 07 May 2024 00:59:09 GMT last-modified: Wed, 20 Jun 2012 21:27:50 GMT etag: W/"14a06f5-3284b-4c2ee12304180" accept-ranges: bytes content-type: text/javascript content-encoding: br vary: Accept-Encoding age: 276475 content-length: 50149 ddg-cache-status: HIT X-Firefox-Spdy: h2`

	gg.gg/js/jquery.cookie.js	91.215.42.31	200 OK	725 B
URL GET HTTP/2 gg.gg/js/jquery.cookie.js IP 91.215.42.31:443 ASN #57724 Ddos-Guard Ltd Requested by https://gg.gg/gtha2 Certificate IssuerLet's Encrypt Subjectgg.gg Fingerprint65:79:91:51:F6:2D:9D:92:EE:9F:E5:E7:30:20:1B:53:B2:FB:77:CC ValidityMon, 06 May 2024 03:28:16 GMT - Sun, 04 Aug 2024 03:28:15 GMT File type JavaScript source, ASCII text Size 725 B (725 bytes) Hash 3291194034b434bb51afaa5aabd2313a ee31f8edef296efe486218e3b434e816612ef848 d6f218e7eb673e6264b7b6c71d9a46c2379cb2f396c3317d7ecedbf0b99ab2c9 HTTP Headers GET /js/jquery.cookie.js HTTP/1.1 Host: gg.gg User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gg.gg/gtha2 Cookie: __ddg1_=SZhTOjcPSswsMTgECv5Q; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22f73c0b941c7e2fe4f849357c587bd684%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%22186.2.160.14%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1715320023%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D3fee8f538901093fef937b9662dba47c Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: ddos-guard date: Tue, 07 May 2024 00:59:09 GMT last-modified: Wed, 20 Jun 2012 21:27:49 GMT etag: W/"14a06f6-795-4c2ee1220ff40" accept-ranges: bytes content-type: text/javascript content-encoding: br vary: Accept-Encoding age: 276475 content-length: 725 ddg-cache-status: HIT X-Firefox-Spdy: h2`

	gg.gg/js/jquery.corners.min.js	91.215.42.31	200 OK	3.1 kB
URL GET HTTP/2 gg.gg/js/jquery.corners.min.js IP 91.215.42.31:443 ASN #57724 Ddos-Guard Ltd Requested by https://gg.gg/gtha2 Certificate IssuerLet's Encrypt Subjectgg.gg Fingerprint65:79:91:51:F6:2D:9D:92:EE:9F:E5:E7:30:20:1B:53:B2:FB:77:CC ValidityMon, 06 May 2024 03:28:16 GMT - Sun, 04 Aug 2024 03:28:15 GMT File type JavaScript source, ASCII text Size 3.1 kB (3081 bytes) Hash 0425d5aca5c038781800b103ef65c5d8 11c0ed86f1ae8a990ae7c5a6c721f1dcb352af8f a450356c7550c1c8bd4ef8c10aea93a62de7b22bb1005141aff41110a02d11ad HTTP Headers GET /js/jquery.corners.min.js HTTP/1.1 Host: gg.gg User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gg.gg/gtha2 Cookie: __ddg1_=SZhTOjcPSswsMTgECv5Q; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22f73c0b941c7e2fe4f849357c587bd684%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%22186.2.160.14%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1715320023%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D3fee8f538901093fef937b9662dba47c Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: ddos-guard date: Tue, 07 May 2024 01:07:02 GMT last-modified: Wed, 20 Jun 2012 21:27:49 GMT etag: W/"14a06f7-274d-4c2ee1220ff40" accept-ranges: bytes content-type: text/javascript content-encoding: br vary: Accept-Encoding age: 276001 content-length: 3081 ddg-cache-status: HIT X-Firefox-Spdy: h2`

	gg.gg/js/jquery.zclip.min.js	91.215.42.31	200 OK	2.4 kB
URL GET HTTP/2 gg.gg/js/jquery.zclip.min.js IP 91.215.42.31:443 ASN #57724 Ddos-Guard Ltd Requested by https://gg.gg/gtha2 Certificate IssuerLet's Encrypt Subjectgg.gg Fingerprint65:79:91:51:F6:2D:9D:92:EE:9F:E5:E7:30:20:1B:53:B2:FB:77:CC ValidityMon, 06 May 2024 03:28:16 GMT - Sun, 04 Aug 2024 03:28:15 GMT File type JavaScript source, ASCII text, with very long lines (7199), with CRLF line terminators Size 2.4 kB (2423 bytes) Hash ed3ba6e9aeed8aa665844e5ade17576e 8c8b08b8592734439278e62bf913646b61412f23 ae63c897e26d3cab90b28bd9fa6adde37fc323582619ad9318f48e117cbf64ab HTTP Headers GET /js/jquery.zclip.min.js HTTP/1.1 Host: gg.gg User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gg.gg/gtha2 Cookie: __ddg1_=SZhTOjcPSswsMTgECv5Q; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22f73c0b941c7e2fe4f849357c587bd684%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%22186.2.160.14%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1715320023%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D3fee8f538901093fef937b9662dba47c Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: ddos-guard date: Tue, 07 May 2024 00:59:09 GMT last-modified: Wed, 20 Jun 2012 21:27:49 GMT etag: W/"14a06f9-1d0c-4c2ee1220ff40" accept-ranges: bytes content-type: text/javascript content-encoding: br vary: Accept-Encoding age: 276475 content-length: 2423 ddg-cache-status: HIT X-Firefox-Spdy: h2`

	gg.gg/js/jquery.tag-it.js	91.215.42.31	200 OK	3.9 kB
URL GET HTTP/2 gg.gg/js/jquery.tag-it.js IP 91.215.42.31:443 ASN #57724 Ddos-Guard Ltd Requested by https://gg.gg/gtha2 Certificate IssuerLet's Encrypt Subjectgg.gg Fingerprint65:79:91:51:F6:2D:9D:92:EE:9F:E5:E7:30:20:1B:53:B2:FB:77:CC ValidityMon, 06 May 2024 03:28:16 GMT - Sun, 04 Aug 2024 03:28:15 GMT File type JavaScript source, ASCII text Size 3.9 kB (3934 bytes) Hash 8387a9ca0459e0568fdd3bd15e1bd1bf bba149f9979530786fbb8069bcaa340eeef3712d 04a595cb9eae0a734d474bde7cba253390a5cd5f5a6b6234c88df9bcf36e7e15 HTTP Headers GET /js/jquery.tag-it.js HTTP/1.1 Host: gg.gg User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gg.gg/gtha2 Cookie: __ddg1_=SZhTOjcPSswsMTgECv5Q; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22f73c0b941c7e2fe4f849357c587bd684%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%22186.2.160.14%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1715320023%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D3fee8f538901093fef937b9662dba47c Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: ddos-guard date: Tue, 07 May 2024 00:59:09 GMT last-modified: Fri, 06 Jul 2012 05:29:52 GMT etag: W/"14a06f8-3d92-4c4228db19400" accept-ranges: bytes content-type: text/javascript content-encoding: br vary: Accept-Encoding age: 276474 content-length: 3934 ddg-cache-status: HIT X-Firefox-Spdy: h2`

	gg.gg/js/logic.js?v3	91.215.42.31	200 OK	1.6 kB
URL GET HTTP/2 gg.gg/js/logic.js?v3 IP 91.215.42.31:443 ASN #57724 Ddos-Guard Ltd Requested by https://gg.gg/gtha2 Certificate IssuerLet's Encrypt Subjectgg.gg Fingerprint65:79:91:51:F6:2D:9D:92:EE:9F:E5:E7:30:20:1B:53:B2:FB:77:CC ValidityMon, 06 May 2024 03:28:16 GMT - Sun, 04 Aug 2024 03:28:15 GMT File type JavaScript source, ASCII text Size 1.6 kB (1588 bytes) Hash 6115f85479309c9e6fc03c3e06c06698 8f1627afb2bca580a6c52b69b549f5290c3efeb7 2fcb1a03d5580a3486e27d980930554e63ffdb730e7ab67c9c9c50c26a100fa9 HTTP Headers GET /js/logic.js?v3 HTTP/1.1 Host: gg.gg User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gg.gg/gtha2 Cookie: __ddg1_=SZhTOjcPSswsMTgECv5Q; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22f73c0b941c7e2fe4f849357c587bd684%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%22186.2.160.14%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1715320023%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D3fee8f538901093fef937b9662dba47c Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: ddos-guard date: Tue, 07 May 2024 01:07:03 GMT last-modified: Sat, 06 Aug 2022 09:31:21 GMT etag: W/"14a0c61-1851-5e58f3ee14120" accept-ranges: bytes content-type: text/javascript content-encoding: br vary: Accept-Encoding age: 276000 content-length: 1588 ddg-cache-status: HIT X-Firefox-Spdy: h2`

	gg.gg/js/jquery-1.7.2.min.js	91.215.42.31	200 OK	33 kB
URL GET HTTP/2 gg.gg/js/jquery-1.7.2.min.js IP 91.215.42.31:443 ASN #57724 Ddos-Guard Ltd Requested by https://gg.gg/gtha2 Certificate IssuerLet's Encrypt Subjectgg.gg Fingerprint65:79:91:51:F6:2D:9D:92:EE:9F:E5:E7:30:20:1B:53:B2:FB:77:CC ValidityMon, 06 May 2024 03:28:16 GMT - Sun, 04 Aug 2024 03:28:15 GMT File type JavaScript source, Unicode text, UTF-8 text, with very long lines (32769) Size 33 kB (33186 bytes) Hash b8d64d0bc142b3f670cc0611b0aebcae abcd2ba13348f178b17141b445bc99f1917d47af 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4 HTTP Headers GET /js/jquery-1.7.2.min.js HTTP/1.1 Host: gg.gg User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gg.gg/gtha2 Cookie: __ddg1_=SZhTOjcPSswsMTgECv5Q; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22f73c0b941c7e2fe4f849357c587bd684%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%22186.2.160.14%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1715320023%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D3fee8f538901093fef937b9662dba47c Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: ddos-guard date: Tue, 07 May 2024 01:15:10 GMT last-modified: Wed, 20 Jun 2012 21:27:50 GMT etag: W/"14a06f4-17278-4c2ee12304180" accept-ranges: bytes content-type: text/javascript content-encoding: br vary: Accept-Encoding age: 275513 content-length: 33186 ddg-cache-status: HIT X-Firefox-Spdy: h2`

	gg.gg/gg-banned-page	91.215.42.31	301 Moved Permanently	32 kB
URL GET HTTP/2 gg.gg/gg-banned-page IP 91.215.42.31:443 ASN #57724 Ddos-Guard Ltd Requested by https://gg.gg/gtha2 Certificate IssuerLet's Encrypt Subjectgg.gg Fingerprint65:79:91:51:F6:2D:9D:92:EE:9F:E5:E7:30:20:1B:53:B2:FB:77:CC ValidityMon, 06 May 2024 03:28:16 GMT - Sun, 04 Aug 2024 03:28:15 GMT File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2012:09:07 02:22:56], progressive, precision 8, 600x450, components 3 Size 32 kB (32002 bytes) Hash cdd81773f16537e6405c4e28f6adec25 08bcc852dbc995ae4d9d7e9ba78b860eed0850a7 9325a36d10dc036fd657c57e35fe141715b92b12211d48e14de8dde7c8e17398 HTTP Headers GET /gg-banned-page HTTP/1.1 Host: gg.gg User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: __ddg1_=SZhTOjcPSswsMTgECv5Q; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22f73c0b941c7e2fe4f849357c587bd684%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%22186.2.160.14%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1715320023%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D3fee8f538901093fef937b9662dba47c Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 301 Moved Permanently server: ddos-guard date: Fri, 10 May 2024 05:47:03 GMT x-powered-by: PHP/5.3.3 set-cookie: gg_token=1d53260ec479bbadb9530b968e511b59663db4d7bb0fc5.47438799; expires=Thu, 08-Aug-2024 05:47:03 GMT; path=/; domain=.gg.gg expires: Mon, 26 Jul 1997 05:00:00 GMT last-modified: Fri, 10 May 2024 05:47:03 GMT cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma: no-cache location: http://gg.gg/images/broken-link.jpg content-type: text/html; charset=UTF-8 content-encoding: br vary: Accept-Encoding age: 0 ddg-cache-status: MISS X-Firefox-Spdy: h2

	gg.gg/images/favicon.ico	91.215.42.31	200 OK	894 B
URL GET HTTP/2 gg.gg/images/favicon.ico IP 91.215.42.31:443 ASN #57724 Ddos-Guard Ltd Requested by https://gg.gg/gtha2 Certificate IssuerLet's Encrypt Subjectgg.gg Fingerprint65:79:91:51:F6:2D:9D:92:EE:9F:E5:E7:30:20:1B:53:B2:FB:77:CC ValidityMon, 06 May 2024 03:28:16 GMT - Sun, 04 Aug 2024 03:28:15 GMT File type MS Windows icon resource - 1 icon, 16x16, 24 bits/pixel Size 894 B (894 bytes) Hash 94cdc66c71cb96127f0faa3931a23ab9 77cbf7fe62cf2eba5ef27fde2edfe4408c1ba0d8 5b7adedabf077fff5216aca04fecfec61c8e90c5ca054eab19e3a9bd152496a4 HTTP Headers GET /images/favicon.ico HTTP/1.1 Host: gg.gg User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gg.gg/gtha2 Cookie: __ddg1_=SZhTOjcPSswsMTgECv5Q; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22f73c0b941c7e2fe4f849357c587bd684%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%22186.2.160.14%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1715320023%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D3fee8f538901093fef937b9662dba47c; gg_token=1d53260ec479bbadb9530b968e511b59663db4d7bb0fc5.47438799 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: ddos-guard date: Mon, 06 May 2024 04:28:16 GMT last-modified: Wed, 20 Jun 2012 21:25:00 GMT etag: "14a06e6-37e-4c2ee080e4300" accept-ranges: bytes content-length: 894 content-type: image/vnd.microsoft.icon age: 350327 ddg-cache-status: HIT X-Firefox-Spdy: h2`

	apis.google.com/js/plusone.js	142.250.74.110	200 OK	21 kB
URL GET HTTP/2 apis.google.com/js/plusone.js IP 142.250.74.110:443 ASN #15169 GOOGLE Requested by https://gg.gg/gtha2 Certificate IssuerGoogle Trust Services LLC Subject.apis.google.com FingerprintA7:D6:BC:77:0E:91:14:D7:D6:8D:A4:E5:4C:00:57:E1:44:DB:F2:8B ValidityTue, 16 Apr 2024 04:20:57 GMT - Tue, 09 Jul 2024 04:20:56 GMT File type JavaScript source, ASCII text, with very long lines (2050) Size 21 kB (21303 bytes) Hash fb86282646c76d835cd2e6c49b8625f7 d1b33142b0ce10c3e883e4799dcb0a2f9ddaa3d0 638374c6c6251af66fe3f5018eb3ff62b47df830a0137afb51e36ac3279d8109 HTTP Headers `GET /js/plusone.js HTTP/1.1 Host: apis.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gg.gg/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip content-type: text/javascript access-control-allow-origin: * content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="gapi-team" report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]} timing-allow-origin: * content-length: 21303 date: Fri, 10 May 2024 05:47:03 GMT expires: Fri, 10 May 2024 05:47:03 GMT cache-control: private, max-age=1800, stale-while-revalidate=1800 etag: "80d5c9d57d5f206f" x-content-type-options: nosniff server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_1?le=scs	142.250.74.110	200 OK	35 kB
URL GET HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_1?le=scs IP 142.250.74.110:443 ASN #15169 GOOGLE Requested by https://gg.gg/gtha2 Certificate IssuerGoogle Trust Services LLC Subject.apis.google.com FingerprintA7:D6:BC:77:0E:91:14:D7:D6:8D:A4:E5:4C:00:57:E1:44:DB:F2:8B ValidityTue, 16 Apr 2024 04:20:57 GMT - Tue, 09 Jul 2024 04:20:56 GMT File type JavaScript source, ASCII text, with very long lines (1586) Size 35 kB (35323 bytes) Hash 2194126651ec918368e1c172f3003494 44cbf3b9bd5ac4f5c95cfcc8ad31844ba9f67c48 f3bed417a7effbce45e190fabd36fba0d906f4d39a893231eaf61c0801d0fbca HTTP Headers GET /_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_1?le=scs HTTP/1.1 Host: apis.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gg.gg/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access" report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-length: 35323 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 03 May 2024 07:44:49 GMT expires: Sat, 03 May 2025 07:44:49 GMT cache-control: public, max-age=31536000 last-modified: Mon, 15 Apr 2024 18:15:45 GMT content-type: text/javascript; charset=UTF-8 vary: Accept-Encoding age: 597735 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs	142.250.74.110	200 OK	56 kB
URL GET HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs IP 142.250.74.110:443 ASN #15169 GOOGLE Requested by https://gg.gg/gtha2 Certificate IssuerGoogle Trust Services LLC Subject.apis.google.com FingerprintA7:D6:BC:77:0E:91:14:D7:D6:8D:A4:E5:4C:00:57:E1:44:DB:F2:8B ValidityTue, 16 Apr 2024 04:20:57 GMT - Tue, 09 Jul 2024 04:20:56 GMT File type JavaScript source, ASCII text, with very long lines (2124) Size 56 kB (55813 bytes) Hash a07a0041143bc11d11c2fe0d37a5ded7 cb14b39ec6f8a362a08d1957af211d81f750d54d 233746b5d7f58579f0d5ea21e4907fdb5be5469f05dd7691633448aead77fc98 HTTP Headers GET /_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs HTTP/1.1 Host: apis.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gg.gg/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access" report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-length: 55813 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 09 May 2024 12:30:05 GMT expires: Fri, 09 May 2025 12:30:05 GMT cache-control: public, max-age=31536000 age: 62219 last-modified: Mon, 15 Apr 2024 18:15:45 GMT content-type: text/javascript; charset=UTF-8 vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&origin=https%3A%2F%2Fgg.gg&url=https%3A%2F%2Fgg.gg%2Fgtha2&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__	142.250.74.110		226 B
URL apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&origin=https%3A%2F%2Fgg.gg&url=https%3A%2F%2Fgg.gg%2Fgtha2&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ IP 142.250.74.110:0 ASN #15169 GOOGLE Certificate IssuerGoogle Trust Services LLC Subject.apis.google.com FingerprintA7:D6:BC:77:0E:91:14:D7:D6:8D:A4:E5:4C:00:57:E1:44:DB:F2:8B ValidityTue, 16 Apr 2024 04:20:57 GMT - Tue, 09 Jul 2024 04:20:56 GMT File type HTML document, ASCII text, with CRLF, LF line terminators Size 226 B (226 bytes) Hash 4df07581948280a6e769a24c5d99d775 843a2c95362347eb8894a6acb607f139be65ded4 3561b93a48d81fac116ccd6e60163bd382abb1d594c81240f5718feb1f197f73 HTTP Headers GET /u/0/se/0/_/+1/fastbutton?usegapi=1&origin=https%3A%2F%2Fgg.gg&url=https%3A%2F%2Fgg.gg%2Fgtha2&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ HTTP/1.1 Host: apis.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gg.gg/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 301 Moved Permanently location: http://developers.google.com/ cross-origin-resource-policy: cross-origin x-content-type-options: nosniff server: sffe content-length: 226 x-xss-protection: 0 date: Fri, 10 May 2024 05:41:03 GMT expires: Fri, 10 May 2024 06:11:03 GMT cache-control: public, max-age=1800 content-type: text/html; charset=UTF-8 age: 361 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	o.pki.goog/wr2	142.250.74.131		471 B
URL o.pki.goog/wr2 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 9a42e37278e1480da7ec417eb8b7285e 2ebb273a9d30622c0371647e60d4323937a9d5bc 0c3686dcbc184d61e8fd14b50520a7d83880a655fa38a7f14443a275130a446e HTTP Headers `POST /wr2 HTTP/1.1 Host: o.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 10 May 2024 05:47:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	o.pki.goog/wr2	142.250.74.131		471 B
URL o.pki.goog/wr2 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 4addd78a1ebbfbfd98f962bee30de93e 113326456169ddeb584e9bc96365d93c913e40be 5aabd865e6cf2769f401a6bb4b0059dcf57bc7b5e0cc8e015a2fe0e0d85d9717 HTTP Headers `POST /wr2 HTTP/1.1 Host: o.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 10 May 2024 05:47:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	apis.google.com/js/rpc:shindig_random.js?onload=init	142.250.74.110	200 OK	5.9 kB
URL GET HTTP/3 apis.google.com/js/rpc:shindig_random.js?onload=init IP 142.250.74.110:443 ASN #15169 GOOGLE Requested by https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fgg.gg&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__#rpctoken=604465834&forcesecure=1 Certificate IssuerGoogle Trust Services LLC Subject.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT File type JavaScript source, ASCII text, with very long lines (2054) Size 5.9 kB (5908 bytes) Hash 23a7ab8d8ba33d255e61be9fc36b1d16 042d8431d552c81f4e504644ac88adce7bf2b76f 127ffe5850ed564a98f7ac65c81f0d71c163ea45df74f130841f78d4ac5afad5 HTTP Headers `GET /js/rpc:shindig_random.js?onload=init HTTP/1.1 Host: apis.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://accounts.google.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip content-type: text/javascript access-control-allow-origin: * content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="gapi-team" report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]} timing-allow-origin: * content-length: 5908 date: Fri, 10 May 2024 05:47:04 GMT expires: Fri, 10 May 2024 05:47:04 GMT cache-control: private, max-age=1800, stale-while-revalidate=1800 etag: "9b77125b6924cb07" x-content-type-options: nosniff server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	ssl.gstatic.com/accounts/o/3604799710-postmessagerelay.js	142.250.74.35	200 OK	4.8 kB
URL GET HTTP/2 ssl.gstatic.com/accounts/o/3604799710-postmessagerelay.js IP 142.250.74.35:443 ASN #15169 GOOGLE Requested by https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fgg.gg&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__#rpctoken=604465834&forcesecure=1 Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT File type JavaScript source, ASCII text, with very long lines (1915) Size 4.8 kB (4846 bytes) Hash 40aaadf2a7451d276b940cddefb2d0ed b2fc8129a4f5e5a0c8cb631218f40a4230444d9e 4b515a19e688085b55f51f1eda7bc3e51404e8f59b64652e094994baf7be28f2 HTTP Headers `GET /accounts/o/3604799710-postmessagerelay.js HTTP/1.1 Host: ssl.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://accounts.google.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access" report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]} content-length: 4846 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 09 May 2024 02:15:10 GMT expires: Fri, 09 May 2025 02:15:10 GMT cache-control: public, max-age=31536000 age: 99114 last-modified: Mon, 29 Apr 2024 12:07:43 GMT content-type: text/javascript vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs	142.250.74.110	200 OK	24 kB
URL GET HTTP/3 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs IP 142.250.74.110:443 ASN #15169 GOOGLE Requested by https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fgg.gg&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__#rpctoken=604465834&forcesecure=1 Certificate IssuerGoogle Trust Services LLC Subject.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT File type JavaScript source, ASCII text, with very long lines (2124) Size 24 kB (23473 bytes) Hash 63e5a0b45632b3dde3694ffcaf0e3f7a 923736d0cdc308331d5cfaa0ea159bfedc83d53f 889109910477919b3457416e7764bcd0add19fd959848253026125c7c35c43db HTTP Headers GET /_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs HTTP/1.1 Host: apis.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://accounts.google.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access" report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-length: 23473 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 09 May 2024 01:59:06 GMT expires: Fri, 09 May 2025 01:59:06 GMT cache-control: public, max-age=31536000 age: 100078 last-modified: Mon, 15 Apr 2024 18:15:45 GMT content-type: text/javascript; charset=UTF-8 vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fgg.gg&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__	74.125.131.84	200 OK	566 B
URL GET HTTP/2 accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fgg.gg&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ IP 74.125.131.84:443 ASN #15169 GOOGLE Requested by https://gg.gg/gtha2 Certificate IssuerGoogle Trust Services Subjectaccounts.google.com Fingerprint75:65:5E:EB:A9:59:16:DF:32:A3:39:DC:8A:A2:FD:28:92:33:6B:0D ValidityTue, 16 Apr 2024 04:20:43 GMT - Tue, 09 Jul 2024 04:20:42 GMT File type HTML document, ASCII text, with very long lines (586), with no line terminators Size 566 B (566 bytes) Hash 1dfd8c4cfbe80f4a07a86a73ab63ccf0 f15136b57eb409872923f4742a723846277be526 1a2abf5d2c3d8915534ee9e0190101f65dddde36b4771eb6408326f70c249ad3 HTTP Headers GET /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fgg.gg&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ HTTP/1.1 Host: accounts.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gg.gg/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-type: text/html; charset=utf-8 vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Fri, 10 May 2024 05:47:04 GMT content-security-policy: script-src 'nonce-JjTnNHs-_ZwjLlECcqP53Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport cross-origin-resource-policy: same-site content-encoding: gzip server: ESF x-xss-protection: 0 x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	gg.gg/css/jquery.tagit.css	91.215.42.31	200 OK	1.1 kB
URL GET HTTP/2 gg.gg/css/jquery.tagit.css IP 91.215.42.31:443 ASN #57724 Ddos-Guard Ltd Requested by https://gg.gg/gtha2 Certificate IssuerLet's Encrypt Subjectgg.gg Fingerprint65:79:91:51:F6:2D:9D:92:EE:9F:E5:E7:30:20:1B:53:B2:FB:77:CC ValidityMon, 06 May 2024 03:28:16 GMT - Sun, 04 Aug 2024 03:28:15 GMT File type ASCII text, with very long lines (1194), with no line terminators Size 1.1 kB (1138 bytes) Hash 8d0ec46b1ecc03435c0fe9df9b0908b2 739172555bdb2bfa40f0249d4a6597784162c91f 728a109d4c672bae18ec464eec40418dd5f0fec155205ebc854c9986417d7447 HTTP Headers GET /css/jquery.tagit.css HTTP/1.1 Host: gg.gg User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gg.gg/gtha2 Cookie: __ddg1_=SZhTOjcPSswsMTgECv5Q; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22f73c0b941c7e2fe4f849357c587bd684%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%22186.2.160.14%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1715320023%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D3fee8f538901093fef937b9662dba47c Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: ddos-guard date: Tue, 07 May 2024 01:07:02 GMT last-modified: Fri, 06 Jul 2012 05:23:50 GMT etag: W/"14a06e1-472-4c422781de580" accept-ranges: bytes content-type: text/css x-pad: avoid browser bug content-encoding: br vary: Accept-Encoding age: 276001 content-length: 384 ddg-cache-status: HIT X-Firefox-Spdy: h2`

	gg.gg/images/broken-link.jpg	91.215.42.31	200 OK	32 kB
URL GET HTTP/2 gg.gg/images/broken-link.jpg IP 91.215.42.31:443 ASN #57724 Ddos-Guard Ltd Requested by https://gg.gg/gtha2 Certificate IssuerLet's Encrypt Subjectgg.gg Fingerprint65:79:91:51:F6:2D:9D:92:EE:9F:E5:E7:30:20:1B:53:B2:FB:77:CC ValidityMon, 06 May 2024 03:28:16 GMT - Sun, 04 Aug 2024 03:28:15 GMT File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2012:09:07 02:22:56], progressive, precision 8, 600x450, components 3 Size 32 kB (32002 bytes) Hash cdd81773f16537e6405c4e28f6adec25 08bcc852dbc995ae4d9d7e9ba78b860eed0850a7 9325a36d10dc036fd657c57e35fe141715b92b12211d48e14de8dde7c8e17398 HTTP Headers GET /images/broken-link.jpg HTTP/1.1 Host: gg.gg User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: __ddg1_=SZhTOjcPSswsMTgECv5Q; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22f73c0b941c7e2fe4f849357c587bd684%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%22186.2.160.14%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A68%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1715320023%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D3fee8f538901093fef937b9662dba47c; gg_token=1d53260ec479bbadb9530b968e511b59663db4d7bb0fc5.47438799 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: ddos-guard date: Mon, 06 May 2024 04:37:38 GMT last-modified: Thu, 06 Sep 2012 23:26:43 GMT etag: "14a06e3-7d02-4c910d2f872c0" accept-ranges: bytes content-length: 32002 content-type: image/jpeg age: 349765 ddg-cache-status: HIT X-Firefox-Spdy: h2`

	apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&origin=https%3A%2F%2Fgg.gg&url=https%3A%2F%2Fgg.gg%2Fgtha2&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__	142.250.74.110	301 Moved Permanently	0 B
URL GET HTTP/2 apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&origin=https%3A%2F%2Fgg.gg&url=https%3A%2F%2Fgg.gg%2Fgtha2&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ IP 142.250.74.110:443 ASN #15169 GOOGLE Requested by https://gg.gg/gtha2 Certificate IssuerGoogle Trust Services LLC Subject.apis.google.com FingerprintA7:D6:BC:77:0E:91:14:D7:D6:8D:A4:E5:4C:00:57:E1:44:DB:F2:8B ValidityTue, 16 Apr 2024 04:20:57 GMT - Tue, 09 Jul 2024 04:20:56 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /u/0/se/0/_/+1/fastbutton?usegapi=1&origin=https%3A%2F%2Fgg.gg&url=https%3A%2F%2Fgg.gg%2Fgtha2&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ HTTP/1.1 Host: apis.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gg.gg/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 301 Moved Permanently location: http://developers.google.com/ cross-origin-resource-policy: cross-origin x-content-type-options: nosniff server: sffe content-length: 226 x-xss-protection: 0 date: Fri, 10 May 2024 05:41:03 GMT expires: Fri, 10 May 2024 06:11:03 GMT cache-control: public, max-age=1800 content-type: text/html; charset=UTF-8 age: 361 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML