r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4c9ec202b798d350b6582220b7bb8457
d16ca24cd60b349231ad06fa5db32f54a3bc9e09
df036d315a613ac6396b77afb0a4ea5f793091786be0cbf3f3a0d043bc1d1d3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF036D315A613AC6396B77AFB0A4EA5F793091786BE0CBF3F3A0D043BC1D1D3C"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16752
Expires: Thu, 27 Oct 2022 20:36:44 GMT
Date: Thu, 27 Oct 2022 15:57:32 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 221b3fe9a6458de64d8bbfcd4a8e2f36
988c93428ff15108d46a11865e1c7e2782fbae34
a5ff1b60b9ef85086d0c6617d9d39cf17ae45855bf7b0ee24ec49ad5a863c18e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2766
Cache-Control: max-age=152382
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 15:57:33 GMT
Etag: "635a4fdd-1d7"
Expires: Sat, 29 Oct 2022 10:17:15 GMT
Last-Modified: Thu, 27 Oct 2022 09:31:09 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8db408c487f7d35bba323046736e8d3a
01b91e2dce7c6d3de9adfe6ff4d38f9b24ab7db0
9aeafc72c1a969243e1fc96f68ce18888034a749ee70582208bf814bd40b61a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AEAFC72C1A969243E1FC96F68CE18888034A749EE70582208BF814BD40B61A5"
Last-Modified: Tue, 25 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3153
Expires: Thu, 27 Oct 2022 16:50:06 GMT
Date: Thu, 27 Oct 2022 15:57:33 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: dtOGp5O+G3N1vL3xlSjTbhG3oubvBU7SP46mJ6kQpaCnV5LWvq5qHsf8/Sdmz3BTk+0m1t8ZbqqwcyKojQaW6A==
x-amz-request-id: ZQK2DFW9QVKHXMF3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 27 Oct 2022 15:39:40 GMT
age: 1073
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
gronthoghor.com/xoe/qbot.zip
301 Moved Permanently 0 B URL HTTP/1.1 gronthoghor.com/xoe/qbot.zip
IP
ASN #8100 ASN-QUADRANET-GLOBAL
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /xoe/qbot.zip HTTP/1.1
Host: gronthoghor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
pragma: no-cache
set-cookie: PHPSESSID=eff8e92e98d897deb954db5aa66bd404; path=/; secure; HttpOnly
addonify-compare-products=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
location: https://gronthoghor.com/xoe/qbot.zip
content-length: 0
date: Thu, 27 Oct 2022 15:57:34 GMT
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
ocsp.digicert.com/
200 OK 471 B IP
Hash d72d2f5d05f03753594e43fd34398221
ac6795c1c33f3fa2139e7f8dc601c3e6de6029a5
036c965156cf07faecc342cb2e30b7a20def68ad4a10423951ce871a7a3a6777
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4554
Cache-Control: max-age=149110
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 15:57:33 GMT
Etag: "635a3c19-1d7"
Expires: Sat, 29 Oct 2022 09:22:43 GMT
Last-Modified: Thu, 27 Oct 2022 08:06:49 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: d2MWFretfbpve+S2A6CxBg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +16aKKFQcwAhjCiadY1AhA9gULo=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 262ee317a7d41424cef3f541f6e538d3
1c298c901f93a95e99bdc63259f415ab84a13783
c263ddf8d0a398b0b7e11f7efa9cb901bf877d939f388eb6089a236bbbdc2be4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C263DDF8D0A398B0B7E11F7EFA9CB901BF877D939F388EB6089A236BBBDC2BE4"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9261
Expires: Thu, 27 Oct 2022 18:31:56 GMT
Date: Thu, 27 Oct 2022 15:57:35 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2013af8a-e057-44cd-8dca-381e200609e6.jpeg
200 OK 18 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2013af8a-e057-44cd-8dca-381e200609e6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed4462f023dbabb596a2e3b521425ca1
61b82445b422a5f917bb10640beb6d73eb0e62c3
a02af2897331acc123bf7d54b30929e3bc062a0875b5dea95302ddf60d808ded
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2013af8a-e057-44cd-8dca-381e200609e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 18182
x-amzn-requestid: f1232b1f-32ac-4820-b186-b3bfb928c0b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aYvSKFF4oAMF2Wg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63535f40-0b9bc4d27b7534176cc278ed;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 03:10:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -iSQAX4xEu0e3ym9ovX4jXaBbE6JVQyqZQOI4vNg_uEOO2hFafgl4A==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 06:31:47 GMT
age: 33948
etag: "61b82445b422a5f917bb10640beb6d73eb0e62c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5a9dae4-226e-42f6-b38d-d6f3f560ed69.jpeg
200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5a9dae4-226e-42f6-b38d-d6f3f560ed69.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8240214ef7bc82b09de023cde217beb9
0f432e521fc4392f528042c711139dc0becc5598
2d5f1a426441536086c8278651808dc6e3e819ec18b48048520a4dedbc8a08ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5a9dae4-226e-42f6-b38d-d6f3f560ed69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6806
x-amzn-requestid: bdf4f489-b474-4143-881f-521ad5dee74b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocwUGb9oAMFRGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a801-2a1e822f6b1dd3304c8f0527;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: oxLrpXYZuUBO5qEKrFYAkh3lx2ZE7Jph8tcq0b4dWIHxUODXP3FDDQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:52:49 GMT
etag: "0f432e521fc4392f528042c711139dc0becc5598"
content-type: image/jpeg
age: 65086
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg
200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91ee720c15dc69de45080d0c951353af
5292b31a99d90bcb7071f327b93d52034bdf9dcb
7fbe9f0f6db08fd539f2e8d4ac22e3b4d5ca14f7cde69f8424cce8b361d026e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4524
x-amzn-requestid: a493efe7-11c7-4032-b36b-7f838f8180bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aljicH_6IAMFqpQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63587fa9-0f15eae7680ea7b15e5e47ec;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 00:30:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NQJHFIbLMzw0aGwCkVGIEIHOMHprTpvLkLQRKgrGeVj35sk7sW4IUg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 00:35:15 GMT
age: 55340
etag: "5292b31a99d90bcb7071f327b93d52034bdf9dcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F577b3c1d-3b6e-4105-8d19-8557bacffa02.jpeg
200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F577b3c1d-3b6e-4105-8d19-8557bacffa02.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ded5eb41644bfe7ea87cff5ab0d79f0
9b13eca2d768277b92c05a8a82743018489783a6
3de7fcc3e9c8a107e4c5d6e59506ec71e68129a8351e47af63930873775ac3f9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F577b3c1d-3b6e-4105-8d19-8557bacffa02.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 15768
x-amzn-requestid: ab678277-5d12-4ae2-9af7-f15fab294657
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRoclEbBoAMFz9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63508783-344a14d17bfcd6b12ffe02b0;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 23:25:55 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AgS3Yq-WCRRnFvCxMcwq13lQz8cGvvdwZ51C3H0szmB0iyZLb9mf-A==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:51:09 GMT
age: 65186
etag: "9b13eca2d768277b92c05a8a82743018489783a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5dac341-2b9d-4d07-ab3f-dafe74f88664.jpeg
200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5dac341-2b9d-4d07-ab3f-dafe74f88664.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2193431d88baf9af6829421cd13743ff
a192ab139ad0dc5cf206986eb06028ddad224e46
c535e09fb4a53ca580f5f5926d1494c50b6ad6c7c9ec78df6b7015213852b737
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5dac341-2b9d-4d07-ab3f-dafe74f88664.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9720
x-amzn-requestid: 6b4749ca-bcb9-4274-a309-e6d463851a6a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aV_n6FOSIAMFroA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63524632-56186f1f2a0bf68f6dba843b;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 07:11:46 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3emAUJej2kLKLs9Uq-3DvpzkUFvh_ZCtP-83SgiHBkAwaoWhnPBYUg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 17:28:56 GMT
age: 80919
etag: "a192ab139ad0dc5cf206986eb06028ddad224e46"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F898fe841-b0a7-4f17-8713-d982fcedd316.jpeg
200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F898fe841-b0a7-4f17-8713-d982fcedd316.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 27838ba1a0dc8484cc39e787b1e35c24
317f858e36816c2605e0ca91fd7ba60896bc082d
f5b148a13cdcdf31e83ba5db3da139f581778d8b843b8f59ab0c9f08990d0374
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F898fe841-b0a7-4f17-8713-d982fcedd316.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6306
x-amzn-requestid: c5a693a2-df65-4c7a-a755-133e0dbf14e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: apW_tHDGoAMFp2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635a0531-72afd432100cd0117ec18934;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 04:12:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9A1adf9pl0pRkrNB7jSKlF5tX-suPU-VxAP1upGgJEOnLC_aQcEb6g==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 04:38:55 GMT
age: 40720
etag: "317f858e36816c2605e0ca91fd7ba60896bc082d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
gronthoghor.com/wp-content/cache/wpo-minify/1666690537/assets/wpo-minify-header-510f26fc.min.css
200 OK 7.6 kB URL HTTP/2 gronthoghor.com/wp-content/cache/wpo-minify/1666690537/assets/wpo-minify-header-510f26fc.min.css
IP
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (53734), with no line terminators
Hash 43ba0a4a88ecaf1874dd16e14ba11295
780311b0f46d4a6d94f90d16808c253eddbdffd3
6f80850fd57e24891e97698539f470ba0d112847668e6223fbf67b5475734ac4
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/wpo-minify/1666690537/assets/wpo-minify-header-510f26fc.min.css HTTP/1.1
Host: gronthoghor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gronthoghor.com/xoe/qbot.zip
Connection: keep-alive
Cookie: PHPSESSID=fd7c64340a9f7c7e791e5238dd863a36
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 03 Nov 2022 15:57:36 GMT
content-type: text/css
last-modified: Tue, 25 Oct 2022 09:39:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7573
date: Thu, 27 Oct 2022 15:57:36 GMT
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
X-Firefox-Spdy: h2
gronthoghor.com/wp-content/cache/wpo-minify/1666690537/assets/wpo-minify-header-13a041a5.min.css
200 OK 53 kB URL HTTP/2 gronthoghor.com/wp-content/cache/wpo-minify/1666690537/assets/wpo-minify-header-13a041a5.min.css
IP
ASN #8100 ASN-QUADRANET-GLOBAL
File type Unicode text, UTF-8 text, with very long lines (31724)
Hash 681632375beb9693968a3dac8c3f7ea2
5aa88a8ad4b2a5a3add98a37d4f31657d5dbba32
512c32ace571f52b3b095c8854a302a2e9a3c04672683c1428cd0d658d77f278
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/wpo-minify/1666690537/assets/wpo-minify-header-13a041a5.min.css HTTP/1.1
Host: gronthoghor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gronthoghor.com/xoe/qbot.zip
Connection: keep-alive
Cookie: PHPSESSID=fd7c64340a9f7c7e791e5238dd863a36
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 03 Nov 2022 15:57:36 GMT
content-type: text/css
last-modified: Tue, 25 Oct 2022 09:39:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 53250
date: Thu, 27 Oct 2022 15:57:36 GMT
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
X-Firefox-Spdy: h2
gronthoghor.com/wp-content/cache/wpo-minify/1666690537/assets/wpo-minify-header-8ab61310.min.css
200 OK 14 kB URL HTTP/2 gronthoghor.com/wp-content/cache/wpo-minify/1666690537/assets/wpo-minify-header-8ab61310.min.css
IP
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (50725), with no line terminators
Hash ede5ab480c0941612a2a0cd4107c0a11
cba28004bf930cb884958be0e32212a15269b188
85085ae5a35d48d46157d92c608423858dbd6844dd8a207971e17175c0cf905c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/wpo-minify/1666690537/assets/wpo-minify-header-8ab61310.min.css HTTP/1.1
Host: gronthoghor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gronthoghor.com/xoe/qbot.zip
Connection: keep-alive
Cookie: PHPSESSID=fd7c64340a9f7c7e791e5238dd863a36
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 03 Nov 2022 15:57:36 GMT
content-type: text/css
last-modified: Tue, 25 Oct 2022 09:39:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 13603
date: Thu, 27 Oct 2022 15:57:36 GMT
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
X-Firefox-Spdy: h2
gronthoghor.com/wp-content/cache/wpo-minify/1666690537/assets/wpo-minify-footer-0aa91941.min.js
200 OK 17 kB URL HTTP/2 gronthoghor.com/wp-content/cache/wpo-minify/1666690537/assets/wpo-minify-footer-0aa91941.min.js
IP
ASN #8100 ASN-QUADRANET-GLOBAL
File type Unicode text, UTF-8 text, with very long lines (21867)
Hash c39ad58f922406aa87efa996d5f3aa24
1cd0e211728db9bcd854224f5024ef7f36a21089
6007b99c9f905ca74475ead5edd05cbe556d806a209af36cc70c0b68be3f4fc7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/wpo-minify/1666690537/assets/wpo-minify-footer-0aa91941.min.js HTTP/1.1
Host: gronthoghor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gronthoghor.com/xoe/qbot.zip
Connection: keep-alive
Cookie: PHPSESSID=fd7c64340a9f7c7e791e5238dd863a36
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 03 Nov 2022 15:57:36 GMT
content-type: application/javascript
last-modified: Tue, 25 Oct 2022 09:39:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 16739
date: Thu, 27 Oct 2022 15:57:36 GMT
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
X-Firefox-Spdy: h2
gronthoghor.com/wp-content/cache/wpo-minify/1666690537/assets/wpo-minify-footer-fd8c39ae.min.js
200 OK 47 kB URL HTTP/2 gronthoghor.com/wp-content/cache/wpo-minify/1666690537/assets/wpo-minify-footer-fd8c39ae.min.js
IP
ASN #8100 ASN-QUADRANET-GLOBAL
File type Unicode text, UTF-8 text, with very long lines (28582), with CRLF, LF line terminators
Hash eab5b09c7e0fd3ca48316451b2969ca8
56c4c9194d83903d279d722a2d9097f2706aef0b
6b2bb7a86763ff64196af8b3c3b8259b93cd0c9d69ee2a20b5cbec97c9008c93
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/wpo-minify/1666690537/assets/wpo-minify-footer-fd8c39ae.min.js HTTP/1.1
Host: gronthoghor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gronthoghor.com/xoe/qbot.zip
Connection: keep-alive
Cookie: PHPSESSID=fd7c64340a9f7c7e791e5238dd863a36
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 03 Nov 2022 15:57:36 GMT
content-type: application/javascript
last-modified: Tue, 25 Oct 2022 09:39:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 46782
date: Thu, 27 Oct 2022 15:57:36 GMT
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
X-Firefox-Spdy: h2
gronthoghor.com/wp-content/cache/wpo-minify/1666690537/assets/wpo-minify-footer-054c21d2.min.js
200 OK 44 kB URL HTTP/2 gronthoghor.com/wp-content/cache/wpo-minify/1666690537/assets/wpo-minify-footer-054c21d2.min.js
IP
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (61502)
Hash f279e9cd8d2be3abf5ff94befe15b2db
0c93ddb5d12dc094354c341966d7ce525d60cc65
ec21834a57da221cae09a53679d10ae73cf3907b36cd663c1f6bbd2bc7e0c6b1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/cache/wpo-minify/1666690537/assets/wpo-minify-footer-054c21d2.min.js HTTP/1.1
Host: gronthoghor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gronthoghor.com/xoe/qbot.zip
Connection: keep-alive
Cookie: PHPSESSID=fd7c64340a9f7c7e791e5238dd863a36
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600, public
expires: Thu, 03 Nov 2022 15:57:36 GMT
content-type: application/javascript
last-modified: Tue, 25 Oct 2022 09:39:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 44341
date: Thu, 27 Oct 2022 15:57:36 GMT
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.6.0.min.js
200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.6.0.min.js
IP
File type ASCII text, with very long lines (65447)
Hash 899f0189aaf034bbba5340f724d91dfa
210ea9de03968edb9d839ba4a0ce2d48666a8ab8
949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gronthoghor.com
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 15:57:36 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1666886256.dop017.sk1.t,1666886256.cds257.sk1.hn,1666886256.cds210.sk1.c
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/7.0.0/assets/js/photoswipe/photoswipe.min.js
200 OK 12 kB URL HTTP/2 c0.wp.com/p/woocommerce/7.0.0/assets/js/photoswipe/photoswipe.min.js
IP
File type ASCII text, with very long lines (30938)
Hash c23f6247bcc13754bc896a778ebcc862
77ff998dccbba62b21c6d51183f24459392cdead
8f222c7b7427230092e6833cb9ea9deea280662757ee85593af9c40410abb20d
GET /p/woocommerce/7.0.0/assets/js/photoswipe/photoswipe.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:35 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 19 Jul 2022 19:16:40 GMT
content-encoding: br
expires: Fri, 27 Oct 2023 15:57:35 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/7.0.0/assets/js/frontend/single-product.min.js
200 OK 2.2 kB URL HTTP/2 c0.wp.com/p/woocommerce/7.0.0/assets/js/frontend/single-product.min.js
IP
File type Unicode text, UTF-8 text, with very long lines (6322), with no line terminators
Hash caa2df8630747ec18fddbc3afcb0313e
2789d68f1a1d8b203dac203c40b6f58ff188bb11
75914370b2d60b47f8ab6e9b5b2587fc1aae25e508311087165f5750abc18fc2
GET /p/woocommerce/7.0.0/assets/js/frontend/single-product.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:35 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 19 Jul 2022 19:16:40 GMT
content-encoding: br
expires: Fri, 27 Oct 2023 15:57:35 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d14190b7d44355f74384008fc2bc965b
8899240507992ceba98f567c079650149cc583a4
2db73ab3dfce1101ff8aaa09fe7227ad8017486b3ec3f536b7f8a1102ec0c267
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 15:57:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e63a6e99afc26edeaa6e0ec14ea98868
6909f81a74cb2479794f87397c2c9f7bbe759721
af5090a668f3b5293473c111761ca086d6e77a40cd9b5022d669327736034a4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 15:57:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d14190b7d44355f74384008fc2bc965b
8899240507992ceba98f567c079650149cc583a4
2db73ab3dfce1101ff8aaa09fe7227ad8017486b3ec3f536b7f8a1102ec0c267
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 15:57:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/mina/v11/-nF8OGc18vARl4NM-iLT9rGnNwE.woff2
200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/mina/v11/-nF8OGc18vARl4NM-iLT9rGnNwE.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 12324, version 1.0\012- data
Hash 401705e3c608de631163d7b0b9b53972
5fe2dbc0a15a8bc6109a755c2c6470956a1840d3
3fa1684c45ef98a75a5c5e04047bfec4a18f77acd30f9da7d19107dde14bdcd4
GET /s/mina/v11/-nF8OGc18vARl4NM-iLT9rGnNwE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gronthoghor.com
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Oct 2022 04:58:50 GMT
expires: Thu, 26 Oct 2023 04:58:50 GMT
cache-control: public, max-age=31536000
age: 125926
last-modified: Tue, 26 Apr 2022 15:01:35 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=ext&j=1%3A11.4&blog=175302027&post=0&tz=6&srv=gronthoghor.com&host=gronthoghor.com&ref=&fcp=0&rand=0.4158088009918012
200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&j=1%3A11.4&blog=175302027&post=0&tz=6&srv=gronthoghor.com&host=gronthoghor.com&ref=&fcp=0&rand=0.4158088009918012
IP
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&j=1%3A11.4&blog=175302027&post=0&tz=6&srv=gronthoghor.com&host=gronthoghor.com&ref=&fcp=0&rand=0.4158088009918012 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:36 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
200 OK 38 kB URL HTTP/2 fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 37780, version 1.0\012- data
Hash e1b9f0ecaaebb12c93064cd3c406f82b
f0e872352fc5af11960d0eb4fd6ed09e9e98f4ab
39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34
GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gronthoghor.com
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37780
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 17:06:07 GMT
expires: Fri, 20 Oct 2023 17:06:07 GMT
cache-control: public, max-age=31536000
age: 600689
last-modified: Mon, 11 Jul 2022 20:54:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/mina/v11/-nF8OGc18vARl4NM-jDT9rGnNwE3Cg.woff2
200 OK 36 kB URL HTTP/2 fonts.gstatic.com/s/mina/v11/-nF8OGc18vARl4NM-jDT9rGnNwE3Cg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 35956, version 1.0\012- data
Hash aabd50df27bcae3fa6bf6063b4d8ff06
fdfbf00e9874546f86eab972d1ac82dd50996ca7
86d21b872edcedd9444d9b12a878f9c8062d7ce0df68a296c8757b86b4483953
GET /s/mina/v11/-nF8OGc18vARl4NM-jDT9rGnNwE3Cg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gronthoghor.com
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35956
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Oct 2022 17:26:32 GMT
expires: Thu, 26 Oct 2023 17:26:32 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 15:01:37 GMT
content-type: font/woff2
age: 81064
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i0.wp.com/gronthoghor.com/wp-content/uploads/2020/12/cropped-Gronthoghor-new-logo-01-e1618698222237.png?fit=500%2C179&ssl=1
200 OK 21 kB URL HTTP/2 i0.wp.com/gronthoghor.com/wp-content/uploads/2020/12/cropped-Gronthoghor-new-logo-01-e1618698222237.png?fit=500%2C179&ssl=1
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 8c29a054e4bf0be1da17b08c4585d602
0f958a41899a038fab97b7ce3f81067b049cdbaa
4a1d62cc8132dc7ef6b4a66bdb287b508f83786a9b7e28af53c8fa7bd4e158a5
GET /gronthoghor.com/wp-content/uploads/2020/12/cropped-Gronthoghor-new-logo-01-e1618698222237.png?fit=500%2C179&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:36 GMT
content-type: image/webp
content-length: 20964
last-modified: Wed, 26 Oct 2022 22:38:08 GMT
expires: Sat, 26 Oct 2024 10:38:08 GMT
cache-control: public, max-age=63115200
link: <https://gronthoghor.com/wp-content/uploads/2020/12/cropped-Gronthoghor-new-logo-01-e1618698222237.png>; rel="canonical"
x-content-type-options: nosniff
etag: "b789f9232a87f699"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/7.0.0/packages/woocommerce-blocks/build/wc-blocks-style.css
200 OK 22 kB URL HTTP/2 c0.wp.com/p/woocommerce/7.0.0/packages/woocommerce-blocks/build/wc-blocks-style.css
IP
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Hash aa5c5ca342d4920a0bd0bd7793c3f1f8
39b20cfaf6e553b963a42532b30f2954fa552097
a3280501b10ca8cfe8cb8fc81feb92f8251f58b3b91095778b853965a2de9f86
GET /p/woocommerce/7.0.0/packages/woocommerce-blocks/build/wc-blocks-style.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:35 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 20 Sep 2022 18:53:36 GMT
content-encoding: br
expires: Fri, 27 Oct 2023 15:57:35 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.3/wp-includes/js/thickbox/thickbox.css
200 OK 16 kB URL HTTP/2 c0.wp.com/c/6.0.3/wp-includes/js/thickbox/thickbox.css
IP
Hash 7278ae69c9fe8020ac25edabd779f0f2
faa2d36ed3ccd345efc7339f7de187ba9e5bc35d
bdd777b66d0201b2886926ba8d25831304cd1b447243d16278cf825a9355170b
GET /c/6.0.3/wp-includes/js/thickbox/thickbox.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:35 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 26 Oct 2020 02:25:09 GMT
content-encoding: br
expires: Fri, 27 Oct 2023 15:57:35 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 7e15f96ba912de580b08f61e889b69db
626b970e45117d95088443df7ae71a46a5a4adec
57752c12942ff45f935d29a7b48f367459ced10ae81ff8a6a28f90d9cb9cd978
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3126
Cache-Control: max-age=101937
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 15:57:37 GMT
Etag: "6359896c-1d7"
Expires: Fri, 28 Oct 2022 20:16:34 GMT
Last-Modified: Wed, 26 Oct 2022 19:24:28 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 7e15f96ba912de580b08f61e889b69db
626b970e45117d95088443df7ae71a46a5a4adec
57752c12942ff45f935d29a7b48f367459ced10ae81ff8a6a28f90d9cb9cd978
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1760
Cache-Control: max-age=100571
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 15:57:37 GMT
Etag: "6359896c-1d7"
Expires: Fri, 28 Oct 2022 19:53:48 GMT
Last-Modified: Wed, 26 Oct 2022 19:24:28 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
i0.wp.com/gronthoghor.com/wp-content/uploads/2020/04/cropped-LogoOfGronthoghor.png?fit=32%2C32&ssl=1
200 OK 1.1 kB URL HTTP/2 i0.wp.com/gronthoghor.com/wp-content/uploads/2020/04/cropped-LogoOfGronthoghor.png?fit=32%2C32&ssl=1
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash b5cb3b96199272155128e523886ac6c0
1f7673b2192fa54f5ce44c3a84709ce842114a76
e5ab973d2838933a18b0fe83af69965a7282da638cfd065de6ef48f0dfa06af4
GET /gronthoghor.com/wp-content/uploads/2020/04/cropped-LogoOfGronthoghor.png?fit=32%2C32&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:37 GMT
content-type: image/webp
content-length: 1114
last-modified: Thu, 27 Oct 2022 15:57:37 GMT
expires: Sun, 27 Oct 2024 03:57:37 GMT
cache-control: public, max-age=63115200
link: <https://gronthoghor.com/wp-content/uploads/2020/04/cropped-LogoOfGronthoghor.png>; rel="canonical"
x-content-type-options: nosniff
etag: "036092d8c44086b6"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 84409c129527969831699eb02cd244b9
e1bd7e37698890246e939b31510f3ab3aac605c6
54a130a13a831b71441be9bfbd1b74d8a7433a8e4bb4ab3f5ed9edde6bcd3964
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: CwXgCWQAqGtl+Jru3sxH59Y4g7qAE5YKYxg/RIT0HyjcIETuYMeRNaLRWtrb0QFgJ+35PAy7S5YbJw7MrIsudw==
priority: u=3,i
content-length: 27076
x-fb-trip-id: 1904183273
date: Thu, 27 Oct 2022 15:57:37 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js
200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP
File type ASCII text, with very long lines (1961)
Hash e9d0d5028b2c8b3aad2f37d9bedffafc
eee6395c96211394d9394a665d32ef9c9755de03
677deccf4c3f2abd73a9622a566397d9ffdf08400ff88062f77457b72102ce0b
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: ae501926b0cb406a23a628d10c7f2ca5
etag: "fe151e0e925d112dea411d8c22970c95"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 27 Oct 2022 16:15:30 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 6dDVAossizqtLzfZvt/6/A==
x-fb-debug: 34dHSzcHjw9oy3lh+WH67LQYwoKy/biM4/zTAyDCpk+fultlw47xfMAMyMTmtf6M6y5eTNhKTA+Peag4ZAHPlA==
priority: u=1,i
content-length: 1687
x-fb-trip-id: 1904183273
date: Thu, 27 Oct 2022 15:57:37 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
i0.wp.com/gronthoghor.com/wp-content/uploads/2020/04/cropped-LogoOfGronthoghor.png?fit=192%2C192&ssl=1
200 OK 14 kB URL HTTP/2 i0.wp.com/gronthoghor.com/wp-content/uploads/2020/04/cropped-LogoOfGronthoghor.png?fit=192%2C192&ssl=1
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7fd48eda43fc42dc8845d1190e6126f8
564da87e8073869cc74fbfcc0f9f40fce904cafa
ead5a867423517218b0acf2ff63446c8d8c14b52f75c125cac4f053bcfe5ba9f
GET /gronthoghor.com/wp-content/uploads/2020/04/cropped-LogoOfGronthoghor.png?fit=192%2C192&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:37 GMT
content-type: image/webp
content-length: 13598
last-modified: Thu, 27 Oct 2022 15:57:37 GMT
expires: Sun, 27 Oct 2024 03:57:37 GMT
cache-control: public, max-age=63115200
link: <https://gronthoghor.com/wp-content/uploads/2020/04/cropped-LogoOfGronthoghor.png>; rel="canonical"
x-content-type-options: nosniff
etag: "a1341c09e65dbbe7"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 7e15f96ba912de580b08f61e889b69db
626b970e45117d95088443df7ae71a46a5a4adec
57752c12942ff45f935d29a7b48f367459ced10ae81ff8a6a28f90d9cb9cd978
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3126
Cache-Control: max-age=101937
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 15:57:37 GMT
Etag: "6359896c-1d7"
Expires: Fri, 28 Oct 2022 20:16:34 GMT
Last-Modified: Wed, 26 Oct 2022 19:24:28 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js?hash=c7a8831f3a1fec64576ab87414f4b954
200 OK 88 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=c7a8831f3a1fec64576ab87414f4b954
IP
File type ASCII text, with very long lines (18530)
Hash 44383688d2d38b99989675c7c17d4a98
b38573f9e5843112740c7be502f38f899e2a24c2
e946bbb7680da6748740c003262d0e03480fb91c1958ddf189c51e3d2e804455
GET /en_US/sdk.js?hash=c7a8831f3a1fec64576ab87414f4b954 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gronthoghor.com
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 32992e7c26dcfb86feb830f6df037eba
etag: "a7fc6857f9fb1f7561b5f04998143720"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 27 Oct 2023 10:14:32 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: RDg2iNLTi5mYlnXHwX1KmA==
x-fb-debug: /y+sCWAtOdYXWQV7HnW3BRsLSSkAOWoL19EeambbYEnHBSbaEE+EeKEHE5mMHd+awbPrzqNIAwaLQGMWPNLlfw==
priority: u=3,i
content-length: 88393
x-fb-trip-id: 1904183273
date: Thu, 27 Oct 2022 15:57:37 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=198772505219533&ev=PageView&dl=https%3A%2F%2Fgronthoghor.com%2Fxoe%2Fqbot.zip&rl=&if=false&ts=1666886256619&cd[source]=woocommerce&cd[version]=7.0.0&cd[pluginVersion]=2.6.28&sw=1280&sh=1024&v=2.9.88&r=stable&a=woocommerce-7.0.0-2.6.28&ec=0&o=30&fbp=fb.1.1666886256618.570078293&it=1666886256421&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=198772505219533&ev=PageView&dl=https%3A%2F%2Fgronthoghor.com%2Fxoe%2Fqbot.zip&rl=&if=false&ts=1666886256619&cd[source]=woocommerce&cd[version]=7.0.0&cd[pluginVersion]=2.6.28&sw=1280&sh=1024&v=2.9.88&r=stable&a=woocommerce-7.0.0-2.6.28&ec=0&o=30&fbp=fb.1.1666886256618.570078293&it=1666886256421&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=198772505219533&ev=PageView&dl=https%3A%2F%2Fgronthoghor.com%2Fxoe%2Fqbot.zip&rl=&if=false&ts=1666886256619&cd[source]=woocommerce&cd[version]=7.0.0&cd[pluginVersion]=2.6.28&sw=1280&sh=1024&v=2.9.88&r=stable&a=woocommerce-7.0.0-2.6.28&ec=0&o=30&fbp=fb.1.1666886256618.570078293&it=1666886256421&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 27 Oct 2022 15:57:37 GMT
X-Firefox-Spdy: h2
www.facebook.com/x/oauth/status?client_id=470277814016782&input_token&origin=1&redirect_uri=https%3A%2F%2Fgronthoghor.com%2Fxoe%2Fqbot.zip&sdk=joey&wants_cookie_data=true
200 OK 0 B URL HTTP/2 www.facebook.com/x/oauth/status?client_id=470277814016782&input_token&origin=1&redirect_uri=https%3A%2F%2Fgronthoghor.com%2Fxoe%2Fqbot.zip&sdk=joey&wants_cookie_data=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/oauth/status?client_id=470277814016782&input_token&origin=1&redirect_uri=https%3A%2F%2Fgronthoghor.com%2Fxoe%2Fqbot.zip&sdk=joey&wants_cookie_data=true HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gronthoghor.com
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
access-control-expose-headers: fb-s
access-control-allow-credentials: true
access-control-allow-origin: https://gronthoghor.com
fb-s: unknown
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
x-fb-debug: 9YZ3eZsLFi56N5HKoMpPt2YNHVm4FcHUeTOLclhbAzZcq2QvXyxLsr7KAwqg5adhSY0rWX+9hi4VN6UsMFM0GA==
content-length: 0
date: Thu, 27 Oct 2022 15:57:37 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz
200 OK 827 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (724)
Hash 29973cf3b0ef9f16fe31ed981b2f6573
f22eb80b89b5e0ae9ace854aab6676d56eaef6a1
476822c80e0a0ee078edb7a74db59378f8b1d43d2de844e28a9e9c2f68a4c8d8
GET /rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 26 Oct 2023 22:21:26 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: KZc887Dvnxb+Me2YGy9lcw==
x-fb-debug: 2LqmPPXolHSC9JeX32enMhcbBPHIKyNevIXzGlR3aUEuRJJEkng+DxvwOom2XVfGCNRRMYmJZPPSEd29p7cj3w==
priority: u=3,i
content-length: 827
x-fb-trip-id: 1904183273
date: Thu, 27 Oct 2022 15:57:37 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/WNgfIXGwfBt.css?_nc_x=Ij3Wp8lg5Kz
200 OK 107 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/WNgfIXGwfBt.css?_nc_x=Ij3Wp8lg5Kz
IP
Size 107 kB (106892 bytes)
Hash 2bc233596c2717f3ead5b1a5c81d5a0d
9498d58d3ddd152ac5f3f160bb9198ff9bed4480
fff91f2319c1a6e107769c779077a3b61e72e25455b9e977a9447001ea4269a9
GET /rsrc.php/v3/y5/l/0,cross/WNgfIXGwfBt.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 26 Oct 2023 18:44:55 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: BuzeLGlh4Vw3H+b9pb4MiA==
x-fb-debug: kaVoZPmcT+CXIS2+WvWpgjk1oBpPNojFHjMyPYCnswSxd5Nw0VSePH6/WzFflvjBNht14TLbYJXdw6X1Ntpn3g==
priority: u=3,i
content-length: 4845
x-fb-trip-id: 1904183273
date: Thu, 27 Oct 2022 15:57:37 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
gronthoghor.com/xoe/qbot.zip
404 Not Found 117 kB URL HTTP/2 gronthoghor.com/xoe/qbot.zip
IP
ASN #8100 ASN-QUADRANET-GLOBAL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (30917), with CRLF, LF line terminators
Size 117 kB (116990 bytes)
Hash 0f31dc0b409190c4c9b8883680ef1510
d7b9d7013030757953179e74e109deedcd5f1c96
62a5d8c94d42487be55cec477a26f166db22bb6128e4aff2e7c61d68170add56
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /xoe/qbot.zip HTTP/1.1
Host: gronthoghor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
pragma: no-cache
set-cookie: PHPSESSID=fd7c64340a9f7c7e791e5238dd863a36; path=/; secure; HttpOnly
addonify-compare-products=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://gronthoghor.com/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding
date: Thu, 27 Oct 2022 15:57:35 GMT
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=7776000, enforce
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.3/wp-includes/css/dist/block-library/style.min.css
200 OK 13 kB URL HTTP/2 c0.wp.com/c/6.0.3/wp-includes/css/dist/block-library/style.min.css
IP
File type ASCII text, with very long lines (43771)
Hash 728a67efb6b31309353683bec263339c
0f331a8a5d014bf29db1c90535aa3da1f9a4529e
574c80a37abda4e0b4fde3b719ae97601940aa8e7b7691e1853c59d35b3c22de
GET /c/6.0.3/wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:35 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
content-encoding: br
expires: Fri, 27 Oct 2023 15:57:35 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.3/wp-includes/js/mediaelement/wp-mediaelement.min.css
200 OK 17 kB URL HTTP/2 c0.wp.com/c/6.0.3/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP
File type ASCII text, with very long lines (4186), with no line terminators
Hash dca7ac37025824cd7c3de0d089ddf7e3
b48d3f18e56d96c44509b80329ad241851f9b1de
fe4a3261ca585c1e461c3cd42ca81946772182a4605b063ebe7bfac4863cf99f
GET /c/6.0.3/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:35 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Fri, 27 Oct 2023 15:57:35 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
200 OK 338 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (327)
Hash 76f593e842677f73cd0a06232874b2c3
25a13f79478d5a0e286a2299dca2f3b296463079
74dcbe026002f10b703960a500b50dabe518862e568a9e689dec7afa243fa44d
GET /rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 26 Oct 2023 22:56:27 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: dvWT6EJnf3PNCgYjKHSyww==
x-fb-debug: 8L36l8p8YVI9Fpee+2GRmx07mbdjOWbvGHIYoKTiwNRANWQLOb2QMEGdRAEkyBnFOKgR1mayMeL0uEoP/3UNnw==
priority: u=3,i
content-length: 338
x-fb-trip-id: 1904183273
date: Thu, 27 Oct 2022 15:57:37 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yb/r/1GNlCjWOW3t.js?_nc_x=Ij3Wp8lg5Kz
200 OK 7.3 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yb/r/1GNlCjWOW3t.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (4488)
Hash 178a9dbc71474950877d261a6f41dd71
5e0eaf533aad15f6ddd622f77d136d0e96a2d17a
c997dd77db115383f801c20253fba542ccf319fd67dea672c3e18a2f86ed8881
GET /rsrc.php/v3/yb/r/1GNlCjWOW3t.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 26 Oct 2023 15:23:05 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: F4qdvHFHSVCHfSYab0HdcQ==
x-fb-debug: qgjw2nmElRWgBXY74mFmwO5/fGN5fgovslR+6OEYSlG2oOFTcnKfbOgtwCXpYG5r1RYuiLX0I8DleloCE/GqcA==
content-length: 7279
x-fb-trip-id: 1904183273
date: Thu, 27 Oct 2022 15:57:37 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y-/r/dmtE6195c4_.js?_nc_x=Ij3Wp8lg5Kz
200 OK 5.8 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y-/r/dmtE6195c4_.js?_nc_x=Ij3Wp8lg5Kz
IP
File type C source, ASCII text, with very long lines (10494)
Hash 3640fc7180c04a5254d4612136f1688a
1e4e05a7bfc9ccedebe2da739d473ac687ad9743
d7dcbe8b143d5f00dd91f8834059712ff7e778cc9a8246d296cc6073fc10a044
GET /rsrc.php/v3/y-/r/dmtE6195c4_.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 13 Oct 2023 17:31:25 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: NkD8cYDASlJU1GEhNvFoig==
x-fb-debug: BQRdWg35IA8Wb+5ihDG/MRw0ml8aTi03EGOgCpyh/hYsSGYmk0dUembAlPwaU31FwBHelw5I8hrYu5imvXSNpg==
priority: u=3,i
content-length: 5804
x-fb-trip-id: 1904183273
date: Thu, 27 Oct 2022 15:57:37 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yM/r/Q2o1MMbBiZ0.js?_nc_x=Ij3Wp8lg5Kz
200 OK 8.4 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yM/r/Q2o1MMbBiZ0.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (9885)
Hash 3b3ad70f56c84e579d70bb18b232e2e5
37034fd8666b2a84ce03555069f1a568ab35b657
5353c04f2e742847c917d5e5bec3353873d5a6bf17b9870795d1da0048f46795
GET /rsrc.php/v3/yM/r/Q2o1MMbBiZ0.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 26 Oct 2023 20:06:41 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: OzrXD1bITledcLsYsjLi5Q==
x-fb-debug: Y9nc7ZlW9WAVdh4efAKvihjSGfE1b6On6PxN7AC8p9A75nuSyBTW5Y43DBdbwPpFEcK0mJTK3KeuoF+qE4Wqbg==
priority: u=3,i
content-length: 8440
x-fb-trip-id: 1904183273
date: Thu, 27 Oct 2022 15:57:37 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iLl54/yH/l/en_US/9ceEMw7kTfT.js?_nc_x=Ij3Wp8lg5Kz
200 OK 7.1 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iLl54/yH/l/en_US/9ceEMw7kTfT.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (2905)
Hash 950c261533c6a05f36c3ec2562963ecb
65cbaffa72eb8dafe5b43aec833435170c02b15d
4c9b051d6cba504010fc8ebdba2ca7da807224e44ad7e9798bb25b90069a3e11
GET /rsrc.php/v3iLl54/yH/l/en_US/9ceEMw7kTfT.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 22 Oct 2023 01:06:47 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: lQwmFTPGoF82w+wlYpY+yw==
x-fb-debug: e4B869bC/5rB8qh5876O0W4akuAlKQOczKQA7l9GZAssGkOvYMlh/IVPl4oCg5I/mGjjLbWbKyONHRhJIWVxXw==
priority: u=3,i
content-length: 7089
x-fb-trip-id: 1904183273
date: Thu, 27 Oct 2022 15:57:37 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yC/l/en_US/I52F_owkvX4.js?_nc_x=Ij3Wp8lg5Kz
200 OK 23 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iEpO4/yC/l/en_US/I52F_owkvX4.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (41977)
Hash e5ac274375457b828912871811b4be94
3bbd528facf279eab4dc093a7fad9dbc837689eb
602f6ee48130b3bcb4e21f4307bd1c83d110182e1fb4cb8f118171d10c6f5ae4
GET /rsrc.php/v3iEpO4/yC/l/en_US/I52F_owkvX4.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 19 Oct 2023 19:19:46 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 5awnQ3VFe4KJEocYEbS+lA==
x-fb-debug: M7KkNd0WkApeK8qhuXZO2J6zq1RxtIiMjYF9JTmbRjoebMT5DhHG3Yqjk26XGryMIacyU2H5cW/2+o4R+IvW+Q==
priority: u=3,i
content-length: 23273
x-fb-trip-id: 1904183273
date: Thu, 27 Oct 2022 15:57:37 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.4/css/jetpack.css
200 OK 23 kB URL HTTP/2 c0.wp.com/p/jetpack/11.4/css/jetpack.css
IP
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 110077e7aca3cb10f4680f76dfa61380
832dc3b36afc2ebed0798e8c8eda6e868ca96ccf
bdab767ea05880a8340d3ed1a81c6add03b71f812273307f10b5434b4d34a78e
GET /p/jetpack/11.4/css/jetpack.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:35 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 22 Sep 2022 17:43:06 GMT
content-encoding: br
expires: Fri, 27 Oct 2023 15:57:35 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.3/wp-includes/css/dashicons.min.css
200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.3/wp-includes/css/dashicons.min.css
IP
GET /c/6.0.3/wp-includes/css/dashicons.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:35 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
content-encoding: br
expires: Fri, 27 Oct 2023 15:57:35 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y5/r/NXJxRmgihgl.js?_nc_x=Ij3Wp8lg5Kz
200 OK 0 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y5/r/NXJxRmgihgl.js?_nc_x=Ij3Wp8lg5Kz
IP
GET /rsrc.php/v3/y5/r/NXJxRmgihgl.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 25 Oct 2023 17:29:51 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: /y0u7mDgxnzS9aiAZOFzmw==
x-fb-debug: zSNDi4zUV+z9ohVxt81GIga8aQVFTSkiaBL1Z5CgnY1sdVigpvFbRHNPlwnF/NAuv4zT5fhq1Lv7NKdn1UyYtw==
priority: u=3,i
content-length: 12270
x-fb-trip-id: 1904183273
date: Thu, 27 Oct 2022 15:57:37 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/7.0.0/assets/js/photoswipe/photoswipe-ui-default.min.js
200 OK 0 B URL HTTP/2 c0.wp.com/p/woocommerce/7.0.0/assets/js/photoswipe/photoswipe-ui-default.min.js
IP
GET /p/woocommerce/7.0.0/assets/js/photoswipe/photoswipe-ui-default.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:35 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 19 Jul 2022 19:16:40 GMT
content-encoding: br
expires: Fri, 27 Oct 2023 15:57:35 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/7.0.0/assets/js/js-cookie/js.cookie.min.js
200 OK 0 B URL HTTP/2 c0.wp.com/p/woocommerce/7.0.0/assets/js/js-cookie/js.cookie.min.js
IP
GET /p/woocommerce/7.0.0/assets/js/js-cookie/js.cookie.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:35 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 19 Jan 2021 23:55:30 GMT
content-encoding: br
expires: Fri, 27 Oct 2023 15:57:35 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
stats.wp.com/e-202243.js
200 OK 0 B IP
GET /e-202243.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:35 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Mon, 16 Oct 2023 10:12:22 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.3/wp-includes/js/jquery/jquery.min.js
200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.3/wp-includes/js/jquery/jquery.min.js
IP
GET /c/6.0.3/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:35 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
content-encoding: br
expires: Fri, 27 Oct 2023 15:57:35 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.3/wp-includes/js/jquery/jquery-migrate.min.js
200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.3/wp-includes/js/jquery/jquery-migrate.min.js
IP
GET /c/6.0.3/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:35 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
content-encoding: br
expires: Fri, 27 Oct 2023 15:57:35 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.4/_inc/build/photon/photon.min.js
200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/11.4/_inc/build/photon/photon.min.js
IP
GET /p/jetpack/11.4/_inc/build/photon/photon.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:35 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
content-encoding: br
expires: Fri, 27 Oct 2023 15:57:35 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/7.0.0/assets/js/jquery-blockui/jquery.blockUI.min.js
200 OK 0 B URL HTTP/2 c0.wp.com/p/woocommerce/7.0.0/assets/js/jquery-blockui/jquery.blockUI.min.js
IP
GET /p/woocommerce/7.0.0/assets/js/jquery-blockui/jquery.blockUI.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:35 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 19 Jul 2022 19:16:40 GMT
content-encoding: br
expires: Fri, 27 Oct 2023 15:57:35 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.3/wp-includes/js/underscore.min.js
200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.3/wp-includes/js/underscore.min.js
IP
GET /c/6.0.3/wp-includes/js/underscore.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:35 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 27 Apr 2022 14:39:21 GMT
content-encoding: br
expires: Fri, 27 Oct 2023 15:57:35 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/7.0.0/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css
200 OK 0 B URL HTTP/2 c0.wp.com/p/woocommerce/7.0.0/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css
IP
GET /p/woocommerce/7.0.0/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:35 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 24 Aug 2022 20:12:33 GMT
content-encoding: br
expires: Fri, 27 Oct 2023 15:57:35 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/7.0.0/assets/css/woocommerce.css
200 OK 0 B URL HTTP/2 c0.wp.com/p/woocommerce/7.0.0/assets/css/woocommerce.css
IP
GET /p/woocommerce/7.0.0/assets/css/woocommerce.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:35 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 21 Dec 2021 19:24:57 GMT
content-encoding: br
expires: Fri, 27 Oct 2023 15:57:35 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.3/wp-includes/js/thickbox/thickbox.js
200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.3/wp-includes/js/thickbox/thickbox.js
IP
GET /c/6.0.3/wp-includes/js/thickbox/thickbox.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:35 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 23 Feb 2021 10:54:06 GMT
content-encoding: br
expires: Fri, 27 Oct 2023 15:57:35 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/7.0.0/assets/js/frontend/add-to-cart-variation.min.js
200 OK 0 B URL HTTP/2 c0.wp.com/p/woocommerce/7.0.0/assets/js/frontend/add-to-cart-variation.min.js
IP
GET /p/woocommerce/7.0.0/assets/js/frontend/add-to-cart-variation.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:35 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 19 Jul 2022 19:16:40 GMT
content-encoding: br
expires: Fri, 27 Oct 2023 15:57:35 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/7.0.0/assets/js/zoom/jquery.zoom.min.js
200 OK 0 B URL HTTP/2 c0.wp.com/p/woocommerce/7.0.0/assets/js/zoom/jquery.zoom.min.js
IP
GET /p/woocommerce/7.0.0/assets/js/zoom/jquery.zoom.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:35 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 18 May 2021 17:00:20 GMT
content-encoding: br
expires: Fri, 27 Oct 2023 15:57:35 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/7.0.0/assets/css/photoswipe/photoswipe.min.css
200 OK 0 B URL HTTP/2 c0.wp.com/p/woocommerce/7.0.0/assets/css/photoswipe/photoswipe.min.css
IP
GET /p/woocommerce/7.0.0/assets/css/photoswipe/photoswipe.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:35 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 20 Oct 2020 23:38:49 GMT
content-encoding: br
expires: Fri, 27 Oct 2023 15:57:35 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/7.0.0/assets/js/frontend/woocommerce.min.js
200 OK 0 B URL HTTP/2 c0.wp.com/p/woocommerce/7.0.0/assets/js/frontend/woocommerce.min.js
IP
GET /p/woocommerce/7.0.0/assets/js/frontend/woocommerce.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:35 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 18 May 2021 17:00:20 GMT
content-encoding: br
expires: Fri, 27 Oct 2023 15:57:35 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/7.0.0/assets/css/woocommerce-smallscreen.css
200 OK 0 B URL HTTP/2 c0.wp.com/p/woocommerce/7.0.0/assets/css/woocommerce-smallscreen.css
IP
GET /p/woocommerce/7.0.0/assets/css/woocommerce-smallscreen.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:35 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 16 Feb 2021 23:11:32 GMT
content-encoding: br
expires: Fri, 27 Oct 2023 15:57:35 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/7.0.0/assets/js/frontend/add-to-cart.min.js
200 OK 0 B URL HTTP/2 c0.wp.com/p/woocommerce/7.0.0/assets/js/frontend/add-to-cart.min.js
IP
GET /p/woocommerce/7.0.0/assets/js/frontend/add-to-cart.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:35 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 19 Jul 2022 19:16:40 GMT
content-encoding: br
expires: Fri, 27 Oct 2023 15:57:35 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/7.0.0/assets/js/frontend/cart-fragments.min.js
200 OK 0 B URL HTTP/2 c0.wp.com/p/woocommerce/7.0.0/assets/js/frontend/cart-fragments.min.js
IP
GET /p/woocommerce/7.0.0/assets/js/frontend/cart-fragments.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:35 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 23 Nov 2021 22:30:13 GMT
content-encoding: br
expires: Fri, 27 Oct 2023 15:57:35 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/7.0.0/assets/css/woocommerce-layout.css
200 OK 0 B URL HTTP/2 c0.wp.com/p/woocommerce/7.0.0/assets/css/woocommerce-layout.css
IP
GET /p/woocommerce/7.0.0/assets/css/woocommerce-layout.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:35 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 21 Dec 2021 19:24:57 GMT
content-encoding: br
expires: Fri, 27 Oct 2023 15:57:35 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
stats.wp.com/s-202243.js
200 OK 0 B IP
GET /s-202243.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:35 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-2494"
content-encoding: br
expires: Mon, 23 Oct 2023 20:10:41 GMT
cache-control: max-age=31536000
x-nc: HIT arn
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/7.0.0/assets/css/photoswipe/default-skin/default-skin.min.css
200 OK 0 B URL HTTP/2 c0.wp.com/p/woocommerce/7.0.0/assets/css/photoswipe/default-skin/default-skin.min.css
IP
GET /p/woocommerce/7.0.0/assets/css/photoswipe/default-skin/default-skin.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:35 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 11 Dec 2019 02:19:14 GMT
content-encoding: br
expires: Fri, 27 Oct 2023 15:57:35 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.3/wp-includes/js/wp-util.min.js
200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.3/wp-includes/js/wp-util.min.js
IP
GET /c/6.0.3/wp-includes/js/wp-util.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:35 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 25 Jun 2021 14:50:58 GMT
content-encoding: br
expires: Fri, 27 Oct 2023 15:57:35 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.3/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.3/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP
GET /c/6.0.3/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gronthoghor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 15:57:35 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Fri, 27 Oct 2023 15:57:35 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
66.154.122.42
31.13.72.36
23.36.76.226
93.184.220.29
0.0.0.0