| www.theburningofrome.com/helpful-tips/do-you-put-all-music-grades-on-ucas/ |  104.21.68.175 | 301 Moved Permanently | 194 B |
URL HTTP/1.1www.theburningofrome.com/helpful-tips/do-you-put-all-music-grades-on-ucas/ IP104.21.68.175:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hashec0f2d6d8da7997a10f72a2537729e59 d6b8ca36f266d92775f5b757e65b8c10c747c30a 95e1144ae5faba1d6ea1ac58b29b1e8d0399125e4dbc6a17d50d0bf5cf3bdcf8
GET /helpful-tips/do-you-put-all-music-grades-on-ucas/ HTTP/1.1
Host: www.theburningofrome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 02 Oct 2022 20:33:51 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.theburningofrome.com/helpful-tips/do-you-put-all-music-grades-on-ucas/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RLJ1UvNG9b2P3k5RgN03H6NRK%2BpeTG347SB4g4h3yGd9NMkcmO2Hzl8jaPtVSQ6QBzocLfoF09m6UeUl7SKZR2vdS%2F3Gii%2B%2BolPUztm4bP3ygplw1EUPc5be%2Bn8kz9IBLOVLofRhGCE%2Fc4M%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7540372b7ce4fac8-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ |  23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash60e4edea7b5f4d19f3547a3bb2d5df57 3ee076bab4da3416c2c5808f730cb316c28baef7 763e2dadfdd286a51327cd2000ca335e30cd0b9b7267875d22ca33f7556ba200
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763E2DADFDD286A51327CD2000CA335E30CD0B9B7267875D22CA33F7556BA200"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3765
Expires: Sun, 02 Oct 2022 21:36:37 GMT
Date: Sun, 02 Oct 2022 20:33:52 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ |  13.227.219.12 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP13.227.219.12:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash2d12f67fe57a87e7366b662d153a5582 d7b02d81cc74f24a251d9363e0f4b0a149264ec1 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 20:16:50 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f9d671af272d3b5b3c683203ae8f4cc8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS54-C1
X-Amz-Cf-Id: AoQUskqQsAZyUMs97T7RtJp6u0Fv4LnumX61CHWN4OJdGENzRPFgig==
Age: 1022
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain | 13.227.219.90 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain IP13.227.219.90:0
File typePEM certificate\012- , ASCII text Hash6113f8408c59aebe188d6af273b90743 7398873bf00f99944eaa77ad3ebc0d43c23dba6b b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 edd6d90087c4f2b49e182778a2273adc.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: RD0dUqt62ER3YZVrfLJf2PBxJX9i--9H5OlfJc7-x6aG6ArkbRJN7w==
age: 54325
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash5f3e4b62a7cf2fe2c943e30765b388e1 4fd57d1f4fcb843015817304ec2d0aa4aff46067 ba65a2c5adcd4f33cef04565cc67f5a1fbd670d8a3b66f3287447d3bdf50383e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:33:52 GMT
Etag: "63386005-116"
Server: ECS (amb/6BC1)
Content-Length: 279
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 20:33:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash5f3e4b62a7cf2fe2c943e30765b388e1 4fd57d1f4fcb843015817304ec2d0aa4aff46067 ba65a2c5adcd4f33cef04565cc67f5a1fbd670d8a3b66f3287447d3bdf50383e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:33:52 GMT
Etag: "63386005-116"
Last-Modified: Sun, 02 Oct 2022 20:33:52 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 13.227.219.12 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP13.227.219.12:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sun, 02 Oct 2022 20:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 02 Oct 2022 20:57:58 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1b0117d337408839a32bf2a49b55b3f0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS54-C1
X-Amz-Cf-Id: Z81c9C5PAV-Vqju6YZMmG3qXvZWkfcD76EGhdYtLccSZdDJ8jW7JoQ==
Age: 259
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash165b2dbf56e36edf32811cc7eea70f58 f9e101da2c4f0f6dcca9cb9d0b36a7b77ef3114e fcd8956f2d96a85e696ee4ba5eb8d575ad3319bc84c543188f3997ea1079c4e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:33:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash4eb30b4a4234809cf7d5f89fa1f6ceeb 797242aab2f13c820050aa9accd11b7b950cd177 ce9d833a0ac321a908184b655d6632c481f758a04a9c936a7c303bb253444146
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6290
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:33:52 GMT
Last-Modified: Sun, 02 Oct 2022 18:49:02 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash165b2dbf56e36edf32811cc7eea70f58 f9e101da2c4f0f6dcca9cb9d0b36a7b77ef3114e fcd8956f2d96a85e696ee4ba5eb8d575ad3319bc84c543188f3997ea1079c4e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:33:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ads.themoneytizer.com/s/gen.js?type=3 |  185.76.9.16 | 200 OK | 2.8 kB |
URL HTTP/2ads.themoneytizer.com/s/gen.js?type=3 IP185.76.9.16:0 ASN#60068 Datacamp Limited
File typeASCII text, with very long lines (2659) Hash55e616bd0566d1105b4fe51c4bce0e0f 545ed1d8ff346c41bac8429bc5d195e26aa8bd32 cd1e212676918e95e6b5aa07e26a8536b018aeda83a00d9fcb11f9e7bd521e1a
GET /s/gen.js?type=3 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:33:52 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-accel-expires: @1664769838
server: CDN77-Turbo
x-77-nzt: AblMCQ0u9OX/AugAAA
x-77-nzt-ray: 48K3xX0NuLk
x-cache: HIT
x-age: 59394
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ads.themoneytizer.com/s/requestform.js?siteId=93526&formatId=3 | 185.76.9.16 | 200 OK | 17 kB |
URL HTTP/2ads.themoneytizer.com/s/requestform.js?siteId=93526&formatId=3 IP185.76.9.16:0 ASN#60068 Datacamp Limited
File typeASCII text, with very long lines (43770) Hashf6b1807dce2fbc9832afc806a6acfc17 ada232512addbeb409f12e468f4210dbb395dee3 bbac7a874639559e4d8d4732106b87f6dc58f529f055866db33ca41c36f14291
GET /s/requestform.js?siteId=93526&formatId=3 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:33:52 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-accel-expires: @1664775470
server: CDN77-Turbo
x-77-nzt: AblMCQ0B6jP/AtIAAA
x-77-nzt-ray: r0Lhpzyu3/g
x-cache: HIT
x-age: 53762
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258 | 172.67.13.182 | 200 OK | 25 kB |
URL HTTP/2spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258 IP172.67.13.182:0
File typeUnicode text, UTF-8 text, with very long lines (50946), with LF, NEL line terminators Hashcebf1d0452d022299c194df098ea201e 17d7e5e0e1059d64cb485356973e1ee225fc26e4 a19f2665b1a29e78954ca90936d1578d65f656c830bf4d31adf57c427f4ba8bd
GET /mapper.js?env=mWeb&eventType=pageview&zdid=1258 HTTP/1.1
Host: spl.zeotap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:33:52 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://www.theburningofrome.com
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75403731dc89b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ads.themoneytizer.com/lib_fs_close.js | 185.76.9.16 | 200 OK | 3.4 kB |
URL HTTP/2ads.themoneytizer.com/lib_fs_close.js IP185.76.9.16:0 ASN#60068 Datacamp Limited
File typeASCII text, with CRLF line terminators Hash7a67739247dc064384fc8218cb2d96e0 04a51f1578c1d024c2ea38b9340ffb2f1607e1a6 cd579151a6f3a97c626bdd1592ec1bf1087e6668fd938a33e7bb432687332197
GET /lib_fs_close.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:33:52 GMT
content-type: application/javascript
last-modified: Tue, 14 Jun 2022 12:21:22 GMT
etag: W/"62a87d42-297"
pragma: public
x-accel-expires: @1665547434
server: CDN77-Turbo
x-77-nzt: AblMCQ0xxyn/BosDAA
x-77-nzt-ray: PkfaR4X9lUo
x-cache: HIT
x-age: 232198
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 | 216.58.207.195 | 200 OK | 34 kB |
URL HTTP/2fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 IP216.58.207.195:0
Hashf3d4d6036de891be8c940ca1a298ef68 62448b0a6d564ae2110473f6b4cfb76c011c9798 54d13d2ef467b103bcfe233d40c5c28ca15d7508f6ae8a98ee16b4cb80c56d3c
GET /s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.theburningofrome.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 21:38:37 GMT
expires: Tue, 26 Sep 2023 21:38:37 GMT
cache-control: public, max-age=31536000
age: 514516
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash67877bc6e82a625ec45a8d82cea834d0 2bd7ec12db6099ea0256857d9f403711ace84e11 78f554e5412821fdc9fa56875e0b6500cabae4b44e3ae12cf7e126534df2d89d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "78F554E5412821FDC9FA56875E0B6500CABAE4B44E3AE12CF7E126534DF2D89D"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4038
Expires: Sun, 02 Oct 2022 21:41:11 GMT
Date: Sun, 02 Oct 2022 20:33:53 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 313 B |
IP93.184.220.29:0
Hashd7370d0ef0009d49be25d2c294974fc5 4b0adc476b38939b10f94cb21d037e1591297498 35729d0392408e4401d64aefc820462149298c69a7d361beddb9f426ad5285ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4888
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:33:53 GMT
Last-Modified: Sun, 02 Oct 2022 19:12:25 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 313
|
|
| push.services.mozilla.com/ | 35.80.175.197 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP35.80.175.197:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9C1dm+qjqwhkptcCv4a/HA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: nqGlHC6RcCkYat5O33NvC8yULfk=
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash67877bc6e82a625ec45a8d82cea834d0 2bd7ec12db6099ea0256857d9f403711ace84e11 78f554e5412821fdc9fa56875e0b6500cabae4b44e3ae12cf7e126534df2d89d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "78F554E5412821FDC9FA56875E0B6500CABAE4B44E3AE12CF7E126534DF2D89D"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4038
Expires: Sun, 02 Oct 2022 21:41:11 GMT
Date: Sun, 02 Oct 2022 20:33:53 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash67877bc6e82a625ec45a8d82cea834d0 2bd7ec12db6099ea0256857d9f403711ace84e11 78f554e5412821fdc9fa56875e0b6500cabae4b44e3ae12cf7e126534df2d89d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "78F554E5412821FDC9FA56875E0B6500CABAE4B44E3AE12CF7E126534DF2D89D"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4038
Expires: Sun, 02 Oct 2022 21:41:11 GMT
Date: Sun, 02 Oct 2022 20:33:53 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 17 kB |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hasha80bf8ee909f065941ad094c2cd8d76e 607eddbb79b99a710c5973fb56e299b53a618120 6a23a6c4054867697b9746700714e6999c75cc1bf67f9ef2c0c5817e6ff3e923
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "78F554E5412821FDC9FA56875E0B6500CABAE4B44E3AE12CF7E126534DF2D89D"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4038
Expires: Sun, 02 Oct 2022 21:41:11 GMT
Date: Sun, 02 Oct 2022 20:33:53 GMT
Connection: keep-alive
|
|
| onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1664742832714 |  51.75.86.98 | 204 No Content | 0 B |
URL HTTP/2onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1664742832714 IP51.75.86.98:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=2a897e3f18e6769&cb=1664742832714 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
|
|
| c.tmyzer.com/c/?s=93526&f=1&fi=99 | 54.38.64.100 | 200 OK | 0 B |
URL HTTP/1.1c.tmyzer.com/c/?s=93526&f=1&fi=99 IP54.38.64.100:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?s=93526&f=1&fi=99 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.theburningofrome.com
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 20:32:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
X-IPLB-Request-ID: 5B5A2A9A:A558_36264064:01BB_6339F5B0_2A7973A:1AB41
X-IPLB-Instance: 38431
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash63ee7e605da25dbf1d62eea30a1ef246 c86b43b61afc5926ee7bc124cc30598d37ceb661 cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:33:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ads.themoneytizer.com/moneybile.js | 185.76.9.16 | 200 OK | 187 kB |
URL HTTP/2ads.themoneytizer.com/moneybile.js IP185.76.9.16:0 ASN#60068 Datacamp Limited
File typeASCII text, with very long lines (33237) Size187 kB (187288 bytes) Hash6b849fa639659b770d8fb7be2844775c 0d3981638b4a51247735d507ad0fe8b984d4dc69 3d851d186d5aea092fb46fc0d7daea6680eeb72e054ca1d8f3e7f35aa1c5f4f3
GET /moneybile.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:33:52 GMT
content-type: application/javascript
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
etag: W/"604b9fc7-981e"
pragma: public
x-accel-expires: @1665547430
server: CDN77-Turbo
x-77-nzt: AblMCQ2NVTr/CosDAA
x-77-nzt-ray: Lx+FA3xojDQ
x-cache: HIT
x-age: 232202
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| c.tmyzer.com/c/?s=93526&f=3&fi=99 | 54.38.64.100 | 200 OK | 0 B |
URL HTTP/1.1c.tmyzer.com/c/?s=93526&f=3&fi=99 IP54.38.64.100:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?s=93526&f=3&fi=99 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.theburningofrome.com
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 20:32:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
X-IPLB-Request-ID: 5B5A2A9A:3402_36264064:01BB_6339F5B0_2A6C80E:123A4
X-IPLB-Instance: 24857
|
|
| c.tmyzer.com/c/?s=93526&f=6&fi=99 | 54.38.64.100 | 200 OK | 0 B |
URL HTTP/1.1c.tmyzer.com/c/?s=93526&f=6&fi=99 IP54.38.64.100:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?s=93526&f=6&fi=99 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.theburningofrome.com
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 20:33:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
X-IPLB-Request-ID: 5B5A2A9A:9003_36264064:01BB_6339F5B0_2A796A7:386C
X-IPLB-Instance: 38438
|
|
| c.tmyzer.com/c/?s=93526&f=2&fi=99 | 54.38.64.100 | 200 OK | 0 B |
URL HTTP/1.1c.tmyzer.com/c/?s=93526&f=2&fi=99 IP54.38.64.100:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?s=93526&f=2&fi=99 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.theburningofrome.com
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 20:33:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
X-IPLB-Request-ID: 5B5A2A9A:93EE_36264064:01BB_6339F5B0_2A6D06A:123F5
X-IPLB-Instance: 38442
|
|
| tag.leadplace.fr/libJsLP.js | 145.239.193.51 | 200 OK | 5.5 kB |
URL HTTP/1.1tag.leadplace.fr/libJsLP.js IP145.239.193.51:0
Hasha0c24f993bc0901cfe62d1e801cb2b45 7eb2bdce06161ae486bc8e7ecd0b5c9c4f7b2984 80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
GET /libJsLP.js HTTP/1.1
Host: tag.leadplace.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 02 Oct 2022 20:33:53 GMT
Content-Type: application/javascript
Content-Length: 5547
Last-Modified: Thu, 14 Oct 2021 07:27:52 GMT
ETag: "6167dbf8-15ab"
Accept-Ranges: bytes
X-IPLB-Request-ID: 5B5A2A9A:4886_91EFC133:01BB_6339F5B1_8FB5C48:14263
X-IPLB-Instance: 29922
|
|
| c.tmyzer.com/c/?s=93526&f=28&fi=99 | 54.38.64.100 | 200 OK | 0 B |
URL HTTP/1.1c.tmyzer.com/c/?s=93526&f=28&fi=99 IP54.38.64.100:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?s=93526&f=28&fi=99 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.theburningofrome.com
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 20:32:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
X-IPLB-Request-ID: 5B5A2A9A:5638_36264064:01BB_6339F5B0_2A758E6:123F6
X-IPLB-Instance: 38442
|
|
| stats.wp.com/e-202239.js | 192.0.76.3 | 200 OK | 70 kB |
IP192.0.76.3:0
File typeASCII text, with very long lines (2690) Hashac18364fa2d26936f1398b984c6ec255 b3deae2c19a361d07877f107c6f4b4508790ead4 dbd6d0ce88cf5e5266f3d73c7ea43f9773698b1c434cbf06f49752a8f76fe78b
GET /e-202239.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 20:33:52 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Sun, 17 Sep 2023 22:04:35 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash8894fc78527c832608756c41cd4abc47 23a9d8d9e338385ab5db1780b879c0745015581d fb7f4ce8318526288a0644999da9b6951d6726be3aa66c0597e098368c6386a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB7F4CE8318526288A0644999DA9B6951D6726BE3AA66C0597E098368C6386A9"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16581
Expires: Mon, 03 Oct 2022 01:10:14 GMT
Date: Sun, 02 Oct 2022 20:33:53 GMT
Connection: keep-alive
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.195 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.195:0
Hash3721d65d5f4ac0d58233b1282c2d46ee 7a9c71d778a2474493e1afd219d86df0be4649c0 08a98d8c64fa89a008231e81723c78352b7afa975d6cf4b2ff441247e777ce5f
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 12:31:58 GMT
expires: Sun, 01 Oct 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 115315
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258 | 172.67.13.182 | 200 OK | 16 kB |
URL HTTP/2spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258 IP172.67.13.182:0
File typeASCII text, with no line terminators Hashb8bd938f41cd242e3c81159d461ae586 f86851add039c4a29ac80ade4b68e1043161a785 ef95cebd01e96be908ccfcded08a08e19abaee682b88d0070d97af054cf2be31
GET /?env=mWeb&eventType=pageview&zdid=1258 HTTP/1.1
Host: spl.zeotap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.theburningofrome.com
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:33:53 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://www.theburningofrome.com
set-cookie: zc=7e443e6f-e51e-41c6-55f0-56ae9f533d1c; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure
zsc=5%07%E4%B3L%D1%DB%7BJQ%9A%EE%B5%C2%3E%04g%05%99%B0p%FB%11%5D%1E%E6%96%0B%90_%F1%CFqh%D9%3E%09%0D%25%19%22%EE%DC%25%E2%17%FD%82%B4%C7Q%BDW%26%C8%F4%94%BA%02%A4%0B%BF%C9md%86%E0%03%FC%D9%B2HB%A4%98u%B2%21%E0%15.%A2%F0; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75403732bda9b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/page.js | 104.22.70.197 | 200 OK | 4.2 kB |
URL HTTP/2static.addtoany.com/menu/page.js IP104.22.70.197:0
File typeASCII text, with very long lines (2983), with no line terminators Hash4e4a399ee7f14eced9c199b899dfaaf0 1c5b09093efc332ace0c55e01fee722c960a1378 e6e3e1f13ac0d87d6900c6db6e808a9004d5f9b4adaf3c95f9fc296f8bc379a9
GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:33:52 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=172800
cf-bgj: minify
access-control-allow-origin: *
age: 163578
etag: W/"ba7-5e7bb5238fa5f"
last-modified: Sat, 03 Sep 2022 00:56:47 GMT
vary: Accept-Encoding
via: e4s
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 754037304b989920-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ads.themoneytizer.com/s/gen.js?type=6 | 185.76.9.16 | 200 OK | 52 kB |
URL HTTP/2ads.themoneytizer.com/s/gen.js?type=6 IP185.76.9.16:0 ASN#60068 Datacamp Limited
File typeASCII text, with very long lines (2659) Hash024a8b0dbe471900ca2b4702f2c677ff f4bb58c14c8c284f7004fb7023cdcc06803de780 2694da288c1a26aa7f4ed1db34ba39d967a18156b8707a26aba98d434ab2221d
GET /s/gen.js?type=6 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:33:52 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=86400
x-accel-expires: @1664769837
server: CDN77-Turbo
x-77-nzt: AblMCQ3et8b/A+gAAA
x-77-nzt-ray: 0MOBR9kSTZ8
x-cache: HIT
x-age: 59395
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 472 B |
IP172.64.155.188:0
Hash002f95f2474162465cf5a637ed386ff5 d3b71eba683ac3921025c416fe48b472ee1f7daf fe93526f82d4fa9cf4e0ed6f3a9ab75d71d56a90a379df5401e907c8f1918c31
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 20:33:53 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 30 Sep 2022 12:11:58 GMT
Expires: Fri, 07 Oct 2022 12:11:57 GMT
Etag: "d3b71eba683ac3921025c416fe48b472ee1f7daf"
Cache-Control: max-age=401283,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 754037336afb0b59-OSL
|
|
| p.cpx.to/p/12771/px.js |  54.155.193.90 | 200 OK | 2.0 kB |
IP54.155.193.90:0
File typeASCII text, with very long lines (1990), with no line terminators Hasha667f26d4e73b4b5098a9c9637d3d29f 83d9b753da4c51039a689bc67956f7f9997854cc a559f41c7e0d2f4852afbf1cf44b736b9158e65b01843c05850f6e8d6b6db9b6
GET /p/12771/px.js HTTP/1.1
Host: p.cpx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2419200, public
Content-Type: application/javascript; charset=UTF-8
Date: Sun, 02 Oct 2022 20:33:52 GMT
Content-Length: 1990
Connection: keep-alive
|
|
| fertilizerfruitful.com/a7/ba/25/a7ba25348d1f33c5c0bd97ebba53b92c.js | 192.243.59.13 | 200 OK | 13 kB |
URL HTTP/1.1fertilizerfruitful.com/a7/ba/25/a7ba25348d1f33c5c0bd97ebba53b92c.js IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with very long lines (37139), with no line terminators Hashcb4be3371dc81bec6cbf7e168e710bb6 93f621d6f21ab3a98e058c0e2f678d82e8674f68 8670e8ac37e7d4e4ed74719fc998006a1c020a3e33b910011ebd6824e658550e
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /a7/ba/25/a7ba25348d1f33c5c0bd97ebba53b92c.js HTTP/1.1
Host: fertilizerfruitful.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 02 Oct 2022 20:33:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: db9779dd5dbe42f96ca528109a8c98b1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| pixel.wp.com/g.gif?v=ext&j=1%3A11.3.2&blog=198483314&post=39787&tz=3&srv=www.theburningofrome.com&host=www.theburningofrome.com&ref=&fcp=1127&rand=0.09116047287008444 | 192.0.76.3 | 200 OK | 50 B |
URL HTTP/2pixel.wp.com/g.gif?v=ext&j=1%3A11.3.2&blog=198483314&post=39787&tz=3&srv=www.theburningofrome.com&host=www.theburningofrome.com&ref=&fcp=1127&rand=0.09116047287008444 IP192.0.76.3:0
File typeGIF image data, version 89a, 6 x 5\012- data Hashe4d673a55c5656f19ef81563fb10884c 1f2d8ed221d39329251ad3a6ff1edb20b7219443 f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&j=1%3A11.3.2&blog=198483314&post=39787&tz=3&srv=www.theburningofrome.com&host=www.theburningofrome.com&ref=&fcp=1127&rand=0.09116047287008444 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 20:33:53 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| c.tmyzer.com/c/?s=93526&f=31&fi=99 | 54.38.64.100 | 200 OK | 0 B |
URL HTTP/1.1c.tmyzer.com/c/?s=93526&f=31&fi=99 IP54.38.64.100:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?s=93526&f=31&fi=99 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.theburningofrome.com
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 20:33:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
X-IPLB-Request-ID: 5B5A2A9A:A558_36264064:01BB_6339F5B1_2A79746:1AB41
X-IPLB-Instance: 38431
|
|
| ocsp.sca1b.amazontrust.com/ | 52.222.137.130 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP52.222.137.130:0
Hash606c558669146ba6d99d416b814455a8 9c49aea5039dcfdf01abba48f538350cf87f05ab 83b80756cb4f138174ba1020c487b4d10b6153bc994aba5b2d2ada322892da55
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 20:33:53 GMT
Last-Modified: Sun, 02 Oct 2022 20:16:13 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 fb6c3dd3817d7e9cad9e87d716e2024c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS50-C1
X-Amz-Cf-Id: 6rAZ43qqlDBWV9cjNhmbCwfd9JmeyivpZkn-xvzI5zgEPeZz5QUgaQ==
Age: 1060
|
|
| creepingbrings.com/sfp.js | 104.21.234.233 | 200 OK | 28 kB |
URL HTTP/2creepingbrings.com/sfp.js IP104.21.234.233:0
File typeUnicode text, UTF-8 text, with very long lines (65529), with no line terminators Hash32bdebfdcb42b609cb28154357ccc1ce 1744e5773a582f97ce003a077ab3483f594b3b6d 6420f48ae4573bd15324891809410886229604caadfff88ad9c5abd97eb8fa99
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:33:53 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 0e44e9202edcfaabcc21ee220046200c
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 02 Oct 2022 20:33:53 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ktz0UVWtFiWdx2IRCq3k7CSnIzVeV%2FQflXmF%2BxkEb7TW5bzLy3J35x3GIWvlFsHkho5ukU4mLwR%2BD4qr73YRD57N5Cxss6AoXADInTxBEQwhY2fl21ZiLvcflyxn%2BtGazSoc%2BAM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754037364c06dc6b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| simplewebanalysis.com/stats |  52.29.95.124 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP52.29.95.124:0
File typeASCII text, with no line terminators Hash5fb9fb1711bcb81c626312811034b207 0635ee878b3ad2844b7daa3a5766fe15d1274b64 aad5301237ee0f617be866ceddea9c0aaa139dd8290843280c7d9ef20396c964
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.theburningofrome.com
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:33:53 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.theburningofrome.com
access-control-allow-credentials: true
set-cookie: uid_id2=8940154c-9597-451e-941b-d6b7324a580a:1:1; expires=Wed, 29 Sep 2032 20:33:53 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash544d205b2f709e0bed39ebfc751d6187 71559b505f318323405eeb5ff59499c63e806559 692e14681ceb7536d5c09cf8700810a258b574e02e93c391e7551690111a5bc7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:33:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| static.doubleclick.net/instream/ad_status.js | 142.250.74.166 | 200 OK | 29 B |
URL HTTP/2static.doubleclick.net/instream/ad_status.js IP142.250.74.166:0
Hash1fa71744db23d0f8df9cce6719defcb7 e4be9b7136697942a036f97cf26ebaf703ad2067 eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 02 Oct 2022 20:22:31 GMT
expires: Sun, 02 Oct 2022 20:37:31 GMT
cache-control: public, max-age=900
age: 682
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| googleads.g.doubleclick.net/pagead/id | 142.250.74.162 | 302 Found | 403 B |
URL HTTP/2googleads.g.doubleclick.net/pagead/id IP142.250.74.162:0
Hashcd9a070fb7a29fae8b01c8d8a23b0f96 b684464a4a2db2d8b7faf5f5e3e36c5d2da4ebbf f9fa796cf0fb6324839be24286b32c8fd0d1cc16b04221f7d10a26926261d3c7
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sun, 02 Oct 2022 20:33:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ced.sascdn.com/tag/1097/smart.js | 23.36.77.24 | 200 OK | 32 kB |
URL HTTP/1.1ced.sascdn.com/tag/1097/smart.js IP23.36.77.24:0 ASN#20940 Akamai International B.V.
File typeASCII text, with very long lines (65536), with no line terminators Hash0f9006796922cf2e674a04959e2eed15 3bdc25ccff14fb6fd6061e071572fba3ee50c8a7 bea1709a95c4184c9990a8391cccc2c7726d22d5f6976f9c1a3adc04d873d2ba
GET /tag/1097/smart.js HTTP/1.1
Host: ced.sascdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 32498
Cache-Control: public, max-age=7200
Expires: Sun, 02 Oct 2022 22:33:53 GMT
Date: Sun, 02 Oct 2022 20:33:53 GMT
Connection: keep-alive
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 142.250.74.170 | 200 OK | 0 B |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP142.250.74.170:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 02 Oct 2022 20:33:53 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 313 B |
IP93.184.220.29:0
Hash4a77f6158bb6ef630cb568ad6abfa8bd 39628bacdca3114f367678c37c3767cd6525df37 ac50ce0eceab878a31aa59fbdd8c67546abfdd98436164771a25cd57d81ee70a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4814
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:33:53 GMT
Last-Modified: Sun, 02 Oct 2022 19:13:39 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 313
|
|
| cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=7e443e6f-e51e-41c6-55f0-56ae9f533d1c&reqId=e2905bc9-a6fd-40e5-5c80-99c321a20c38&zdid=1258 | 142.250.74.34 | 302 Found | 447 B |
URL HTTP/2cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=7e443e6f-e51e-41c6-55f0-56ae9f533d1c&reqId=e2905bc9-a6fd-40e5-5c80-99c321a20c38&zdid=1258 IP142.250.74.34:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators Hasheb9b7be5f45b14a1eef24e483778ee93 8b465a783f818e518d014196b9ad210ff4393df7 3e754937dc118a47d3c9f0aa9ee4bdc36d252be62d46b2704d4455d20320b3e5
GET /pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=7e443e6f-e51e-41c6-55f0-56ae9f533d1c&reqId=e2905bc9-a6fd-40e5-5c80-99c321a20c38&zdid=1258 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=7e443e6f-e51e-41c6-55f0-56ae9f533d1c&reqId=e2905bc9-a6fd-40e5-5c80-99c321a20c38&zdid=1258&google_tc=
date: Sun, 02 Oct 2022 20:33:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 447
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 02-Oct-2022 20:48:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash92a248ff40cc0d1f6c4453b2b6eabd8e 0cff00f8bed4a39b46b28690181c2a24c76c3273 c7d30eade15380fe43a9378be43ea36b9862287cdd7c506d12bdd58dccdcfa82
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3993
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:33:53 GMT
Last-Modified: Sun, 02 Oct 2022 19:27:20 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash544d205b2f709e0bed39ebfc751d6187 71559b505f318323405eeb5ff59499c63e806559 692e14681ceb7536d5c09cf8700810a258b574e02e93c391e7551690111a5bc7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:33:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash02b6db128321bff030b71b4a7aec97c8 3fa28f98c33eee6147a0ed4b521034369ad58887 ed279a4cf51d626fbd1d6ed7bf55f8f3b47a277fc1ac51eabf2777cbd09ce699
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:33:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js | 52.222.137.89 | 200 OK | 26 kB |
URL HTTP/1.1d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js IP52.222.137.89:0
File typeASCII text, with very long lines (16085) Hash8703fc9eead243fe2f47380e962d7fa2 3d9f707259112fa9ccdd1e676f00eadcff71906c b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
GET /a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js HTTP/1.1
Host: d2zur9cc2gf1tx.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 25704
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Date: Sat, 01 Oct 2022 23:41:55 GMT
X-Cache: Hit from cloudfront
Via: 1.1 24562ce7bb1d06e6505e84aac2d66ac6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS50-C1
X-Amz-Cf-Id: RGcWHd8N-HWzul5glOHS-MrBBf4YYmb0r35pvKP3rxbKrIr4nVruFg==
Age: 75118
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 142.250.74.170 | 200 OK | 31 kB |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP142.250.74.170:0
File typeJSON data\012- , ASCII text, with very long lines (65536), with no line terminators Hash1daeb7450f580e5f2bf3cc17d3c65faa 6de443a80e1a516ed1c30907dd9e23ba6ea3b643 4573fa95dfacea1a1a391f7ac5486df7e558b4212dcc576e26f545b0e89082ef
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 02 Oct 2022 20:33:53 GMT
server: ESF
cache-control: private
content-length: 30657
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash53aa134dc3b33b709b6ccf39e549055f 2e85a28ef73d7c403ad693fc8602e95fe3d803f3 877de7cadd4fc848afaac488f89ed987929505b563a03eb79e4e9d8fa0b41a0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:33:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=7e443e6f-e51e-41c6-55f0-56ae9f533d1c&reqId=e2905bc9-a6fd-40e5-5c80-99c321a20c38&zdid=1258&google_tc= | 142.250.74.34 | 302 Found | 437 B |
URL HTTP/2cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=7e443e6f-e51e-41c6-55f0-56ae9f533d1c&reqId=e2905bc9-a6fd-40e5-5c80-99c321a20c38&zdid=1258&google_tc= IP142.250.74.34:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators Hash0504ca786812132a0970b41e033e1c92 489278903102f364a7239936b067034efcbed84e 29d1e8c07b952c1770f3d542bd294a01ffb1747c66b9a92af60dd61e6f86feeb
GET /pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=7e443e6f-e51e-41c6-55f0-56ae9f533d1c&reqId=e2905bc9-a6fd-40e5-5c80-99c321a20c38&zdid=1258&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.theburningofrome.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=7e443e6f-e51e-41c6-55f0-56ae9f533d1c&reqId=e2905bc9-a6fd-40e5-5c80-99c321a20c38&zdid=1258&google_error=3
date: Sun, 02 Oct 2022 20:33:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 437
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashc13a9bf4003891ab621ca04b258f9880 8b0fb77ebf4d31235c62a8f10b1b8e4b4f77ad77 eb06a3da143e66c58a0e707ecd9b2b0818adc44b0f4e5244ac62545be8db4dd2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:33:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.com/js/th/RLowZH2Xcwtj3dY_yGSeKf8RcILu2Rj3JTO2BWyvP7U.js | 142.250.74.164 | 200 OK | 14 kB |
URL HTTP/2www.google.com/js/th/RLowZH2Xcwtj3dY_yGSeKf8RcILu2Rj3JTO2BWyvP7U.js IP142.250.74.164:0
File typeASCII text, with very long lines (36288) Hashfbfd3c94b2bff52e528e30e47e759e35 610c710509fd4c81f8c1cb6373694cdd756b9c6a ba673825910e584be07daff4cccffd1b0b1653b936bd3c5841a268a030164912
GET /js/th/RLowZH2Xcwtj3dY_yGSeKf8RcILu2Rj3JTO2BWyvP7U.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14348
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 04:21:54 GMT
expires: Sun, 01 Oct 2023 04:21:54 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 27 Sep 2022 17:00:00 GMT
content-type: text/javascript
age: 144719
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash9aefbd5315a10afbd9dadc8536e2824a 797eaba10ac56913f4f21546da9afb302ca1cf6b f55778da82d7fbb46ebbe45c52172c3f9970c3638836298caf592d160174b2e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:33:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| yt3.ggpht.com/ytc/AMLnZu_OJ2rhlCt6UmJzMAVb-JuO9SfTIJ6nOZbilf6AOQ=s68-c-k-c0x00ffffff-no-rj | 142.250.74.161 | 200 OK | 2.2 kB |
URL HTTP/2yt3.ggpht.com/ytc/AMLnZu_OJ2rhlCt6UmJzMAVb-JuO9SfTIJ6nOZbilf6AOQ=s68-c-k-c0x00ffffff-no-rj IP142.250.74.161:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 68x68, components 3\012- data Hashb2aa9bbd26aba9ed3e75861de56d5779 c6349c9869ed4ed115e2bac9f83800d4c9681eef 09b985b81cb632052f8a67205e0a8829058ea8f68b7410438accf5d420d4b26e
GET /ytc/AMLnZu_OJ2rhlCt6UmJzMAVb-JuO9SfTIJ6nOZbilf6AOQ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2201
x-xss-protection: 0
date: Sun, 02 Oct 2022 17:49:01 GMT
expires: Mon, 01 Aug 2022 00:11:52 GMT
cache-control: public, max-age=86400, no-transform
age: 9892
etag: "v172"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=7e443e6f-e51e-41c6-55f0-56ae9f533d1c&reqId=e2905bc9-a6fd-40e5-5c80-99c321a20c38&zdid=1258&google_error=3 | 172.67.13.182 | 200 OK | 95 B |
URL HTTP/2mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=7e443e6f-e51e-41c6-55f0-56ae9f533d1c&reqId=e2905bc9-a6fd-40e5-5c80-99c321a20c38&zdid=1258&google_error=3 IP172.67.13.182:0
File typePNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data Hash71a50dbba44c78128b221b7df7bb51f1 0ec63b140374ba704a58fa0c743cb357683313dd 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
GET /mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=7e443e6f-e51e-41c6-55f0-56ae9f533d1c&reqId=e2905bc9-a6fd-40e5-5c80-99c321a20c38&zdid=1258&google_error=3 HTTP/1.1
Host: mwzeom.zeotap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.theburningofrome.com/
Connection: keep-alive
Cookie: zc=7e443e6f-e51e-41c6-55f0-56ae9f533d1c; zsc=5%07%E4%B3L%D1%DB%7BJQ%9A%EE%B5%C2%3E%04g%05%99%B0p%FB%11%5D%1E%E6%96%0B%90_%F1%CFqh%D9%3E%09%0D%25%19%22%EE%DC%25%E2%17%FD%82%B4%C7Q%BDW%26%C8%F4%94%BA%02%A4%0B%BF%C9md%86%E0%03%FC%D9%B2HB%A4%98u%B2%21%E0%15.%A2%F0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:33:54 GMT
content-type: image/png
content-length: 95
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://www.theburningofrome.com
set-cookie: zc=7e443e6f-e51e-41c6-55f0-56ae9f533d1c; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 754037386d8eb4fd-OSL
X-Firefox-Spdy: h2
|
|
| i.ytimg.com/vi_webp/xxbHupBU7x4/maxresdefault.webp | 142.250.74.150 | 200 OK | 46 kB |
URL HTTP/2i.ytimg.com/vi_webp/xxbHupBU7x4/maxresdefault.webp IP142.250.74.150:0
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Hashaf495f2792f9d5c476af1defdcc234df 2ad24e94d5f4b3892798378d2ce42f2653c2c4dd d23a12e0714a4f22e7c01ec3ea173c3441cf4ff2aea943d6fdf9d55b6de8ef8d
GET /vi_webp/xxbHupBU7x4/maxresdefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 45906
date: Sun, 02 Oct 2022 20:33:54 GMT
expires: Sun, 02 Oct 2022 22:33:54 GMT
cache-control: public, max-age=7200
etag: "1629044994"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashc13a9bf4003891ab621ca04b258f9880 8b0fb77ebf4d31235c62a8f10b1b8e4b4f77ad77 eb06a3da143e66c58a0e707ecd9b2b0818adc44b0f4e5244ac62545be8db4dd2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:33:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js | 142.250.74.42 | 200 OK | 30 kB |
URL HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js IP142.250.74.42:0
File typeASCII text, with very long lines (32034) Hashc54aac7ef64c39b4f384e0d5771d3b46 d3e059104378a3844862a5ed12a13f5d423e86b6 3e1b5002dd64d185f806edeefd333348f423584d876cfc966b5c13884c8fe3da
GET /ajax/libs/jquery/3.0.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30186
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 11:05:10 GMT
expires: Wed, 27 Sep 2023 11:05:10 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 466124
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash9aefbd5315a10afbd9dadc8536e2824a 797eaba10ac56913f4f21546da9afb302ca1cf6b f55778da82d7fbb46ebbe45c52172c3f9970c3638836298caf592d160174b2e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:33:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ads.themoneytizer.com/s/gen.js?type=1 | 185.76.9.16 | 200 OK | 2.9 kB |
URL HTTP/2ads.themoneytizer.com/s/gen.js?type=1 IP185.76.9.16:0 ASN#60068 Datacamp Limited
File typeASCII text, with very long lines (2659) Hashad54022efb49545a09b633fea2ba9819 5b8f22cc7ffeeae84344c327475eb2bdc946f3eb b22d6381b6544ae08710a55ceacf3e62a3257f04b0fe6a6f7185d945593d8f01
GET /s/gen.js?type=1 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:33:52 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-accel-expires: @1664769837
server: CDN77-Turbo
x-77-nzt: AblMCQ0l9SX/A+gAAA
x-77-nzt-ray: boJR8dfq6i8
x-cache: HIT
x-age: 59395
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash8d59ee7b197f347e30ac793231158927 3316937f84c08ad1857d2f663dca353e250815f0 c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12508
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 20:33:54 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash8d59ee7b197f347e30ac793231158927 3316937f84c08ad1857d2f663dca353e250815f0 c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12508
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 20:33:54 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash8d59ee7b197f347e30ac793231158927 3316937f84c08ad1857d2f663dca353e250815f0 c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12508
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 20:33:54 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash8d59ee7b197f347e30ac793231158927 3316937f84c08ad1857d2f663dca353e250815f0 c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12508
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 20:33:54 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg | 34.120.237.76 | 200 OK | 9.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6047192460abf4afd600948abb5e6ee1 6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4 d1fd21a5913f6831d2128c8e9e84767d9730bf9e779da5395dc31b82a10e32e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9340
x-amzn-requestid: e892265e-836d-4638-871f-0548eda57745
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf8FCEoAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-7f39bb92066a75a90868dd03;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Sk1Dahp1gliiBIghSCZselE7-Fy45svrCk7TdmunOwNefSNqY1P1jA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:34 GMT
etag: "6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4"
content-type: image/jpeg
age: 81920
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg | 34.120.237.76 | 200 OK | 6.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash206fb65e75dbadf119512f71e0b78402 58ff0bf8ce7528b303d28bab01a80ad721705569 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:00 GMT
age: 57174
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashedded48f558f739287a040151349ef67 d63b6ba630736d32c364b0e6a369274b2389b7ff 33b4a459df0ba7b36b907ba96d74e08660cc75640c42a5748b97d18ec2e9d533
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11083
x-amzn-requestid: 53e2c961-bcc0-4977-8648-ee3c1aed9cde
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHRFWfIAMFhlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3c7-070212d7386d5efa1b4aa8d3;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Z1KmxHJh9QNfg5x0enkqOjbmiqHvg7nlQiMnuDuCRNWQUBFEiKELbw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:36 GMT
etag: "d63b6ba630736d32c364b0e6a369274b2389b7ff"
content-type: image/jpeg
age: 81918
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com | 13.227.219.121 | 200 OK | 49 kB |
URL HTTP/2cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com IP13.227.219.121:0
File typeASCII text, with very long lines (65536), with no line terminators Hash9ef95356a90ae1536bc3f3bbb9801d0e 61063468e61c90e1e09b5b3dc0d38da16089a772 a7213242682cee4d832bd476951dcb7b2af38ddcda9458e38a61821f18adadac
GET /tcfv2/42/cmp2.js?referer=www.themoneytizer.com HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
access-control-max-age: 86400
last-modified: Tue, 05 Jul 2022 18:40:23 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-qc-ineu: True
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: br
date: Sun, 02 Oct 2022 20:33:53 GMT
cache-control: max-age=172800
etag: W/"9494b70738cd74c9137e65c29c0b1f3e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 3af85c3075e12aff72b9e148b99d6622.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: mSkKKanojL8XiDcgISnfjP8Fwj4AUS0SncwptkMK6gVEohZ-ZYwZKA==
age: 38
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d657f8a-70bc-42c6-9aae-1127c4403047.jpeg | 34.120.237.76 | 200 OK | 8.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d657f8a-70bc-42c6-9aae-1127c4403047.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash94d82ad8d70761f6ee1384b4183335f3 5d3389a965cfa45dab2202d89b40264368674e8a ad495dc0ede3bfcbaebfd3bf2eb55fc5596cd7643a539e030ccce0b8a3bcf8dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d657f8a-70bc-42c6-9aae-1127c4403047.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8602
x-amzn-requestid: 89329169-bc7a-46b1-85fc-20383a85cae8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf9GxzoAMFg0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-27952f8357fa25c956b1cd72;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YDfn3Xd8m6jaBrj_M9hs4dePku_eEhJbYv3NJSHjCdAWifhBkiKUhw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 22:21:15 GMT
age: 79959
etag: "5d3389a965cfa45dab2202d89b40264368674e8a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F589e050c-3794-45f2-a218-269b944ae739.jpeg | 34.120.237.76 | 200 OK | 9.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F589e050c-3794-45f2-a218-269b944ae739.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash11f2e40823827b62bca89d18ee279cb2 fa7e61b4f2864b8e51acb2cc887c15d5cb41ef38 c7811cb947483a033f31ff1e93b813f1bbc49b03ed78fcedab2090c71e5c4d1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F589e050c-3794-45f2-a218-269b944ae739.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: e83a86d3-f5ab-4645-92df-4b2da3d4afa3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDgmFdlIAMFzQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2d0-48c3fa150800475c790b95bd;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: f1aqkuvCub_vq9gBDgA4VL8hNf16FXzXhQjSHC1yDLISm85uOqJF9w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 22:17:57 GMT
etag: "fa7e61b4f2864b8e51acb2cc887c15d5cb41ef38"
content-type: image/jpeg
age: 80157
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash4f289f14d0bb58dbeb37e5b7c60e6484 75e48c92e4e6034a319913816b5081ece5ee7585 ae9b0325c8c40f9c9d03c0cfb32542405455929ea0096170ca95a9c38f537cb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE9B0325C8C40F9C9D03C0CFB32542405455929EA0096170CA95A9C38F537CB8"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11935
Expires: Sun, 02 Oct 2022 23:52:49 GMT
Date: Sun, 02 Oct 2022 20:33:54 GMT
Connection: keep-alive
|
|
| id5-sync.com/i/12/9.gif?gdpr=true&gdpr_consent= | 141.95.33.111 | 200 | 43 B |
URL HTTP/1.1id5-sync.com/i/12/9.gif?gdpr=true&gdpr_consent= IP141.95.33.111:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash07fff40b5dd495aca2ac4e1c3fbc60aa e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4 a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /i/12/9.gif?gdpr=true&gdpr_consent= HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Sun, 02-Oct-2022 20:38:54 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Sun, 02-Oct-2022 20:38:54 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Sun, 02-Oct-2022 20:38:54 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Sun, 02-Oct-2022 20:38:54 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Sun, 02-Oct-2022 20:38:54 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Sun, 02-Oct-2022 20:38:54 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Sun, 02 Oct 2022 20:33:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 313 B |
IP93.184.220.29:0
Hash15d085db2203785f151cbe305d217382 e99a1103dc22be0ff0bfb6b64cc7287a16fae6c3 04829029b325f93893807c38ee413c7e5ffe2ea23083cae81d2ae5be0e6a0f42
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5727
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:33:54 GMT
Last-Modified: Sun, 02 Oct 2022 18:58:27 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 313
|
|
| csm.nl.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.StartInit~1&entry=c~Idfs.Rtus.147.Events.SyncframeDropped~1 | 178.250.2.150 | 200 OK | 43 B |
URL HTTP/2csm.nl.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.StartInit~1&entry=c~Idfs.Rtus.147.Events.SyncframeDropped~1 IP178.250.2.150:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.147.Events.StartInit~1&entry=c~Idfs.Rtus.147.Events.SyncframeDropped~1 HTTP/1.1
Host: csm.nl.eu.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:33:53 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
|
|
| audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%226Fv0cGNfc_bw8%22%2C%22domain%22%3A%22www.theburningofrome.com%22%2C%22publisher%22%3A%22themoneytizer.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.42%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22zqyqLXlGhIEyBziKWX6tNg%22%2C%22clientTimestamp%22%3A1664742834162%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-qeuolobx5hbjd33xtluk%22%7D | 52.57.11.194 | 200 OK | 2 B |
URL HTTP/2audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%226Fv0cGNfc_bw8%22%2C%22domain%22%3A%22www.theburningofrome.com%22%2C%22publisher%22%3A%22themoneytizer.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.42%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22zqyqLXlGhIEyBziKWX6tNg%22%2C%22clientTimestamp%22%3A1664742834162%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-qeuolobx5hbjd33xtluk%22%7D IP52.57.11.194:0
File typeASCII text, with no line terminators Hashe0aa021e21dddbd6d8cecec71e9cf564 9ce3bd4224c8c1780db56b4125ecf3f24bf748b7 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
GET /?log=%7B%22accountId%22%3A%226Fv0cGNfc_bw8%22%2C%22domain%22%3A%22www.theburningofrome.com%22%2C%22publisher%22%3A%22themoneytizer.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.42%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22zqyqLXlGhIEyBziKWX6tNg%22%2C%22clientTimestamp%22%3A1664742834162%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-qeuolobx5hbjd33xtluk%22%7D HTTP/1.1
Host: audit-tcfv2.cmp.quantcast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.theburningofrome.com
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:33:54 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 52.222.137.130 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP52.222.137.130:0
Hash216fc311069092a164f9777e79d20e13 5337a12ab3f78331da2af4197643b8545a47686f 5130ea85234ae4eebcbcd9e159818d2d9a646ff09a6d3623427e15635640e562
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=87146
Date: Sun, 02 Oct 2022 20:33:54 GMT
Etag: "63389419-1d7"
Expires: Mon, 03 Oct 2022 20:46:20 GMT
Last-Modified: Sat, 01 Oct 2022 19:25:13 GMT
Server: ECS (bsa/EB1F)
X-Cache: Miss from cloudfront
Via: 1.1 fb6c3dd3817d7e9cad9e87d716e2024c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS50-C1
X-Amz-Cf-Id: XJolxIi5dK09X-WW1ijUDXpwnKPCQo2H722XERzK8X4Xd2WcilVySw==
Age: 4868
|
|
| adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7 | 54.171.248.84 | 200 OK | 20 B |
URL HTTP/1.1adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7 IP54.171.248.84:0
Hash7029066c27ac6f5ef18d660d5741979a 46c6643f07aa7f6bfe7118de926b86defc5087c4 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7 HTTP/1.1
Host: adtrack.adleadevent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.theburningofrome.com
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.theburningofrome.com
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Encoding: gzip
Content-Type: application/x-javascript
Date: Sun, 02 Oct 2022 20:33:54 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Last-Modified: Sun, 02 Oct 2022 20:33:54 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Length: 20
Connection: keep-alive
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 142.250.74.170 | 200 OK | 0 B |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP142.250.74.170:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 02 Oct 2022 20:33:54 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 142.250.74.170 | 200 OK | 114 B |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP142.250.74.170:0
File typeJSON data\012- , ASCII text, with no line terminators Hash1216da825c1d6a8b0be64bbe76bcbb5e 94087c7615c12b743bb130f7ac537a8cb6a62e81 c235f9c62e9222b71a2cd41d286fe9c912c2510584477867f9fd43e97142838f
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1018
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 02 Oct 2022 20:33:54 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash39c78882010dceec7dfdfee03537efab 8a05fc2a97847892d545da4ea99589d3a50853e0 1e59389c8a9660c81e08d97a43ffdaf6184377c984c47a12322f023c57d5aa8d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E59389C8A9660C81E08D97A43FFDAF6184377C984C47A12322F023C57D5AA8D"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4312
Expires: Sun, 02 Oct 2022 21:45:46 GMT
Date: Sun, 02 Oct 2022 20:33:54 GMT
Connection: keep-alive
|
|
| csm.nl.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.InitiateFetch~1 | 178.250.2.150 | 200 OK | 43 B |
URL HTTP/2csm.nl.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.InitiateFetch~1 IP178.250.2.150:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.147.Events.InitiateFetch~1 HTTP/1.1
Host: csm.nl.eu.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:33:53 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash5b3173eff80b64049bff92afa135727e 3a21ff79d45b6356f8283a87ba8cb2e33040ca29 7a5db34068fb34056744665a1e81460da9473caf812d47b5ee75a64f8d78ae2b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7A5DB34068FB34056744665A1E81460DA9473CAF812D47B5EE75A64F8D78AE2B"
Last-Modified: Fri, 30 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20908
Expires: Mon, 03 Oct 2022 02:22:22 GMT
Date: Sun, 02 Oct 2022 20:33:54 GMT
Connection: keep-alive
|
|
| unseenreport.com/pxf.gif?uuid=8940154c-9597-451e-941b-d6b7324a580a&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=a7ba25348d1f33c5c0bd97ebba53b92c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20 | 192.243.59.13 | 200 OK | 1 B |
URL HTTP/1.1unseenreport.com/pxf.gif?uuid=8940154c-9597-451e-941b-d6b7324a580a&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=a7ba25348d1f33c5c0bd97ebba53b92c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20 IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pxf.gif?uuid=8940154c-9597-451e-941b-d6b7324a580a&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=a7ba25348d1f33c5c0bd97ebba53b92c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 02 Oct 2022 20:33:54 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 056e55c3ffee3771d323497707b1839c
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| incomprehensibleacrid.com/sbar.json?key=a7ba25348d1f33c5c0bd97ebba53b92c&uuid=8940154c-9597-451e-941b-d6b7324a580a%3A1%3A1 | 192.243.59.13 | 200 OK | 4.1 kB |
URL HTTP/1.1incomprehensibleacrid.com/sbar.json?key=a7ba25348d1f33c5c0bd97ebba53b92c&uuid=8940154c-9597-451e-941b-d6b7324a580a%3A1%3A1 IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
File typeJSON data\012- , ASCII text, with very long lines (5757), with no line terminators Hash83ac2408aa72c808e810f1dca835aa04 51cdce5f926aa0d848f3921529f4a448e9ce9228 9a369529de1d0e55e80681ab415b7d7ccbf2c1f43618f6e4294077c88b3100b7
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /sbar.json?key=a7ba25348d1f33c5c0bd97ebba53b92c&uuid=8940154c-9597-451e-941b-d6b7324a580a%3A1%3A1 HTTP/1.1
Host: incomprehensibleacrid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.theburningofrome.com
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 02 Oct 2022 20:33:55 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.theburningofrome.com
Access-Control-Allow-Origin: https://www.theburningofrome.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17378621; expires=Mon, 03 Oct 2022 20:33:55 GMT; secure; SameSite=None
uid_id2=8940154c-9597-451e-941b-d6b7324a580a:1:1; expires=Sun, 09 Oct 2022 20:33:55 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 03 Oct 2022 20:33:55 GMT; secure; SameSite=None
uncs=1; expires=Mon, 03 Oct 2022 20:33:55 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 03 Oct 2022 20:33:55 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 03 Oct 2022 20:33:55 GMT; secure; SameSite=None
sleca7ba25348d1f33c5c0bd97ebba53b92c=[3364848]; expires=Sun, 02 Oct 2022 20:34:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ad5c05c8fff35814ad4080673e7d0448
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash174c21ecb45b3cde463b9b308ca8b063 d6c843951ba6a1559b7bf7c51142e0f505785a90 4da74b11c8732e27da70b8a24b46307f87692bd52f0d4e6fc359ef5a3a7f4080
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3831
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 20:33:55 GMT
Last-Modified: Sun, 02 Oct 2022 19:30:05 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
|
|
| incomprehensibleacrid.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYscVRR9lRlBcWXIJoLSCxcKzkx9dVeXQYIxjgQnHyRKdKXvq3ue86pe8V5VV2cWEgxKlhPwB9ScnkmIBlHM1hB6AlkMCGlXs3B%2BgyJm5UK6M9h6obj31DmLc899X29Xh8RHRQ%2FOnjebSmu60l72W69%2FHASnWmsqr4atYbfzaSc%2B1bKDt9LOsv9G633JN8xK6Ae%2BH%2FhBa1VZ2TPDlSkJVdxLg%2BXUX47D5aAdY2j%2Fj13lwVEPYnBIjkOJyeIj7wQUHyPPfjgr3UZpijffyypNS2MxEHc%2ByjdyU%2BfI5mPPeujld47UMO7J6gOYfHdmF2bwr5CpCfEePwDL7xyZBBvszHwyDZmDiRdRD8aQegxFx%2BDmBpR4QgAucOEi8uz2BWNreu0ZS6fshCw%2B%2FROqnpDF304gz74%2Fo9WwdcXoqlQmdxj2GqjhGKo%2FRlHtodw8BlXvgZdfQolfyMrTNeTZzkWnDZQ4eK2bxn7QjvlS2k6TpbgdyKU0DtiS6LAkCmPa7vp0FpBSY6jeGFpugToP1fRTHqqeh6rwkImDFg%2BCIPEFp3435TwSiWQd4Qc06QU08DtdVHy6wxbKYgtcb4Hb6yjsdWyoW0%2Fax2Grh3DrDZzw4EqCgWhQS4LaEdSUoFYEdUlQD5pdoV3omttCu4oFRz086lEzMmV%2Fm%2B6asi9zsl0ckpem2XkvLL2NDXnQogmjYTuKuyLoRRFvc5%2BJNJGM0XbE0pDDqQbKHZttuqkm5ORDh0JNyHPffAJG9%2BD0HrhaAK1eAa1HSeiDro%2Firo%2FN%2FH65Llllc5X3Tc%2BaTC5zk0GYBkW5iPKat60PycnZLaOrv0Py%2FdOfsfOTP%2B7%2BDW4bFLbB5%2BoRQV%2FfHF02Ndm5bGpHfrxYlCpTm3R65yslLeXCtx%2FIa7Wx4txZt3X3HT4lpuO9D6Ur12guVN535LszSghpV43lkvx8zl2V7FLl1s9UNq%2BKtUvvrp7LCiudUyYfg6oJIY%2F3wdWEPH9%2Fd%2FaEX%2F7qCyg7hq0aZNU%2BOSooswdeXIcr5v6dWYDVcw0rPNRVM7Ihm%2F%2FUikDLOaasgfsPZvN5291E374KWt5AnjUY2AYD3YDqLbhqYVQWdv%2F0r9GswLQ3Ytp6O0xbfetZuE4dtJIo8mknbQdJQmXC4rDb6wSC0jDuhJ0OjVC6CU%2F%2F%2BukfAAAA%2F%2F8BAAD%2F%2F7PC7KKNBAAA | 192.243.59.13 | 200 OK | 7 B |
URL HTTP/1.1incomprehensibleacrid.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYscVRR9lRlBcWXIJoLSCxcKzkx9dVeXQYIxjgQnHyRKdKXvq3ue86pe8V5VV2cWEgxKlhPwB9ScnkmIBlHM1hB6AlkMCGlXs3B%2BgyJm5UK6M9h6obj31DmLc899X29Xh8RHRQ%2FOnjebSmu60l72W69%2FHASnWmsqr4atYbfzaSc%2B1bKDt9LOsv9G633JN8xK6Ae%2BH%2FhBa1VZ2TPDlSkJVdxLg%2BXUX47D5aAdY2j%2Fj13lwVEPYnBIjkOJyeIj7wQUHyPPfjgr3UZpijffyypNS2MxEHc%2ByjdyU%2BfI5mPPeujld47UMO7J6gOYfHdmF2bwr5CpCfEePwDL7xyZBBvszHwyDZmDiRdRD8aQegxFx%2BDmBpR4QgAucOEi8uz2BWNreu0ZS6fshCw%2B%2FROqnpDF304gz74%2Fo9WwdcXoqlQmdxj2GqjhGKo%2FRlHtodw8BlXvgZdfQolfyMrTNeTZzkWnDZQ4eK2bxn7QjvlS2k6TpbgdyKU0DtiS6LAkCmPa7vp0FpBSY6jeGFpugToP1fRTHqqeh6rwkImDFg%2BCIPEFp3435TwSiWQd4Qc06QU08DtdVHy6wxbKYgtcb4Hb6yjsdWyoW0%2Fax2Grh3DrDZzw4EqCgWhQS4LaEdSUoFYEdUlQD5pdoV3omttCu4oFRz086lEzMmV%2Fm%2B6asi9zsl0ckpem2XkvLL2NDXnQogmjYTuKuyLoRRFvc5%2BJNJGM0XbE0pDDqQbKHZttuqkm5ORDh0JNyHPffAJG9%2BD0HrhaAK1eAa1HSeiDro%2Firo%2FN%2FH65Llllc5X3Tc%2BaTC5zk0GYBkW5iPKat60PycnZLaOrv0Py%2FdOfsfOTP%2B7%2BDW4bFLbB5%2BoRQV%2FfHF02Ndm5bGpHfrxYlCpTm3R65yslLeXCtx%2FIa7Wx4txZt3X3HT4lpuO9D6Ur12guVN535LszSghpV43lkvx8zl2V7FLl1s9UNq%2BKtUvvrp7LCiudUyYfg6oJIY%2F3wdWEPH9%2Fd%2FaEX%2F7qCyg7hq0aZNU%2BOSooswdeXIcr5v6dWYDVcw0rPNRVM7Ihm%2F%2FUikDLOaasgfsPZvN5291E374KWt5AnjUY2AYD3YDqLbhqYVQWdv%2F0r9GswLQ3Ytp6O0xbfetZuE4dtJIo8mknbQdJQmXC4rDb6wSC0jDuhJ0OjVC6CU%2F%2F%2BukfAAAA%2F%2F8BAAD%2F%2F7PC7KKNBAAA IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTYscVRR9lRlBcWXIJoLSCxcKzkx9dVeXQYIxjgQnHyRKdKXvq3ue86pe8V5VV2cWEgxKlhPwB9ScnkmIBlHM1hB6AlkMCGlXs3B%2BgyJm5UK6M9h6obj31DmLc899X29Xh8RHRQ%2FOnjebSmu60l72W69%2FHASnWmsqr4atYbfzaSc%2B1bKDt9LOsv9G633JN8xK6Ae%2BH%2FhBa1VZ2TPDlSkJVdxLg%2BXUX47D5aAdY2j%2Fj13lwVEPYnBIjkOJyeIj7wQUHyPPfjgr3UZpijffyypNS2MxEHc%2ByjdyU%2BfI5mPPeujld47UMO7J6gOYfHdmF2bwr5CpCfEePwDL7xyZBBvszHwyDZmDiRdRD8aQegxFx%2BDmBpR4QgAucOEi8uz2BWNreu0ZS6fshCw%2B%2FROqnpDF304gz74%2Fo9WwdcXoqlQmdxj2GqjhGKo%2FRlHtodw8BlXvgZdfQolfyMrTNeTZzkWnDZQ4eK2bxn7QjvlS2k6TpbgdyKU0DtiS6LAkCmPa7vp0FpBSY6jeGFpugToP1fRTHqqeh6rwkImDFg%2BCIPEFp3435TwSiWQd4Qc06QU08DtdVHy6wxbKYgtcb4Hb6yjsdWyoW0%2Fax2Grh3DrDZzw4EqCgWhQS4LaEdSUoFYEdUlQD5pdoV3omttCu4oFRz086lEzMmV%2Fm%2B6asi9zsl0ckpem2XkvLL2NDXnQogmjYTuKuyLoRRFvc5%2BJNJGM0XbE0pDDqQbKHZttuqkm5ORDh0JNyHPffAJG9%2BD0HrhaAK1eAa1HSeiDro%2Firo%2FN%2FH65Llllc5X3Tc%2BaTC5zk0GYBkW5iPKat60PycnZLaOrv0Py%2FdOfsfOTP%2B7%2BDW4bFLbB5%2BoRQV%2FfHF02Ndm5bGpHfrxYlCpTm3R65yslLeXCtx%2FIa7Wx4txZt3X3HT4lpuO9D6Ur12guVN535LszSghpV43lkvx8zl2V7FLl1s9UNq%2BKtUvvrp7LCiudUyYfg6oJIY%2F3wdWEPH9%2Fd%2FaEX%2F7qCyg7hq0aZNU%2BOSooswdeXIcr5v6dWYDVcw0rPNRVM7Ihm%2F%2FUikDLOaasgfsPZvN5291E374KWt5AnjUY2AYD3YDqLbhqYVQWdv%2F0r9GswLQ3Ytp6O0xbfetZuE4dtJIo8mknbQdJQmXC4rDb6wSC0jDuhJ0OjVC6CU%2F%2F%2BukfAAAA%2F%2F8BAAD%2F%2F7PC7KKNBAAA HTTP/1.1
Host: incomprehensibleacrid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Cookie: u_pl=17378621; uid_id2=8940154c-9597-451e-941b-d6b7324a580a:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca7ba25348d1f33c5c0bd97ebba53b92c=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 02 Oct 2022 20:33:55 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 880b7d7ece48ab69263cab8c29eb3a5b
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 344 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash6b2fd94fd0b2607df5a0aa20419566b7 65f275db36cda005a73cf806b613eefbbee602c9 78f5297fe8ca20edcfb24ca602e17c525e7961ab3fba14c6f64cec0236c63cae
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "78F5297FE8CA20EDCFB24CA602E17C525E7961AB3FBA14C6F64CEC0236C63CAE"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3316
Expires: Sun, 02 Oct 2022 21:29:12 GMT
Date: Sun, 02 Oct 2022 20:33:56 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 344 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash6b2fd94fd0b2607df5a0aa20419566b7 65f275db36cda005a73cf806b613eefbbee602c9 78f5297fe8ca20edcfb24ca602e17c525e7961ab3fba14c6f64cec0236c63cae
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "78F5297FE8CA20EDCFB24CA602E17C525E7961AB3FBA14C6F64CEC0236C63CAE"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3316
Expires: Sun, 02 Oct 2022 21:29:12 GMT
Date: Sun, 02 Oct 2022 20:33:56 GMT
Connection: keep-alive
|
|
| incomprehensibleacrid.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Findex.html&l=2230&fd=621 | 192.243.59.13 | 200 OK | 0 B |
URL HTTP/1.1incomprehensibleacrid.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Findex.html&l=2230&fd=621 IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Findex.html&l=2230&fd=621 HTTP/1.1
Host: incomprehensibleacrid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Cookie: u_pl=17378621; uid_id2=8940154c-9597-451e-941b-d6b7324a580a:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca7ba25348d1f33c5c0bd97ebba53b92c=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 02 Oct 2022 20:33:56 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/arrow.png | 172.64.201.2 | 200 OK | 2.0 kB |
URL HTTP/2cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/arrow.png IP172.64.201.2:0
File typePNG image data, 52 x 81, 8-bit/color RGBA, non-interlaced\012- data Hashef2bad0eceeff00bf615df0a433a5bff a910af81d23d78c96283b46c241d3d9652562009 9c362044a93ac6919b7174a1620d4d82dbe1940a450aea1abca32a48fd160d40
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/arrow.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:33:56 GMT
content-type: image/png
content-length: 2008
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-7d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5221770
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=22plezrZGQZJv5YOE3lhEflt3jSKRP2RNczi9syApLRRfHHKrYh2frb3Tdh7WpEiM5dunGv1UA9fh1Fl%2F7I86Fr79OQ5P0xDFaletn0GPfuRaMndK%2BrIcFTN1hbyRy9yu2M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75403746093f0635-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/index.html | 172.67.74.218 | 200 OK | 6.6 kB |
URL HTTP/2cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/index.html IP172.67.74.218:0
File typeHTML document, ASCII text Hashbcc0519dbfbe6c9c546f0069ef74db9f 5e19beb063910fe63ca3adcd226307affe316917 2cba869a0b7b1a9948f4de78112dadc17edda64ad3b69bfae35a62d5b1fd1dee
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.theburningofrome.com
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:33:56 GMT
content-type: text/html
last-modified: Wed, 09 Feb 2022 14:12:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sxX3F74aepD0aV%2FwwTkwasBgp8ZyPg3qSJkAJpADGmdQue0ZAWrUxLpLdjlDaPQrSgXwYq%2F52Cavgwxn%2BO5sd7Yg9YqnIQV6%2FupzuFtD7DigC%2BtzS8ZuAU2STgi3vTyKtg6xq8Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7540374198d7b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/number.png | 172.64.201.2 | 200 OK | 1.1 kB |
URL HTTP/2cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/number.png IP172.64.201.2:0
File typePNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced\012- data Hash9e4414e85c588bf7db195e49c02ab2bb 09254e79b255f1b2dfe45adbbe44583a4b433782 0b977ec6e7cf5d35df03cd3a8041f5f523f5d4059ac67c152c0a7b613e20b762
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/number.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:33:56 GMT
content-type: image/png
content-length: 1138
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-472"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5221770
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GyDfphBzuBMOg4k1IXJfNngtvh6%2FBeAJWgY6N6ZVKcQTM4zlZB7MyZq9W7eb2JOt3BCV0QcZb89rM%2BC7kE5MBMpdCA9a%2FFI1qiJ4%2FIi6gzuPre%2B4ZvITLHakfP%2FiBpot9ew%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7540374609410635-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/icon.png | 172.64.201.2 | 200 OK | 157 kB |
URL HTTP/2cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/icon.png IP172.64.201.2:0
File typePNG image data, 340 x 340, 8-bit/color RGB, non-interlaced\012- data Size157 kB (157252 bytes) Hash70ffdd6375de1144c67e71e385cedb80 6d5c9590fa9a156851435bcefc963949de13ceb1 18515abb1bfe26c5b54bbbdc24aac4e8a757f879eeaa9c0ad986dc0c8d5ca0af
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/icon.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:33:56 GMT
content-type: image/png
content-length: 157252
last-modified: Tue, 08 Feb 2022 14:14:59 GMT
etag: "62027ae3-26644"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5221770
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f6GQCuszCyxFDoteLY5KJEQfE9k7182408RRxZhc9rU0nB%2FbxjAdQEdgavMajV1MS2Tt6HZrgweRhr%2BqQGiqtvMd2cCtqjJs9WOgCQa4dnjEFgbEckOF3BmHYCStp0J%2FG8g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7540374609440635-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 344 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash6b2fd94fd0b2607df5a0aa20419566b7 65f275db36cda005a73cf806b613eefbbee602c9 78f5297fe8ca20edcfb24ca602e17c525e7961ab3fba14c6f64cec0236c63cae
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "78F5297FE8CA20EDCFB24CA602E17C525E7961AB3FBA14C6F64CEC0236C63CAE"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3316
Expires: Sun, 02 Oct 2022 21:29:12 GMT
Date: Sun, 02 Oct 2022 20:33:56 GMT
Connection: keep-alive
|
|
| cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/style.css | 172.64.201.2 | 200 OK | 2.3 kB |
URL HTTP/2cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/style.css IP172.64.201.2:0
Hash9e6a3139b133de29072d71c14963a1ac 074519fd7d10afb7ddd5133fd66fd0c503618976 089d7f1a16fd6ebbd1b9cc479cb07fe452b6a28ce5696c94102aaf52736a7ce4
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.theburningofrome.com
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:33:56 GMT
content-type: text/css
last-modified: Mon, 31 Jan 2022 14:46:40 GMT
etag: W/"61f7f650-2516"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a05%2FI0NE%2B8Nt7qhnfiTA6Hs1iSUBZggKSwCLyoWXfzXviFY9pmFqCKSHZTMp1MEf%2FxnsRfGPxRLCgY73IWSUKaj%2BHFs7swxyhH4mClK0Y0GJRG04U0ajVlTvEmOMTSSve5U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75403745e90b0635-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/script.js | 172.64.201.2 | 200 OK | 317 B |
URL HTTP/2cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/script.js IP172.64.201.2:0
Hash4761ad2393202bfabef11ba0db779752 f67daa266767f3528ac554901f32ca9b43da00ff 92fdc96ed03a7abaff8750ca48f8f19cd769784927289cbd2544b9c642acf55c
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.theburningofrome.com
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:33:56 GMT
content-type: application/javascript
last-modified: Fri, 21 May 2021 10:10:50 GMT
etag: W/"60a7872a-2c7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v8ByfHWSv%2BzaTelsuo1fIchTi7WZnHkrkw1IaDJzfsOTdSATno5yHM8CzDbn2k%2BUAkWg8TYqFe6m7RcgQJoLVi3UEuHG2RcD3Q7OMxpxAXWjVaVWUl0Xic456PefhjKQd%2FE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75403746aa540635-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| incomprehensibleacrid.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fstyle.css&l=9494&fd=365 | 192.243.59.13 | 200 OK | 0 B |
URL HTTP/1.1incomprehensibleacrid.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fstyle.css&l=9494&fd=365 IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fstyle.css&l=9494&fd=365 HTTP/1.1
Host: incomprehensibleacrid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Cookie: u_pl=17378621; uid_id2=8940154c-9597-451e-941b-d6b7324a580a:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca7ba25348d1f33c5c0bd97ebba53b92c=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 02 Oct 2022 20:33:56 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| incomprehensibleacrid.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTYscVRR9lRlBcWXIJoLSCxcKTk9Vd1V%2FGCQY40hw8kGiRFf6vqrnOa%2FqFe9VdfXMQgaDkmUH%2FAE1p2cyRIMoZmsIPYEsBoRpV7NwfoMiZuVCujPYeqG499Q5i3PPfV9vF8fER0GPLl42m0pruhzV%2FdrrHwfBudqqSotBbdBpfdoKz9Vs%2F61uq%2B6%2FUXtf8nWz3PAD3w%2F8oLairIzNYHlKQmX3u0G969fDRj2IQgzs%2F7ErPDjqQfSPyWkoMVl87J2B4mOkyQ8XpVvPTfbme0mhaW4s%2BmLvo3Q9NWWKZD7G1kOc7p2oYdzhykOYdHdmF6b%2Fr5CpCfGePARL905MgvV3Zj6ZhkzBxIso%2B2NIPYaiY3BzC0ocEoALXLmKNLl7xdiSbjxj6ZSdkMWnf0KVE7L42xmkyfcXtBrUbhhd5MqkDoO4ghqMoXpjZMU%2B8s1TUOU%2BeP4llPiFLD9dRZrsXHXaQImj1zrd0A%2BikC91o257KYwCudQNA7YkWqzdbIQ06vh0FpBSY6h4DC2HoM5DMf2UhyL2UGQeEnFU40EQtH3Bqd%2Fpct4Ubclawg9oOw5o4Lc6KPh0hyHybAiuh%2BB2C5ndwrq6cxidhi0ewa1VcMKDywn6okIpCUpHUFKCUhGUOUHZr3aFdg1X3RXaFSw46Y2T3qxGJu9t012T92RKtrNj8tI0O%2B%2BFpbexLo9qtM1oI2qGHRHEzSaPuM9Ety0Zo1GTdRscTlVQ7tRs0001IWcfOWRqQp775hMwug%2Bn98HVAmjxCmg5ajd80LVR2PGxmT7I1yQrbKrSnomtSWSdmwTCVMjyReQb3rY%2BJmdnt2ze%2FB2SH5z%2FjF2e%2FHHvb3BbIbMVPlePCXr69ui6KcnOdVM68uPVLFeJ2qTTO9%2FIaS4Xvv1AbpTGiksX3fDeO3xKTMf7H0qXr9JUqLTnyHcXlBDSrhjLJfn5krsp2bXCrV0obFpkq9feXbmUZFY6p0w6BlUTQp4cgKsJef7B7uwJv%2FzVF1B2DFtUSIoDclJQZh8824LL5v6dWYDVcw3LPJRFNbINNv%2BpFYGWc0xZBfcfzObztruNnn0VNL%2BFNKnQtxX6ugLVQ7hiYZRn9uD8r81ZgWlvxLT1dpi2%2Bs6zcJ06qjV90WYylm0mwyiMJRcsipjPY86aotPhyN2Ed%2F%2F66R8AAAD%2F%2FwEAAP%2F%2FMxY5So0EAAA%3D | 192.243.59.13 | 200 OK | 7 B |
URL HTTP/1.1incomprehensibleacrid.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTYscVRR9lRlBcWXIJoLSCxcKTk9Vd1V%2FGCQY40hw8kGiRFf6vqrnOa%2FqFe9VdfXMQgaDkmUH%2FAE1p2cyRIMoZmsIPYEsBoRpV7NwfoMiZuVCujPYeqG499Q5i3PPfV9vF8fER0GPLl42m0pruhzV%2FdrrHwfBudqqSotBbdBpfdoKz9Vs%2F61uq%2B6%2FUXtf8nWz3PAD3w%2F8oLairIzNYHlKQmX3u0G969fDRj2IQgzs%2F7ErPDjqQfSPyWkoMVl87J2B4mOkyQ8XpVvPTfbme0mhaW4s%2BmLvo3Q9NWWKZD7G1kOc7p2oYdzhykOYdHdmF6b%2Fr5CpCfGePARL905MgvV3Zj6ZhkzBxIso%2B2NIPYaiY3BzC0ocEoALXLmKNLl7xdiSbjxj6ZSdkMWnf0KVE7L42xmkyfcXtBrUbhhd5MqkDoO4ghqMoXpjZMU%2B8s1TUOU%2BeP4llPiFLD9dRZrsXHXaQImj1zrd0A%2BikC91o257KYwCudQNA7YkWqzdbIQ06vh0FpBSY6h4DC2HoM5DMf2UhyL2UGQeEnFU40EQtH3Bqd%2Fpct4Ubclawg9oOw5o4Lc6KPh0hyHybAiuh%2BB2C5ndwrq6cxidhi0ewa1VcMKDywn6okIpCUpHUFKCUhGUOUHZr3aFdg1X3RXaFSw46Y2T3qxGJu9t012T92RKtrNj8tI0O%2B%2BFpbexLo9qtM1oI2qGHRHEzSaPuM9Ety0Zo1GTdRscTlVQ7tRs0001IWcfOWRqQp775hMwug%2Bn98HVAmjxCmg5ajd80LVR2PGxmT7I1yQrbKrSnomtSWSdmwTCVMjyReQb3rY%2BJmdnt2ze%2FB2SH5z%2FjF2e%2FHHvb3BbIbMVPlePCXr69ui6KcnOdVM68uPVLFeJ2qTTO9%2FIaS4Xvv1AbpTGiksX3fDeO3xKTMf7H0qXr9JUqLTnyHcXlBDSrhjLJfn5krsp2bXCrV0obFpkq9feXbmUZFY6p0w6BlUTQp4cgKsJef7B7uwJv%2FzVF1B2DFtUSIoDclJQZh8824LL5v6dWYDVcw3LPJRFNbINNv%2BpFYGWc0xZBfcfzObztruNnn0VNL%2BFNKnQtxX6ugLVQ7hiYZRn9uD8r81ZgWlvxLT1dpi2%2Bs6zcJ06qjV90WYylm0mwyiMJRcsipjPY86aotPhyN2Ed%2F%2F66R8AAAD%2F%2FwEAAP%2F%2FMxY5So0EAAA%3D IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTYscVRR9lRlBcWXIJoLSCxcKTk9Vd1V%2FGCQY40hw8kGiRFf6vqrnOa%2FqFe9VdfXMQgaDkmUH%2FAE1p2cyRIMoZmsIPYEsBoRpV7NwfoMiZuVCujPYeqG499Q5i3PPfV9vF8fER0GPLl42m0pruhzV%2FdrrHwfBudqqSotBbdBpfdoKz9Vs%2F61uq%2B6%2FUXtf8nWz3PAD3w%2F8oLairIzNYHlKQmX3u0G969fDRj2IQgzs%2F7ErPDjqQfSPyWkoMVl87J2B4mOkyQ8XpVvPTfbme0mhaW4s%2BmLvo3Q9NWWKZD7G1kOc7p2oYdzhykOYdHdmF6b%2Fr5CpCfGePARL905MgvV3Zj6ZhkzBxIso%2B2NIPYaiY3BzC0ocEoALXLmKNLl7xdiSbjxj6ZSdkMWnf0KVE7L42xmkyfcXtBrUbhhd5MqkDoO4ghqMoXpjZMU%2B8s1TUOU%2BeP4llPiFLD9dRZrsXHXaQImj1zrd0A%2BikC91o257KYwCudQNA7YkWqzdbIQ06vh0FpBSY6h4DC2HoM5DMf2UhyL2UGQeEnFU40EQtH3Bqd%2Fpct4Ubclawg9oOw5o4Lc6KPh0hyHybAiuh%2BB2C5ndwrq6cxidhi0ewa1VcMKDywn6okIpCUpHUFKCUhGUOUHZr3aFdg1X3RXaFSw46Y2T3qxGJu9t012T92RKtrNj8tI0O%2B%2BFpbexLo9qtM1oI2qGHRHEzSaPuM9Ety0Zo1GTdRscTlVQ7tRs0001IWcfOWRqQp775hMwug%2Bn98HVAmjxCmg5ajd80LVR2PGxmT7I1yQrbKrSnomtSWSdmwTCVMjyReQb3rY%2BJmdnt2ze%2FB2SH5z%2FjF2e%2FHHvb3BbIbMVPlePCXr69ui6KcnOdVM68uPVLFeJ2qTTO9%2FIaS4Xvv1AbpTGiksX3fDeO3xKTMf7H0qXr9JUqLTnyHcXlBDSrhjLJfn5krsp2bXCrV0obFpkq9feXbmUZFY6p0w6BlUTQp4cgKsJef7B7uwJv%2FzVF1B2DFtUSIoDclJQZh8824LL5v6dWYDVcw3LPJRFNbINNv%2BpFYGWc0xZBfcfzObztruNnn0VNL%2BFNKnQtxX6ugLVQ7hiYZRn9uD8r81ZgWlvxLT1dpi2%2Bs6zcJ06qjV90WYylm0mwyiMJRcsipjPY86aotPhyN2Ed%2F%2F66R8AAAD%2F%2FwEAAP%2F%2FMxY5So0EAAA%3D HTTP/1.1
Host: incomprehensibleacrid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Cookie: u_pl=17378621; uid_id2=8940154c-9597-451e-941b-d6b7324a580a:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca7ba25348d1f33c5c0bd97ebba53b92c=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 02 Oct 2022 20:33:56 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6d9dd33acbf18945cb6a2b7d06173083
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| incomprehensibleacrid.com/pixel/sbs?c=1 | 192.243.59.13 | 200 OK | 0 B |
URL HTTP/1.1incomprehensibleacrid.com/pixel/sbs?c=1 IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pixel/sbs?c=1 HTTP/1.1
Host: incomprehensibleacrid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Cookie: u_pl=17378621; uid_id2=8940154c-9597-451e-941b-d6b7324a580a:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca7ba25348d1f33c5c0bd97ebba53b92c=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 02 Oct 2022 20:33:56 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg | 34.120.237.76 | 200 OK | 6.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash9dddb9d84a16a3004821d89836b83dc3 087521979efd5936416fd7f030779fa5725f0a8f a6251ac43958031d765b5743d43e14bc04b1e465bed81f757c3609ee6f2bea66
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6871
x-amzn-requestid: e1fdb2ee-c0e7-4a0c-ae26-d968aef00503
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEIOGp2IAMFxSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ce-24b26a8048ffd84071a2ad57;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:30 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -svKnYBuiMSdWObzJyNah9TDIi6IuPP6VMzEJWmn0zxoZbFmwpzkJw==
via: 1.1 c07670802688417c8b871124c547eb0a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:33 GMT
age: 81928
etag: "087521979efd5936416fd7f030779fa5725f0a8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| gum.criteo.com/sync?c=147&r=2&j=criteoCallback | 178.250.2.146 | 200 OK | 0 B |
URL HTTP/2gum.criteo.com/sync?c=147&r=2&j=criteoCallback IP178.250.2.146:0
GET /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.theburningofrome.com/
Origin: https://www.theburningofrome.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:33:53 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://www.theburningofrome.com
server-processing-duration-in-ticks: 486708
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| ads.themoneytizer.com/s/requestform.js?siteId=93526&formatId=6 | 185.76.9.16 | 200 OK | 0 B |
URL HTTP/2ads.themoneytizer.com/s/requestform.js?siteId=93526&formatId=6 IP185.76.9.16:0 ASN#60068 Datacamp Limited
GET /s/requestform.js?siteId=93526&formatId=6 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:33:52 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-accel-expires: @1664775470
server: CDN77-Turbo
x-77-nzt: AblMCQ3ecpn/AtIAAA
x-77-nzt-ray: 9aMLhZOCEJY
x-cache: HIT
x-age: 53762
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| cmp.quantcast.com/tcfv2/google-atp-list.json | 13.227.219.121 | 200 OK | 0 B |
URL HTTP/2cmp.quantcast.com/tcfv2/google-atp-list.json IP13.227.219.121:0
GET /tcfv2/google-atp-list.json HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.theburningofrome.com
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Sun, 02 Oct 2022 03:00:29 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Sun, 02 Oct 2022 03:00:26 GMT
etag: W/"62506e65c6a8201a32eb8553540dd4f4"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 3af85c3075e12aff72b9e148b99d6622.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: m3SifXStLhvMXlKodX-jC0z1-xYPL_QkKCxL19twgqSX0ZmNwnO5XA==
age: 63206
X-Firefox-Spdy: h2
|
|
| ads.themoneytizer.com/s/requestform.js?siteId=93526&formatId=1 | 185.76.9.16 | 200 OK | 0 B |
URL HTTP/2ads.themoneytizer.com/s/requestform.js?siteId=93526&formatId=1 IP185.76.9.16:0 ASN#60068 Datacamp Limited
GET /s/requestform.js?siteId=93526&formatId=1 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:33:52 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-accel-expires: @1664775470
server: CDN77-Turbo
x-77-nzt: AblMCQ2VXyf/AtIAAA
x-77-nzt-ray: n8rD79ETMrI
x-cache: HIT
x-age: 53762
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ads.themoneytizer.com/IIQUniversalID.js | 185.76.9.16 | 200 OK | 0 B |
URL HTTP/2ads.themoneytizer.com/IIQUniversalID.js IP185.76.9.16:0 ASN#60068 Datacamp Limited
GET /IIQUniversalID.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:33:52 GMT
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 13:48:15 GMT
etag: W/"63232d1f-c287"
pragma: public
x-accel-expires: @1665547430
server: CDN77-Turbo
x-77-nzt: AblMCQ14SIj/CosDAA
x-77-nzt-ray: v/0Yf6uKyL4
x-cache: HIT
x-age: 232202
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js | 13.227.219.121 | 200 OK | 0 B |
URL HTTP/2quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js IP13.227.219.121:0
GET /choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js HTTP/1.1
Host: quantcast.mgr.consensu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Jun 2022 13:53:56 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
content-encoding: br
date: Sun, 02 Oct 2022 20:33:27 GMT
cache-control: max-age=900
etag: W/"c53bd785b1ee57b613221019d7d72626"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 3af85c3075e12aff72b9e148b99d6622.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: _yNdem8NtaO9RqZFKHg46k7JmEzXiKaU0WdkTV6aYKB_Xm32h0vudA==
age: 27
X-Firefox-Spdy: h2
|
|
| www.theburningofrome.com/helpful-tips/do-you-put-all-music-grades-on-ucas/ | 172.67.197.134 | 200 OK | 0 B |
URL HTTP/2www.theburningofrome.com/helpful-tips/do-you-put-all-music-grades-on-ucas/ IP172.67.197.134:0
GET /helpful-tips/do-you-put-all-music-grades-on-ucas/ HTTP/1.1
Host: www.theburningofrome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:33:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Cookie
cache-control: max-age=3, must-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KBXidrqMEVsoCc3mUtWVkcLoC6taZ521%2BeyzBzExZbSNjhriXx8%2BpYTJGzfOBP2ZkX6J2Iinu7jpJPCZXG07eT%2FmS2Jgv4IliQJo0bB1VgrToCsiFVy63lgHP7ilyzDgJb4ktgzqcW5%2BC%2FQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7540372d6adeb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ads.themoneytizer.com/s/gen.js?type=28 | 185.76.9.16 | 200 OK | 0 B |
URL HTTP/2ads.themoneytizer.com/s/gen.js?type=28 IP185.76.9.16:0 ASN#60068 Datacamp Limited
GET /s/gen.js?type=28 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:33:52 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-accel-expires: @1664769842
server: CDN77-Turbo
x-77-nzt: AblMCQ1us/X//ucAAA
x-77-nzt-ray: qwviWcv2F/w
x-cache: HIT
x-age: 59390
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| gum.criteo.com/sync?c=147&r=2&j=criteoCallback | 178.250.2.146 | 200 OK | 0 B |
URL HTTP/2gum.criteo.com/sync?c=147&r=2&j=criteoCallback IP178.250.2.146:0
GET /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:33:53 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 524409
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| ads.themoneytizer.com/s/requestform.js?siteId=93526&formatId=2 | 185.76.9.16 | 200 OK | 0 B |
URL HTTP/2ads.themoneytizer.com/s/requestform.js?siteId=93526&formatId=2 IP185.76.9.16:0 ASN#60068 Datacamp Limited
GET /s/requestform.js?siteId=93526&formatId=2 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:33:52 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-accel-expires: @1664775470
server: CDN77-Turbo
x-77-nzt: AblMCQ3V1Mr/AtIAAA
x-77-nzt-ray: 3QLdkGLNWJo
x-cache: HIT
x-age: 53762
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ads.themoneytizer.com/s/gen.js?type=2 | 185.76.9.16 | 200 OK | 0 B |
URL HTTP/2ads.themoneytizer.com/s/gen.js?type=2 IP185.76.9.16:0 ASN#60068 Datacamp Limited
GET /s/gen.js?type=2 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:33:52 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-accel-expires: @1664769839
server: CDN77-Turbo
x-77-nzt: AblMCQ0ygOb/AegAAA
x-77-nzt-ray: o/JG5nJHpo4
x-cache: HIT
x-age: 59393
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/jquery.min.js | 172.64.201.2 | 200 OK | 0 B |
URL HTTP/2cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/jquery.min.js IP172.64.201.2:0
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/jquery.min.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:33:56 GMT
content-type: application/javascript
last-modified: Fri, 21 May 2021 10:10:50 GMT
etag: W/"60a7872a-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5221770
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oWEGqdVehriIA9f6ICQjd%2FR%2F7Skk7i01lfJHvcyEJ9dq8wDvn33Lv2Z8KupBk3%2B9Tu97cZCLFPrgOqGz6AeLsvW0En7Y5%2Fbl6BAd7V8KXtpTOAx7PniywDa184lSbMvl%2Fbg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7540374619460635-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/animate.css | 172.64.201.2 | 200 OK | 0 B |
URL HTTP/2cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/animate.css IP172.64.201.2:0
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.theburningofrome.com
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:33:56 GMT
content-type: text/css
last-modified: Fri, 21 May 2021 10:10:46 GMT
etag: W/"60a78726-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VC8EDvatqF4V70W6m0ILG9iVlWBdOemk3aiL%2F2rDUWAqpUWbtz3Kf33dpCgBqMv99FIaGZY%2BQ7ElkGBJBmZtofjV8sWNTZCOOwEHMxvu6TO5ITKDlzufY4xSXcPZ4n7vtmU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75403745f9100635-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ads.themoneytizer.com/s/gen.js?type=31 | 185.76.9.16 | 200 OK | 0 B |
URL HTTP/2ads.themoneytizer.com/s/gen.js?type=31 IP185.76.9.16:0 ASN#60068 Datacamp Limited
GET /s/gen.js?type=31 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:33:53 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-accel-expires: @1664769847
server: CDN77-Turbo
x-77-nzt: AblMCQ38g3n/+ucAAA
x-77-nzt-ray: y/iokBL2iJk
x-cache: HIT
x-age: 59386
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ads.themoneytizer.com/s/requestform.js?siteId=93526&formatId=31 | 185.76.9.16 | 200 OK | 0 B |
URL HTTP/2ads.themoneytizer.com/s/requestform.js?siteId=93526&formatId=31 IP185.76.9.16:0 ASN#60068 Datacamp Limited
GET /s/requestform.js?siteId=93526&formatId=31 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 20:33:53 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=86400
x-accel-expires: @1664775471
server: CDN77-Turbo
x-77-nzt: AblMCQ1Bq1X/AtIAAA
x-77-nzt-ray: ODHYM6x1iL0
x-cache: HIT
x-age: 53762
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Oswald%3A400%2C500&subset=latin%2Clatin-ext | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Oswald%3A400%2C500&subset=latin%2Clatin-ext IP142.250.74.10:0
GET /css?family=Oswald%3A400%2C500&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 02 Oct 2022 20:33:52 GMT
date: Sun, 02 Oct 2022 20:33:52 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js | 52.222.139.13 | 200 OK | 0 B |
URL HTTP/2rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js IP52.222.139.13:0
GET /rules-p-6Fv0cGNfc_bw8.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Sat, 27 Aug 2022 14:06:59 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
date: Sun, 02 Oct 2022 19:55:52 GMT
cache-control: max-age=3600
etag: W/"552289573698eb75389ce036af4dd98e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 abc3ecd1d98ae9cd426d47386509de18.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: W_1Y2PAhaeR36LS3xDFgtcijvoqbOxCRgV5No1hdiQ7El2edBAK2aQ==
age: 2283
X-Firefox-Spdy: h2
|
|
| cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json | 13.227.219.121 | 200 OK | 0 B |
URL HTTP/2cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json IP13.227.219.121:0
GET /GVL-v2/vendor-list-trimmed-v1.json HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.theburningofrome.com
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Sun, 02 Oct 2022 03:00:36 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Sun, 02 Oct 2022 03:00:33 GMT
etag: W/"713348369662589da640d1e1195993b4"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 3af85c3075e12aff72b9e148b99d6622.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: fQ2PLvR8EtdpsXWNCt4DACkobU3iyjQLR41U2kRsyxS30yu8T0mOSg==
age: 63199
X-Firefox-Spdy: h2
|
|
| cmp.quantcast.com/tcfv2/42/cmp2ui-en.js | 13.227.219.121 | 200 OK | 0 B |
URL HTTP/2cmp.quantcast.com/tcfv2/42/cmp2ui-en.js IP13.227.219.121:0
GET /tcfv2/42/cmp2ui-en.js HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
access-control-max-age: 86400
last-modified: Tue, 05 Jul 2022 18:40:26 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
cache-control: max-age=172800
date: Sun, 02 Oct 2022 16:51:34 GMT
etag: W/"24932b3e61742029985961c24d35dbb7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 3af85c3075e12aff72b9e148b99d6622.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: tEjC-sKEVoeu9NnMe_iubgMKhZKPif5rKoIWddr5pgBCP6353Jrqvw==
age: 13341
X-Firefox-Spdy: h2
|
|
| test.cmp.quantcast.com/GVL-v2/cmp-list.json | 143.204.55.116 | 200 OK | 0 B |
URL HTTP/2test.cmp.quantcast.com/GVL-v2/cmp-list.json IP143.204.55.116:0
GET /GVL-v2/cmp-list.json HTTP/1.1
Host: test.cmp.quantcast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.theburningofrome.com
Connection: keep-alive
Referer: https://www.theburningofrome.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 86400
cache-control: max-age=172800
date: Sun, 02 Oct 2022 03:00:36 GMT
last-modified: Sat, 01 Oct 2022 19:52:29 GMT
etag: W/"0f68ab46c6b39b51f198c61b68273ad3"
x-amz-server-side-encryption: AES256
x-amz-version-id: 0num3lmuQDBnlCI8qTm_5NozfgHVSa_q
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hpKv5H5YlUbMdWFnBoertzxDNBUETSHeda0IXugMuX2mYnSpxq46qw==
age: 63198
X-Firefox-Spdy: h2
|
|
104.21.68.175