Report - gnula.nu/drama/ver-ma-ma-2015-online/

Report Overview

Submitted URL
gnula.nu/drama/ver-ma-ma-2015-online/
IP
185.178.208.130
ASN
#57724 Ddos-guard Ltd
Submitted
2022-12-03 21:19:51
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
apis.google.com	105	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	357 B	22 kB	172.217.21.174
www.google.es	16747	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	379 B	765 B	142.250.74.67
syndication.twitter.com	833	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	1.5 kB	104.244.42.136
datatechonert.com	46154	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	478 B	476 B	37.48.68.71
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	508 B	694 B	142.250.74.67
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
murkilyergots.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	1.9 kB	142.91.159.134
st.mycdn.me	31534	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	797 B	1.2 kB	217.20.155.82
player.vimple.ru	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	469 B	973 B	172.67.134.240
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	378 B	44 kB	142.250.74.168
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	354 B	33 kB	142.250.74.106
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	44.238.202.79
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	586 B	3.8 kB	157.240.240.35
videoplayer.ru	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	383 B	15 kB	188.114.96.1
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	47 kB	34.120.237.76
s3.multipulter.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	450 B	49 kB	46.61.151.250
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.8 kB	12 kB	142.250.74.131
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.9 kB	23.36.77.32
accounts.google.com	81	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	657 B	743 B	216.58.211.13
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	9.8 kB	23.36.76.226
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	5.0 kB	93.184.220.29
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	360 B	6.8 kB	216.58.211.3
grunoaph.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	117 kB	139.45.197.238
ssl.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	396 B	5.3 kB	142.250.74.99
polldaddy.com	103561	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	9.9 kB	192.0.123.248
hangersbozal.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	363 B	1.4 kB	23.109.248.182
tzegilo.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	14 kB	104.21.84.149
gnula.nu	289721	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	37 kB	1.6 MB	185.178.208.130
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
platform.twitter.com	597	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	153 kB	93.184.220.66
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	7.1 kB	104.18.21.226
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	365 B	21 kB	216.239.34.178
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	410 B	737 B	139.45.195.8
mc.yandex.ru	2672	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	76 kB	87.250.250.119
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	400 B	2.3 kB	216.58.207.228
ok.ru	3812	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.0 kB	102 kB	217.20.147.1
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	963 B	172.64.155.188
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	589 B	703 B	64.233.165.155

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-03	medium	videoplayer.ru/ru/player/spruto/sp.js?v=3.0.0.0	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-03	medium	grunoaph.net	Sinkholed
2022-12-03	medium	datatechonert.com	Sinkholed
2022-12-03	medium	grunoaph.net	Sinkholed
2022-12-03	medium	grunoaph.net	Sinkholed

JavaScript (56)

	URL	Size	First Seen	Last Seen
	gnula.nu/drama/ver-ma-ma-2015-online/	151 B	2023-03-07	2024-02-09
Pretty URL gnula.nu/drama/ver-ma-ma-2015-online/ IP 185.178.208.130 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:25 Last Seen2024-02-09 15:01:25 Times Seen20 Hash 47cdaf916fe26bf67dcd07e68f824b48 c1222143c22a8e7828255880c645b4928c39c0e3 0dfa5dc4c89844ab1853ab335176eedddddedec916d590ab94b4aa815a27aca2 Loading...

	player.vimple.ru/content/scripts/plugin_utils.js?r=24024	624 B	2023-03-08	2023-03-11
Pretty URL player.vimple.ru/content/scripts/plugin_utils.js?r=24024 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:34:10 Last Seen2023-03-11 14:43:46 Times Seen1 Hash ebd1d87ed11041b8b1c2e21f4660ff58 b95cfd8465acbdaa9e5e2ebd1f1c5d57f1e65054 ec9b7290dc1555f4ba4f0f8a085f139a7815b9e7b83a52c81ed9d6e600ca7d2e Loading...

	platform.twitter.com/widgets/tweet_button.644279d1635fd969e87af94a98bd232b.es.html#dnt=false&id=twitter-widget-0&lang=es&original_referer=https%3A%2F%2Fgnula.nu%2Fdrama%2Fver-ma-ma-2015-online%2F&size=m&text=Ver%20ma%20ma%20(2015)%20online&time=1670102378971&type=share&url=https%3A%2F%2Fgnula.nu%2Fdrama%2Fver-ma-ma-2015-online%2F	33 kB	2023-03-08	2023-03-12
Pretty URL platform.twitter.com/widgets/tweet_button.644279d1635fd969e87af94a98bd232b.es.html#dnt=false&id=twitter-widget-0&lang=es&original_referer=https%3A%2F%2Fgnula.nu%2Fdrama%2Fver-ma-ma-2015-online%2F&size=m&text=Ver%20ma%20ma%20(2015)%20online&time=1670102378971&type=share&url=https%3A%2F%2Fgnula.nu%2Fdrama%2Fver-ma-ma-2015-online%2F IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:38 Last Seen2023-03-12 21:23:15 Times Seen1 Hash d929c79de1e56c4f70de55c27145d9da e9a277a2e8eff3dd50f50aa233be00bd2b27a72a 62e79f87fec503bf648ebc480c61b992fa563fa1c8075c0ef2eba8ec408d17e3 Loading...

	videoplayer.ru/ru/player/spruto/sp.js?v=3.0.0.0	41 kB	2023-03-08	2023-03-11
Pretty URL videoplayer.ru/ru/player/spruto/sp.js?v=3.0.0.0 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:34:10 Last Seen2023-03-11 14:43:46 Times Seen1 Hash 1b62630cf0e047d0e8941e616aeaa2be eea9df02804efc245f49d0de57389a556bbb36e7 fbc92a9daa6064553af453399847246b35825c9a1d3d427fd06c006bf0d8a304 Loading...

	ok.ru/res/js/lib/jquery-1.8.3_699b1ac6.js	94 kB	2023-03-08	2023-04-15
Pretty URL ok.ru/res/js/lib/jquery-1.8.3_699b1ac6.js IP 217.20.147.1 ASN #47764 Mail.Ru LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:33:54 Last Seen2023-04-15 17:53:38 Times Seen14 Hash 39b1c1653042624aba0350bd640f3575 fd3b361330ee0a8a6548790563e87d04e1e6a6bd 24808dda723536d3ee06e3004727738faaade2495f47a419037904b39a07fea4 Loading...

	platform.twitter.com/widgets/tweet_button.644279d1635fd969e87af94a98bd232b.es.html#dnt=false&id=twitter-widget-0&lang=es&original_referer=https%3A%2F%2Fgnula.nu%2Fdrama%2Fver-ma-ma-2015-online%2F&size=m&text=Ver%20ma%20ma%20(2015)%20online&time=1670102378971&type=share&url=https%3A%2F%2Fgnula.nu%2Fdrama%2Fver-ma-ma-2015-online%2F	942 B	2023-03-07	2023-04-05
Pretty URL platform.twitter.com/widgets/tweet_button.644279d1635fd969e87af94a98bd232b.es.html#dnt=false&id=twitter-widget-0&lang=es&original_referer=https%3A%2F%2Fgnula.nu%2Fdrama%2Fver-ma-ma-2015-online%2F&size=m&text=Ver%20ma%20ma%20(2015)%20online&time=1670102378971&type=share&url=https%3A%2F%2Fgnula.nu%2Fdrama%2Fver-ma-ma-2015-online%2F IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:24 Last Seen2023-04-05 02:00:00 Times Seen37 Hash 27c851c063a95f2d7a9b4588d9ad6fcf 11f8cb2bbe9ccfb34b014a47dab104afcc22912a f672ab487a3a4aff130b4e45b837156b8c9cf3362226a2898bdf02bb1b20f19d Loading...

	ok.ru/web-api/pts/video.player/en	5.0 kB	2023-03-07	2023-08-20
Pretty URL ok.ru/web-api/pts/video.player/en IP 217.20.147.1 ASN #47764 Mail.Ru LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:57:21 Last Seen2023-08-20 20:18:20 Times Seen57 Hash ce09dfc210f6c41ea0f00331c60cf783 48e8186fd66272010954ef423beae27adcffef57 86169be33d496ac77c5ace706441495222e845eeec2809452674a44058ca4716 Loading...

	gnula.nu/drama/ver-ma-ma-2015-online/	446 B	2023-03-08	2023-03-08
Pretty URL gnula.nu/drama/ver-ma-ma-2015-online/ IP 185.178.208.130 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:34:10 Last Seen2023-03-08 15:34:10 Times Seen1 Hash edfdb293aefc2bbc85e8fa91b8fd1ea4 6a5068ebc492f632216845cb31946d8c3fef81ba 68bdf7ac43b921e9174156d33aba36cdc491928dfe04df478e7f34657b178377 Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs	149 kB	2023-03-08	2023-03-11
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:17 Last Seen2023-03-11 23:51:27 Times Seen1 Hash 3890ab0a78427be244a5919961d77449 8a3c4fca53c2c41d818ae09c075dceddf0127280 571d15e85825e4183d95663c917a6a7911346b2915ce796cff3ffba121474a58 Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_1?le=scs	102 kB	2023-03-08	2023-03-11
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_1?le=scs IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:17 Last Seen2023-03-11 23:48:44 Times Seen1 Hash ef2165fdf4f52f8c7c8735c0b57407f7 7ebad26ec2359faabd6f1bc5e9fa4dcc118aec05 541c10b550bb3bef95c6816ccc83fbfdd9a5a34c1be39aa8ff5412c8444b978d Loading...

	tzegilo.com/stattag.js	13 kB	2023-03-08	2023-03-12
Pretty URL tzegilo.com/stattag.js IP 104.21.84.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:59 Last Seen2023-03-12 10:48:49 Times Seen1 Hash d0de06f954f7dedba242231b0ec4052d 188d75bb9077832384f889dd15584845790bc146 efae63871ebdeb69e7d64c6782924f72584f962d540b8c55237cba93c026af16 Loading...

	player.vimple.ru/content/scripts/password_plugin.min.js?r=24024	1.7 kB	2023-03-08	2023-03-11
Pretty URL player.vimple.ru/content/scripts/password_plugin.min.js?r=24024 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:34:10 Last Seen2023-03-11 14:43:46 Times Seen1 Hash 87a66d699931deff14aa83c93159c56e 6d23889c201951ccde0ecd6d4fb3e1795b720158 d4eb9bfdc2b41ae9d1fed08d99186cd828ca510eadab061cb512b32550383547 Loading...

	platform.twitter.com/widgets.js	99 kB	2023-03-08	2023-11-01
Pretty URL platform.twitter.com/widgets.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:38 Last Seen2023-11-01 12:31:04 Times Seen3 Hash 6633f9603c759c40d9b200995454f17c fc66d8b06e41ccb007fb52884aba2addfc931cbd c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12 Loading...

	gnula.nu/wp-content/plugins/akismet/_inc/form.js	700 B	2023-03-07	2024-03-26
Pretty URL gnula.nu/wp-content/plugins/akismet/_inc/form.js IP 185.178.208.130 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:26 Last Seen2024-03-26 10:59:35 Times Seen752 Hash 270f0cd7341bce6c2afacf2682e7690e e9f1f100bb9e59ed8b060040c1695cb635e7a156 0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531 Loading...

	player.vimple.ru/content/scripts/marketing_plugin.js?r=24024	15 kB	2023-03-08	2023-03-11
Pretty URL player.vimple.ru/content/scripts/marketing_plugin.js?r=24024 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:34:10 Last Seen2023-03-11 14:43:46 Times Seen1 Hash caf54c09a61320e6f8b2e4c36bb06a7b cf443b54bedb043f7e0f874708d583a8274201a3 9b803d22149682c087634552adc76fc0db455182e73866ec35953145e6b91a23 Loading...

	ok.ru/videoembed/39334316660	50 B	2023-03-07	2024-02-27
Pretty URL ok.ru/videoembed/39334316660 IP 217.20.147.1 ASN #47764 Mail.Ru LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:25 Last Seen2024-02-27 21:29:34 Times Seen90 Hash ece72248658f40c607816327de680911 297d9accc66b02c1257b1a47af2ebc3f9513f615 233d3130de0d956d233814ebce74642548f56b5e76aa496190874f66e16219eb Loading...

	ok.ru/res/js/app/capture_5f689327.js	1.6 kB	2023-03-07	2023-12-05
Pretty URL ok.ru/res/js/app/capture_5f689327.js IP 217.20.147.1 ASN #47764 Mail.Ru LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:25 Last Seen2023-12-05 02:50:38 Times Seen174 Hash aaed395496fb7a8393688d1d21f9be54 56f451376f8a6bab2f37dc1329897beb66852a52 20e6474fa7c9f1e7f0d2caec481216ed7713c459730db9a441e5fc9a7e965ed3 Loading...

	apis.google.com/js/plusone.js	55 kB	2023-03-08	2023-03-11
Pretty URL apis.google.com/js/plusone.js IP 172.217.21.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:17 Last Seen2023-03-11 23:53:02 Times Seen1 Hash a4bece00b52ca0d44160fe7a02cabddb b2ab847e582b5609e479a6d4c19577a2f664dfbd 4cc6846b69ba46bb297b9fdc8a711094d88a1a6b33f1a13297cbe154713d7c72 Loading...

	platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fgnula.nu	327 kB	2023-03-07	2023-05-03
Pretty URL platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fgnula.nu IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2023-05-03 22:50:00 Times Seen3 Hash 26599e03fbd14de8182dfc6fb71ab446 00642f9520c1d630f6474a3f910a3444d8e8d589 2af340a08ce2caffa6df9a38412f1df460199ea76e4bc1fe3957cc3ce2962518 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-20
Pretty URL www.google-analytics.com/analytics.js IP 216.239.34.178 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-20 17:36:09 Times Seen1522 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	player.vimple.ru/content/scripts/player.min.js?r=24024	16 kB	2023-03-08	2023-03-11
Pretty URL player.vimple.ru/content/scripts/player.min.js?r=24024 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:34:10 Last Seen2023-03-11 14:43:46 Times Seen1 Hash ea1abc7f21e3a1c5066a7b4e48e1ea39 4a31ea8013db0034a332bebf6dc916747de48c49 8a612a3cac44de277b52f3a401e201f0d4eb6e4d79cfc4570eab7154bfcda914 Loading...

	st.mycdn.me/static/MegaPlayer/10-11-67/okVideoPlayerUtils.min.js	7.6 kB	2023-03-07	2023-05-14
Pretty URL st.mycdn.me/static/MegaPlayer/10-11-67/okVideoPlayerUtils.min.js IP 217.20.155.82 ASN #47764 Mail.Ru LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:25 Last Seen2023-05-14 23:29:43 Times Seen17 Hash 42650fe75d419c6d213026e34ae9b05c 8b5354ec7d23081c348d7361176d74b62571e655 3ba0c7bd5c703822dee4a6f7cc5da2c8426c85b4ba386571d21fbac0a7118d69 Loading...

	gnula.nu/drama/ver-ma-ma-2015-online/	59 kB	2023-03-08	2023-03-14
Pretty URL gnula.nu/drama/ver-ma-ma-2015-online/ IP 185.178.208.130 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:34:10 Last Seen2023-03-14 18:45:47 Times Seen1 Hash ac2ae1a532746f9b2c19e6c513a9e35c b8bccb90d6ddff6fb1df50db82e6ebbb7d8bbbaf 321aa7256e5b65b9702be111121bfd794f0b206efa416516c6a111931023d83d Loading...

	polldaddy.com/js/rating/rating.js	16 kB	2023-03-08	2023-11-05
Pretty URL polldaddy.com/js/rating/rating.js IP 192.0.123.248 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:51:07 Last Seen2023-11-05 17:50:00 Times Seen11 Hash 79d8b67643e46d70c37df27fd504e804 c8794fbd05bbec0b8729d751ddb7cc3c5f557bd4 e0808e40b97ef765f6cb946aaf1b816cec41aa339c1b841e64aa32413276383d Loading...

	gnula.nu/wp-includes/js/wp-embed.min.js	1.4 kB	2023-03-07	2024-04-22
Pretty URL gnula.nu/wp-includes/js/wp-embed.min.js IP 185.178.208.130 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:18 Last Seen2024-04-22 22:46:20 Times Seen6871 Hash 905225d5711b559d3092387d5ffbedbd 6f6c39075263bafb9e8c10f1b34a1a0f7ee03c9d 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991 Loading...

	ok.ru/videoembed/39334316660	714 B	2023-03-08	2023-03-08
Pretty URL ok.ru/videoembed/39334316660 IP 217.20.147.1 ASN #47764 Mail.Ru LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:34:10 Last Seen2023-03-08 15:34:10 Times Seen1 Hash 8d64b2f950e637f178b804cfce0bf319 08401f76bdf7cf49990451f4733dc115d624678c 7f1b3e54c485e4924cc3ab1b17d0eb078939c04381cc732175e409b875d93b19 Loading...

	ok.ru/videoembed/39334316660	398 B	2023-03-07	2023-03-11
Pretty URL ok.ru/videoembed/39334316660 IP 217.20.147.1 ASN #47764 Mail.Ru LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:25 Last Seen2023-03-11 19:17:06 Times Seen1 Hash 9f6f2359a55b108f5ddde57ee036648b 3d468b158fd1ea5dc291463be03063558d1f43f8 80735a39bb8998f8f52cd634954a4e4a226e50137d66ad4e8fa256f2376eb0da Loading...

	ok.ru/res/js/app/VideoEmbed_bc0da08a.js	888 B	2023-03-07	2024-02-27
Pretty URL ok.ru/res/js/app/VideoEmbed_bc0da08a.js IP 217.20.147.1 ASN #47764 Mail.Ru LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:25 Last Seen2024-02-27 21:29:35 Times Seen200 Hash 956818422a5b489c9dc53b4b8a70d40a 78d2d53d011d23c8c96474f5905bf23b7813a4aa 7bd98f7a6f655b3ed24d60c603470bcdd167df6f54057099a0cdd70f4b079084 Loading...

	ok.ru/res/js/app/OKVideo_9a36c231.js	16 kB	2023-03-08	2023-03-11
Pretty URL ok.ru/res/js/app/OKVideo_9a36c231.js IP 217.20.147.1 ASN #47764 Mail.Ru LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:14:00 Last Seen2023-03-11 19:17:06 Times Seen1 Hash 4a1985be6993337aa2d61676f8a3897c b6f1f6d0ce069cdab7995baff94a017c7f2f057b 71ee1abcfc1f3ba3e21d1d6cb831137dd3ba07125e3dce2e82e695bdcd34ddb6 Loading...

	gnula.nu/drama/ver-ma-ma-2015-online/	59 B	2023-03-07	2024-02-09
Pretty URL gnula.nu/drama/ver-ma-ma-2015-online/ IP 185.178.208.130 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:25 Last Seen2024-02-09 15:01:25 Times Seen20 Hash ba6ee180dfd17b5018c0188f9ee7a640 84cba6c561cb05365fa98bc21a6eb5c833ddd40b 2b618ca9b5724fa731ea5cbe2475fdbe76963bee4861a01667f8db1ec420880b Loading...

	www.googletagmanager.com/gtag/js?id=UA-144276616-1	112 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=UA-144276616-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:34:10 Last Seen2023-03-08 15:34:10 Times Seen1 Hash 13cbf372ff518a8eae6dc0d398ac3c97 4c3107e7596fc22b0a39269c71063d7ed051a57e aea5ad7a4c31082f3429278a34bb19ebd6a444b93bdbe38a7b5928c341091dc5 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.6/jquery.min.js	92 kB	2023-03-07	2024-04-19
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.6/jquery.min.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:02 Last Seen2024-04-19 12:05:53 Times Seen1798 Hash 219073097031d9c1a95a1291d66f3a10 2b7996b01d90b7f424f2a2e6063947461db4b2b2 232066e3f6f1351afdaee1acb70c409766641fd5669e0b55ce7c77fac0a857ef Loading...

	player.vimple.ru/iframe/363cc38e06f24521857a01866db11951	3.0 kB	2023-03-08	2023-03-08
Pretty URL player.vimple.ru/iframe/363cc38e06f24521857a01866db11951 IP 172.67.134.240 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:34:10 Last Seen2023-03-08 15:34:10 Times Seen1 Hash 45e7345af0164cf551383b74b48f9461 1a340d0c60d66c14cb97fb3a67d615dbaee796c8 4c846a4106a5e442dd235166902160a3b700c6546ad1ffa31b1edf37bab81ea6 Loading...

	gnula.nu/wp-content/themes/charcoal2/scroller.js	1.0 kB	2023-03-07	2024-02-09
Pretty URL gnula.nu/wp-content/themes/charcoal2/scroller.js IP 185.178.208.130 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:25 Last Seen2024-02-09 15:01:25 Times Seen57 Hash 48768b563521714149bb8aa6dc5d7028 eb75f1d35fe6feb81ea481139b77a5016a8898c6 6e3ac5e6c454788ce07e2241b24201fb5aab54fb8b0438af421848691270ae79 Loading...

	gnula.nu/drama/ver-ma-ma-2015-online/	465 B	2023-03-08	2023-03-14
Pretty URL gnula.nu/drama/ver-ma-ma-2015-online/ IP 185.178.208.130 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:34:10 Last Seen2023-03-14 18:45:47 Times Seen1 Hash beba7fd633815615f047637126ca7c70 0df5bdaee4cc68d1ceab5344a651e1cacf007998 c12c725f97d37bdb4938d70e2ffbba58bc5d619cdf9a436f27a67abb767d059a Loading...

	grunoaph.net/tag.min.js	74 kB	2023-03-08	2023-03-08
Pretty URL grunoaph.net/tag.min.js IP 139.45.197.238 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:42:04 Last Seen2023-03-08 23:30:48 Times Seen1 Hash 2921285bc62dca512b598b9b31581ec8 962ff02da1697efa86f8085a0bb4fbfe9380946c 989d8da33b8ae904a91ad4694d4d82f2afa2c048d1ea19fd7881c6157e90d124 Loading...

	apis.google.com/js/rpc:shindig_random.js?onload=init	18 kB	2023-03-08	2023-03-11
Pretty URL apis.google.com/js/rpc:shindig_random.js?onload=init IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:17 Last Seen2023-03-11 23:53:01 Times Seen1 Hash eaebeab1028b769231bfc3b2577d93d7 85e286818762ea0f2f69b921bc18b04728391093 55f3b09cbbfd0eb0b51f61f77f4f00fd49f2733726efef6113a03930e1d38109 Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs	55 kB	2023-03-08	2023-03-11
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:17 Last Seen2023-03-11 23:53:02 Times Seen1 Hash c61ae987c0905d150f80bc6f3e7cc135 826a5f9142e58947410baa5df9b0126f0226ab97 32995e284ad49c05984d6dc2f96674229e731c01d030a38ba96e42c39a8082ae Loading...

	mc.yandex.ru/metrika/tag.js	214 kB	2023-03-08	2023-03-08
Pretty URL mc.yandex.ru/metrika/tag.js IP 87.250.250.119 ASN #13238 YANDEX LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:01 Last Seen2023-03-08 22:01:58 Times Seen1 Hash eda4baf452d85884b87524d2c66c297e 4e34fb127e3e0d3609bfa391d0ad433b87733b37 e666aaab10402f693758245fccb280db4b2b2fb968e77d6b9a2e078bf693e1cc Loading...

	s3.multipulter.com/modules/ad/frame.js	214 kB	2023-03-08	2023-03-11
Pretty URL s3.multipulter.com/modules/ad/frame.js IP 46.61.151.250 ASN #12389 Rostelecom Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:34:10 Last Seen2023-03-11 14:43:46 Times Seen1 Hash 4775088237003b52f365aed0a4ced548 7ecd08d8904527e9cfd8a1e54037f85a7ec50c69 7475600ed0e628a9e04335dadc669784f37080ef9e81d5ccf8fafba4deb74299 Loading...

	gnula.nu/drama/ver-ma-ma-2015-online/	337 B	2023-03-07	2024-02-09
Pretty URL gnula.nu/drama/ver-ma-ma-2015-online/ IP 185.178.208.130 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:25 Last Seen2024-02-09 15:01:25 Times Seen20 Hash 0ff4fb5933e745b0ddedd7f9ab26217b a08ae2baed23a9c42023ab46512d32c7b3ec5fc4 8f2f61a9734bd55c8a85c7d0e1dd3b390f1dffc36d3f3b41ed141ffd9e852660 Loading...

	ok.ru/videoembed/39334316660	1.7 kB	2023-03-07	2024-02-27
Pretty URL ok.ru/videoembed/39334316660 IP 217.20.147.1 ASN #47764 Mail.Ru LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:25 Last Seen2024-02-27 21:29:34 Times Seen96 Hash 6be8989ff1ccf1a15f0af7a9314322e9 c36516bcc6a09b29ea48028d605db13e2275c959 cd11f4890dba17a6ca80f87f41f1403c318ce71df3e2745ceba5ebff42b5687a Loading...

	ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js	10 kB	2023-03-07	2023-03-17
Pretty URL ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js IP 142.250.74.99 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2023-03-17 17:17:05 Times Seen1 Hash 69c93809ee794c3e963df5e9aa5fe99d 53e4fac1a579d5cb826100d4dbe9e890385649ec 0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275 Loading...

	platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js	7.0 kB	2023-03-08	2023-03-17
Pretty URL platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:27:43 Last Seen2023-03-17 17:17:05 Times Seen1 Hash 7bb2d17ac20be3bd6ec1079356afecd9 c7fd48aa9c348760ef3351233c3962d04d5f12b7 236dca679b9983d1fbea0415d584b17d80f1c6942506fc508a5384db924e8795 Loading...

	ok.ru/res/js/b/primary_438edfa.js	91 kB	2023-03-08	2023-03-11
Pretty URL ok.ru/res/js/b/primary_438edfa.js IP 217.20.147.1 ASN #47764 Mail.Ru LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:33:54 Last Seen2023-03-11 19:17:07 Times Seen1 Hash ef53a4187818c7d671a0afcde454e289 baeb63037f45e24a43f42b10a8a5110c7b2cd309 00c6e8c79b896e0420a6bac9f6d27b4a0162bb67c855d7e5b4e28411657a2462 Loading...

	gnula.nu/drama/ver-ma-ma-2015-online/	7.0 kB	2023-03-07	2023-04-02
Pretty URL gnula.nu/drama/ver-ma-ma-2015-online/ IP 185.178.208.130 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:25 Last Seen2023-04-02 21:23:55 Times Seen2 Hash aac02890127761ff7d8f7db0c0cd3a50 ebe13bb5100b40535315f029730f9e8f46848a39 b77ce55d9b663a199753df2cff24ebcc55b2707e1ce7fbcecddfbf992b067297 Loading...

	www.google.es/cse/brand?form=cse-search-box&lang=es	14 kB	2023-03-07	2024-04-19
Pretty URL www.google.es/cse/brand?form=cse-search-box&lang=es IP 142.250.74.67 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:13 Last Seen2024-04-19 09:15:13 Times Seen3663 Hash 5fd232d76f845e55064ad5069abfc141 afaa74984a2c8eb086ff2d22e0ad2abfce7d272e 6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69 Loading...

	gnula.nu/drama/ver-ma-ma-2015-online/	482 B	2023-03-07	2024-02-09
Pretty URL gnula.nu/drama/ver-ma-ma-2015-online/ IP 185.178.208.130 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:25 Last Seen2024-02-09 15:01:25 Times Seen20 Hash 9cd7108d4b7c5baf20547b9c49094a89 9a07344d5bd957cd45c06fc8406ac70b300807ef fb3e2f42224227d0a04108a5bcf38ebc2af6788611b7fbe82e12651aeca04464 Loading...

	ok.ru/videoembed/39334316660	63 kB	2023-03-08	2023-03-08
Pretty URL ok.ru/videoembed/39334316660 IP 217.20.147.1 ASN #47764 Mail.Ru LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:33:54 Last Seen2023-03-08 15:34:10 Times Seen1 Hash 8743a812fc77545d0b5d805ed8ff8efe a4a1767066be83d8b34a8d7503544ba7a98f0a4e a0912e97e0ea70325d6d435145c53e309a19373e7dffb064f5fe84b4e5b0eb45 Loading...

	s3.multipulter.com/modules/advarksprutoplugin.js	262 kB	2023-03-08	2023-03-09
Pretty URL s3.multipulter.com/modules/advarksprutoplugin.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:34:10 Last Seen2023-03-09 22:41:05 Times Seen1 Hash 046e02e7b8657d73dbc13cf5700da75f 78b360ebd83668cdf36af72f1e7f9267bb7e536b eecb5d34fd6aecf9ff18bfd5b16e7aafae1df940273bc60bb0aa8d75fac83930 Loading...

	ok.ru/res/js/classic_a2b793c6.js	44 kB	2023-03-08	2023-03-11
Pretty URL ok.ru/res/js/classic_a2b793c6.js IP 217.20.147.1 ASN #47764 Mail.Ru LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:33:54 Last Seen2023-03-11 19:17:06 Times Seen1 Hash 6b50b02ed2c239f6112c1cf4ef052748 94e5c494615d728449588bc8118191b84c265f61 98ee073f414c42dbeb80d9f563183f2410bf422ce98f23d8e18e3f6c2f1dc35e Loading...

	polldaddy.com/ratings/rate.php?cmd=get&id=6422202&uid=wp-post-157200&item_id=_post_157200	1.8 kB	2023-03-08	2023-03-08
Pretty URL polldaddy.com/ratings/rate.php?cmd=get&id=6422202&uid=wp-post-157200&item_id=_post_157200 IP 192.0.123.248 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:34:10 Last Seen2023-03-08 15:34:10 Times Seen1 Hash 74e61e422ddd2fae7dc84889ea7dfc59 e2ebd7a886915a4f12d519b68c10627a162c2eb2 ad40645883d8108b9e1641c8fe7b4f909df9a7ee2260941052ecb712ebbf717e Loading...

	player.vimple.ru/content/scripts/loader.js?r=24024	18 kB	2023-03-08	2023-03-11
Pretty URL player.vimple.ru/content/scripts/loader.js?r=24024 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:34:10 Last Seen2023-03-11 14:43:46 Times Seen1 Hash 8553ffa3d8638c7d4611f5634b659aa4 ebdcca5c3c380be6d7f40490d8a8e7e7f501dca4 eddcb50db9b7d06f5abb282ec58e62642f4b53893a369fa36b833ff38bfcf6bf Loading...

	ok.ru/res/js/lib/noext_2f9c7b37.js	551 B	2023-03-07	2024-04-18
Pretty URL ok.ru/res/js/lib/noext_2f9c7b37.js IP 217.20.147.1 ASN #47764 Mail.Ru LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:57:21 Last Seen2024-04-18 23:02:13 Times Seen141 Hash 49e131534b7bc45107a6a1f313522bf5 8a4ac5d7eae94949dbb47e0632ecc20e418f4518 c5a7c2b450ec11b8d4e5ec56c14aac3d96b1766c76ed8453437d5228395657dd Loading...

		Size	First Seen	Last Seen
	#1 Eval - 2d690e29efd384b093e1e8e40cc9e24c	143 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:34:10 Last Seen2023-03-08 15:34:10 Times Seen1 Hash 2d690e29efd384b093e1e8e40cc9e24c 5f3188cc559da5ac8b520c0dd8186a39a9b8eb67 366c52323eefba1304519c6027e6da1dc5dab80d3104de4f93f706d8604cd3a4 Loading...

	#2 Eval - bf6445c935cfccaed3d8e6905f5baeb7	1.7 kB	2023-03-07	2024-02-09
Pretty Observations First Seen2023-03-07 12:21:25 Last Seen2024-02-09 15:01:25 Times Seen33 Hash bf6445c935cfccaed3d8e6905f5baeb7 9ed2c11ee31364a01f57ce47d0af563857e49d00 a752d0ea0fa42e7c609c31cdf7b5bfbc9a9eed0ba5c3e6d052caef932d7a9fdf Loading...

HTTP Transactions (188)

URL IP Response Size

gnula.nu/drama/ver-ma-ma-2015-online/

185.178.208.130

301 Moved Permanently

568 B

URL HTTP/1.1
gnula.nu/drama/ver-ma-ma-2015-online/
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (564), with no line terminators
Size
568 B (568 bytes)
Hash
2761b98db33884ab29711096ab315edb
8cea6e53464aea178b72e06a906205d040f14ca5
9f7a07f69d9b9a5af186a79159ccea18935ab4103128ca967e3f3f8ae45fb3ee

HTTP Headers

GET /drama/ver-ma-ma-2015-online/ HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: ddos-guard
Date: Sat, 03 Dec 2022 21:19:38 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://gnula.nu/drama/ver-ma-ma-2015-online/
Content-Type: text/html; charset=utf8
Content-Length: 568

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2206
Expires: Sat, 03 Dec 2022 21:56:25 GMT
Date: Sat, 03 Dec 2022 21:19:39 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3452
Cache-Control: max-age=137345
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 21:19:39 GMT
Etag: "638b2570-1d7"
Expires: Mon, 05 Dec 2022 11:28:44 GMT
Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3371
Expires: Sat, 03 Dec 2022 22:15:50 GMT
Date: Sat, 03 Dec 2022 21:19:39 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 21:18:17 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 82
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: meg+Zug0iEcGvmXj+ByL7V31I1BN8MlGapLmWRbVhCGoSeAtHIzKvmwzzM5tgVWv2c/UMOx+Jes=
x-amz-request-id: HVED37K0MQDFFXQ3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 20:47:16 GMT
age: 1943
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dc73fa8fc37dc7bc795bbd44571b82b5
1497d73a23bdca4073f9149e18fdc3c04b82e9c4
67e5ecd86c5416b82a56f9ae467d283ca4a6d1599e9dca41a503e08adc0128dd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "67E5ECD86C5416B82A56F9AE467D283CA4A6D1599E9DCA41A503E08ADC0128DD"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1278
Expires: Sat, 03 Dec 2022 21:40:57 GMT
Date: Sat, 03 Dec 2022 21:19:39 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 21:19:39 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 21:08:58 GMT
cache-control: public,max-age=3600
age: 641
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

gnula.nu/drama/ver-ma-ma-2015-online/

185.178.208.130

200 OK

34 kB

URL HTTP/2
gnula.nu/drama/ver-ma-ma-2015-online/
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (49421)
Size
34 kB (34465 bytes)
Hash
acdb46cd97de2eb3ef9a6fad1feb5b7e
bcbf4393dafd0c074f2a8dc692b6eb897209045a
e2c190a38041bf761edd58405d6d24521f92cd1a9103eca510c0e3aa2b0cc7b9

HTTP Headers

GET /drama/ver-ma-ma-2015-online/ HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 03-Dec-2023 21:19:39 GMT
date: Sat, 03 Dec 2022 21:19:39 GMT
content-type: text/html; charset=UTF-8
content-length: 34465
link: <https://gnula.nu/wp-json/>; rel="https://api.w.org/", <https://gnula.nu/wp-json/wp/v2/posts/157200>; rel="alternate"; type="application/json", <https://gnula.nu/?p=157200>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3450
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 21:19:39 GMT
Last-Modified: Sat, 03 Dec 2022 20:22:09 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

gnula.nu/wp-includes/css/dist/block-library/style.min.css

185.178.208.130

200 OK

8.9 kB

URL HTTP/2
gnula.nu/wp-includes/css/dist/block-library/style.min.css
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
Unicode text, UTF-8 text, with very long lines (29677)
Size
8.9 kB (8930 bytes)
Hash
c787c06ec6de64a26274c2335677bf93
61d65d871722227622a19026f4c546ec1819df14
3689099f7cfc2d806fe0660c9c031d1bffbd642b9c7c3f278192055c901dbdab

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/drama/ver-ma-ma-2015-online/
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 30 Nov 2022 15:00:28 GMT
content-type: text/css
last-modified: Wed, 14 Jul 2021 22:04:26 GMT
cache-control: max-age=604800
content-encoding: gzip
content-length: 8930
ddg-cache-status: HIT,HIT
etag: W/"60ef5f6a-e33b"
expires: Fri, 02 Dec 2022 17:49:03 GMT
age: 281951
X-Firefox-Spdy: h2

gnula.nu/wp-content/themes/charcoal2/style.css

185.178.208.130

200 OK

6.2 kB

URL HTTP/2
gnula.nu/wp-content/themes/charcoal2/style.css
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
Unicode text, UTF-8 text, with very long lines (1067)
Size
6.2 kB (6165 bytes)
Hash
523060523e8538a5ce44511e3f6857f0
dfd9a769e7f8cbc18799af4180ce662570e5b51f
4295c27a0291af314f33273ae7a76d13b3556bb29e50d49cd7925169223fb8ba

HTTP Headers

GET /wp-content/themes/charcoal2/style.css HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/drama/ver-ma-ma-2015-online/
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 30 Nov 2022 15:13:06 GMT
content-type: text/css
last-modified: Sun, 21 Feb 2021 22:32:04 GMT
cache-control: max-age=604800
content-encoding: gzip
content-length: 6165
ddg-cache-status: HIT,HIT
etag: W/"6032df64-9af4"
expires: Fri, 02 Dec 2022 18:01:50 GMT
age: 281193
X-Firefox-Spdy: h2

gnula.nu/wp-content/plugins/akismet/_inc/form.js

185.178.208.130

200 OK

318 B

URL HTTP/2
gnula.nu/wp-content/plugins/akismet/_inc/form.js
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text
Size
318 B (318 bytes)
Hash
9981fd8493ac6b5c99634815c9aef030
15e922eda1c62a37bce0aea182535530889a044e
66780daa2edc073e9067f4b12f75d41c58bea33d1455d788b72b0e1853cca132

HTTP Headers

GET /wp-content/plugins/akismet/_inc/form.js HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/drama/ver-ma-ma-2015-online/
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 28 Nov 2022 12:22:02 GMT
content-type: application/javascript
last-modified: Wed, 14 Jul 2021 20:59:01 GMT
cache-control: max-age=604800
content-encoding: gzip
ddg-cache-status: HIT,HIT
etag: "60ef5015-2bc"
expires: Mon, 28 Nov 2022 16:53:21 GMT
age: 464257
content-length: 318
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 21:19:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1cb565003a19a78fd973caebb16a92cc
2870af258aff4fe8b0062cd85a357fcf4645ede9
db52d90aa836b459545746204f9e1403aa0023f56d857cbe75d581447e2a9468

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 21:19:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
42e5aff59bc88ab53505e062eebe6e7a
03e2176eb13fd13f0f6a01dff57d9119dd947fa9
37847baecba596b3d406e337517a1deba30cc624474792a56bde91736c5598fd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 21:19:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

apis.google.com/js/plusone.js

172.217.21.174

200 OK

21 kB

URL HTTP/2
apis.google.com/js/plusone.js
IP
172.217.21.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1279)
Size
21 kB (20984 bytes)
Hash
327d33b72373a953dc7ddef0c6463b48
2fd9b26cb459ff01c3a1dd3507f1c7484cce6ce4
1f9becca80520826519f7908eff9bc2cdf551f9afc5d2a276f9d3c4a55a0e79c

HTTP Headers

GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Sat, 03 Dec 2022 21:19:39 GMT
expires: Sat, 03 Dec 2022 21:19:39 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "34fae0e5dab49917"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.es/cse/brand?form=cse-search-box&lang=es

142.250.74.67

301 Moved Permanently

237 B

URL HTTP/2
www.google.es/cse/brand?form=cse-search-box&lang=es
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
237 B (237 bytes)
Hash
bda0dec939809d66ff8388fe5c716412
d768e1edcca0d64e15c1a26978d19c8fdfbd4e4f
334f05a39cdb64bac9f876dd2a2011649d08d578f6d751460c91ca294f3304cd

HTTP Headers

GET /cse/brand?form=cse-search-box&lang=es HTTP/1.1
Host: www.google.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
location: https://www.gstatic.com/prose/brandjs.js
x-content-type-options: nosniff
server: sffe
content-length: 237
x-xss-protection: 0
date: Sat, 03 Dec 2022 21:13:26 GMT
expires: Sat, 03 Dec 2022 21:43:26 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 373
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-144276616-1

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-144276616-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (43579 bytes)
Hash
a85dfdf6ce0c266ac46d594b59d06b2d
ff07969d81e6d88f3e05b414201d69120413b9c9
fb34507a89449ad1cb0d7a66f8439ea10ff1a975dbb9507f69ad9815acc246ac

HTTP Headers

GET /gtag/js?id=UA-144276616-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Dec 2022 21:19:39 GMT
expires: Sat, 03 Dec 2022 21:19:39 GMT
cache-control: private, max-age=900
last-modified: Sat, 03 Dec 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43579
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

gnula.nu/wp-includes/js/wp-embed.min.js

185.178.208.130

200 OK

6.6 kB

URL HTTP/2
gnula.nu/wp-includes/js/wp-embed.min.js
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with very long lines (1391)
Size
6.6 kB (6622 bytes)
Hash
7c64180d1167f27e151a20f71128086a
b693690b9687eff0d34a0fec57544221aca74f46
6c339d89ff0093aa004b70253a07a655beabcbfdf5a6d754e6605a01f0b4c47b

HTTP Headers

GET /wp-includes/js/wp-embed.min.js HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/drama/ver-ma-ma-2015-online/
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 30 Nov 2022 00:23:14 GMT
content-type: application/javascript
last-modified: Mon, 15 Feb 2021 03:38:18 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: W/"6029ecaa-592"
expires: Mon, 05 Dec 2022 07:35:12 GMT
age: 334585
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/06/Super_heros_malgre_lui3.gif

185.178.208.130

200 OK

5.9 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/06/Super_heros_malgre_lui3.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 54 x 83\012- data
Size
5.9 kB (5933 bytes)
Hash
1162693ee59b6484d43e48cf5f9b757e
ed070bc6f68545eb2a8cc54af3b9e42316632961
1ed1c0ec12f12354305d7efb59b9cac424c51521a9468361e97592b22a0414fd

HTTP Headers

GET /wp-content/uploads/2022/06/Super_heros_malgre_lui3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 03 Dec 2022 16:08:48 GMT
content-type: image/gif
content-length: 5933
last-modified: Sun, 19 Jun 2022 08:21:04 GMT
etag: "62aedc70-172d"
expires: Sat, 10 Dec 2022 16:08:48 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 18651
ddg-cache-status: HIT,MISS
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/12/Troll3.gif

185.178.208.130

200 OK

6.0 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/12/Troll3.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 54 x 83\012- data
Size
6.0 kB (6006 bytes)
Hash
3e78d3bfe669ce2f11478594ce575e32
f57569ff4c99d07e516e48924ffa7f87f66afa14
ea48664e670d7c705abe8064a330a35c017525f6aaa37658581d8c5a7a7ea8ee

HTTP Headers

GET /wp-content/uploads/2022/12/Troll3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 03 Dec 2022 15:53:28 GMT
content-type: image/gif
content-length: 6006
last-modified: Sat, 03 Dec 2022 15:46:26 GMT
etag: "638b6f52-1776"
expires: Sat, 10 Dec 2022 15:53:28 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 19571
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/12/Um_Natal_Cheio_de_Graca3.gif

185.178.208.130

200 OK

6.1 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/12/Um_Natal_Cheio_de_Graca3.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 54 x 83\012- data
Size
6.1 kB (6051 bytes)
Hash
4bf1b6d0f320fde907f5acf66c6c6278
50811aa07afc47fb921d48d11c5dcc6d135d2126
b865100e5c7af1ec2348d830a11eef443d2d733106eb88fffcee307cb6af9137

HTTP Headers

GET /wp-content/uploads/2022/12/Um_Natal_Cheio_de_Graca3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 03 Dec 2022 15:44:53 GMT
content-type: image/gif
content-length: 6051
last-modified: Sat, 03 Dec 2022 15:36:47 GMT
etag: "638b6d0f-17a3"
expires: Sat, 10 Dec 2022 15:44:53 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 20086
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/12/A_Christmas_Proposal3.gif

185.178.208.130

200 OK

6.0 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/12/A_Christmas_Proposal3.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 54 x 83\012- data
Size
6.0 kB (6012 bytes)
Hash
2aae52439631c45b3d7a0b0999b680d0
c7894829da138a68b9dde5bde6111e777b8e2b18
dcdf11d0604c32e3b6c83b49acb3e80de4dff8de2f40a630fe37efc9ff500338

HTTP Headers

GET /wp-content/uploads/2022/12/A_Christmas_Proposal3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 01 Dec 2022 16:14:41 GMT
content-type: image/gif
content-length: 6012
last-modified: Thu, 01 Dec 2022 16:10:53 GMT
etag: "6388d20d-177c"
expires: Thu, 08 Dec 2022 16:14:41 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 191098
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/12/Zhanym_ty_ne_poverish3.gif

185.178.208.130

200 OK

5.2 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/12/Zhanym_ty_ne_poverish3.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 54 x 83\012- data
Size
5.2 kB (5191 bytes)
Hash
e86a370875ca05aac2d13227ac1e2a0c
847efd8ef8e310193c472b4ae31dfc6b3c577878
7bd6433c080f029395b2cddea754e64347c3f39dc056facb39eb9989469aef3f

HTTP Headers

GET /wp-content/uploads/2022/12/Zhanym_ty_ne_poverish3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 03 Dec 2022 15:27:56 GMT
content-type: image/gif
content-length: 5191
last-modified: Sat, 03 Dec 2022 15:23:39 GMT
etag: "638b69fb-1447"
expires: Sat, 10 Dec 2022 15:27:56 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 21103
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/12/Action_Pack_Saves_Christmas3.gif

185.178.208.130

200 OK

5.6 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/12/Action_Pack_Saves_Christmas3.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 54 x 83\012- data
Size
5.6 kB (5579 bytes)
Hash
c05563f32b946f8aec6ca504e070db82
dc6e8bbd59840f47478d1d2b13cf2a97430b832f
3ecbd6a663afb4f76c7c0d0aace66d4d3772f9d31f997aa1104e1f3a5d7d2543

HTTP Headers

GET /wp-content/uploads/2022/12/Action_Pack_Saves_Christmas3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 01 Dec 2022 16:08:33 GMT
content-type: image/gif
content-length: 5579
last-modified: Thu, 01 Dec 2022 16:06:13 GMT
etag: "6388d0f5-15cb"
expires: Thu, 08 Dec 2022 16:08:33 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 191466
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
187be72e3a1102ab2a4e924aecb217cc
008b78c60e186e4897be19afc14e3010f3d416b6
3875154752bf6cdb2118e242143ba72294eeb3c21fb8a15397f13e68e69e82e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3875154752BF6CDB2118E242143BA72294EEB3C21FB8A15397F13E68E69E82E7"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18139
Expires: Sun, 04 Dec 2022 02:21:58 GMT
Date: Sat, 03 Dec 2022 21:19:39 GMT
Connection: keep-alive

gnula.nu/wp-content/uploads/2022/12/Huracan3.gif

185.178.208.130

200 OK

4.0 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/12/Huracan3.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 54 x 83\012- data
Size
4.0 kB (4006 bytes)
Hash
1c8f66e7ed125099172ec23e41ad775b
9e6106ace6da5fe6767535007e6812ad6abffb47
dc82e3a64c6205b44e77f14f7cf31c9caa37b6530c4c52a03252a5f7563dd0fb

HTTP Headers

GET /wp-content/uploads/2022/12/Huracan3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 01 Dec 2022 15:53:35 GMT
content-type: image/gif
content-length: 4006
last-modified: Thu, 01 Dec 2022 15:48:05 GMT
etag: "6388ccb5-fa6"
expires: Thu, 08 Dec 2022 15:53:35 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 192364
ddg-cache-status: HIT,MISS
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/12/Fly3.gif

185.178.208.130

200 OK

5.6 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/12/Fly3.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 54 x 83\012- data
Size
5.6 kB (5572 bytes)
Hash
186bb477bb4c80dd3bf971e3c2afd716
2ce526e11718d48d17e604b223508e627dc890fa
8591017c0b3e1cbc547ffc56934ece47bdab81367828d4fa457c73be861d7c85

HTTP Headers

GET /wp-content/uploads/2022/12/Fly3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 01 Dec 2022 16:01:44 GMT
content-type: image/gif
content-length: 5572
last-modified: Thu, 01 Dec 2022 15:55:57 GMT
etag: "6388ce8d-15c4"
expires: Thu, 08 Dec 2022 16:01:44 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 191875
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/10/Lyle_Lyle_Crocodile3.gif

185.178.208.130

200 OK

5.9 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/10/Lyle_Lyle_Crocodile3.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 54 x 83\012- data
Size
5.9 kB (5922 bytes)
Hash
fb9b29914900b0e9ad8060743a0a5ad5
9bab6f093f0f915114e865222a9d6cc7fa4e5e92
c25ada41eccdad2304339754f4ca77c5711298dafc974943118f54c2fff54d7c

HTTP Headers

GET /wp-content/uploads/2022/10/Lyle_Lyle_Crocodile3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 30 Nov 2022 01:17:39 GMT
content-type: image/gif
content-length: 5922
last-modified: Sat, 22 Oct 2022 16:25:45 GMT
etag: "63541989-1722"
expires: Wed, 07 Dec 2022 01:17:39 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 331320
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/12/Lecciones_para_canallas3.gif

185.178.208.130

200 OK

5.7 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/12/Lecciones_para_canallas3.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 54 x 83\012- data
Size
5.7 kB (5660 bytes)
Hash
41b41abc305b0ac37cb0d104b7de127e
075907355267f34ec6237be8e93185e016ec8bfa
884bae18afc90b83e06a704d165768e7efba2d54ba864cd0494ac67111005ec6

HTTP Headers

GET /wp-content/uploads/2022/12/Lecciones_para_canallas3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 01 Dec 2022 15:43:13 GMT
content-type: image/gif
content-length: 5660
last-modified: Thu, 01 Dec 2022 15:39:52 GMT
etag: "6388cac8-161c"
expires: Thu, 08 Dec 2022 15:43:13 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 192986
ddg-cache-status: HIT,MISS
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 21:19:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

gnula.nu/wp-content/uploads/2022/11/Under_Wraps-2m3.gif

185.178.208.130

200 OK

6.1 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/11/Under_Wraps-2m3.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 54 x 83\012- data
Size
6.1 kB (6067 bytes)
Hash
dd995f2960bc92b987b96ea362923291
6a59b3d5b0b35899f5753ec94f9bfe69a1f30fd7
bcc550187576ca3ff1dae85f934b6381f129bd1090caac121070748f58d98509

HTTP Headers

GET /wp-content/uploads/2022/11/Under_Wraps-2m3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 30 Nov 2022 01:01:10 GMT
content-type: image/gif
content-length: 6067
last-modified: Tue, 01 Nov 2022 22:33:28 GMT
etag: "63619eb8-17b3"
expires: Wed, 07 Dec 2022 01:01:10 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 332309
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1f3a4f3edea56419c58836a0c80d5cea
1558a7ad0acc0c09cdf39ec92030f7ee5736e595
70aeda0cb136ac1add86931a338558b9f302576cd65537575d232fda623fe2f0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 21:19:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

gnula.nu/wp-content/uploads/2022/09/Beast2m4.gif

185.178.208.130

200 OK

41 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/09/Beast2m4.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 215 x 269\012- data
Size
41 kB (41074 bytes)
Hash
c15b04077a1988ceab4d1ea6905d7520
922c0aa0e66d16b61c058e81e6721f4ec7589de8
63e990da95df43fa16d4cd816e4f0b4f3078d6921c3094eab0af218ac118c91e

HTTP Headers

GET /wp-content/uploads/2022/09/Beast2m4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 03 Dec 2022 14:46:31 GMT
content-type: image/gif
content-length: 41074
last-modified: Thu, 08 Sep 2022 18:35:12 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,MISS
etag: "631a35e0-a072"
expires: Sat, 10 Dec 2022 14:46:31 GMT
age: 23588
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 21:19:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

gnula.nu/wp-content/uploads/2022/11/The_Woman_King4.gif

185.178.208.130

200 OK

44 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/11/The_Woman_King4.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 215 x 269\012- data
Size
44 kB (44520 bytes)
Hash
3290f6c4940858e881cb31838fdfb891
6920d3ca37cf1681f8a2208004912ad73a58f4e6
66218423811df26cf62257ea934e4543de60c4d37b6ec1a00c6cee6bd6785031

HTTP Headers

GET /wp-content/uploads/2022/11/The_Woman_King4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 30 Nov 2022 07:50:33 GMT
content-type: image/gif
content-length: 44520
last-modified: Wed, 23 Nov 2022 01:43:51 GMT
etag: "637d7ad7-ade8"
expires: Wed, 07 Dec 2022 07:50:33 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 307746
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/11/Confessions3.gif

185.178.208.130

200 OK

5.4 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/11/Confessions3.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 54 x 83\012- data
Size
5.4 kB (5424 bytes)
Hash
532d08d9351e4fe424c5106d7fb00de3
d218e23e6574411c55cb70532622e0464b3e4811
612681fb176cc4c4df090cda57aeee5514a731b378eb49c269a028f89839cad8

HTTP Headers

GET /wp-content/uploads/2022/11/Confessions3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 29 Nov 2022 15:58:28 GMT
content-type: image/gif
content-length: 5424
last-modified: Tue, 29 Nov 2022 15:54:49 GMT
etag: "63862b49-1530"
expires: Tue, 06 Dec 2022 15:58:28 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 364871
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/12/Un_hombre_de_accion3.gif

185.178.208.130

200 OK

5.8 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/12/Un_hombre_de_accion3.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 54 x 83\012- data
Size
5.8 kB (5765 bytes)
Hash
3d7abe6c6c179ea3208eed21b8c57a3f
f7018d90b1932266989f80ede2013f6c87b701c4
9c9c43ed2ad958b707354f81833f13a0b601b30d42570c9ea2d7e1339a1cc7d8

HTTP Headers

GET /wp-content/uploads/2022/12/Un_hombre_de_accion3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 03 Dec 2022 15:35:38 GMT
content-type: image/gif
content-length: 5765
last-modified: Sat, 03 Dec 2022 15:30:12 GMT
etag: "638b6b84-1685"
expires: Sat, 10 Dec 2022 15:35:38 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 20641
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2021/11/La_fracture3.gif

185.178.208.130

200 OK

5.1 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2021/11/La_fracture3.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 54 x 83\012- data
Size
5.1 kB (5104 bytes)
Hash
6071a88502aec64d4055e4be8a8a0dcc
896b3a7a3b28acd15cfcd9e62aa4a62a180d6f0f
be0a5e80eef5685a401a3b6b09514ef5d78481780588e6dbcf5b0efa7db01678

HTTP Headers

GET /wp-content/uploads/2021/11/La_fracture3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 29 Nov 2022 15:28:14 GMT
content-type: image/gif
content-length: 5104
last-modified: Mon, 29 Nov 2021 14:16:45 GMT
etag: "61a4e0cd-13f0"
expires: Tue, 06 Dec 2022 15:28:14 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 366685
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/1.6/jquery.min.js

142.250.74.106

200 OK

32 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.6/jquery.min.js
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32769)
Size
32 kB (32222 bytes)
Hash
beb03c9ee6d13748648309584590d515
a491b316cdd4df32dabb7a3a1d85919681911dda
acec62a91cdd6d2b03731fcc7e988094b3c38c9269276f09f9a842e6433ee008

HTTP Headers

GET /ajax/libs/jquery/1.6/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 32222
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 27 Nov 2022 15:10:06 GMT
expires: Mon, 27 Nov 2023 15:10:06 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 540574
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/11/Holiday_Harmony3.gif

185.178.208.130

200 OK

6.1 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/11/Holiday_Harmony3.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 54 x 83\012- data
Size
6.1 kB (6112 bytes)
Hash
bfe788053262070657aae84fbd190baf
32956f3f220c06c290b7b668e72437cac2eaed13
9ad72369ce41c95a4d1aa2c26a4d20185c5d519175f143ffcdcebe61660166de

HTTP Headers

GET /wp-content/uploads/2022/11/Holiday_Harmony3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 27 Nov 2022 19:58:03 GMT
content-type: image/gif
content-length: 6112
last-modified: Sun, 27 Nov 2022 19:46:26 GMT
etag: "6383be92-17e0"
expires: Sun, 04 Dec 2022 19:58:03 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 523297
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/09/Three_Thousand_Years_of_Longing3.gif

185.178.208.130

200 OK

5.4 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/09/Three_Thousand_Years_of_Longing3.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 54 x 83\012- data
Size
5.4 kB (5443 bytes)
Hash
6b1ad319df63296def7c5024f80bdf55
310a9fbf118153313d8f16b0231822f65972f72e
c3841ad557ac2a13fff4e01e767227cdfa386bcc4dcdc5e0ab323f1ce8ae5f8f

HTTP Headers

GET /wp-content/uploads/2022/09/Three_Thousand_Years_of_Longing3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 03 Dec 2022 16:03:26 GMT
content-type: image/gif
content-length: 5443
last-modified: Mon, 12 Sep 2022 01:50:30 GMT
etag: "631e9066-1543"
expires: Sat, 10 Dec 2022 16:03:26 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 18973
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2021/12/The_Fight_Before_Christmas3.gif

185.178.208.130

200 OK

5.3 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2021/12/The_Fight_Before_Christmas3.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 54 x 83\012- data
Size
5.3 kB (5340 bytes)
Hash
b76f93d67bb1255b3c0d805642638ec8
b76ca1e73796420de299d29a5078170cb5d72cbf
5fc9839f5adf000196af632eb7925fe237d116931e73e2d1513dce445e534048

HTTP Headers

GET /wp-content/uploads/2021/12/The_Fight_Before_Christmas3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 29 Nov 2022 15:51:39 GMT
content-type: image/gif
content-length: 5340
last-modified: Mon, 20 Dec 2021 22:10:21 GMT
etag: "61c0ff4d-14dc"
expires: Tue, 06 Dec 2022 15:51:39 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 365280
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/10/L_ombre_d_un_mensonge3.gif

185.178.208.130

200 OK

5.8 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/10/L_ombre_d_un_mensonge3.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 54 x 83\012- data
Size
5.8 kB (5810 bytes)
Hash
7ae8ec0e336f9aaa971475ef3bdcebad
8e20e532524f3edec5770aed04106638557c5834
f6239b2f98338979ce64dc0e48eec965e72fe3ed005185a4d8cf0df4f67ddd21

HTTP Headers

GET /wp-content/uploads/2022/10/L_ombre_d_un_mensonge3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 03 Dec 2022 16:22:41 GMT
content-type: image/gif
content-length: 5810
last-modified: Fri, 21 Oct 2022 03:57:31 GMT
etag: "635218ab-16b2"
expires: Sat, 10 Dec 2022 16:22:41 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 17820
ddg-cache-status: HIT,MISS
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/11/A_Christmas_Mystery3.gif

185.178.208.130

200 OK

6.1 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/11/A_Christmas_Mystery3.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 54 x 83\012- data
Size
6.1 kB (6108 bytes)
Hash
3ff5f4128f0470f5ebfa8b4f03003c16
cc2ddb5d16d119848ccad6553a1492dd49294551
c5d27158f2caa59633d531235f0a93dea62aade6db06a815a056635778cb9c67

HTTP Headers

GET /wp-content/uploads/2022/11/A_Christmas_Mystery3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 27 Nov 2022 22:52:35 GMT
content-type: image/gif
content-length: 6108
last-modified: Sun, 27 Nov 2022 20:17:52 GMT
etag: "6383c5f0-17dc"
expires: Sun, 04 Dec 2022 22:52:35 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 512824
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/12/Matando_el_tiempo3.gif

185.178.208.130

200 OK

5.2 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/12/Matando_el_tiempo3.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 54 x 83\012- data
Size
5.2 kB (5236 bytes)
Hash
8a85cfd32cca9be44909f205fc0c37bb
4298e23d195d63ab04869bcad66ce4f563a57890
e7ed50bca961b0985d435ef28a4d3166c6dd9dfdb877762d86e3b556e296e95d

HTTP Headers

GET /wp-content/uploads/2022/12/Matando_el_tiempo3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 03 Dec 2022 16:18:57 GMT
content-type: image/gif
content-length: 5236
last-modified: Sat, 03 Dec 2022 16:16:03 GMT
etag: "638b7643-1474"
expires: Sat, 10 Dec 2022 16:18:57 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 18042
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/11/The_Guardians_of_the_Galaxy_Holiday_Special3.gif

185.178.208.130

200 OK

6.1 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/11/The_Guardians_of_the_Galaxy_Holiday_Special3.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 54 x 83\012- data
Size
6.1 kB (6060 bytes)
Hash
1988137b91ec2b295d09b6da44d19250
cb3786235a4afa872818b42f11a8df44ffcc092c
414f86a0804fe42278070ea20e728aecec7bb3a6e1b0137fc101e6a2dc48e8e2

HTTP Headers

GET /wp-content/uploads/2022/11/The_Guardians_of_the_Galaxy_Holiday_Special3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 30 Nov 2022 01:10:00 GMT
content-type: image/gif
content-length: 6060
last-modified: Wed, 30 Nov 2022 01:08:06 GMT
etag: "6386acf6-17ac"
expires: Wed, 07 Dec 2022 01:10:00 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 331779
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/11/Le_patient3.gif

185.178.208.130

200 OK

4.6 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/11/Le_patient3.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 54 x 83\012- data
Size
4.6 kB (4597 bytes)
Hash
25a14218f4079a0c23dd3a7858c11c66
fffa95e7387f7b66d3083f8df9e540b0ab5683cf
d035c413026017e267bd6a9e60889240a9dc446c1a5c7bc7b3aa46ee1ab04514

HTTP Headers

GET /wp-content/uploads/2022/11/Le_patient3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 29 Nov 2022 15:36:38 GMT
content-type: image/gif
content-length: 4597
last-modified: Tue, 29 Nov 2022 15:31:08 GMT
etag: "638625bc-11f5"
expires: Tue, 06 Dec 2022 15:36:38 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 366181
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/11/Du_som_er_i_himlen3.gif

185.178.208.130

200 OK

5.1 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/11/Du_som_er_i_himlen3.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 54 x 83\012- data
Size
5.1 kB (5093 bytes)
Hash
96b3aaa21b2a66ff8173f4714c80c300
a2698f051e1798ac07c1444e14d29f80e8aee347
e8b05ff6dcd7dc282f87d73f1cc0067de1822b96db876453bfec053b63495e68

HTTP Headers

GET /wp-content/uploads/2022/11/Du_som_er_i_himlen3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 29 Nov 2022 15:44:24 GMT
content-type: image/gif
content-length: 5093
last-modified: Tue, 29 Nov 2022 15:39:12 GMT
etag: "638627a0-13e5"
expires: Tue, 06 Dec 2022 15:44:24 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 365715
ddg-cache-status: HIT,MISS
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2021/05/Spasti_Leningrad3.gif

185.178.208.130

200 OK

6.1 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2021/05/Spasti_Leningrad3.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 54 x 83\012- data
Size
6.1 kB (6128 bytes)
Hash
41e9deb62f697900e48052a22565990b
1b9082d86573de7627dbe283f0119f8f23b07000
85cccc98a13e79b0aeced05b77fd1c3429d8cde7205cab4fbe505bd7b350a16a

HTTP Headers

GET /wp-content/uploads/2021/05/Spasti_Leningrad3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 03 Dec 2022 16:13:32 GMT
content-type: image/gif
content-length: 6128
last-modified: Wed, 19 May 2021 19:28:53 GMT
etag: "60a566f5-17f0"
expires: Sat, 10 Dec 2022 16:13:32 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 18367
ddg-cache-status: HIT,MISS
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/07/Mr_Malcolms_List3.gif

185.178.208.130

200 OK

5.8 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/07/Mr_Malcolms_List3.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 54 x 83\012- data
Size
5.8 kB (5820 bytes)
Hash
1ea5f12206607c6177d54ce8e8178a05
f4fa65805bf687f7e6755be57ed9a30582502680
a3df9c2bbf3b1d1887b0019333de473455bbbdf4044cc6634a43e17873dc54d6

HTTP Headers

GET /wp-content/uploads/2022/07/Mr_Malcolms_List3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 02 Dec 2022 02:25:26 GMT
content-type: image/gif
content-length: 5820
last-modified: Sat, 23 Jul 2022 17:23:30 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "62dc2e92-16bc"
expires: Thu, 08 Dec 2022 06:13:21 GMT
age: 154453
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/07/Cop_Secret3.gif

185.178.208.130

200 OK

6.2 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/07/Cop_Secret3.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 54 x 83\012- data
Size
6.2 kB (6241 bytes)
Hash
6eaaa5ed44cfc32cbe2a66c2f0f88738
30e987d3d2dbdeeae32e717e7e8887db2faf603e
6b772380ef0f32dbd6109e98d60fa4d3d164f87039c179d7e85d8f448a1c2e42

HTTP Headers

GET /wp-content/uploads/2022/07/Cop_Secret3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 02 Dec 2022 16:35:46 GMT
content-type: image/gif
content-length: 6241
last-modified: Sun, 10 Jul 2022 22:18:51 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "62cb504b-1861"
expires: Thu, 08 Dec 2022 11:11:37 GMT
age: 103433
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
42e5aff59bc88ab53505e062eebe6e7a
03e2176eb13fd13f0f6a01dff57d9119dd947fa9
37847baecba596b3d406e337517a1deba30cc624474792a56bde91736c5598fd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 21:19:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

murkilyergots.com/gcgLKdwzr0hh/33424

142.91.159.134

200 OK

26 B

URL HTTP/1.1
murkilyergots.com/gcgLKdwzr0hh/33424
IP
142.91.159.134:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95

HTTP Headers

GET /gcgLKdwzr0hh/33424 HTTP/1.1
Host: murkilyergots.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 21:19:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://gnula.nu
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Sun, 04-Dec-2022 21:19:40 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Sun, 04-Dec-2022 21:19:40 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

gnula.nu/wp-content/uploads/2022/11/Black_Adam5.gif

185.178.208.130

200 OK

34 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/11/Black_Adam5.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 215 x 269\012- data
Size
34 kB (33635 bytes)
Hash
cc449cf16222716cab5d0792042b7c4f
60d4beb0a0fe383d8763287786892ee6c2cab395
dd45a20cf17c45159382a965ae8ae5f9f9db9b330d71048a9ca594dc559139ee

HTTP Headers

GET /wp-content/uploads/2022/11/Black_Adam5.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 30 Nov 2022 02:24:40 GMT
content-type: image/gif
content-length: 33635
last-modified: Wed, 23 Nov 2022 02:20:29 GMT
cache-control: max-age=604800
accept-ranges: bytes
etag: "637d836d-8363"
expires: Wed, 07 Dec 2022 02:24:40 GMT
age: 327299
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/08/Nope4.gif

185.178.208.130

200 OK

41 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/08/Nope4.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 215 x 269\012- data
Size
41 kB (40845 bytes)
Hash
3938804975796ef88f10bfdc13098f7c
6c228c84d8867f44d5b61ce39dcdf7e5ae520aa8
385a0d28d4855873ad6f61d07464f23613249bad88579d60123392deb6bf3364

HTTP Headers

GET /wp-content/uploads/2022/08/Nope4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 01 Dec 2022 14:04:56 GMT
content-type: image/gif
content-length: 40845
last-modified: Thu, 25 Aug 2022 17:12:40 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,MISS
etag: "6307ad88-9f8d"
expires: Thu, 08 Dec 2022 14:04:56 GMT
age: 198883
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/11/My_Policeman4.gif

185.178.208.130

200 OK

38 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/11/My_Policeman4.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 215 x 269\012- data
Size
38 kB (38299 bytes)
Hash
ee49875136f6a4e0f36b1b090ce32bdf
5fb4e22a36354d52309bd32877f4d043eaa66a1f
0d0fa87c67b46606b66c108106059e35792c45f1727d28e592d8d77b149213e3

HTTP Headers

GET /wp-content/uploads/2022/11/My_Policeman4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 28 Nov 2022 16:57:37 GMT
content-type: image/gif
content-length: 38299
last-modified: Mon, 07 Nov 2022 16:34:47 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "636933a7-959b"
expires: Sat, 03 Dec 2022 11:19:41 GMT
age: 447722
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/10/Dont_Worry_Darling4.gif

185.178.208.130

200 OK

33 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/10/Dont_Worry_Darling4.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 215 x 269\012- data
Size
33 kB (33362 bytes)
Hash
784bc6da36153189895b958af63c648c
5c0ae88ad3d2720921dfb6954809ba8ac5cfcbf3
81c22b8799def0e5e82cbc13abaf6643752c4f522c9eaa9c9edf1d79be3b58ad

HTTP Headers

GET /wp-content/uploads/2022/10/Dont_Worry_Darling4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 02 Dec 2022 09:57:45 GMT
content-type: image/gif
content-length: 33362
last-modified: Wed, 26 Oct 2022 03:28:42 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "6358a96a-8252"
expires: Sat, 03 Dec 2022 15:15:23 GMT
age: 127314
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/11/Amsterdam4.gif

185.178.208.130

200 OK

36 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/11/Amsterdam4.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 215 x 269\012- data
Size
36 kB (35652 bytes)
Hash
4b04ddab75cd6fad617b3081e254dcb1
e5b90f90cac25fecb04f1219e6dd041880cd05da
568a0bb4135b099a04325fbb7b83aa0e383151d07b48abc14dedaf0abbd1c9e4

HTTP Headers

GET /wp-content/uploads/2022/11/Amsterdam4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 29 Nov 2022 17:44:48 GMT
content-type: image/gif
content-length: 35652
last-modified: Tue, 15 Nov 2022 17:40:37 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "6373cf15-8b44"
expires: Fri, 02 Dec 2022 15:53:24 GMT
age: 358491
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/10/Amsterdam3.gif

185.178.208.130

200 OK

5.7 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/10/Amsterdam3.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 54 x 83\012- data
Size
5.7 kB (5709 bytes)
Hash
e08d1bec5792451d510bf2efb80daadb
8be5a8f98a884d544e32934c1928fb2cc4f14e79
8af00b372faefda02acece4f341150f627021e3f51dbc69e9e5fbba1c6614778

HTTP Headers

GET /wp-content/uploads/2022/10/Amsterdam3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 29 Nov 2022 17:44:48 GMT
content-type: image/gif
content-length: 5709
last-modified: Sat, 08 Oct 2022 17:23:49 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,MISS
etag: "6341b225-164d"
expires: Tue, 06 Dec 2022 17:44:48 GMT
age: 358491
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/09/One_Way3.gif

185.178.208.130

200 OK

5.9 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/09/One_Way3.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 54 x 83\012- data
Size
5.9 kB (5861 bytes)
Hash
55b72fe1f1d8e1846314fa1fcc87dea8
c1bfdd45a5e721e48399f585269a31d52a7014d8
6e90a7779701b8a95f079f9c3130fb6ca3f4f4dd3188311ca396ed89703f7762

HTTP Headers

GET /wp-content/uploads/2022/09/One_Way3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 01 Dec 2022 09:16:45 GMT
content-type: image/gif
content-length: 5861
last-modified: Mon, 19 Sep 2022 14:30:48 GMT
etag: "63287d18-16e5"
expires: Thu, 08 Dec 2022 09:16:45 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 216175
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/08/Heroes_de_barrio3.gif

185.178.208.130

200 OK

4.2 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/08/Heroes_de_barrio3.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 54 x 83\012- data
Size
4.2 kB (4229 bytes)
Hash
1625270919acbbbd379d863032ead032
3371037a16245c21cb7115d1692c4ea11c36e604
1af653a6e03cef278b0014030130095200a5eef0c2d80a7867c387dc80867d6c

HTTP Headers

GET /wp-content/uploads/2022/08/Heroes_de_barrio3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 30 Nov 2022 20:38:11 GMT
content-type: image/gif
content-length: 4229
last-modified: Tue, 02 Aug 2022 15:34:13 GMT
cache-control: max-age=604800
accept-ranges: bytes
etag: "62e943f5-1085"
expires: Wed, 07 Dec 2022 20:38:11 GMT
age: 261689
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/04/Alien_Sniperess3.gif

185.178.208.130

200 OK

5.9 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/04/Alien_Sniperess3.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 54 x 83\012- data
Size
5.9 kB (5892 bytes)
Hash
75b11d4892ea988b5ff56b1ce2cbace4
eb6cbd3e52a5d8f48f41ecf579e77161406a1df7
5c456caafe5226c7c5a8790612f11b1dcafb7593b7221965493821903dafc050

HTTP Headers

GET /wp-content/uploads/2022/04/Alien_Sniperess3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 30 Nov 2022 08:29:59 GMT
content-type: image/gif
content-length: 5892
last-modified: Sun, 24 Apr 2022 14:36:21 GMT
etag: "62656065-1704"
expires: Wed, 07 Dec 2022 08:29:59 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 305381
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/10/Black_Adam3.gif

185.178.208.130

200 OK

5.5 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/10/Black_Adam3.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 54 x 83\012- data
Size
5.5 kB (5534 bytes)
Hash
f0815d060cd741cafab682ef66685ccd
de94b36510ecf2885830da3b98b22c4acaeda228
951a26bfb9bc27131224510fe3b08c2a3e95ab62e75add8acdbaf50b3f99b56a

HTTP Headers

GET /wp-content/uploads/2022/10/Black_Adam3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 30 Nov 2022 05:27:02 GMT
content-type: image/gif
content-length: 5534
last-modified: Fri, 21 Oct 2022 16:05:07 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "6352c333-159e"
expires: Thu, 01 Dec 2022 09:12:23 GMT
age: 316358
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/02/In_the_Forest3.gif

185.178.208.130

200 OK

4.8 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/02/In_the_Forest3.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 54 x 83\012- data
Size
4.8 kB (4809 bytes)
Hash
8c2a023a78634f35eec674641ac73f16
f9bdd3129d0497c1b09663f848b6d0db50d968fd
2bd0cb23775fa0da6bd30cd3ccf738318a8b5f206d3fd6b9e14464e7f8aabaac

HTTP Headers

GET /wp-content/uploads/2022/02/In_the_Forest3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 03 Dec 2022 10:40:00 GMT
content-type: image/gif
content-length: 4809
last-modified: Fri, 11 Feb 2022 03:54:17 GMT
etag: "6205dde9-12c9"
expires: Sat, 10 Dec 2022 10:40:00 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 38380
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/11/Halloween_Ends5.gif

185.178.208.130

200 OK

34 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/11/Halloween_Ends5.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 215 x 269\012- data
Size
34 kB (34140 bytes)
Hash
f2dd6502043b71b245120730a5a17d4f
6f065d619730f0bccf081593f7897dc20a8fd5cd
e6cbf20a531d2fab7f96ffa775df952618075fcf48dd269f5617b9e88d308107

HTTP Headers

GET /wp-content/uploads/2022/11/Halloween_Ends5.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 03 Dec 2022 07:45:04 GMT
content-type: image/gif
content-length: 34140
last-modified: Sat, 05 Nov 2022 06:08:36 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "6365fde4-855c"
expires: Fri, 09 Dec 2022 16:57:01 GMT
age: 48875
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/10/Ticket_to_Paradise4.gif

185.178.208.130

200 OK

40 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/10/Ticket_to_Paradise4.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 215 x 269\012- data
Size
40 kB (39962 bytes)
Hash
4a47cd3f95966d4db09b4fd2b2ab14d9
64ed404d8c68bd19665942fd8b240f1d79fdb875
c2df865684570f7a418c18f742ae6015c38da34b97b2bbb0c8d93ed705880797

HTTP Headers

GET /wp-content/uploads/2022/10/Ticket_to_Paradise4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 30 Nov 2022 01:23:43 GMT
content-type: image/gif
content-length: 39962
last-modified: Wed, 26 Oct 2022 17:48:25 GMT
etag: "635972e9-9c1a"
expires: Wed, 07 Dec 2022 01:23:43 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 330956
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/10/Barbarian4.gif

185.178.208.130

200 OK

42 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/10/Barbarian4.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 215 x 269\012- data
Size
42 kB (41791 bytes)
Hash
5aa098f15c8ac21cc203f05c75af0330
ee108a687a23dd4c0f349ea8b4f1ffe95b2d9e37
03f7d8ffe3833b47abf1eb36272f733a76046dce23af4d8788e5203edaa63095

HTTP Headers

GET /wp-content/uploads/2022/10/Barbarian4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 30 Nov 2022 06:04:25 GMT
content-type: image/gif
content-length: 41791
last-modified: Wed, 26 Oct 2022 03:48:42 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "6358ae1a-a33f"
expires: Sat, 03 Dec 2022 12:04:58 GMT
age: 314114
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/11/Black_Panther_Wakanda_Forever_new.jpg

185.178.208.130

200 OK

46 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/11/Black_Panther_Wakanda_Forever_new.jpg
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.4 (Macintosh), datetime=2022:11:11 08:46:24], baseline, precision 8, 215x279, components 3\012- data
Size
46 kB (45858 bytes)
Hash
cbdcc426447d906834ab0cb1f6839f4c
63c346a64a9bfe1c785f074da118685817162cda
f29c23376bb7749318f13a3f424bca07c279a84c320558cc70ce4e291ba02278

HTTP Headers

GET /wp-content/uploads/2022/11/Black_Panther_Wakanda_Forever_new.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 02 Dec 2022 16:35:44 GMT
content-type: image/jpeg
content-length: 45858
last-modified: Fri, 11 Nov 2022 13:46:34 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "636e523a-b322"
expires: Sat, 03 Dec 2022 06:55:06 GMT
age: 103435
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/08/Minions_The_Rise_of_Gru4.gif

185.178.208.130

200 OK

40 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/08/Minions_The_Rise_of_Gru4.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 215 x 269\012- data
Size
40 kB (40272 bytes)
Hash
e77f0b8630fddaa60f4af4a3a38b1224
7b49bd428fbc28c1ca7acac32ce6aca443053eab
ceb169c22fda9f4739637944673372e7d2d2476778075b689eda5f292cad951d

HTTP Headers

GET /wp-content/uploads/2022/08/Minions_The_Rise_of_Gru4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 30 Nov 2022 11:24:29 GMT
content-type: image/gif
content-length: 40272
last-modified: Tue, 02 Aug 2022 14:00:46 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "62e92e0e-9d50"
expires: Sun, 04 Dec 2022 22:12:51 GMT
age: 294911
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 21:19:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

gnula.nu/wp-content/uploads/2022/09/Three_Thousand_Years_of_Longing4.gif

185.178.208.130

200 OK

40 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/09/Three_Thousand_Years_of_Longing4.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 215 x 269\012- data
Size
40 kB (39834 bytes)
Hash
defa4b7e5b78b3f54bb63e7971fb128c
f9df4b5376e03cf9672efed4b0415d597b4b61da
11e203114231734a55a865581b268b738a7ff79cea4da8bc0750cca58bfb8366

HTTP Headers

GET /wp-content/uploads/2022/09/Three_Thousand_Years_of_Longing4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 01 Dec 2022 14:07:24 GMT
content-type: image/gif
content-length: 39834
last-modified: Mon, 19 Sep 2022 19:00:03 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "6328bc33-9b9a"
expires: Sat, 03 Dec 2022 16:01:38 GMT
age: 198736
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/09/Fall5.gif

185.178.208.130

200 OK

36 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/09/Fall5.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 215 x 269\012- data
Size
36 kB (36342 bytes)
Hash
9e1d07d1fcda9b4db2b23ffd054d6640
0e389380b0628fb2a99944804b88b7019370e65c
03be235a9ddabb7abf9b38eee6387311d1ba8aa398d0f8f74bbc89535fbbfc2b

HTTP Headers

GET /wp-content/uploads/2022/09/Fall5.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 28 Nov 2022 14:01:59 GMT
content-type: image/gif
content-length: 36342
last-modified: Fri, 02 Sep 2022 14:32:42 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "6312140a-8df6"
expires: Sat, 03 Dec 2022 08:55:13 GMT
age: 458261
X-Firefox-Spdy: h2

www.gstatic.com/prose/brandjs.js

216.58.211.3

200 OK

5.8 kB

URL HTTP/2
www.gstatic.com/prose/brandjs.js
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1352)
Size
5.8 kB (5807 bytes)
Hash
10aa07ab4f7de5535f4cafe167ca4fa7
6c804574a29f9d8a77ed2823a7879e56dbc42c22
d111484a9bceee10b129b20ebd4ead4639b5d7dd78117522249195fb84db3cf0

HTTP Headers

GET /prose/brandjs.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gnula.nu/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 5807
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 14:22:24 GMT
expires: Sun, 04 Dec 2022 14:22:24 GMT
cache-control: public, max-age=86400
age: 25036
last-modified: Tue, 06 Apr 2021 15:14:29 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 21:19:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

gnula.nu/wp-content/uploads/2022/07/Lightyear4.gif

185.178.208.130

200 OK

33 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/07/Lightyear4.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 215 x 269\012- data
Size
33 kB (33003 bytes)
Hash
bc414fdcadd43283ba463097b1de3d92
bff73ee95800371b3e50dee1fbdd691095dddd92
11232c7a182b06dd91a0d706fd48d0cea7fa9f3817ea606c368d1320cf0490b5

HTTP Headers

GET /wp-content/uploads/2022/07/Lightyear4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 29 Nov 2022 22:16:57 GMT
content-type: image/gif
content-length: 33003
last-modified: Thu, 14 Jul 2022 16:51:11 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "62d0497f-80eb"
expires: Sat, 03 Dec 2022 12:05:05 GMT
age: 342163
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2021/09/Free_Guy5.gif

185.178.208.130

200 OK

40 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2021/09/Free_Guy5.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 215 x 269\012- data
Size
40 kB (40539 bytes)
Hash
a46cc3cd01e9889ea09d14ec81ad1fbe
d462507245493576e505040bf0de984f2e490a4f
652a376a1bef35a690e3ca8a3ad646f5d71d291b4e430f09a7f7589575e0244a

HTTP Headers

GET /wp-content/uploads/2021/09/Free_Guy5.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 30 Nov 2022 12:33:06 GMT
content-type: image/gif
content-length: 40539
last-modified: Wed, 29 Sep 2021 04:25:52 GMT
etag: "6153ead0-9e5b"
expires: Wed, 07 Dec 2022 12:33:06 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 290794
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2021/09/Dear_Evan_Hansen4.gif

185.178.208.130

200 OK

33 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2021/09/Dear_Evan_Hansen4.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 215 x 269\012- data
Size
33 kB (33142 bytes)
Hash
dce8ec7cdeee2deca8a5de066915e400
abb2f56e5f7c7a9c7d43762f73f2579d9fbc026d
3a7a5f3ce2f8e0930b9813442c60e2b04c701f713bb390061d424acf5560c3f1

HTTP Headers

GET /wp-content/uploads/2021/09/Dear_Evan_Hansen4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 30 Nov 2022 17:25:46 GMT
content-type: image/gif
content-length: 33142
last-modified: Mon, 20 Sep 2021 02:11:32 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "6147edd4-8176"
expires: Wed, 07 Dec 2022 00:26:42 GMT
age: 273234
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2021/01/The_Croods_A_New_Age5.gif

185.178.208.130

200 OK

27 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2021/01/The_Croods_A_New_Age5.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 215 x 269\012- data
Size
27 kB (27011 bytes)
Hash
86a76e72f8f96c44d0347bdda79d056d
8007d4a92aafc7a13956c4cbb02d3a0020cb6026
cf784b3c1dda6a1870ccfa4902b760f53a063f44e8f3d7374d1db1852938c2c2

HTTP Headers

GET /wp-content/uploads/2021/01/The_Croods_A_New_Age5.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 28 Nov 2022 13:20:55 GMT
content-type: image/gif
content-length: 27011
last-modified: Sat, 02 Jan 2021 14:04:12 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "5ff07d5c-6983"
expires: Thu, 01 Dec 2022 08:50:18 GMT
age: 460725
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2021/05/Chaos_Walking5.gif

185.178.208.130

200 OK

36 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2021/05/Chaos_Walking5.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 215 x 269\012- data
Size
36 kB (35478 bytes)
Hash
8cbe83232e067e85f193643cff4733db
0b6476a4dbf52899cf9dc3b1b36743cfafcbbfa0
416115705b0e961e14f589b577a4b9096cf4c8bdb5f31ca3edb61b90b4947cac

HTTP Headers

GET /wp-content/uploads/2021/05/Chaos_Walking5.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 02 Dec 2022 05:05:05 GMT
content-type: image/gif
content-length: 35478
last-modified: Sat, 08 May 2021 22:27:16 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "60971044-8a96"
expires: Thu, 08 Dec 2022 11:11:36 GMT
age: 144875
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2021/01/Promising_Young_Woman6.gif

185.178.208.130

200 OK

31 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2021/01/Promising_Young_Woman6.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 215 x 269\012- data
Size
31 kB (31093 bytes)
Hash
4f4d7e501b001996cf36e22084e3dc36
5a20254f715aea63e3af30da9e5968660cdb5b8e
f1f91761b558400b145c7672943ae3e766e3491b5015e6a120bc260528e6dba7

HTTP Headers

GET /wp-content/uploads/2021/01/Promising_Young_Woman6.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 01 Dec 2022 10:44:10 GMT
content-type: image/gif
content-length: 31093
last-modified: Fri, 15 Jan 2021 01:35:34 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "6000f166-7975"
expires: Thu, 01 Dec 2022 19:35:37 GMT
age: 210930
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/11/The_Visitor3.gif

185.178.208.130

200 OK

5.8 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/11/The_Visitor3.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 54 x 83\012- data
Size
5.8 kB (5802 bytes)
Hash
1eb7a81e9491bd7780833a3d0672ee8f
06779becf1b6233fb09f6d902396c10778ebea65
25fa513dedd0a8240aa0f5964ea539e220b32b4ba44fded90a254e53f42c097b

HTTP Headers

GET /wp-content/uploads/2022/11/The_Visitor3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 28 Nov 2022 21:22:37 GMT
content-type: image/gif
content-length: 5802
last-modified: Tue, 15 Nov 2022 19:06:15 GMT
cache-control: max-age=604800
accept-ranges: bytes
etag: "6373e327-16aa"
expires: Mon, 05 Dec 2022 21:22:37 GMT
age: 431823
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/10/The_Woman_King3.gif

185.178.208.130

200 OK

5.6 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/10/The_Woman_King3.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 54 x 83\012- data
Size
5.6 kB (5570 bytes)
Hash
6b21b5a7c2f695941e5081b6c5ea31ce
8b8012f9fd20d9f94cb1dd7350b6b4c42a0282bd
c762380096001a240b1bf07e458d3b6bb814e5c4a2447c866bd293a7fcf7a9b7

HTTP Headers

GET /wp-content/uploads/2022/10/The_Woman_King3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 30 Nov 2022 01:47:22 GMT
content-type: image/gif
content-length: 5570
last-modified: Fri, 07 Oct 2022 22:06:53 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "6340a2fd-15c2"
expires: Mon, 05 Dec 2022 20:46:12 GMT
age: 329538
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/11/Black_Adam4.gif

185.178.208.130

200 OK

33 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/11/Black_Adam4.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 215 x 269\012- data
Size
33 kB (32715 bytes)
Hash
eeb25bdd8c538037b393efbb6cbf9ec7
0f2013a4a0f5ff16b71dd49191727b6ec79f9204
487eb2a86630f85ced8acde914c76eae0cfce18dd8f8e8dcd6b4f832bfa09590

HTTP Headers

GET /wp-content/uploads/2022/11/Black_Adam4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 30 Nov 2022 05:27:01 GMT
content-type: image/gif
content-length: 32715
last-modified: Wed, 16 Nov 2022 04:54:50 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "63746d1a-7fcb"
expires: Thu, 01 Dec 2022 09:12:27 GMT
age: 316359
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2022/11/Bodies_Bodies_Bodies4.gif

185.178.208.130

200 OK

36 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2022/11/Bodies_Bodies_Bodies4.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 215 x 269\012- data
Size
36 kB (35488 bytes)
Hash
609af1aca0b86df61decea3888097441
8d04bc59beaa1da770ebb5002cfc05d58f5553f2
aecdf6e59f70749c2be0a890a73f40750a149a20034de1ef850837b51d1453d6

HTTP Headers

GET /wp-content/uploads/2022/11/Bodies_Bodies_Bodies4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 01 Dec 2022 08:05:23 GMT
content-type: image/gif
content-length: 35488
last-modified: Wed, 02 Nov 2022 05:15:08 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "6361fcdc-8aa0"
expires: Thu, 01 Dec 2022 15:09:08 GMT
age: 220457
X-Firefox-Spdy: h2

gnula.nu/wp-content/themes/charcoal2/images/li2.gif

185.178.208.130

200 OK

2.0 kB

URL HTTP/2
gnula.nu/wp-content/themes/charcoal2/images/li2.gif
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
GIF image data, version 89a, 210 x 25\012- data
Size
2.0 kB (2043 bytes)
Hash
dd9cca90bdfe16a9a85b6e46f57bb97f
c1a797f881f789f111df30455369e05439856211
54f6772dc8d1466e269ea4da0435d09751b740226bcb57e336abf066459e484a

HTTP Headers

GET /wp-content/themes/charcoal2/images/li2.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/wp-content/themes/charcoal2/style.css
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 30 Nov 2022 19:16:38 GMT
content-type: image/gif
content-length: 2043
last-modified: Tue, 19 May 2020 23:50:09 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "5ec470b1-7fb"
expires: Wed, 07 Dec 2022 19:00:31 GMT
age: 266582
X-Firefox-Spdy: h2

platform.twitter.com/widgets.js

93.184.220.66

200 OK

29 kB

URL HTTP/1.1
platform.twitter.com/widgets.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
Unicode text, UTF-8 text, with very long lines (33915)
Size
29 kB (29221 bytes)
Hash
7899fffaf0046efb7f9be2495d9dc928
d4c60d88e8deea577a50f9d20e1b6b3a20cba2cf
07d50450f22df0588cc1b67f5a124cb91d99a032a229586eb7dc490cce9f7f30

HTTP Headers

GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1106
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Sat, 03 Dec 2022 21:19:40 GMT
Etag: "6633f9603c759c40d9b200995454f17c+gzip"
Last-Modified: Wed, 02 Nov 2022 19:43:37 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 29221

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 21:19:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

44.238.202.79

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.238.202.79:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9j0uopBMzFl2eqAUxQYKBA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3BuJ12gemdVgmVJ0DcqH4+wlHGw=

gnula.nu/wp-content/uploads/2014/04/heada.jpg

185.178.208.130

200 OK

90 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2014/04/heada.jpg
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2012:10:22 16:36:42], progressive, precision 8, 1200x116, components 3\012- data
Size
90 kB (89782 bytes)
Hash
50f9a92c99bb8560a4108909327f1314
3b964b1dd35ae34c5c0bbc931a3e650e47546061
da7095ec43fb09c4c5fde2546ac40a15fca9ad785a44a5bd00cf1963128243ac

HTTP Headers

GET /wp-content/uploads/2014/04/heada.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 29 Nov 2022 13:50:50 GMT
content-type: image/jpeg
content-length: 89782
last-modified: Wed, 20 May 2020 00:18:30 GMT
cache-control: max-age=604800
accept-ranges: bytes
etag: "5ec47756-15eb6"
expires: Tue, 06 Dec 2022 13:50:50 GMT
age: 372531
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2014/04/headb.jpg

185.178.208.130

200 OK

46 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2014/04/headb.jpg
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2012:10:22 16:48:18], progressive, precision 8, 1200x65, components 3\012- data
Size
46 kB (45487 bytes)
Hash
a464117e8d7a6e49becab8e33d3ef73c
39d4580fb9e397dc824075dc0100a5973ca4e2a7
b158e64c80b09edb16ca4ad107d62dbf4aa81e5bb684bd81dbdfb38447b2f241

HTTP Headers

GET /wp-content/uploads/2014/04/headb.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 27 Nov 2022 16:25:27 GMT
content-type: image/jpeg
content-length: 45487
last-modified: Wed, 20 May 2020 00:18:31 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,MISS
etag: "5ec47757-b1af"
expires: Sun, 04 Dec 2022 16:25:27 GMT
age: 536054
X-Firefox-Spdy: h2

murkilyergots.com/gcgLKdwzr0hh/33424

142.91.159.134

200 OK

26 B

URL HTTP/1.1
murkilyergots.com/gcgLKdwzr0hh/33424
IP
142.91.159.134:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95

HTTP Headers

GET /gcgLKdwzr0hh/33424 HTTP/1.1
Host: murkilyergots.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 21:19:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://gnula.nu
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

gnula.nu/wp-content/themes/charcoal2/images/title2.jpg

185.178.208.130

200 OK

13 kB

URL HTTP/2
gnula.nu/wp-content/themes/charcoal2/images/title2.jpg
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=80, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=733], progressive, precision 8, 733x80, components 3\012- data
Size
13 kB (12871 bytes)
Hash
7e3bba5148383e024e7c60df9f45f50e
fdda5141ebad4e113e7474978a8b7f243b399488
69e8a33827a670237dddcabf6be05afa3de58f0bc4be2c19baa6840a033ef4fc

HTTP Headers

GET /wp-content/themes/charcoal2/images/title2.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/wp-content/themes/charcoal2/style.css
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 27 Nov 2022 09:31:52 GMT
content-type: image/jpeg
content-length: 12871
last-modified: Tue, 19 May 2020 23:50:09 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "5ec470b1-3247"
expires: Sat, 03 Dec 2022 12:06:32 GMT
age: 560868
X-Firefox-Spdy: h2

gnula.nu/wp-content/themes/charcoal2/images/cover.jpg

185.178.208.130

200 OK

7.9 kB

URL HTTP/2
gnula.nu/wp-content/themes/charcoal2/images/cover.jpg
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2012:10:22 18:36:21], progressive, precision 8, 733x1, components 3\012- data
Size
7.9 kB (7863 bytes)
Hash
c112f3224ed14bb42edf832fb372b7ed
b8fa50269e145cdff0e133e9200240881409affa
3ef5c51a9b84f59b50fa0b4bcf5f007a7f431d0b1ad305d1488a108341d3ea97

HTTP Headers

GET /wp-content/themes/charcoal2/images/cover.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/wp-content/themes/charcoal2/style.css
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 29 Nov 2022 17:20:47 GMT
content-type: image/jpeg
content-length: 7863
last-modified: Tue, 19 May 2020 23:50:09 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "5ec470b1-1eb7"
expires: Sat, 03 Dec 2022 12:05:12 GMT
age: 359933
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a77f62f0fd1ec8d075b0aa9f43940bcc
9d32a64a96ca4b522b286ed5f87f7e43baaa587f
74f68f9be470497e2d7562847f771f827459b39bf2afdce3dc846004d968a02d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "74F68F9BE470497E2D7562847F771F827459B39BF2AFDCE3DC846004D968A02D"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5634
Expires: Sat, 03 Dec 2022 22:53:34 GMT
Date: Sat, 03 Dec 2022 21:19:40 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
d64cbd1a2caf17eaad90cf0e95f1d885
b2aad6417901588085c21ad855a53526abb30f6c
998ab7f762e84b83b3630b40adf19704a73c39ff10d06b3eb8cd8595dad2773a

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "998AB7F762E84B83B3630B40ADF19704A73C39FF10D06B3EB8CD8595DAD2773A"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10473
Expires: Sun, 04 Dec 2022 00:14:13 GMT
Date: Sat, 03 Dec 2022 21:19:40 GMT
Connection: keep-alive

gnula.nu/wp-content/uploads/2014/11/netulogo.jpg

185.178.208.130

200 OK

2.5 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2014/11/netulogo.jpg
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 120x25, components 3\012- data
Size
2.5 kB (2533 bytes)
Hash
cba3b20095c24b7e63db7d30bd0363ea
0139eb1665459191ff8105af0e813d0c1c138098
62c10396f5fd6183a81b17b06966f56901afad810556da133074567af9a5eee1

HTTP Headers

GET /wp-content/uploads/2014/11/netulogo.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 03 Dec 2022 20:52:19 GMT
content-type: image/jpeg
content-length: 2533
last-modified: Wed, 20 May 2020 00:18:34 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "5ec4775a-9e5"
expires: Fri, 09 Dec 2022 18:56:08 GMT
age: 1641
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2016/04/flashx_logo_icono.jpg

185.178.208.130

200 OK

11 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2016/04/flashx_logo_icono.jpg
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
JPEG image data, JFIF standard 1.02, resolution (DPCM), density 28x28, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop CS4 Windows, datetime=2016:04:11 17:09:47], baseline, precision 8, 120x25, components 3\012- data
Size
11 kB (11168 bytes)
Hash
c073fc25099ef5094828a0c34ad66c3b
e1d0ab286599c17f2c158177dbe63e5ddcaf3639
c257d3c45420e52298688db59195c1bfc456dfd219f66b7fc99563331a419e94

HTTP Headers

GET /wp-content/uploads/2016/04/flashx_logo_icono.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 02 Dec 2022 17:14:22 GMT
content-type: image/jpeg
content-length: 11168
last-modified: Wed, 20 May 2020 00:18:39 GMT
etag: "5ec4775f-2ba0"
expires: Fri, 09 Dec 2022 17:14:22 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 101118
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2014/03/streamlogo.jpg

185.178.208.130

200 OK

11 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2014/03/streamlogo.jpg
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2012:10:29 20:20:02], progressive, precision 8, 120x25, components 3\012- data
Size
11 kB (10955 bytes)
Hash
aa76e27b50dc1f64b3b86965865a938f
909bb632995d0ed0e9488bddb58db08997855fcb
6a9785c81021e3f738d420bb27c23228c0eb0922ac7f047d4fe5c3ffd6afcc99

HTTP Headers

GET /wp-content/uploads/2014/03/streamlogo.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 03 Dec 2022 15:14:25 GMT
content-type: image/jpeg
content-length: 10955
last-modified: Wed, 20 May 2020 00:18:35 GMT
etag: "5ec4775b-2acb"
expires: Sat, 10 Dec 2022 15:14:25 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 21915
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
71051c57b5b047bd11a873d032a4f28f
acba394c09064359c0933e480626b5d4a2177e9f
eeaaff8b246df4ce669e53d866edaf351b1c5348cd713cef632d2039605cd867

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EEAAFF8B246DF4CE669E53D866EDAF351B1C5348CD713CEF632D2039605CD867"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2964
Expires: Sat, 03 Dec 2022 22:09:04 GMT
Date: Sat, 03 Dec 2022 21:19:40 GMT
Connection: keep-alive

gnula.nu/wp-content/uploads/2014/08/higefileslogo.jpg

185.178.208.130

200 OK

13 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2014/08/higefileslogo.jpg
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop CS5 Windows, datetime=2014:08:07 12:16:59], progressive, precision 8, 120x25, components 3\012- data
Size
13 kB (13174 bytes)
Hash
a8e4a7a20dec940ebe12382c3270f489
64146cada702a8ec9110ae97c4c0a240640b8f85
9da91d97c88a63a7291f70107be399aa69971f976c9fed7d5f5293844ee7cb41

HTTP Headers

GET /wp-content/uploads/2014/08/higefileslogo.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 02 Dec 2022 11:20:43 GMT
content-type: image/jpeg
content-length: 13174
last-modified: Wed, 20 May 2020 00:18:36 GMT
etag: "5ec4775c-3376"
expires: Fri, 09 Dec 2022 11:20:43 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 122338
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2014/11/uptoboxlogo.jpg

185.178.208.130

200 OK

15 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2014/11/uptoboxlogo.jpg
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop CS5 Windows, datetime=2014:11:09 16:09:18], baseline, precision 8, 120x25, components 3\012- data
Size
15 kB (14655 bytes)
Hash
b1293684b940b0a121cd5fef371bf248
ef2f3785dfd4a95159c53981bf16e9dc620068e4
fef8a80115e0dc42784d442204536dc7085770193c4549ca7cb070ca69c4cb04

HTTP Headers

GET /wp-content/uploads/2014/11/uptoboxlogo.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 30 Nov 2022 02:30:08 GMT
content-type: image/jpeg
content-length: 14655
last-modified: Wed, 20 May 2020 00:18:34 GMT
etag: "5ec4775a-393f"
expires: Wed, 07 Dec 2022 02:30:08 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 326972
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2014/08/powvideologo.jpg

185.178.208.130

200 OK

13 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2014/08/powvideologo.jpg
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2014:08:07 12:24:51], progressive, precision 8, 120x25, components 3\012- data
Size
13 kB (12692 bytes)
Hash
b5a70ab6f979625d56428f38845b0585
722a725e9079675de26f4819a2ea355af5bcb365
a70828377c541df6d2f61b16bb705e200795a643816ee9eb5218d3c3cc4c10e3

HTTP Headers

GET /wp-content/uploads/2014/08/powvideologo.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 28 Nov 2022 19:03:04 GMT
content-type: image/jpeg
content-length: 12692
last-modified: Wed, 20 May 2020 00:18:36 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "5ec4775c-3194"
expires: Thu, 01 Dec 2022 12:04:13 GMT
age: 440196
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2016/01/ma_ma_poster_espa%C3%B1ol.jpg

185.178.208.130

200 OK

174 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2016/01/ma_ma_poster_espa%C3%B1ol.jpg
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2016:01:15 14:10:50], baseline, precision 8, 394x512, components 3\012- data
Size
174 kB (173974 bytes)
Hash
79febb81f8c99a30bab93d25291fc741
932aca4c12db23f04d3fbf24a961e2ca21733ac0
9dcd1143879aa34b8f1435bddea1ccbe7c19c6c8650f60fabba6f3b78048af5a

HTTP Headers

GET /wp-content/uploads/2016/01/ma_ma_poster_espa%C3%B1ol.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 03 Dec 2022 21:19:40 GMT
content-type: image/jpeg
content-length: 173974
last-modified: Wed, 20 May 2020 00:18:45 GMT
etag: "5ec47765-2a796"
expires: Sat, 10 Dec 2022 21:19:40 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2014/03/logouplonee.jpg

185.178.208.130

200 OK

12 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2014/03/logouplonee.jpg
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2012:10:26 10:57:01], progressive, precision 8, 120x25, components 3\012- data
Size
12 kB (11951 bytes)
Hash
986778606a0fe42fb4c7634297518f12
b1d1b78683e7a6ba7197af4b8615239dd38247d5
3a364228f9e7852095a9f96fe04532684a1fc3146d9481e1c2a33e20449708d7

HTTP Headers

GET /wp-content/uploads/2014/03/logouplonee.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 30 Nov 2022 13:49:30 GMT
content-type: image/jpeg
content-length: 11951
last-modified: Wed, 20 May 2020 00:18:35 GMT
etag: "5ec4775b-2eaf"
expires: Wed, 07 Dec 2022 13:49:30 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 286210
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
71051c57b5b047bd11a873d032a4f28f
acba394c09064359c0933e480626b5d4a2177e9f
eeaaff8b246df4ce669e53d866edaf351b1c5348cd713cef632d2039605cd867

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EEAAFF8B246DF4CE669E53D866EDAF351B1C5348CD713CEF632D2039605CD867"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2964
Expires: Sat, 03 Dec 2022 22:09:04 GMT
Date: Sat, 03 Dec 2022 21:19:40 GMT
Connection: keep-alive

gnula.nu/wp-content/uploads/2014/03/teelogo.jpg

185.178.208.130

200 OK

1.9 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2014/03/teelogo.jpg
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Picasa], baseline, precision 8, 120x25, components 3\012- data
Size
1.9 kB (1869 bytes)
Hash
79aa34a85d291706678d412586288e69
a49e3d3f00afa76d8752f3ac354e5923516b87a9
f2542be2bbff5095b6a0458ffd7b9f81dbe35cbe4663d558af58b6fdd75311c8

HTTP Headers

GET /wp-content/uploads/2014/03/teelogo.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 29 Nov 2022 13:31:14 GMT
content-type: image/jpeg
content-length: 1869
last-modified: Wed, 20 May 2020 00:18:35 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "5ec4775b-74d"
expires: Thu, 01 Dec 2022 14:54:30 GMT
age: 373706
X-Firefox-Spdy: h2

gnula.nu/wp-content/themes/charcoal2/images/meta2.jpg

185.178.208.130

200 OK

10 kB

URL HTTP/2
gnula.nu/wp-content/themes/charcoal2/images/meta2.jpg
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=36, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=733], progressive, precision 8, 733x36, components 3\012- data
Size
10 kB (10093 bytes)
Hash
d4ff51ac76dfed6d096597e3df76dd53
456558d04e04ea784a950ea752d35411e6b98bde
29c63951fe970b00a8d5da4c56da57e1b225abf9f5fc4e62fae7e6d40659a5c8

HTTP Headers

GET /wp-content/themes/charcoal2/images/meta2.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/wp-content/themes/charcoal2/style.css
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 29 Nov 2022 13:30:21 GMT
content-type: image/jpeg
content-length: 10093
last-modified: Tue, 19 May 2020 23:50:09 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "5ec470b1-276d"
expires: Mon, 05 Dec 2022 15:12:15 GMT
age: 373759
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2015/03/openloadlogo.jpg

185.178.208.130

200 OK

11 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2015/03/openloadlogo.jpg
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2015:03:29 15:15:09], baseline, precision 8, 120x25, components 3\012- data
Size
11 kB (10776 bytes)
Hash
15d4e6f382ee94b9d9230920c881b6e7
fb5a6daf812dd9c971bee24004aba6e76777d2cb
9178ee0072e9a0f0c2c3f4c74dd9af0a6a9b9fd3c128b3e63d2eb1a457ccd1ce

HTTP Headers

GET /wp-content/uploads/2015/03/openloadlogo.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 01 Dec 2022 11:16:11 GMT
content-type: image/jpeg
content-length: 10776
last-modified: Wed, 20 May 2020 00:19:18 GMT
etag: "5ec47786-2a18"
expires: Thu, 08 Dec 2022 11:16:11 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 209010
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2014/08/almmylogo.jpg

185.178.208.130

200 OK

12 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2014/08/almmylogo.jpg
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2012:10:25 20:57:39], progressive, precision 8, 120x25, components 3\012- data
Size
12 kB (12268 bytes)
Hash
c2f199bfdb5750b5da2d48234eca492e
3abb99bebf52cc711e5dcb387e1151eba29844bf
787f40391d749e3d4abf707476d833ce3703d2fbef0f4cebacb51a43d4b667a8

HTTP Headers

GET /wp-content/uploads/2014/08/almmylogo.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 02 Dec 2022 19:24:15 GMT
content-type: image/jpeg
content-length: 12268
last-modified: Wed, 20 May 2020 00:18:36 GMT
etag: "5ec4775c-2fec"
expires: Fri, 09 Dec 2022 19:24:15 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 93325
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

gnula.nu/wp-content/themes/charcoal2/images/footer.jpg

185.178.208.130

200 OK

12 kB

URL HTTP/2
gnula.nu/wp-content/themes/charcoal2/images/footer.jpg
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2012:10:22 19:48:35], progressive, precision 8, 1200x72, components 3\012- data
Size
12 kB (11906 bytes)
Hash
2c6aad12cf0fdab93b1e0a1829e16e32
0920b41cd4d2f0f2b8fb42d992dfdddbc51ea67f
ab6ff958174c2bbf87bebd765f638b90904f63f31c85ce3e0159b67ca489d3b5

HTTP Headers

GET /wp-content/themes/charcoal2/images/footer.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/wp-content/themes/charcoal2/style.css
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 30 Nov 2022 17:25:46 GMT
content-type: image/jpeg
content-length: 11906
last-modified: Tue, 19 May 2020 23:50:09 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "5ec470b1-2e82"
expires: Wed, 07 Dec 2022 00:26:43 GMT
age: 273234
X-Firefox-Spdy: h2

hangersbozal.com/flRBO2UBwE6d/27199

23.109.248.182

200 OK

26 B

URL HTTP/1.1
hangersbozal.com/flRBO2UBwE6d/27199
IP
23.109.248.182:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95

HTTP Headers

GET /flRBO2UBwE6d/27199 HTTP/1.1
Host: hangersbozal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 21:19:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://gnula.nu
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Sun, 04-Dec-2022 21:19:40 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Sun, 04-Dec-2022 21:19:40 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

gnula.nu/wp-content/uploads/2015/07/streaminlogo.jpg

185.178.208.130

200 OK

11 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2015/07/streaminlogo.jpg
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop CS5 Windows, datetime=2015:07:10 13:13:03], baseline, precision 8, 120x25, components 3\012- data
Size
11 kB (10761 bytes)
Hash
1a984b3a5a5f82ab7521e636e4eb9c2f
d854c8118c4da80e5c1aed184d733d8d85745626
3f22eb1fa2f3c037be6d2b473c462cb9870b67dffc0b5e9d1b7003b70121c9db

HTTP Headers

GET /wp-content/uploads/2015/07/streaminlogo.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 02 Dec 2022 19:24:16 GMT
content-type: image/jpeg
content-length: 10761
last-modified: Wed, 20 May 2020 00:19:20 GMT
etag: "5ec47788-2a09"
expires: Fri, 09 Dec 2022 19:24:16 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 93325
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

gnula.nu/wp-content/uploads/2017/01/uploading_logo.jpg

185.178.208.130

200 OK

12 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2017/01/uploading_logo.jpg
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2017:01:29 12:39:26], baseline, precision 8, 120x25, components 3\012- data
Size
12 kB (12327 bytes)
Hash
55cfa643550bc78b6c9228e8d0245e60
66eab303d1724435cefb3eaadf92cf25ed548e49
92ec3c61164e8770692e92ad9b018ce454de0b15b0905da856fab2698cbaf394

HTTP Headers

GET /wp-content/uploads/2017/01/uploading_logo.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 03 Dec 2022 02:26:10 GMT
content-type: image/jpeg
content-length: 12327
last-modified: Wed, 20 May 2020 00:18:26 GMT
etag: "5ec47752-3027"
expires: Sat, 10 Dec 2022 02:26:10 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 68010
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fd0b48347644ddc60fb16b04140cfcb7
ef8d6c8e3c979e98c82655290150aa14fe5d44d1
f3d27c16653ed979a7cce2dc6239a48a86c7dab2fc34949b540802e50b05275a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6153
Cache-Control: max-age=170304
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 21:19:40 GMT
Etag: "638b9ba3-1d7"
Expires: Mon, 05 Dec 2022 20:38:04 GMT
Last-Modified: Sat, 03 Dec 2022 18:55:31 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
b787b831f02ec8a24b1dd3f2f9e04c3c
cbcd6f16f4d3d785ea3d0a329133eaf9aee18f48
9d98404fabb2472e0ec8eb3e4f9dfe6ac531cb4a6682ce85f607f4858a542c16

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 21:19:40 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 07 Dec 2022 20:17:39 GMT
ETag: "cbcd6f16f4d3d785ea3d0a329133eaf9aee18f48"
Last-Modified: Sat, 03 Dec 2022 20:17:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 682
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773f57853b90b524-OSL

grunoaph.net/tag.min.js

139.45.197.238

200 OK

23 kB

URL HTTP/2
grunoaph.net/tag.min.js
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type
ASCII text, with very long lines (65536), with no line terminators
Size
23 kB (23393 bytes)
Hash
391a9fe961c74a035ed5ac424bfc5fb2
65bf15f254531c80c76212bb6d3c5f33d6a501ee
73f16b3e042c5e5f34570279688fb08577d95105d0707d1a21b11c0c1524dcfb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: grunoaph.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 21:19:40 GMT
content-type: text/javascript; charset=utf-8
content-length: 23393
content-encoding: br
x-trace-id: 8e6d6ea57a6ed521baafdb8ce3c1225d
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Fri, 02 Dec 2022 10:19:16 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

www.facebook.com/plugins/like.php?href=https%3A%2F%2Fgnula.nu%2Fdrama%2Fver-ma-ma-2015-online%2F&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light

157.240.240.35

200 OK

0 B

URL HTTP/2
www.facebook.com/plugins/like.php?href=https%3A%2F%2Fgnula.nu%2Fdrama%2Fver-ma-ma-2015-online%2F&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light
IP
157.240.240.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /plugins/like.php?href=https%3A%2F%2Fgnula.nu%2Fdrama%2Fver-ma-ma-2015-online%2F&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: JvAUUGkqJ6duVKqGBi4aYMSz1FSqc89/krUnHUmlcO0HzZ/YYQuAN9FIzulobQsMFEWyN50lwiyQo/MBMcCvpg==
content-length: 0
date: Sat, 03 Dec 2022 21:19:40 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

gnula.nu/drama/ver-ma-ma-2015-online/

185.178.208.130

200 OK

0 B

URL HTTP/2
gnula.nu/drama/ver-ma-ma-2015-online/
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /drama/ver-ma-ma-2015-online/ HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/drama/ver-ma-ma-2015-online/
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 03 Dec 2022 21:19:40 GMT
content-type: text/html; charset=UTF-8
link: <https://gnula.nu/wp-json/>; rel="https://api.w.org/", <https://gnula.nu/wp-json/wp/v2/posts/157200>; rel="alternate"; type="application/json", <https://gnula.nu/?p=157200>; rel=shortlink
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fd0b48347644ddc60fb16b04140cfcb7
ef8d6c8e3c979e98c82655290150aa14fe5d44d1
f3d27c16653ed979a7cce2dc6239a48a86c7dab2fc34949b540802e50b05275a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6153
Cache-Control: max-age=170304
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 21:19:40 GMT
Etag: "638b9ba3-1d7"
Expires: Mon, 05 Dec 2022 20:38:04 GMT
Last-Modified: Sat, 03 Dec 2022 18:55:31 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fgnula.nu

93.184.220.66

200 OK

105 kB

URL HTTP/1.1
platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fgnula.nu
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56168)
Size
105 kB (105445 bytes)
Hash
2b4968b185495eddda0d85b2351ebb71
c665785ca0f4039f8c71d94631cd50a879d866b5
eb8af089d8082a58a6e90fedc23007f17a9e89ddbc6a29b6e535e4847ba94160

HTTP Headers

GET /widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fgnula.nu HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 229304
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 03 Dec 2022 21:19:40 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105445

www.google-analytics.com/analytics.js

216.239.34.178

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
216.239.34.178:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 03 Dec 2022 20:46:55 GMT
expires: Sat, 03 Dec 2022 22:46:55 GMT
cache-control: public, max-age=7200
age: 1965
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1377c2956f6d4d989e6fafbe01600b49
7a550dd67e42a8f1ba1468646af02691d0580345
4e0206cd8e1112cdefa7f974876461a968bbcbbf016b1b1c2e3af77346507886

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 21:19:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

gnula.nu/wp-content/uploads/2015/06/natsu_incono_gnula.jpg

185.178.208.130

200 OK

2.8 kB

URL HTTP/2
gnula.nu/wp-content/uploads/2015/06/natsu_incono_gnula.jpg
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 59x45, components 3\012- data
Size
2.8 kB (2761 bytes)
Hash
00a0e9802138dd13d3433dc8a8892dc5
27f4b2b80e9fc682d63953d08ef14457dd8ae6ac
ad0ebb72ed8394e48ffaf5ef59244ccfe0f5af7a43df06fd7061b068f4a91df2

HTTP Headers

GET /wp-content/uploads/2015/06/natsu_incono_gnula.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 01 Dec 2022 16:30:03 GMT
content-type: image/jpeg
content-length: 2761
last-modified: Wed, 20 May 2020 00:19:16 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "5ec47784-ac9"
expires: Thu, 08 Dec 2022 15:46:02 GMT
age: 190177
X-Firefox-Spdy: h2

www.google.com/cse/static/images/1x/es/branding.png

216.58.207.228

200 OK

1.4 kB

URL HTTP/2
www.google.com/cse/static/images/1x/es/branding.png
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
PNG image data, 132 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1404 bytes)
Hash
5cde6b1e2022536bb6bad42206b592e6
d5f8b090cdf01d307543e4adc439c5b450725ef6
6034e5ee0510f90b538cb59205702151396dda15fc431432b7fc95e4ecde8886

HTTP Headers

GET /cse/static/images/1x/es/branding.png HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 1404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 16:51:26 GMT
expires: Sat, 02 Dec 2023 16:51:26 GMT
cache-control: public, max-age=31536000
age: 102494
last-modified: Mon, 25 May 2020 08:30:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
d047b0066d46de7f699f07688af3918b
288803bbc80d1942b424477bbc4606b129aebd1f
9ac9c1963945c3fc69568fe642db3d270f59b1328bf4ccd03bf69e7b6248e597

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5989
Cache-Control: max-age=131948
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 21:19:40 GMT
Etag: "638b0674-117"
Expires: Mon, 05 Dec 2022 09:58:48 GMT
Last-Modified: Sat, 03 Dec 2022 08:19:00 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279

ok.ru/res/js/lib/require-2.1.11_1ae533d5.js

217.20.147.1

200 OK

5.8 kB

URL HTTP/2
ok.ru/res/js/lib/require-2.1.11_1ae533d5.js
IP
217.20.147.1:0
ASN
#47764 Mail.Ru LLC

File type
ASCII text, with very long lines (16739)
Size
5.8 kB (5789 bytes)
Hash
07e62c9cf1f95e62ea829b62dd9b669b
f3413232a12f65a0cca1fee0694a370dd65e8784
1445394e2f42ae01eaf7724ec39ee5a1ba3fb7bbd14378e7b2389b8730cce93d

HTTP Headers

GET /res/js/lib/require-2.1.11_1ae533d5.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/videoembed/39334316660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: apache
date: Sat, 03 Dec 2022 21:19:40 GMT
content-type: application/javascript
content-length: 5789
last-modified: Wed, 30 Nov 2022 09:31:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Sun, 03 Dec 2023 21:19:40 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
d64cbd1a2caf17eaad90cf0e95f1d885
b2aad6417901588085c21ad855a53526abb30f6c
998ab7f762e84b83b3630b40adf19704a73c39ff10d06b3eb8cd8595dad2773a

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "998AB7F762E84B83B3630B40ADF19704A73C39FF10D06B3EB8CD8595DAD2773A"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10473
Expires: Sun, 04 Dec 2022 00:14:13 GMT
Date: Sat, 03 Dec 2022 21:19:40 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1f3a4f3edea56419c58836a0c80d5cea
1558a7ad0acc0c09cdf39ec92030f7ee5736e595
70aeda0cb136ac1add86931a338558b9f302576cd65537575d232fda623fe2f0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 21:19:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
d047b0066d46de7f699f07688af3918b
288803bbc80d1942b424477bbc4606b129aebd1f
9ac9c1963945c3fc69568fe642db3d270f59b1328bf4ccd03bf69e7b6248e597

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5989
Cache-Control: max-age=131948
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 21:19:40 GMT
Etag: "638b0674-117"
Expires: Mon, 05 Dec 2022 09:58:48 GMT
Last-Modified: Sat, 03 Dec 2022 08:19:00 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9caeefc49be26de4b50c14df1aace81f
ef836496e49f843f0e4c2dc991c314aad13f0f2e
83203278dadec9319a72ccb142c413696d8bd09a25f1b6c8d1edef20405e90f0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83203278DADEC9319A72CCB142C413696D8BD09A25F1B6C8D1EDEF20405E90F0"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8942
Expires: Sat, 03 Dec 2022 23:48:42 GMT
Date: Sat, 03 Dec 2022 21:19:40 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a06afa1875c7542451698bb20623def1
b6075db78f93567b4a115d4cc0c1cc7f170de3f6
0257f7232d4431fadd985f2137df900816246f51936ae8521d35f44b21fa6c83

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 21:19:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
2f5bcb23562721f333e4c0195a90fe4d
fd1e68361909eec82e9e6c007ee53783df89d44f
1c64c1a7595bf6396ea49fe78a129c2e7b3b2fecb22064b32d033d5984fab453

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 21:19:40 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 07 Dec 2022 17:08:21 GMT
ETag: "fd1e68361909eec82e9e6c007ee53783df89d44f"
Last-Modified: Sat, 03 Dec 2022 17:08:22 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3118
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773f57870e33b524-OSL

my.rtmark.net/gid.js?userId=4564fbaf71bf4786a1c8058fab40c5de

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js?userId=4564fbaf71bf4786a1c8058fab40c5de
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
7717e70fa72f5991779efd2f0f949772
ef1a6430a66d1db541a6a4a328a13e2aacc9378c
a8eaea28ff8ac4de60086c2e08a49544910b9c56e681ce3cf62b6b1e2512d990

HTTP Headers

GET /gid.js?userId=4564fbaf71bf4786a1c8058fab40c5de HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gnula.nu
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 21:19:40 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://gnula.nu
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=4564fbaf71bf4786a1c8058fab40c5de; expires=Sun, 03 Dec 2023 21:19:40 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

314 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
314 B (314 bytes)
Hash
fc8e1e0675ef89a5d91c16a880825235
67567dd13ea965f97dd6033b8c4002fc01f7e4b9
aaf47c75afcb57a79a78f6a3298b4bd197ef74b36deec719e262b7b46f3cd415

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2517
Cache-Control: max-age=116924
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 21:19:40 GMT
Etag: "638ad953-13a"
Expires: Mon, 05 Dec 2022 05:48:24 GMT
Last-Modified: Sat, 03 Dec 2022 05:06:27 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 314

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
4a92730d3c8d822aa65ca52a33b2c44f
1151da0ac0e50e9adc4f28abedfd4355db2f8afa
20710197a7f33f26271f429aa93d09bdf0f3a69511ceb561bc1ab4a37d94be24

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "20710197A7F33F26271F429AA93D09BDF0F3A69511CEB561BC1AB4A37D94BE24"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13685
Expires: Sun, 04 Dec 2022 01:07:45 GMT
Date: Sat, 03 Dec 2022 21:19:40 GMT
Connection: keep-alive

ok.ru/videoembed/39334316660

217.20.147.1

200 OK

24 kB

URL HTTP/2
ok.ru/videoembed/39334316660
IP
217.20.147.1:0
ASN
#47764 Mail.Ru LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63041)
Size
24 kB (24163 bytes)
Hash
994ea190de8b1c649d872f48724e5666
dcdff950a76067e205dfbae66066994ff39b712d
bef4c2cfb80bac7402181674060b3ca49a513f9569613ce1f1fa9ca29f620456

HTTP Headers

GET /videoembed/39334316660 HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: apache
date: Sat, 03 Dec 2022 21:19:40 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
set-cookie: bci=7308107841493437698; Domain=.ok.ru; Expires=Fri, 22-Dec-2090 00:33:47 GMT; Path=/; Secure; HttpOnly
_statid=85434119-1b7a-4de8-8555-a12999ec2dc7; Domain=.ok.ru; Expires=Fri, 22-Dec-2090 00:33:47 GMT; Path=/; Secure; HttpOnly
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:;  script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru;  worker-src blob: 'self';  connect-src * wss: blob: data:;  font-src * data: blob:; frame-src * blob: 'self';  img-src * data: blob: about:;  media-src * data: blob:;  object-src *;  report-uri /csp/report;
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
last-modified: Wed, 10 Aug 2022 23:05:00 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: br
X-Firefox-Spdy: h2

ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js

142.250.74.99

200 OK

4.3 kB

URL HTTP/2
ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js
IP
142.250.74.99:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2267)
Size
4.3 kB (4294 bytes)
Hash
3f7502705229ccec9d066c5cd75e6c31
ede1663155afaa5a5213d075e6295c6d839b05c3
2be5113d3022d1819a19f327235d287a2538a03741fc08ccd9d55cc1d78b6282

HTTP Headers

GET /accounts/o/1832714284-postmessagerelay.js HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-length: 4294
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 08:48:19 GMT
expires: Wed, 29 Nov 2023 08:48:19 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 19 Nov 2022 03:11:36 GMT
content-type: text/javascript
age: 390681
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

tzegilo.com/stattag.js

104.21.84.149

200 OK

13 kB

URL HTTP/2
tzegilo.com/stattag.js
IP
104.21.84.149:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (12966), with no line terminators
Size
13 kB (13296 bytes)
Hash
cf69360ed99b1d424c23c1dc452cb483
9c472669baa897b41a7d3a3ede7923685e42c080
6a959a7065990b225a1c47b10579ff8dab8034525889ff67ec770a46dada6a60

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 03 Dec 2022 21:19:40 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 3694
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KvEqZXP9SptrCtGOaQ0l4oJEVLAsp1toSffprymcUrtTS5V3kEqzlZHhIyajRMREDKRRGZ2vozzofV9h2QH38Bo9Gq73GU%2BP3twQz30GBSxaDE5Fximdelb4bo6Yjw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773f57866cf3b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
2a3e9c9270d5d1402700343b567d8e21
4348655937347ff19881acafd04b1277e017f19c
905ee9517e8597ac86e76b99b970f77a4fbb2500de30ef6efea97a4bbcea51d4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 21:19:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 13:33:18 GMT
Expires: Fri, 09 Dec 2022 13:33:17 GMT
Etag: "4348655937347ff19881acafd04b1277e017f19c"
Cache-Control: max-age=489816,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773f5787d8a9b503-OSL

ok.ru/res/js/app/capture_5f689327.js

217.20.147.1

200 OK

675 B

URL HTTP/2
ok.ru/res/js/app/capture_5f689327.js
IP
217.20.147.1:0
ASN
#47764 Mail.Ru LLC

File type
ASCII text, with very long lines (1522)
Size
675 B (675 bytes)
Hash
0662bfa0b482394ccde3a3471903b82e
e4c8f1a990e7dcaac87bcfd9067928f234f80e3a
dc2c91380f47fbf65b1860daffea9d480b095ca121d72418cbcfd1b0238ede6d

HTTP Headers

GET /res/js/app/capture_5f689327.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/videoembed/39334316660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: apache
date: Sat, 03 Dec 2022 21:19:40 GMT
content-type: application/javascript
content-length: 675
last-modified: Wed, 30 Nov 2022 09:31:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Sun, 03 Dec 2023 21:19:40 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
4a92730d3c8d822aa65ca52a33b2c44f
1151da0ac0e50e9adc4f28abedfd4355db2f8afa
20710197a7f33f26271f429aa93d09bdf0f3a69511ceb561bc1ab4a37d94be24

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "20710197A7F33F26271F429AA93D09BDF0F3A69511CEB561BC1AB4A37D94BE24"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13685
Expires: Sun, 04 Dec 2022 01:07:45 GMT
Date: Sat, 03 Dec 2022 21:19:40 GMT
Connection: keep-alive

syndication.twitter.com/settings?session_id=34140e42887c932f9dc76ea5d7e4b9dcf4155a3d

104.244.42.136

200 OK

386 B

URL HTTP/2
syndication.twitter.com/settings?session_id=34140e42887c932f9dc76ea5d7e4b9dcf4155a3d
IP
104.244.42.136:0
ASN
#13414 TWITTER

File type
JSON data\012- , ASCII text, with very long lines (980), with no line terminators
Size
386 B (386 bytes)
Hash
d8191391c888619de075f6e68400d5d0
c50e4465150fa960db0be7c1eb5907a5f96eb5ed
115d700c917d36ef2d666d1c634f3b77413b2bccb78266bdba043b318009f773

HTTP Headers

GET /settings?session_id=34140e42887c932f9dc76ea5d7e4b9dcf4155a3d HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Sat, 03 Dec 2022 21:19:40 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Sat, 03 Dec 2022 21:19:40 GMT
content-length: 386
content-encoding: gzip
x-transaction-id: 653e147627772859
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 105
x-connection-hash: 61a923e57a14264a1692713aed408344c5d6a3415af75d8c7d957b4f7f6b0235
X-Firefox-Spdy: h2

datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f

37.48.68.71

200 OK

12 B

URL HTTP/1.1
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
37.48.68.71:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 908
Origin: https://gnula.nu
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 03 Dec 2022 21:19:40 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://gnula.nu
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

polldaddy.com/images/ratings/nero-hand-med.png

192.0.123.248

200 OK

4.5 kB

URL HTTP/2
polldaddy.com/images/ratings/nero-hand-med.png
IP
192.0.123.248:0
ASN
#2635 AUTOMATTIC

File type
data
Size
4.5 kB (4504 bytes)
Hash
5166909ee2dd999f098d0d3a41def34d
3cc49912871595126ef2ca128bc5e34b82f77ada
a220886e28f6e36965ad0c571e12d3ecb4170f1ba6dbcf70a1e1bdc2122e595e

HTTP Headers

GET /images/ratings/nero-hand-med.png HTTP/1.1
Host: polldaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 21:19:40 GMT
content-type: image/png
content-length: 1179
last-modified: Wed, 08 Sep 2021 02:43:27 GMT
etag: "6138234f-49b"
expires: Mon, 02 Jan 2023 21:19:40 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2

polldaddy.com/images/ratings/info.png

192.0.123.248

200 OK

4.3 kB

URL HTTP/2
polldaddy.com/images/ratings/info.png
IP
192.0.123.248:0
ASN
#2635 AUTOMATTIC

File type
data
Size
4.3 kB (4270 bytes)
Hash
c84871ff99c4558fb1b7605d777756df
bbaee6cefbea72e7b0c86a310e6c3499e707b820
9ed4850c0ab74ec5614f19f417b71f9a07102cec215e358a5b555315e5548ebf

HTTP Headers

GET /images/ratings/info.png HTTP/1.1
Host: polldaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 21:19:40 GMT
content-type: image/png
content-length: 1226
last-modified: Fri, 12 Mar 2021 05:30:45 GMT
etag: "604afc85-4ca"
expires: Mon, 02 Jan 2023 21:19:40 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2

ok.ru/res/js/app/VideoEmbed_bc0da08a.js

217.20.147.1

200 OK

360 B

URL HTTP/2
ok.ru/res/js/app/VideoEmbed_bc0da08a.js
IP
217.20.147.1:0
ASN
#47764 Mail.Ru LLC

File type
ASCII text, with very long lines (825)
Size
360 B (360 bytes)
Hash
5c3d7116fc8951a7fdcd7909dc3a15f3
054bf8af4b66c4c0924619d040d3cf446ffae37b
5c2d84d52609fff99f561cdb2876c1a6554ee4c7db52bd694342c6dbe4b5fde7

HTTP Headers

GET /res/js/app/VideoEmbed_bc0da08a.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/videoembed/39334316660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: apache
date: Sat, 03 Dec 2022 21:19:40 GMT
content-type: application/javascript
content-length: 360
last-modified: Wed, 30 Nov 2022 09:31:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Sun, 03 Dec 2023 21:19:40 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2

ok.ru/res/js/app/OKVideo_9a36c231.js

217.20.147.1

200 OK

5.3 kB

URL HTTP/2
ok.ru/res/js/app/OKVideo_9a36c231.js
IP
217.20.147.1:0
ASN
#47764 Mail.Ru LLC

File type
ASCII text, with very long lines (16141)
Size
5.3 kB (5345 bytes)
Hash
0e17a86b2af66f016df9abfd5ff879a9
bbe30620f6856b9241fb2e0975506d9e1ac8f521
fb1244febcf255d2c22674244e6bd942e6138e1b2e6e38e3fad099dbf5dfb267

HTTP Headers

GET /res/js/app/OKVideo_9a36c231.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/videoembed/39334316660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: apache
date: Sat, 03 Dec 2022 21:19:40 GMT
content-type: application/javascript
content-length: 5345
last-modified: Wed, 30 Nov 2022 09:31:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Sun, 03 Dec 2023 21:19:40 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17795
Expires: Sun, 04 Dec 2022 02:16:15 GMT
Date: Sat, 03 Dec 2022 21:19:40 GMT
Connection: keep-alive

ocsp.globalsign.com/gseccovsslca2018

104.18.21.226

200 OK

939 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
939 B (939 bytes)
Hash
9dcc47ecff01ca8bedb1a23611f1c759
ccdfa9581a91bd27b73f068435624cf2087bc959
e9befab0b34c62457fd35613018637d30447dd9d92631d814b92819caf817a7c

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 21:19:40 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Wed, 07 Dec 2022 18:26:06 GMT
ETag: "ccdfa9581a91bd27b73f068435624cf2087bc959"
Last-Modified: Sat, 03 Dec 2022 18:26:07 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 65
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773f5788c87db524-OSL

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17795
Expires: Sun, 04 Dec 2022 02:16:15 GMT
Date: Sat, 03 Dec 2022 21:19:40 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17795
Expires: Sun, 04 Dec 2022 02:16:15 GMT
Date: Sat, 03 Dec 2022 21:19:40 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
08ca0238100c906a665f21b1caa97f47
3f605891faeafb51a36cecd25d331bcc450d34e9
35dac74d71c723f7a8e7585174fad51a0115e4a294a2c0d80b63026e25825618

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 21:19:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

videoplayer.ru/ru/player/spruto/sp.js?v=3.0.0.0

188.114.96.1

200 OK

14 kB

URL HTTP/2
videoplayer.ru/ru/player/spruto/sp.js?v=3.0.0.0
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (40513)
Size
14 kB (14047 bytes)
Hash
18c7e1f3c103784919595313df165f84
6a842861fbb776166b4d38aea69ef4af225b5b95
c8b6f8a12524ccb0256cd8465ba429f87183933244bb994055395b6443324bc6

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /ru/player/spruto/sp.js?v=3.0.0.0 HTTP/1.1
Host: videoplayer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimple.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 03 Dec 2022 21:19:40 GMT
content-type: application/javascript
cache-control: max-age=14400
last-modified: Wed, 01 Jun 2022 19:06:58 GMT
etag: W/"0f515c4ea75d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2BCsWtBFY4PSVdEmIHOcNcSM8hjtkHO6rBAq2RJwP55dJB2Krot8avpedc6f5a0mI9CsELxTNhJ1XfuiTshAiCImKJEIRWFKkzyD%2FwjRAmnk6VmGRQ77rLun829HAgiyhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773f57879efdb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7732 bytes)
Hash
379a4a1b95d3aa3c5a4f8e7f9abb030f
d45dceb3dc58a07197aa5077582b5b1cd2ff791a
1b92dec5bf90beffbcd9060052b8788f08645dd4ba34219f7ddb2d40bbd2d151

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7732
x-amzn-requestid: 3781c2b7-082a-468a-a186-f7483494e749
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoEq3IAMFnKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-679fe9f905e07abf4e6a812c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: V4Z3TZtTDMjnyxZx7VdJrKtZ-PbZkWnsQ0-1eFDem4TVyRGvk0dc7A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:53:36 GMT
age: 84364
etag: "d45dceb3dc58a07197aa5077582b5b1cd2ff791a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5354 bytes)
Hash
1e74254b3fdce7d6b84a71a7aff43789
65c8b4abf957f9b54d99d0f78559e639adb29efb
f278c3cc6734da7188862a8c651c803e7ac1fda82234e191761453cb1359d3ee

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5354
x-amzn-requestid: 3d58ffea-3433-4c5c-a60b-17f6de3a33e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cSsnvG44oAMFfyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638427ca-63b375f04189b7ce7d84cd5d;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 03:15:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GBhAilKMKo9RvIzqzF9V4jTZbvpa2rPZeoy6Jy8fMc1-JO078OAYzQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 05:53:40 GMT
age: 55560
etag: "65c8b4abf957f9b54d99d0f78559e639adb29efb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9715 bytes)
Hash
45182367fd4f8b6dd234eef1022acdb1
d4b3052021ff3ad1dc4134fa25eb12a98e7c17da
a57fadaf74db2fb457cfe761314d56f021d22146f5bdb6a8bf11b6519e8a558d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9715
x-amzn-requestid: c8102cfa-78dc-4d81-ad6a-e16b9132e238
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZO2HQKIAMF8IA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2b-350c586b568e6565763376bd;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0QkVKyYm9UwlF5FEeli9UsRAQwEi3-c3bMR-QSJxIKRQe7WWT76dGQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:37:54 GMT
age: 85306
etag: "d4b3052021ff3ad1dc4134fa25eb12a98e7c17da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6174 bytes)
Hash
b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 06:00:50 GMT
age: 55130
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4309 bytes)
Hash
fcb89ca25035b2bbb71ae5dd175fcd40
544428cdad754b1bb7be3cd46a79bf078fd5b450
36dcbbe6cd2710ee502776b4bcf32053e92b750a55e2bd4cdeadbc694c7c2699

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: c824c317-e6e3-4006-9f9d-ea54e8170a4c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cf2_tGErIAMF8_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63896b97-7fc523296afea4dd4b5d1de8;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 03:05:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: tp50A9LYeT1RvSPImBUoQNKtarPryKb8Zacm_nxqDh-gegwdQov7Nw==
via: 1.1 40b967aa4aa18637c4b91214147f3cb4.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 03:50:52 GMT
age: 62928
etag: "544428cdad754b1bb7be3cd46a79bf078fd5b450"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js

93.184.220.66

200 OK

2.4 kB

URL HTTP/1.1
platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (7017), with no line terminators
Size
2.4 kB (2362 bytes)
Hash
83616664e4155f8af0efb0576f8920cf
1277b0f4f935bec3ada0f87c45395bb6d9b2efbc
bb19d85932c5e8a952b6fc28c1df42aed6d6920f79ee3f2217d2484294d575d3

HTTP Headers

GET /js/button.d2f864f87f544dc0c11d7d712a191c1f.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 256418
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 03 Dec 2022 21:19:40 GMT
Etag: "7bb2d17ac20be3bd6ec1079356afecd9+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:52 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2362

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144276616-1&cid=755125039.1670102378&jid=276381627&gjid=654219046&_gid=295395675.1670102378&_u=YEBAAUAAAAAAACAAI~&z=686058026

64.233.165.155

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144276616-1&cid=755125039.1670102378&jid=276381627&gjid=654219046&_gid=295395675.1670102378&_u=YEBAAUAAAAAAACAAI~&z=686058026
IP
64.233.165.155:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144276616-1&cid=755125039.1670102378&jid=276381627&gjid=654219046&_gid=295395675.1670102378&_u=YEBAAUAAAAAAACAAI~&z=686058026 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://gnula.nu
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://gnula.nu
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 03 Dec 2022 21:19:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

grunoaph.net/?rb=Oy2q8MJezN6DMR5eOH_j8KqvEyvLwR7aRDrifCRYn3801OAclsf5EOxN9bQQfomj9mzoflILXQ7sly-sC5PxAJvXrI2LbzQWEuMsP4vafM4i07uEpZlbZBkhvFuH7BgLND82Kt6YHzXG7-TLVzlE1ncqJ-uSCmyknSUrGh2wRATHjtiWfRky6PM0RbJN1jJv5eEe0WVr2tx-Ov5uFXAvnHTLKR92AjYSP4fd5FVsRUo%3D&request_ab2=96002&zoneid=5487261&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=6&pl=https%3A%2F%2Fgnula.nu%2Fdrama%2Fver-ma-ma-2015-online%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.458.0&bs=2a84c667-d11d-4fec-9d85-96b7372d862e&userId=4564fbaf71bf4786a1c8058fab40c5de&m=link

139.45.197.238

200 OK

1.7 kB

URL HTTP/2
grunoaph.net/?rb=Oy2q8MJezN6DMR5eOH_j8KqvEyvLwR7aRDrifCRYn3801OAclsf5EOxN9bQQfomj9mzoflILXQ7sly-sC5PxAJvXrI2LbzQWEuMsP4vafM4i07uEpZlbZBkhvFuH7BgLND82Kt6YHzXG7-TLVzlE1ncqJ-uSCmyknSUrGh2wRATHjtiWfRky6PM0RbJN1jJv5eEe0WVr2tx-Ov5uFXAvnHTLKR92AjYSP4fd5FVsRUo%3D&request_ab2=96002&zoneid=5487261&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=6&pl=https%3A%2F%2Fgnula.nu%2Fdrama%2Fver-ma-ma-2015-online%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.458.0&bs=2a84c667-d11d-4fec-9d85-96b7372d862e&userId=4564fbaf71bf4786a1c8058fab40c5de&m=link
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type
data
Size
1.7 kB (1712 bytes)
Hash
f16da707d6a402facb18724e4180302f
047575948c131f6a9fc2769c9dc48c37aa02e46a
8d212945512633ba376b75f285220af087ada9899a46e5215a8d656339c7fdac

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /?rb=Oy2q8MJezN6DMR5eOH_j8KqvEyvLwR7aRDrifCRYn3801OAclsf5EOxN9bQQfomj9mzoflILXQ7sly-sC5PxAJvXrI2LbzQWEuMsP4vafM4i07uEpZlbZBkhvFuH7BgLND82Kt6YHzXG7-TLVzlE1ncqJ-uSCmyknSUrGh2wRATHjtiWfRky6PM0RbJN1jJv5eEe0WVr2tx-Ov5uFXAvnHTLKR92AjYSP4fd5FVsRUo%3D&request_ab2=96002&zoneid=5487261&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=6&pl=https%3A%2F%2Fgnula.nu%2Fdrama%2Fver-ma-ma-2015-online%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.458.0&bs=2a84c667-d11d-4fec-9d85-96b7372d862e&userId=4564fbaf71bf4786a1c8058fab40c5de&m=link HTTP/1.1
Host: grunoaph.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gnula.nu/
Origin: https://gnula.nu
Connection: keep-alive
Cookie: OAID=4564fbaf71bf4786a1c8058fab40c5de; oaidts=1670102380
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 21:19:40 GMT
content-type: application/json
x-trace-id: 41050f93d72e01f5da08f03037867061
access-control-allow-origin: https://gnula.nu
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=4564fbaf71bf4786a1c8058fab40c5de; expires=Sun, 03 Dec 2023 21:19:40 GMT; path=/; secure; SameSite=None
oaidts=1670102380; expires=Sun, 03 Dec 2023 21:19:40 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 10 Dec 2022 21:19:40 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

ok.ru/res/js/lib/jquery-1.8.3_699b1ac6.js

217.20.147.1

200 OK

30 kB

URL HTTP/2
ok.ru/res/js/lib/jquery-1.8.3_699b1ac6.js
IP
217.20.147.1:0
ASN
#47764 Mail.Ru LLC

File type
Unicode text, UTF-8 text, with very long lines (36291)
Size
30 kB (29958 bytes)
Hash
c9ec089128fe701595e679c379cb04d4
448432aab6126c99f96fbfcd560458e6e4bd8cf6
5a7fad0f634f88c51358f65491dc20f0e42b57c70d6fe9007c53645757ebbbdb

HTTP Headers

GET /res/js/lib/jquery-1.8.3_699b1ac6.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/videoembed/39334316660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: apache
date: Sat, 03 Dec 2022 21:19:40 GMT
content-type: application/javascript
content-length: 29958
last-modified: Wed, 30 Nov 2022 09:31:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Sun, 03 Dec 2023 21:19:40 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2

ok.ru/res/js/b/primary_438edfa.js

217.20.147.1

200 OK

26 kB

URL HTTP/2
ok.ru/res/js/b/primary_438edfa.js
IP
217.20.147.1:0
ASN
#47764 Mail.Ru LLC

File type
ASCII text, with very long lines (55101)
Size
26 kB (25587 bytes)
Hash
42d2b38949098e833414c9e2ae9f72da
036c11e23b560fb68ab08e8438e736ee1710270b
21147eb60f074a465e1bd137f06d08b0819bb8765e1ac9ab362a807c1db478ee

HTTP Headers

GET /res/js/b/primary_438edfa.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/videoembed/39334316660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: apache
date: Sat, 03 Dec 2022 21:19:40 GMT
content-type: application/javascript
content-length: 25587
last-modified: Wed, 30 Nov 2022 09:31:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Sun, 03 Dec 2023 21:19:40 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2

st.mycdn.me/static/MegaPlayer/10-11-67/flashDetect.swf

217.20.155.82

200 OK

424 B

URL HTTP/2
st.mycdn.me/static/MegaPlayer/10-11-67/flashDetect.swf
IP
217.20.155.82:0
ASN
#47764 Mail.Ru LLC

File type
Macromedia Flash data (compressed), version 10\012- data
Size
424 B (424 bytes)
Hash
06c338f8a657bf5c6419ba4ab5964032
e4aa29797303e264067dc302a51d02f48b22ef2c
e94bf27d60e9ba64f079e8dcc296a1e12bcdf0bf8d189a7b1bceadcae979695a

HTTP Headers

GET /static/MegaPlayer/10-11-67/flashDetect.swf HTTP/1.1
Host: st.mycdn.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: apache
date: Sat, 03 Dec 2022 21:19:41 GMT
content-type: application/x-shockwave-flash
content-length: 424
last-modified: Thu, 17 Mar 2022 09:18:31 GMT
vary: Accept-Encoding
expires: Sun, 03 Dec 2023 21:19:41 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

mc.yandex.ru/metrika/tag.js

87.250.250.119

200 OK

73 kB

URL HTTP/2
mc.yandex.ru/metrika/tag.js
IP
87.250.250.119:0
ASN
#13238 YANDEX LLC

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (586)
Size
73 kB (73234 bytes)
Hash
ca660dd755c277ee54a1afa1a7b12570
54423b26ea7980e671f22a35cd949c8d1a8b1300
3291d6ec84cd4fc3d2e97998ff04aa2c54b39941079547d2d825b33c2f4169b8

HTTP Headers

GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 73234
date: Sat, 03 Dec 2022 21:19:40 GMT
access-control-allow-origin: *
etag: "6388ac0c-11e12"
expires: Sat, 03 Dec 2022 22:19:40 GMT
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
08ca0238100c906a665f21b1caa97f47
3f605891faeafb51a36cecd25d331bcc450d34e9
35dac74d71c723f7a8e7585174fad51a0115e4a294a2c0d80b63026e25825618

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 21:19:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

platform.twitter.com/widgets/tweet_button.644279d1635fd969e87af94a98bd232b.es.html

93.184.220.66

200 OK

14 kB

URL HTTP/1.1
platform.twitter.com/widgets/tweet_button.644279d1635fd969e87af94a98bd232b.es.html
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32033)
Size
14 kB (13990 bytes)
Hash
df9f1c904ed2c721599e1807ce50e10c
0ff0dd277a16bca1a9da1994fa40b505a3918f0c
b9efa6faa4fc0f00035eaeb0d0c6044aa62131568d3f1dcd6c0da4a69965f674

HTTP Headers

GET /widgets/tweet_button.644279d1635fd969e87af94a98bd232b.es.html HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 256121
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 03 Dec 2022 21:19:41 GMT
Etag: "fa4af18a6c068f0092b0e7636c87e143+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:56 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13990

ok.ru/res/js/lib/noext_2f9c7b37.js

217.20.147.1

200 OK

293 B

URL HTTP/2
ok.ru/res/js/lib/noext_2f9c7b37.js
IP
217.20.147.1:0
ASN
#47764 Mail.Ru LLC

File type
ASCII text
Size
293 B (293 bytes)
Hash
b8a297ed2464300416ef44e35c7c2538
20f9f47063cfb766f0d838c0855377eeed7c72dc
a8e99ebcaf3ba67af9abdbcde2b325950916eb30e4ceaf5aa109164a53155655

HTTP Headers

GET /res/js/lib/noext_2f9c7b37.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/videoembed/39334316660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: apache
date: Sat, 03 Dec 2022 21:19:41 GMT
content-type: application/javascript
content-length: 293
last-modified: Wed, 30 Nov 2022 09:31:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Sun, 03 Dec 2023 21:19:41 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2

syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fgnula.nu%2Fdrama%2Fver-ma-ma-2015-online%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22es%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1670102378977%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=34140e42887c932f9dc76ea5d7e4b9dcf4155a3d

104.244.42.136

200 OK

43 B

URL HTTP/2
syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fgnula.nu%2Fdrama%2Fver-ma-ma-2015-online%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22es%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1670102378977%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=34140e42887c932f9dc76ea5d7e4b9dcf4155a3d
IP
104.244.42.136:0
ASN
#13414 TWITTER

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

HTTP Headers

GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fgnula.nu%2Fdrama%2Fver-ma-ma-2015-online%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22es%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1670102378977%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=34140e42887c932f9dc76ea5d7e4b9dcf4155a3d HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Dec 2022 21:19:40 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Sat, 03 Dec 2022 21:19:41 GMT
content-length: 43
x-transaction-id: 1c80332d4d011feb
strict-transport-security: max-age=631138519
x-response-time: 112
x-connection-hash: 61a923e57a14264a1692713aed408344c5d6a3415af75d8c7d957b4f7f6b0235
X-Firefox-Spdy: h2

ok.ru/web-api/pts/video.player/en

217.20.147.1

200 OK

2.1 kB

URL HTTP/2
ok.ru/web-api/pts/video.player/en
IP
217.20.147.1:0
ASN
#47764 Mail.Ru LLC

File type
Unicode text, UTF-8 text, with very long lines (4931), with no line terminators
Size
2.1 kB (2071 bytes)
Hash
84784261ac7e4bd8c5660c178c4da6fd
2833248390f101cdb1150d63fbcef3bb350d139d
cdfdb5bc2c0923d4b818b6cdeada7fa854ec04399e71c631c811c3817bfbbd16

HTTP Headers

GET /web-api/pts/video.player/en HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/videoembed/39334316660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: apache
date: Sat, 03 Dec 2022 21:19:41 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, no-store
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
set-cookie: bci=6852755602565674413; Domain=.ok.ru; Expires=Fri, 22-Dec-2090 00:33:48 GMT; Path=/; Secure; HttpOnly
_statid=6141bda9-017b-4c84-8327-8db3185aeb98; Domain=.ok.ru; Expires=Fri, 22-Dec-2090 00:33:48 GMT; Path=/; Secure; HttpOnly
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:;  script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru;  worker-src blob: 'self';  connect-src * wss: blob: data:;  font-src * data: blob:; frame-src * blob: 'self';  img-src * data: blob: about:;  media-src * data: blob:;  object-src *;  report-uri /csp/report;
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
etag: W/"14a2eaa0cdc4e00c529dff3699717801"
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d177680f261fa0b5bf3d5ae3ed69af85
96cdc11262db0a9531fe0cd00e908f3e824c89b3
08eac8282cf4566d382816edac93db8581b65dc2898fc7ea80d7424224ed29ff

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 21:19:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144276616-1&cid=755125039.1670102378&jid=276381627&_u=YEBAAUAAAAAAACAAI~&z=1279332299

142.250.74.67

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144276616-1&cid=755125039.1670102378&jid=276381627&_u=YEBAAUAAAAAAACAAI~&z=1279332299
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144276616-1&cid=755125039.1670102378&jid=276381627&_u=YEBAAUAAAAAAACAAI~&z=1279332299 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 21:19:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d177680f261fa0b5bf3d5ae3ed69af85
96cdc11262db0a9531fe0cd00e908f3e824c89b3
08eac8282cf4566d382816edac93db8581b65dc2898fc7ea80d7424224ed29ff

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 21:19:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
a40f36ea10e09ac833be45282791cd8f
97f3c72b316ea0fd80c30c84071aa296ebed0aed
54e3c4737af6d0f65e4412cb5fec4bbf85cf96e7575910539e4b2037279b86af

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 21:19:41 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Wed, 07 Dec 2022 19:31:32 GMT
ETag: "97f3c72b316ea0fd80c30c84071aa296ebed0aed"
Last-Modified: Sat, 03 Dec 2022 19:31:33 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773f578c7de7b524-OSL

grunoaph.net/5/5487261/?oo=1&aab=1

139.45.197.238

200 OK

89 kB

URL HTTP/2
grunoaph.net/5/5487261/?oo=1&aab=1
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
89 kB (89423 bytes)
Hash
30c73f4d4b6523d2fde445a7e453d758
11d18e1b5e81e7d4735874a2719029b4897bc25e
d79eaf51ac21a854d21785a32ff7fbbb74ea341b4187346f0b401ac1d43fdab5

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /5/5487261/?oo=1&aab=1 HTTP/1.1
Host: grunoaph.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gnula.nu
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 21:19:40 GMT
content-type: application/json
x-trace-id: 2184ee48247fbbc54ec499b8b4967ea2
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://gnula.nu
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=4564fbaf71bf4786a1c8058fab40c5de; expires=Sun, 03 Dec 2023 21:19:40 GMT; path=/; secure; SameSite=None
oaidts=1670102380; expires=Sun, 03 Dec 2023 21:19:40 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

s3.multipulter.com/modules/ad/frame.js

46.61.151.250

200 OK

49 kB

URL HTTP/2
s3.multipulter.com/modules/ad/frame.js
IP
46.61.151.250:0
ASN
#12389 Rostelecom

File type
Unicode text, UTF-8 text, with very long lines (65210), with no line terminators
Size
49 kB (48925 bytes)
Hash
8adc2dc8a4563fd9aee9ff9029ead38f
b1214a4f6d2ce618d0096cf1261f65d4c16a9b26
01d0f5ebf56e56d4d005184ff94488fc2333c321124a222a4ca2d186d49d6ac1

HTTP Headers

GET /modules/ad/frame.js HTTP/1.1
Host: s3.multipulter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s3.multipulter.com/modules/ad/frame.html?origin=https%3A%2F%2Fplayer.vimple.ru
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.16.1
date: Sat, 03 Dec 2022 21:31:48 GMT
content-type: application/javascript
content-length: 48925
cache-control: max-age=60
content-encoding: gzip
last-modified: Thu, 12 May 2022 23:30:19 GMT
etag: "8037f43d5866d81:0"
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

mc.yandex.ru/watch/87663567?wmode=7&page-url=https%3A%2F%2Fok.ru%2Fvideoembed%2F39334316660&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynzjpe2ysmhyiw5vig54s%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A234769233566%3Ahid%3A25052775%3Az%3A0%3Ai%3A20221203211942%3Aet%3A1670102382%3Arn%3A720098409%3Arqn%3A1%3Au%3A1670102379872093872%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C7%2C0%2C%2C286%2C0%2C988%2C988%2C1%2C572%3Aco%3A0%3Ans%3A1670102378037%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670102382%3At%3AOK&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)

87.250.250.119

302 Found

400 B

URL HTTP/2
mc.yandex.ru/watch/87663567?wmode=7&page-url=https%3A%2F%2Fok.ru%2Fvideoembed%2F39334316660&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynzjpe2ysmhyiw5vig54s%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A234769233566%3Ahid%3A25052775%3Az%3A0%3Ai%3A20221203211942%3Aet%3A1670102382%3Arn%3A720098409%3Arqn%3A1%3Au%3A1670102379872093872%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C7%2C0%2C%2C286%2C0%2C988%2C988%2C1%2C572%3Aco%3A0%3Ans%3A1670102378037%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670102382%3At%3AOK&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP
87.250.250.119:0
ASN
#13238 YANDEX LLC

File type
JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Size
400 B (400 bytes)
Hash
38c22f3a894cb54de0bde872ed6cf8cd
6c0ba74f5f64768a05baa3fe83eb350e149a0bf5
3bba633cf27a3d937b268f3dd3e7c8bf84a08f18feb7cda4ab1082ef9abaf19c

HTTP Headers

GET /watch/87663567?wmode=7&page-url=https%3A%2F%2Fok.ru%2Fvideoembed%2F39334316660&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynzjpe2ysmhyiw5vig54s%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A234769233566%3Ahid%3A25052775%3Az%3A0%3Ai%3A20221203211942%3Aet%3A1670102382%3Arn%3A720098409%3Arqn%3A1%3Au%3A1670102379872093872%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C7%2C0%2C%2C286%2C0%2C988%2C988%2C1%2C572%3Aco%3A0%3Ans%3A1670102378037%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670102382%3At%3AOK&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ok.ru
Connection: keep-alive
Referer: https://ok.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
location: /watch/87663567/1?wmode=7&page-url=https%3A%2F%2Fok.ru%2Fvideoembed%2F39334316660&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynzjpe2ysmhyiw5vig54s%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A234769233566%3Ahid%3A25052775%3Az%3A0%3Ai%3A20221203211942%3Aet%3A1670102382%3Arn%3A720098409%3Arqn%3A1%3Au%3A1670102379872093872%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C7%2C0%2C%2C286%2C0%2C988%2C988%2C1%2C572%3Aco%3A0%3Ans%3A1670102378037%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670102382%3At%3AOK&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Sat, 03 Dec 2022 21:19:44 GMT
access-control-allow-origin: https://ok.ru
set-cookie: yabs-sid=486500441670102384; Path=/; SameSite=None; Secure
i=NEIsRkC765yp3YfcY+tm6pDFlGVg/zraiMqX960fLYeI9reIJCfNBS7cE+fJW0jYAbBKQFSix0Koa0xFSrrDHj+J52U=; Expires=Tue, 30-Nov-2032 21:19:33 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=5994464381670102384; Expires=Sun, 03-Dec-2023 21:19:44 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=5994464381670102384; Expires=Sun, 03-Dec-2023 21:19:44 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1701638384.yc.1670102384#1701638384.yrts.1670102384#1701638384.yrtsi.1670102384; Expires=Sun, 03-Dec-2023 21:19:44 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 03-Dec-2022 21:19:44 GMT
last-modified: Sat, 03-Dec-2022 21:19:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7657 bytes)
Hash
3abdcce275bb9723b4ac1d0c38cc8891
91f0d888c38db0899f106b652e3dcac062648099
ff411fc0d5abaf519d6600961ec51ad71ad9a02e23cc02ad818e27f0324b3d1e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 7657
x-amzn-requestid: c0dbd862-41cf-4fa8-ab6b-256763c63fbf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1Fo6IAMF9EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-554ffbc83fd70c557437120f;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ElvfdUly4Rb3YOQyMO2C_VelFUe6xcFbMh6x5fNrRzGjKCITdGSwLQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:37:47 GMT
age: 85320
etag: "91f0d888c38db0899f106b652e3dcac062648099"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

polldaddy.com/ratings/rate.php?cmd=get&id=6422202&uid=wp-post-157200&item_id=_post_157200

192.0.123.248

200 OK

0 B

URL HTTP/2
polldaddy.com/ratings/rate.php?cmd=get&id=6422202&uid=wp-post-157200&item_id=_post_157200
IP
192.0.123.248:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ratings/rate.php?cmd=get&id=6422202&uid=wp-post-157200&item_id=_post_157200 HTTP/1.1
Host: polldaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 21:19:40 GMT
content-type: application/javascript
vary: Accept-Encoding
content-language: en
content-encoding: br
X-Firefox-Spdy: h2

st.mycdn.me/static/MegaPlayer/10-11-67/okVideoPlayerUtils.min.js

217.20.155.82

200 OK

0 B

URL HTTP/2
st.mycdn.me/static/MegaPlayer/10-11-67/okVideoPlayerUtils.min.js
IP
217.20.155.82:0
ASN
#47764 Mail.Ru LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/MegaPlayer/10-11-67/okVideoPlayerUtils.min.js HTTP/1.1
Host: st.mycdn.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: apache
date: Sat, 03 Dec 2022 21:19:40 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 17 Mar 2022 09:18:31 GMT
vary: Accept-Encoding
expires: Sun, 03 Dec 2023 21:19:40 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
timing-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2

polldaddy.com/js/rating/rating.js

192.0.123.248

200 OK

0 B

URL HTTP/2
polldaddy.com/js/rating/rating.js
IP
192.0.123.248:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/rating/rating.js HTTP/1.1
Host: polldaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 21:19:40 GMT
content-type: application/javascript
last-modified: Mon, 12 Sep 2022 08:38:25 GMT
vary: Accept-Encoding
etag: W/"631ef001-3fe3"
expires: Mon, 02 Jan 2023 21:19:40 GMT
cache-control: max-age=2592000
content-encoding: br
X-Firefox-Spdy: h2

accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fgnula.nu&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__

216.58.211.13

200 OK

0 B

URL HTTP/2
accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fgnula.nu&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
IP
216.58.211.13:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fgnula.nu&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 03 Dec 2022 21:19:40 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'nonce-TkzjHZIUbLYRlw9hK8ZTbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

gnula.nu/wp-content/themes/charcoal2/scroller.js

185.178.208.130

200 OK

0 B

URL HTTP/2
gnula.nu/wp-content/themes/charcoal2/scroller.js
IP
185.178.208.130:0
ASN
#57724 Ddos-guard Ltd

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/charcoal2/scroller.js HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/drama/ver-ma-ma-2015-online/
Cookie: __ddg1_=WBPTtIqE65GxGDTTpjVo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 02 Dec 2022 00:38:46 GMT
content-type: application/javascript
last-modified: Tue, 19 May 2020 23:50:09 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: W/"5ec470b1-400"
expires: Wed, 07 Dec 2022 17:49:53 GMT
age: 160853
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2

ok.ru/res/js/classic_a2b793c6.js

217.20.147.1

200 OK

0 B

URL HTTP/2
ok.ru/res/js/classic_a2b793c6.js
IP
217.20.147.1:0
ASN
#47764 Mail.Ru LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /res/js/classic_a2b793c6.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/videoembed/39334316660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: apache
date: Sat, 03 Dec 2022 21:19:40 GMT
content-type: application/javascript
content-length: 12146
last-modified: Wed, 30 Nov 2022 09:31:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Sun, 03 Dec 2023 21:19:40 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2

player.vimple.ru/iframe/363cc38e06f24521857a01866db11951

172.67.134.240

200 OK

0 B

URL HTTP/2
player.vimple.ru/iframe/363cc38e06f24521857a01866db11951
IP
172.67.134.240:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /iframe/363cc38e06f24521857a01866db11951 HTTP/1.1
Host: player.vimple.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 03 Dec 2022 21:19:40 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
x-aspnetmvc-version: 5.2
set-cookie: UniversalUserID=fc57420aa7b24957a867d1a2ae2bb090; Expires=Mon, 04 Dec 2023 00:19:52 GMT; Max-Age=63072000; Secure; Path=/; SameSite=None; HttpOnly; Domain=.vimple.ru
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vP99GKN115%2BoubinlE7jOeUfyWTH1CnT7io5TLzvpm4riuFew6MiqMn8hs5m5UnOof0GituBuJA%2Fh0pqAm6QoOGfsQGk25G%2BcEdWo8DFlHBIqOMlYKGmHE5nE7NLl7ckZWE%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773f5784c9d5b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (56)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations