| www1.realgbedu.com/the-last-of-us-season-1-s01/ |  104.21.60.170 | 301 Moved Permanently | 0 B |
URL HTTP/1.1www1.realgbedu.com/the-last-of-us-season-1-s01/ IP104.21.60.170:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /the-last-of-us-season-1-s01/ HTTP/1.1
Host: www1.realgbedu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 16 Jan 2023 03:19:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 16 Jan 2023 04:19:03 GMT
Location: https://www1.realgbedu.com/the-last-of-us-season-1-s01/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGFaz6VoANKQgCAtFn35IM40NPJ4JYU8V49m5MFbAqPQzjx3vUcEKyz9dV0y1F7obFSdEv4JuA%2FoRfVPIYJUhLaCNGEbeq8s2TMZe6M1oJfUlbtmCf%2BxZLb5%2FYK9nmJHwQFh71M%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a3b518b972fabc-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ |  23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash2258cd6b877a3aca8f4c84074e65ac4b 4e46c70941f8e497e8afc8d078644e7f81761a1c faac4e0d123f2112b58953c104ea746cd53047fc1ada0ef5d669feecf78ddfff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAAC4E0D123F2112B58953C104EA746CD53047FC1ADA0EF5D669FEECF78DDFFF"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14179
Expires: Mon, 16 Jan 2023 07:15:22 GMT
Date: Mon, 16 Jan 2023 03:19:03 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash0643dc6b6fed33b3537160b6bb77bcbf aa43bd1fbb30d2219f3285c1ee4991ffb33562c5 f137438e30e0d69cba77ca2eb736687873e4a9c06cf88d23c6d55ea930fde09f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F137438E30E0D69CBA77CA2EB736687873E4A9C06CF88D23C6D55EA930FDE09F"
Last-Modified: Sat, 14 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15681
Expires: Mon, 16 Jan 2023 07:40:24 GMT
Date: Mon, 16 Jan 2023 03:19:03 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashd6e2abd68203014e8e24d4a9e20e980a 5edbbb1a36083d5077b90b82e7aa10049e90c5d6 88cf8dae194a5e92a8c36a4c54ae71a609eaaed6e99d3986b3834c40d2fceeaa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88CF8DAE194A5E92A8C36A4C54AE71A609EAAED6E99D3986B3834C40D2FCEEAA"
Last-Modified: Sun, 15 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15763
Expires: Mon, 16 Jan 2023 07:41:47 GMT
Date: Mon, 16 Jan 2023 03:19:04 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ |  35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash14cd9a0afb6ba9a763651d5112760d1e 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 16 Jan 2023 02:49:08 GMT
content-type: application/json
age: 1796
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: d6dZxwt9/pZvfCxs+VSUGAOd3e9P+/zwaKdIBv1MaqGgHCaXFBJ9X1/Ji9stJaXFmM4S2m85Qsw=
x-amz-request-id: 14BGS3BKFGY6RKZJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 16 Jan 2023 02:44:25 GMT
age: 2079
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 03:19:04 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 16 Jan 2023 03:17:25 GMT
age: 99
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashe5f9cfd32ba0e755eba2eba2bca5bc3c 012c01ac7a06da9f57e0e1c24658a4bd40e82518 ffd7fc715a11f6579f953c2f0f65128000733620fcc777cd0a4c5bb895c64ad2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4472
Cache-Control: max-age=111734
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 03:19:04 GMT
Etag: "63c3c226-1d7"
Expires: Tue, 17 Jan 2023 10:21:18 GMT
Last-Modified: Sun, 15 Jan 2023 09:06:46 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
|
|
| push.services.mozilla.com/ | 44.224.175.124 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP44.224.175.124:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: aQ2rvwoH887XheXxnZDPNQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UlV068TZ/i2ASNWsv2NFrYcXbm4=
|
|
| c0.wp.com/c/6.1.1/wp-includes/css/classic-themes.min.css | 192.0.77.37 | 200 OK | 217 B |
URL HTTP/2c0.wp.com/c/6.1.1/wp-includes/css/classic-themes.min.css IP192.0.77.37:0
Hash95e891f28e44a9b314c09545d86be2b7 f9b13a8bd47273b086a0a07df15f314e0af0bc3e 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
GET /c/6.1.1/wp-includes/css/classic-themes.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 03:19:05 GMT
content-type: text/css
content-length: 217
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
expires: Tue, 16 Jan 2024 03:19:05 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js | 192.0.77.37 | 200 OK | 31 kB |
URL HTTP/2c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js IP192.0.77.37:0
File typeASCII text, with very long lines (65447) Hashb996c646170bf4a5fab54a7201eb774e a7c6d37c7d69d318d021cf79d44ea8669ba01721 6273df39febd48da42e7b7ed6a840d14d0e19113d0f4363280c40c3305e6219e
GET /c/6.1.1/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 03:19:05 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
content-encoding: br
expires: Tue, 16 Jan 2024 03:19:05 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| c0.wp.com/p/jetpack/11.7/css/jetpack.css | 192.0.77.37 | 200 OK | 16 kB |
URL HTTP/2c0.wp.com/p/jetpack/11.7/css/jetpack.css IP192.0.77.37:0
File typeUnicode text, UTF-8 text, with very long lines (65533), with no line terminators Hash91bfea2a74b334ad3976dcb28ea45a21 e3aead364a13d04b8cb0c09559a227937327c9f7 f822247df452b6c14bd6310bb33a9a766a7d69e42cd082b5dd1b099db8efe052
GET /p/jetpack/11.7/css/jetpack.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 03:19:05 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 27 Dec 2022 16:34:28 GMT
content-encoding: br
expires: Tue, 16 Jan 2024 03:19:05 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-155759481-1 | 142.250.74.40 | 200 OK | 45 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=UA-155759481-1 IP142.250.74.40:0
File typeASCII text, with very long lines (1921) Hash861cc970975dc46b20c0fa50a873dbe3 7addbd02f8c88160b489007dc55280a5b79f784c 87758f0df522a199d87b36d69f6f66108f11cfdf0e55568ac265ad8a23e20be0
GET /gtag/js?id=UA-155759481-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 16 Jan 2023 03:19:05 GMT
expires: Mon, 16 Jan 2023 03:19:05 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45166
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Open%20Sans:wght@400&family=Roboto%20Slab:wght@400 | 142.250.74.74 | 200 OK | 1.2 kB |
URL HTTP/2fonts.googleapis.com/css2?family=Open%20Sans:wght@400&family=Roboto%20Slab:wght@400 IP142.250.74.74:0
Hash1ca9c96322dd06f94c59faa907aca75d 249bb2fcb8ea6730119b635c07908085e1348d1e 18ec505e7bd0695d44ce634a69bbf3f58985a5c6724f14f0a90041d07c29d045
GET /css2?family=Open%20Sans:wght@400&family=Roboto%20Slab:wght@400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 16 Jan 2023 03:19:05 GMT
date: Mon, 16 Jan 2023 03:19:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hasha813a061a05c54b0097af9696d4bcb2e 6a7c9a8587f67a9202d2220c8ab12dd283df0e54 be4722747d6b02daf5e954e7fefc2e99ca522b243db0e4395282af48b381f939
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 03:19:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| c0.wp.com/p/jetpack/11.7/_inc/build/related-posts/related-posts.min.js | 192.0.77.37 | 200 OK | 82 kB |
URL HTTP/2c0.wp.com/p/jetpack/11.7/_inc/build/related-posts/related-posts.min.js IP192.0.77.37:0
File typeASCII text, with very long lines (5644), with no line terminators Hash2ceed4902af4923ebd37fa6efea15578 e6de4da18882852a0deedb7766160a836bc3a176 e76830a5d45bbfb9ba7a0d05bce0dfbf9c7478f5a0f95e83233bf67ddb76df75
GET /p/jetpack/11.7/_inc/build/related-posts/related-posts.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 03:19:05 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
content-encoding: br
expires: Tue, 16 Jan 2024 03:19:05 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| c0.wp.com/p/jetpack/11.7/_inc/build/sharedaddy/sharing.min.js | 192.0.77.37 | 200 OK | 3.1 kB |
URL HTTP/2c0.wp.com/p/jetpack/11.7/_inc/build/sharedaddy/sharing.min.js IP192.0.77.37:0
File typeASCII text, with very long lines (8517), with no line terminators Hashb72ac1fde6d56c62a4445687ecd95b16 aa852769e7eeabb69e5e086a8dbf190ad0fc0ca3 e22485302263e12b48fbf2b851acc6ad71dc9007d40f3d2fabe21dbca4aee109
GET /p/jetpack/11.7/_inc/build/sharedaddy/sharing.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 03:19:05 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 31 May 2022 10:02:49 GMT
content-encoding: br
expires: Tue, 16 Jan 2024 03:19:05 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash871ced6cfe919499937981d7534580e9 2e8c0fb97592bd7868be241ade707d1b38e49c34 35a05f202611c548fd0768c5f1b3d749a0dd50ade93e6df29940547480c5ec91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35A05F202611C548FD0768C5F1B3D749A0DD50ADE93E6DF29940547480C5EC91"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18426
Expires: Mon, 16 Jan 2023 08:26:12 GMT
Date: Mon, 16 Jan 2023 03:19:06 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash871ced6cfe919499937981d7534580e9 2e8c0fb97592bd7868be241ade707d1b38e49c34 35a05f202611c548fd0768c5f1b3d749a0dd50ade93e6df29940547480c5ec91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35A05F202611C548FD0768C5F1B3D749A0DD50ADE93E6DF29940547480C5EC91"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18426
Expires: Mon, 16 Jan 2023 08:26:12 GMT
Date: Mon, 16 Jan 2023 03:19:06 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash871ced6cfe919499937981d7534580e9 2e8c0fb97592bd7868be241ade707d1b38e49c34 35a05f202611c548fd0768c5f1b3d749a0dd50ade93e6df29940547480c5ec91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35A05F202611C548FD0768C5F1B3D749A0DD50ADE93E6DF29940547480C5EC91"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18426
Expires: Mon, 16 Jan 2023 08:26:12 GMT
Date: Mon, 16 Jan 2023 03:19:06 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F11096c9a-daab-44fd-bdba-e72808f67f65.jpeg | 34.120.237.76 | 200 OK | 8.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F11096c9a-daab-44fd-bdba-e72808f67f65.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashd5b5c747b75121f322c4845a137d725a 6fd2ad86b28ad36b81e96df3e7f78f19e151d77b aaf3622cdb5e7e5f5284145705759414c40ea3b60a055d1ae7c5f9048e708086
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F11096c9a-daab-44fd-bdba-e72808f67f65.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8395
x-amzn-requestid: b849f092-bdb9-4c1b-8000-f090773f8991
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbONHQuIAMF1lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4725a-3c5bcf043d435e59609c5bd6;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mL0GM1YfHTO-ct7mkACe8PECZ6a0p1PDMFmddGOz-cO4S6y7-v__5g==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 21:54:19 GMT
age: 19487
etag: "6fd2ad86b28ad36b81e96df3e7f78f19e151d77b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08647b23-df38-4ed1-bdbd-a4fba997c933.jpeg | 34.120.237.76 | 200 OK | 9.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08647b23-df38-4ed1-bdbd-a4fba997c933.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashcff4cbad17919648f62b3582f49c404b 65b8056061916928e309bb983129353a577c2b89 f6ba13b6fd5a6a39f0a34b406b39471f02c6f5fd72813db64585a8e795ec44a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08647b23-df38-4ed1-bdbd-a4fba997c933.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9304
x-amzn-requestid: c14aa47a-3e94-491a-95ab-beae1f5bdb9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbKtFrIoAMFt5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c47244-3a6b3c4b4b35ba8f57aa449a;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: quy8cULp0c0o6cHatiXz8R9t9hvQyus52_hOWSReahePmcxb6hOT4A==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 21:54:26 GMT
age: 19480
etag: "65b8056061916928e309bb983129353a577c2b89"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0022fa9-c30e-4529-88ce-9e459037d9a6.jpeg | 34.120.237.76 | 200 OK | 7.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0022fa9-c30e-4529-88ce-9e459037d9a6.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha76dfabd1b1a4be07a8f20c5beeed1e5 d53e914a4967cb214161e9c6d6885384cce2c19e 769534c59ce01cdff3ff60f792db4a975eeca3d101d79b0e2d8e94b4e19da583
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0022fa9-c30e-4529-88ce-9e459037d9a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7820
x-amzn-requestid: 4655d49f-9376-4f60-bd81-cacef32798a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: etkuvFANIAMFZ-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c21b2a-53fae20e204d44c801a5aa8e;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 03:02:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Y8_n5q8zcZa5Q-RvgfsGH65R8Gchsp2CwOH8ACBlOs1yCRz9ifH8ZA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 05:40:38 GMT
age: 77908
etag: "d53e914a4967cb214161e9c6d6885384cce2c19e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css | 192.0.77.37 | 200 OK | 6.7 kB |
URL HTTP/2c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css IP192.0.77.37:0
File typeASCII text, with very long lines (4186), with no line terminators Hash211e4979cbf35fd1b4616719b71f409b 0cd02db385648a4db91ab1a5b63f71ffd84166bb 5336d35a5588b4a20fb6bdb8825b726814622ce03e8ed6c60a8a373ebfda87a3
GET /c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 03:19:05 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Tue, 16 Jan 2024 03:19:05 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96072c7b-d55b-46d5-990f-49db93101549.jpeg | 34.120.237.76 | 200 OK | 8.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96072c7b-d55b-46d5-990f-49db93101549.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash967f1203a41980b914f19374ecd15973 65806af5bd4421fbacb00cd32f6102ab3f4cf1f1 7fec48c42cda6aaa3f17ad1db30968b04ffea392ad949e646bba763e53508329
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96072c7b-d55b-46d5-990f-49db93101549.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8040
x-amzn-requestid: e95c2179-6659-4be8-b66b-3d68b314b602
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: exbCEH6bIAMFSlg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c3a540-4fde44af3f8fdb3622623542;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 07:03:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7XVBWws74x6_i8ZvXHP413DfPGGfJ7L-Hck3K0KykZgZHxIF3ponUw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 07:59:05 GMT
age: 69601
etag: "65806af5bd4421fbacb00cd32f6102ab3f4cf1f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6288fb14-98ed-45e9-92f6-6fabe4d7cf2f.jpeg | 34.120.237.76 | 200 OK | 7.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6288fb14-98ed-45e9-92f6-6fabe4d7cf2f.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha14364fe2ad784ef5db2ea66dcf18dba 3274bc2a0b6e41d6f44e31ab0e233f79677079d3 40ffbf3dd157214eb918c6babf69b94f657f354337001f0b7e06930bf6a47aae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6288fb14-98ed-45e9-92f6-6fabe4d7cf2f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7291
x-amzn-requestid: 153fdafd-e094-4261-8202-065208ed543e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbOMGuxoAMFkJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4725a-68ba19037f23dae033513080;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dCzcLSv-R9QxYnx_d6iQJBWnYuZIIsHlwdKj4N_8yNlNHiSQ7RDDVQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 21:45:02 GMT
age: 20044
etag: "3274bc2a0b6e41d6f44e31ab0e233f79677079d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| vandalismblackboard.com/ef/03/ae/ef03ae271df6bea763d527abfe462209.js | 192.243.59.20 | 200 OK | 21 kB |
URL HTTP/1.1vandalismblackboard.com/ef/03/ae/ef03ae271df6bea763d527abfe462209.js IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
File typeHTML document, ASCII text, with very long lines (60146), with no line terminators Hashd47280515c87ed4033bc0bf56298446b 33a73b0adf9bd42606262fc19e9edadc654cf1a3 8c9f228bdd1312949343b215877d757c272d09344848550de4948aa32f106b31
GET /ef/03/ae/ef03ae271df6bea763d527abfe462209.js HTTP/1.1
Host: vandalismblackboard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 16 Jan 2023 03:19:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 522ce613acba6a9ce308d27c611000f0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| region1.google-analytics.com/g/collect?v=2&tid=G-RKV8NMZRYR>m=2oe1a1&_p=598078463&cid=461648276.1673839146&ul=en-us&sr=1280x1024&_s=1&sid=1673839146&sct=1&seg=0&dl=https%3A%2F%2Fwww1.realgbedu.com%2Fthe-last-of-us-season-1-s01%2F&dt=DOWNLOAD%20The%20Last%20of%20Us%20Season%201%20(S01)%20-%20Realgbedu&en=page_view&_fv=1&_ss=1 | 216.239.34.36 | 204 No Content | 0 B |
URL HTTP/2region1.google-analytics.com/g/collect?v=2&tid=G-RKV8NMZRYR>m=2oe1a1&_p=598078463&cid=461648276.1673839146&ul=en-us&sr=1280x1024&_s=1&sid=1673839146&sct=1&seg=0&dl=https%3A%2F%2Fwww1.realgbedu.com%2Fthe-last-of-us-season-1-s01%2F&dt=DOWNLOAD%20The%20Last%20of%20Us%20Season%201%20(S01)%20-%20Realgbedu&en=page_view&_fv=1&_ss=1 IP216.239.34.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-RKV8NMZRYR>m=2oe1a1&_p=598078463&cid=461648276.1673839146&ul=en-us&sr=1280x1024&_s=1&sid=1673839146&sct=1&seg=0&dl=https%3A%2F%2Fwww1.realgbedu.com%2Fthe-last-of-us-season-1-s01%2F&dt=DOWNLOAD%20The%20Last%20of%20Us%20Season%201%20(S01)%20-%20Realgbedu&en=page_view&_fv=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www1.realgbedu.com
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: https://www1.realgbedu.com
date: Mon, 16 Jan 2023 03:19:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| region1.google-analytics.com/g/collect?v=2&tid=G-WBCKN3JMN7>m=2oe1a1&_p=598078463&cid=461648276.1673839146&ul=en-us&sr=1280x1024&_s=1&sid=1673839146&sct=1&seg=0&dl=https%3A%2F%2Fwww1.realgbedu.com%2Fthe-last-of-us-season-1-s01%2F&dt=DOWNLOAD%20The%20Last%20of%20Us%20Season%201%20(S01)%20-%20Realgbedu&en=page_view&_fv=1&_nsi=1&_ss=1 | 216.239.34.36 | 204 No Content | 0 B |
URL HTTP/2region1.google-analytics.com/g/collect?v=2&tid=G-WBCKN3JMN7>m=2oe1a1&_p=598078463&cid=461648276.1673839146&ul=en-us&sr=1280x1024&_s=1&sid=1673839146&sct=1&seg=0&dl=https%3A%2F%2Fwww1.realgbedu.com%2Fthe-last-of-us-season-1-s01%2F&dt=DOWNLOAD%20The%20Last%20of%20Us%20Season%201%20(S01)%20-%20Realgbedu&en=page_view&_fv=1&_nsi=1&_ss=1 IP216.239.34.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-WBCKN3JMN7>m=2oe1a1&_p=598078463&cid=461648276.1673839146&ul=en-us&sr=1280x1024&_s=1&sid=1673839146&sct=1&seg=0&dl=https%3A%2F%2Fwww1.realgbedu.com%2Fthe-last-of-us-season-1-s01%2F&dt=DOWNLOAD%20The%20Last%20of%20Us%20Season%201%20(S01)%20-%20Realgbedu&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www1.realgbedu.com
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www1.realgbedu.com
date: Mon, 16 Jan 2023 03:19:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| pixel.wp.com/g.gif?v=ext&blog=168641237&post=33944&tz=1&srv=www1.realgbedu.com&j=1%3A11.7&host=www1.realgbedu.com&ref=&fcp=0&rand=0.2572858652301351 | 192.0.76.3 | 200 OK | 50 B |
URL HTTP/2pixel.wp.com/g.gif?v=ext&blog=168641237&post=33944&tz=1&srv=www1.realgbedu.com&j=1%3A11.7&host=www1.realgbedu.com&ref=&fcp=0&rand=0.2572858652301351 IP192.0.76.3:0
File typeGIF image data, version 89a, 6 x 5\012- data Hashe4d673a55c5656f19ef81563fb10884c 1f2d8ed221d39329251ad3a6ff1edb20b7219443 f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&blog=168641237&post=33944&tz=1&srv=www1.realgbedu.com&j=1%3A11.7&host=www1.realgbedu.com&ref=&fcp=0&rand=0.2572858652301351 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 03:19:06 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash63931ff97eb1381a053be3c3e3e15109 936c6ff2f38aa0533a06f3e86a83fda70fb55082 190074a5719a32e42ef57a8a5a2f68c70f0f67204e0fc18bf77afad64a7d418f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 03:19:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashcfae46cd3d6649abd367cc720e091d3e 6be71c51e70fe173dd619644a97d48b7c22fd672 db7a4af5b39b1f302e578a081f3ad2affcf234c4688cac4ef6306d93ce3ada49
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB7A4AF5B39B1F302E578A081F3AD2AFFCF234C4688CAC4EF6306D93CE3ADA49"
Last-Modified: Sat, 14 Jan 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17697
Expires: Mon, 16 Jan 2023 08:14:03 GMT
Date: Mon, 16 Jan 2023 03:19:06 GMT
Connection: keep-alive
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.156 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.156:0
Hashe077a5e00dc0fbf96e2357886aefa811 9b8233ed9f2c42f364efffb8d5771c5b3a09a303 ddbf3f3d376963f06af6c8e98bef35906b9ffe5f1270f2565815774a31f04f57
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=126197
Date: Mon, 16 Jan 2023 03:19:06 GMT
Etag: "63c4001b-1d7"
Expires: Tue, 17 Jan 2023 14:22:23 GMT
Last-Modified: Sun, 15 Jan 2023 13:31:07 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Nlv7LeVtZoF1fQgFzzw-tRCh6CJIKw7Wm0QHC67o4ayiSRT-jFkQTw==
Age: 3076
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashb6367ba9a72a6cdf816cb19a8c6052df 0ef94fe86f86846f43b0f25219c24e7cae565dd2 c6b035640d372e3800ddbf23de779effab2b1bc9147ba98fbbcd4cadea4c0186
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B035640D372E3800DDBF23DE779EFFAB2B1BC9147BA98FBBCD4CADEA4C0186"
Last-Modified: Sat, 14 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4654
Expires: Mon, 16 Jan 2023 04:36:40 GMT
Date: Mon, 16 Jan 2023 03:19:06 GMT
Connection: keep-alive
|
|
| simplewebanalysis.com/stats |  52.28.184.54 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP52.28.184.54:0
File typeASCII text, with no line terminators Hash8b029215fea54b989b3b2d47edd4b230 a7dcaf76434a202cfd6af504d1d37b8cfac8be7a 172f6b50ace76ae244e51d4d3a8cc1b605fd4e40f3b99072a43b8c9664aee18e
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www1.realgbedu.com
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 03:19:06 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www1.realgbedu.com
access-control-allow-credentials: true
set-cookie: uid_id2=cfcb9738-0ac6-4285-a089-613cc812f6d4:1:1; expires=Thu, 13 Jan 2033 03:19:06 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash9442f1d8864feb84a623305a281e4c56 45250ab44f89bf1a0f665da8b47da06dc1af2af0 2086a32de0797aa6146b8fe1d7422342dbc9f1da0d81093915f42b69a5dcbc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 03:19:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash9442f1d8864feb84a623305a281e4c56 45250ab44f89bf1a0f665da8b47da06dc1af2af0 2086a32de0797aa6146b8fe1d7422342dbc9f1da0d81093915f42b69a5dcbc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 03:19:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/robotoslab/v24/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2 | 142.250.74.35 | 200 OK | 13 kB |
URL HTTP/2fonts.gstatic.com/s/robotoslab/v24/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2 IP142.250.74.35:0
File typeWeb Open Font Format (Version 2), TrueType, length 12608, version 1.0\012- data Hashb2d90c9a5d17242bc107ee6fb2bb0c65 d14417ba18f48c28d74c6788837a59f4b7967427 e3b93a1b0941a116dcb0ed0b5c3ea062cdcad365207c405b231094eb485d95fc
GET /s/robotoslab/v24/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www1.realgbedu.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12608
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 15 Jan 2023 01:51:55 GMT
expires: Mon, 15 Jan 2024 01:51:55 GMT
cache-control: public, max-age=31536000
age: 91631
last-modified: Mon, 11 Jul 2022 19:15:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 | 142.250.74.35 | 200 OK | 17 kB |
URL HTTP/2fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 IP142.250.74.35:0
File typeWeb Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data Hashe43b535855a4ae53bd5b07a6eeb3bf67 6507312d9491156036316484bf8dc41e8b52ddd9 b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www1.realgbedu.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 09 Jan 2023 18:52:55 GMT
expires: Tue, 09 Jan 2024 18:52:55 GMT
cache-control: public, max-age=31536000
age: 548771
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.35 | 200 OK | 15 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.35:0
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 21:48:03 GMT
expires: Fri, 12 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 279063
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 142.250.74.35 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP142.250.74.35:0
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 16:40:43 GMT
expires: Fri, 12 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 297503
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.youtube.com/s/player/4248d311/www-player.css | 142.250.74.14 | 200 OK | 50 kB |
URL HTTP/2www.youtube.com/s/player/4248d311/www-player.css IP142.250.74.14:0
File typeASCII text, with very long lines (65536), with no line terminators Hash8a6331ed48be29c59230b0c7360068de 22a20436f427d6b8e26eb30ed9aab51a43d389bf 72f0818ab04697fc29d331b2add584f3cd5e269446c7297300701a4666c9d95e
GET /s/player/4248d311/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/uLtkt8BonwM?feature=oembed
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49911
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 16:03:19 GMT
expires: Fri, 12 Jan 2024 16:03:19 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
content-type: text/css
age: 299747
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash63931ff97eb1381a053be3c3e3e15109 936c6ff2f38aa0533a06f3e86a83fda70fb55082 190074a5719a32e42ef57a8a5a2f68c70f0f67204e0fc18bf77afad64a7d418f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 03:19:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash9442f1d8864feb84a623305a281e4c56 45250ab44f89bf1a0f665da8b47da06dc1af2af0 2086a32de0797aa6146b8fe1d7422342dbc9f1da0d81093915f42b69a5dcbc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 03:19:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js | 142.250.74.14 | 200 OK | 125 kB |
URL HTTP/2www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js IP142.250.74.14:0
File typeASCII text, with very long lines (36953), with no line terminators Size125 kB (124551 bytes) Hash25b4d4a1510432c5ca345e3d43ebf15a acc79aac63264b8f1015678cc96a22d4382c5344 a177dac57fbee587129edfd2bc3d58a5bbdc1676b6489057293f0644807362d4
GET /s/player/4248d311/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/uLtkt8BonwM?feature=oembed
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 109432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 16:03:20 GMT
expires: Fri, 12 Jan 2024 16:03:20 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
content-type: text/javascript
age: 299746
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| woafoame.net/tag.min.js | 139.45.197.239 | 200 OK | 24 kB |
IP139.45.197.239:0
File typeASCII text, with very long lines (65536), with no line terminators Hasha262d97e6ed7edb63fbb1b4e5cf621df d261ad46302efa929a539c7435dd862bdf504ced c48f0b38a9c9d1ab31c6265c577cf4dae2e16f2c43a1a93e82e4e079d2e5228b
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /tag.min.js HTTP/1.1
Host: woafoame.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 03:19:06 GMT
content-type: text/javascript; charset=utf-8
content-length: 23586
content-encoding: br
x-trace-id: af9a0481c058e21891627a746b0d851d
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Fri, 13 Jan 2023 11:13:11 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/fetch-polyfill.js | 142.250.74.14 | 200 OK | 2.8 kB |
URL HTTP/2www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/fetch-polyfill.js IP142.250.74.14:0
File typeAlgol 68 source text\012- Pascal source, ASCII text, with very long lines (555) Hash80fe2d229007996c8397073b00755dc7 121f82c77bcf2a297a1085e3b092415c463fcafe 033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/4248d311/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/uLtkt8BonwM?feature=oembed
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 16:03:20 GMT
expires: Fri, 12 Jan 2024 16:03:20 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
content-type: text/javascript
age: 299746
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash054491b14e504f1af527e91c529b4b74 c2a795f1b3774c47467a401a68f6eb41e153775e b157f2cda46ab605dfeee59ccd442dbd5500ed0f990335bf56ced947c0609ed9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B157F2CDA46AB605DFEEE59CCD442DBD5500ED0F990335BF56CED947C0609ED9"
Last-Modified: Fri, 13 Jan 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5364
Expires: Mon, 16 Jan 2023 04:48:30 GMT
Date: Mon, 16 Jan 2023 03:19:06 GMT
Connection: keep-alive
|
|
| preparationstube.com/pixel/purst?dl=0&th=0&sc=0&rs=2530&rd=2530&fd=931&bv=22.10.v.9&tmpl=70 | 192.243.61.225 | 200 OK | 0 B |
URL HTTP/1.1preparationstube.com/pixel/purst?dl=0&th=0&sc=0&rs=2530&rd=2530&fd=931&bv=22.10.v.9&tmpl=70 IP192.243.61.225:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pixel/purst?dl=0&th=0&sc=0&rs=2530&rd=2530&fd=931&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: preparationstube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 16 Jan 2023 03:19:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| ocsp.pki.goog/s/gts1p5/x-QEV4IR2x0 | 142.250.74.131 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/x-QEV4IR2x0 IP142.250.74.131:0
Hash392d14ef6962139ccd1ac10f7add6ae9 b1bfb74af0052674543a84c889888f056f3ffbed f8bfb1efbd83a28d90667022819fa9996499b656f8dec912943f3fa5a6271da8
POST /s/gts1p5/x-QEV4IR2x0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 03:19:07 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash726086b75b5570c59597a0fb31c3b5b0 6931c1b1fe3d79e91ce7f3b6b64b2554610dd37d 6af992c64022aca6c270d7b851c025f341c96ead113221690334da8f9b33c602
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6AF992C64022ACA6C270D7B851C025F341C96EAD113221690334DA8F9B33C602"
Last-Modified: Sat, 14 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3036
Expires: Mon, 16 Jan 2023 04:09:43 GMT
Date: Mon, 16 Jan 2023 03:19:07 GMT
Connection: keep-alive
|
|
| my.rtmark.net/gid.js | 139.45.195.8 | 200 OK | 65 B |
IP139.45.195.8:0
File typeJSON data\012- , ASCII text Hashdfa8073abb63ba661ba3913e060dba6b e6bc1a95d8f9fea77a189212a6ddf6076ed10d9a 05243e2b5815f736a0a68e9b0481858b55caa0f6c7611f65e74bdd21d151f00a
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www1.realgbedu.com
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 03:19:07 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www1.realgbedu.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=828faeb2078b4246b5054ffe45d7e4ef; expires=Tue, 16 Jan 2024 03:19:07 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| 1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=&forcedefault=y&r=G | 192.0.73.2 | 200 OK | 1.2 kB |
URL HTTP/21.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=&forcedefault=y&r=G IP192.0.73.2:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 25x25, components 3\012- data Hash820c231fcb61074bd047e203da4720d1 3a619ae25f5b2e5ed9e6b083c8fef69efff4a43e f8ed5a5321476a237df43d50622c729e2eb15ce49e5e3c40311d81d1e93185c8
GET /avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=&forcedefault=y&r=G HTTP/1.1
Host: 1.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 03:19:07 GMT
content-type: image/jpeg
content-length: 1157
last-modified: Sat, 01 Mar 2008 02:44:06 GMT
link: <https://www.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=&forcedefault=y&r=G>; rel="canonical"
access-control-allow-origin: *
content-disposition: inline; filename="ad516503a11cd5ca435acc9bb6523536.jpg"
expires: Mon, 16 Jan 2023 03:24:07 GMT
cache-control: max-age=300
x-nc: HIT arn 2
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash6c3ee7bafa021ce07e7e1ea0f1f1a90f 5628f78c35190c5b5b089748d67835e04be14c6c d757023129dd1d54bf47a534c334cc6df68a3586724dc621f5c8828cce7444f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D757023129DD1D54BF47A534C334CC6DF68A3586724DC621F5C8828CCE7444F4"
Last-Modified: Sat, 14 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3577
Expires: Mon, 16 Jan 2023 04:18:44 GMT
Date: Mon, 16 Jan 2023 03:19:07 GMT
Connection: keep-alive
|
|
| banquetunarmedgrater.com/advertisers.js | 173.233.137.36 | 200 OK | 0 B |
URL HTTP/1.1banquetunarmedgrater.com/advertisers.js IP173.233.137.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 16 Jan 2023 03:19:07 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fe0dcf6ce38c253acaf426f75d490699
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| ocsp.sectigo.com/ | 104.18.32.68 | 200 OK | 471 B |
IP104.18.32.68:0
Hash96533a2fa0891f6cfa77cb21595f46f2 81f74ad298920113cfa459d3c41650468e99583c 4a79c1dd197492e9a331fe8351f22ef8cca443fc56f8b043a363c0c9f78f5fa6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 03:19:07 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 15 Jan 2023 03:49:35 GMT
Expires: Sun, 22 Jan 2023 03:49:34 GMT
Etag: "81f74ad298920113cfa459d3c41650468e99583c"
Cache-Control: max-age=519626,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78a3b5304e000b69-OSL
|
|
| 0.gravatar.com/js/gprofiles.js?ver=202303z | 192.0.73.2 | 200 OK | 7.4 kB |
URL HTTP/20.gravatar.com/js/gprofiles.js?ver=202303z IP192.0.73.2:0
File typeASCII text, with very long lines (24043), with no line terminators Hash891efcbc4c9c09f16165e01d79869ec0 3ac839a7bbccefdab9b3371112951a9b132fc370 0255fb3d7e42ef8b625540c0c06344e4e5ec740818573d545963c648a1a92299
GET /js/gprofiles.js?ver=202303z HTTP/1.1
Host: 0.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 03:19:07 GMT
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 11:48:47 GMT
etag: W/"6323111f-5deb"
content-encoding: br
expires: Mon, 23 Jan 2023 03:19:07 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash727859aa3d2a776c048867e579e901fa 3cec3dd17c6127b804b9f2bd6479caeded880356 0ee4d0f3229b4ece08fb05dcb0c96e3eeb2818f76f524f9d9e5b199466386601
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0EE4D0F3229B4ECE08FB05DCB0C96E3EEB2818F76F524F9D9E5B199466386601"
Last-Modified: Fri, 13 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11162
Expires: Mon, 16 Jan 2023 06:25:09 GMT
Date: Mon, 16 Jan 2023 03:19:07 GMT
Connection: keep-alive
|
|
| glizauvo.net/500/5368935?excludes=&oaid=828faeb2078b4246b5054ffe45d7e4ef&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=5&pl=https%3A%2F%2Fwww1.realgbedu.com%2Fthe-last-of-us-season-1-s01%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false | 139.45.197.236 | 200 OK | 0 B |
URL HTTP/2glizauvo.net/500/5368935?excludes=&oaid=828faeb2078b4246b5054ffe45d7e4ef&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=5&pl=https%3A%2F%2Fwww1.realgbedu.com%2Fthe-last-of-us-season-1-s01%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false IP139.45.197.236:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/5368935?excludes=&oaid=828faeb2078b4246b5054ffe45d7e4ef&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=5&pl=https%3A%2F%2Fwww1.realgbedu.com%2Fthe-last-of-us-season-1-s01%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: glizauvo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www1.realgbedu.com/
Origin: https://www1.realgbedu.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 03:19:07 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www1.realgbedu.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| preparationstube.com/pixel/pure | 192.243.61.225 | 204 No Content | 0 B |
URL HTTP/1.1preparationstube.com/pixel/pure IP192.243.61.225:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
OPTIONS /pixel/pure HTTP/1.1
Host: preparationstube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www1.realgbedu.com/
Origin: https://www1.realgbedu.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.19.5
Date: Mon, 16 Jan 2023 03:19:07 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0
|
|
| nanouwho.com/1?z=5369149 | 139.45.197.242 | 200 OK | 7.5 kB |
IP139.45.197.242:0
Hash0b7b9f3265eda87ed2b86e95c27a8ead 633d5a926ea3ffb67bf9e2195ac97a0667d70263 b7c1a31404e07aa14531d7ea875b6ea4f85a70763959958709340a8513364c3a
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /1?z=5369149 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 03:19:07 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: e7cddb57fd6d2e369926ac0ce34d8989
access-control-expose-headers: X-Sc
x-sc: 8hF_t6S-wKYWcp8xiEGWHpb-ByVQEdg0inrNMdhOtH29fwM3FfaUdprInO4y6EsveEnn4gapXEVRxsz4rySBA_yReIc=
set-cookie: scm=1; expires=Tue, 16 Jan 2024 03:19:07 GMT; secure; SameSite=None
OAID=94e4f18633314b34a59693a03d4a8515; expires=Tue, 16 Jan 2024 03:19:07 GMT; secure; SameSite=None
oaidts=1673839147; expires=Tue, 16 Jan 2024 03:19:07 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashce8d00c5fdc36c7feb7318020711d6c6 56b42148698741cd32886b0e8c8c164c1afa77f5 249817acd224df79d872906a1e7d1e63c08553520701a06106cce166421a2759
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 03:19:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| static.doubleclick.net/instream/ad_status.js | 142.250.74.134 | 200 OK | 29 B |
URL HTTP/2static.doubleclick.net/instream/ad_status.js IP142.250.74.134:0
Hash1fa71744db23d0f8df9cce6719defcb7 e4be9b7136697942a036f97cf26ebaf703ad2067 eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 16 Jan 2023 03:17:35 GMT
expires: Mon, 16 Jan 2023 03:32:35 GMT
cache-control: public, max-age=900
age: 92
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| googleads.g.doubleclick.net/pagead/id | 142.250.74.98 | 302 Found | 0 B |
URL HTTP/2googleads.g.doubleclick.net/pagead/id IP142.250.74.98:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Mon, 16 Jan 2023 03:19:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash4ac39c8ee2583f836a6c40bc29abd389 a4ce5cd6dcb347d634b4acd135710d6e5b81005c 399250bc0c0f2a2929d03e37f460b84b9201d06b758e7bbc6c9ba482c3ed35b5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 03:19:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| preparationstube.com/pixel/pure | 192.243.61.225 | 200 OK | 0 B |
URL HTTP/1.1preparationstube.com/pixel/pure IP192.243.61.225:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
POST /pixel/pure HTTP/1.1
Host: preparationstube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 73
Origin: https://www1.realgbedu.com
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 16 Jan 2023 03:19:07 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashce8d00c5fdc36c7feb7318020711d6c6 56b42148698741cd32886b0e8c8c164c1afa77f5 249817acd224df79d872906a1e7d1e63c08553520701a06106cce166421a2759
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 03:19:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 142.250.74.74 | 200 OK | 0 B |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP142.250.74.74:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 16 Jan 2023 03:19:07 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 142.250.74.74 | 200 OK | 31 kB |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP142.250.74.74:0
File typeJSON data\012- , ASCII text, with very long lines (65536), with no line terminators Hashe1677cf879d970dcb26e9a0a37b89b4f bbc67c0983999053a6cd89479f70b646601ca25b 88e92a59ee7cfab79ed2fdce17affa831b218051885ae7a74e57aee9a6f24ca0
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 16 Jan 2023 03:19:07 GMT
server: ESF
cache-control: private
content-length: 31119
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash6db0ab20925a64068987b60dd6f72f9a 38d0bea36fbf16ec63bec71cb3bbe743541458b1 74082ea963e7afe8094d2e187e40309b5848948822467c62f1ef0852ae688564
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 03:19:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| preparationstube.com/pixel/pure | 192.243.61.225 | 204 No Content | 0 B |
URL HTTP/1.1preparationstube.com/pixel/pure IP192.243.61.225:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
OPTIONS /pixel/pure HTTP/1.1
Host: preparationstube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www1.realgbedu.com/
Origin: https://www1.realgbedu.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.19.5
Date: Mon, 16 Jan 2023 03:19:07 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0
|
|
| www.google.com/js/th/J0Wtb-3apQjiEgHhOVup9kp7pTLa1a3i127gprViyoA.js | 216.58.207.228 | 200 OK | 14 kB |
URL HTTP/2www.google.com/js/th/J0Wtb-3apQjiEgHhOVup9kp7pTLa1a3i127gprViyoA.js IP216.58.207.228:0
File typeASCII text, with very long lines (36008) Hash8a1e64e80c9189aaa07733ae98ea030b de788d5e003c05a2b43c8f16557e6a4f27eb00ff cdfd098bd8fb947a53ebeaf0e8e0bdd0d6a31eb6a7c0e1403331403cc48a5a1e
GET /js/th/J0Wtb-3apQjiEgHhOVup9kp7pTLa1a3i127gprViyoA.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14261
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 15 Jan 2023 00:31:50 GMT
expires: Mon, 15 Jan 2024 00:31:50 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
content-type: text/javascript
age: 96438
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash8f4e3f8a84621ca53a6c69913c6c47fa 45748e137cb53e16dbdf14ddba3c8934f2b3c96a dfc043b31ed68152f8aff65ebac8ec398a7374aa483ff8885c7243d555785d1e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 03:19:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| yt3.ggpht.com/TcXFMFkDeUN8pDqZ-2WShXiG6lXtpoRG2kfRMg3Nd9g947mESyRYqlWtwcoy9FyjiiLVLaTd=s68-c-k-c0x00ffffff-no-rj | 142.250.74.161 | 200 OK | 2.4 kB |
URL HTTP/2yt3.ggpht.com/TcXFMFkDeUN8pDqZ-2WShXiG6lXtpoRG2kfRMg3Nd9g947mESyRYqlWtwcoy9FyjiiLVLaTd=s68-c-k-c0x00ffffff-no-rj IP142.250.74.161:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data Hash9f08573063dd68bff31338a84395b91b 573f41a5aadf70286f3f975c6dc7b4e799b6b6af 4f98c7e57316b5fa009f9457a1a183c7644fd0b6d20290638bda84472124fa01
GET /TcXFMFkDeUN8pDqZ-2WShXiG6lXtpoRG2kfRMg3Nd9g947mESyRYqlWtwcoy9FyjiiLVLaTd=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2429
x-xss-protection: 0
date: Mon, 16 Jan 2023 01:39:51 GMT
expires: Tue, 17 Jan 2023 01:39:51 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
age: 5957
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash7070ad9ae06e8553605968a7b31fc56d 34ddba3c9d6b6001edae5dc9e157f04d38e20494 cab9d1caedb587ace2b776b9d729c153954633a1174d89668bc4fe216ddb1478
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CAB9D1CAEDB587ACE2B776B9D729C153954633A1174D89668BC4FE216DDB1478"
Last-Modified: Sun, 15 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9612
Expires: Mon, 16 Jan 2023 05:59:20 GMT
Date: Mon, 16 Jan 2023 03:19:08 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashaae373d06a543ce229b20ffe6d109377 56e2d3dbef9120db662e5ab179efc412d87df82b d646e686afdc5aa67e86929c3a152829c0b7812c26d5c1f01861f194923e589b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 03:19:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| s10.histats.com/js15_as.js |  46.105.201.240 | 200 OK | 4.4 kB |
URL HTTP/2s10.histats.com/js15_as.js IP46.105.201.240:0
File typeHTML document, ASCII text, with very long lines (11440), with no line terminators Hashed192092c129db6123a3397855f42619 067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e 998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 03:17:33 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 240321732
content-type: text/javascript
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
|
|
| i.ytimg.com/vi_webp/uLtkt8BonwM/sddefault.webp | 216.58.207.214 | 200 OK | 37 kB |
URL HTTP/2i.ytimg.com/vi_webp/uLtkt8BonwM/sddefault.webp IP216.58.207.214:0
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Hash3eff260451bf50c467131210e3ad4b44 5cf63c09824e9ddb8e4bdcebb016e9eb2bd6d859 521168d7bf1e0bae1b8915f8062be62bd88e5fa9619cf2509f6b03f4a85bff35
GET /vi_webp/uLtkt8BonwM/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 37234
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 16 Jan 2023 02:24:57 GMT
expires: Mon, 16 Jan 2023 04:24:57 GMT
cache-control: public, max-age=7200
etag: "1669996235"
content-type: image/webp
age: 3251
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash8f4e3f8a84621ca53a6c69913c6c47fa 45748e137cb53e16dbdf14ddba3c8934f2b3c96a dfc043b31ed68152f8aff65ebac8ec398a7374aa483ff8885c7243d555785d1e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 03:19:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashaae373d06a543ce229b20ffe6d109377 56e2d3dbef9120db662e5ab179efc412d87df82b d646e686afdc5aa67e86929c3a152829c0b7812c26d5c1f01861f194923e589b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 03:19:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| preparationstube.com/pixel/pure | 192.243.61.225 | 200 OK | 0 B |
URL HTTP/1.1preparationstube.com/pixel/pure IP192.243.61.225:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
POST /pixel/pure HTTP/1.1
Host: preparationstube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 73
Origin: https://www1.realgbedu.com
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 16 Jan 2023 03:19:08 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| nanouwho.com/9?z=5369149&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww1.realgbedu.com%2Fthe-last-of-us-season-1-s01%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=5&sah=1002&drf=&hil=1&ist=0&oaid=828faeb2078b4246b5054ffe45d7e4ef | 139.45.197.242 | 204 No Content | 0 B |
URL HTTP/2nanouwho.com/9?z=5369149&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww1.realgbedu.com%2Fthe-last-of-us-season-1-s01%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=5&sah=1002&drf=&hil=1&ist=0&oaid=828faeb2078b4246b5054ffe45d7e4ef IP139.45.197.242:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
OPTIONS /9?z=5369149&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww1.realgbedu.com%2Fthe-last-of-us-season-1-s01%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=5&sah=1002&drf=&hil=1&ist=0&oaid=828faeb2078b4246b5054ffe45d7e4ef HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www1.realgbedu.com/
Origin: https://www1.realgbedu.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 16 Jan 2023 03:19:08 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www1.realgbedu.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
|
|
| nanouwho.com/9?z=5369149&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww1.realgbedu.com%2Fthe-last-of-us-season-1-s01%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=5&sah=1002&drf=&hil=1&ist=0&oaid=828faeb2078b4246b5054ffe45d7e4ef | 139.45.197.242 | 200 OK | 7 B |
URL HTTP/2nanouwho.com/9?z=5369149&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww1.realgbedu.com%2Fthe-last-of-us-season-1-s01%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=5&sah=1002&drf=&hil=1&ist=0&oaid=828faeb2078b4246b5054ffe45d7e4ef IP139.45.197.242:0
File typeASCII text, with no line terminators Hasha97eb6fbe6f13b601d5d48c0eba8baae 736efb938caf3d0edec406932ada889f1a4f2268 a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
POST /9?z=5369149&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww1.realgbedu.com%2Fthe-last-of-us-season-1-s01%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=5&sah=1002&drf=&hil=1&ist=0&oaid=828faeb2078b4246b5054ffe45d7e4ef HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 223
Origin: https://www1.realgbedu.com
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Cookie: scm=1; OAID=94e4f18633314b34a59693a03d4a8515; oaidts=1673839147
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 03:19:08 GMT
content-type: application/javascript
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin: https://www1.realgbedu.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 4a22a2d27d37eb065bcca3a04a344d95
access-control-expose-headers: X-Sc
set-cookie: OAID=828faeb2078b4246b5054ffe45d7e4ef; expires=Tue, 16 Jan 2024 03:19:08 GMT; secure; SameSite=None
oaidts=1673839147; expires=Tue, 16 Jan 2024 03:19:08 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
|
|
| offerimage.com/www/images/d431c8eb34ed2645e592e54d0dc4f1d4.jpeg | 104.22.33.172 | 200 OK | 9.8 kB |
URL HTTP/2offerimage.com/www/images/d431c8eb34ed2645e592e54d0dc4f1d4.jpeg IP104.22.33.172:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 192x192, components 3\012- data Hashd431c8eb34ed2645e592e54d0dc4f1d4 01029e5a39b523a1ebc2e48e091dc3b506511532 a5f8e1d4c832340ef93e32c9145661697fbe81747487e67680bdccfde0aa9d6d
GET /www/images/d431c8eb34ed2645e592e54d0dc4f1d4.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 03:19:08 GMT
content-type: image/jpeg
content-length: 9813
cache-control: max-age=86400
cf-bgj: h2pri
etag: "62b021fc-2655"
expires: Mon, 16 Jan 2023 22:24:37 GMT
last-modified: Mon, 20 Jun 2022 07:30:04 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 17671
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a3b535ce629909-ARN
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 142.250.74.74 | 200 OK | 0 B |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP142.250.74.74:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 16 Jan 2023 03:19:08 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 142.250.74.74 | 200 OK | 110 B |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP142.250.74.74:0
File typeJSON data\012- , ASCII text, with no line terminators Hashc50f9db73ab9876ed2ce62870d6eff65 1af3047cdb38f28ae1b10916eec9539f50850375 7feeabd2f25b48b13b8b8a91734dcfc1d8cb63e5d9a483a5755add579a32d9b6
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1032
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 16 Jan 2023 03:19:08 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| s4.histats.com/stats/0.php?4528115&@f16&@g1&@h1&@i1&@j1673839148884&@k0&@l1&@mDOWNLOAD%20The%20Last%20of%20Us%20Season%201%20(S01)%20-%20Realgbedu&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-63498442&@b3:1673839149&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww1.realgbedu.com%2Fthe-last-of-us-season-1-s01%2F&@w |  149.56.240.131 | 200 OK | 51 B |
URL HTTP/1.1s4.histats.com/stats/0.php?4528115&@f16&@g1&@h1&@i1&@j1673839148884&@k0&@l1&@mDOWNLOAD%20The%20Last%20of%20Us%20Season%201%20(S01)%20-%20Realgbedu&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-63498442&@b3:1673839149&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww1.realgbedu.com%2Fthe-last-of-us-season-1-s01%2F&@w IP149.56.240.131:0
File typeASCII text, with no line terminators Hash4940a01e7de81072020079741e4138cd 5ed66a7349089ebc47ad10428e50c7d4f218c5af f7543e3bb5aa657ef629ecaf27e3fd5469e10dca95c8147b7d66f765ef09cfb2
GET /stats/0.php?4528115&@f16&@g1&@h1&@i1&@j1673839148884&@k0&@l1&@mDOWNLOAD%20The%20Last%20of%20Us%20Season%201%20(S01)%20-%20Realgbedu&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-63498442&@b3:1673839149&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww1.realgbedu.com%2Fthe-last-of-us-season-1-s01%2F&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 03:19:08 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 51
Connection: close
|
|
| c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css | 192.0.77.37 | 200 OK | 0 B |
URL HTTP/2c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css IP192.0.77.37:0
GET /c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 03:19:05 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Tue, 16 Jan 2024 03:19:05 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js | 192.0.77.37 | 200 OK | 0 B |
URL HTTP/2c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js IP192.0.77.37:0
GET /c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 03:19:05 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
content-encoding: br
expires: Tue, 16 Jan 2024 03:19:05 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| s.w.org/images/core/emoji/14.0.0/svg/1f447.svg | 192.0.77.48 | 200 OK | 0 B |
URL HTTP/2s.w.org/images/core/emoji/14.0.0/svg/1f447.svg IP192.0.77.48:0
GET /images/core/emoji/14.0.0/svg/1f447.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 03:19:06 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| glizauvo.net/400/5368935 | 139.45.197.236 | 200 OK | 0 B |
IP139.45.197.236:0
GET /400/5368935 HTTP/1.1
Host: glizauvo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 03:19:06 GMT
content-type: application/javascript
x-trace-id: b3ccadf681c3e9a4bc381dfe93224785
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=3538c85081d24c4eb123d952c3abab3b; expires=Tue, 16 Jan 2024 03:19:06 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| tzegilo.com/stattag.js | 104.21.89.122 | 200 OK | 0 B |
IP104.21.89.122:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 03:19:07 GMT
content-type: application/javascript
last-modified: Thu, 29 Dec 2022 16:01:28 GMT
etag: W/"63adb9d8-3341"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 430
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1gRl8pPFLZo%2BCsjHWPvlIgDhW66JYpL48PYQrW4t9m3%2FzUX8FfGSS6yTbkrlH9tt96fqJCi6PwuOHbyVMWHj7bfQFyour4lYHaTQA%2Fl%2FndB8LMAXN1Mx0ooCaKglA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a3b52cfcf7b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| s0.wp.com/_static/??/wp-content/js/mobile-useragent-info.js,/wp-content/js/rlt-proxy.js?m=1637704497j | 192.0.77.32 | 200 OK | 0 B |
URL HTTP/2s0.wp.com/_static/??/wp-content/js/mobile-useragent-info.js,/wp-content/js/rlt-proxy.js?m=1637704497j IP192.0.77.32:0
GET /_static/??/wp-content/js/mobile-useragent-info.js,/wp-content/js/rlt-proxy.js?m=1637704497j HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 03:19:07 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 12 Aug 2022 20:22:35 GMT
etag: W/"62f6b68b-4b6b"
content-encoding: br
expires: Thu, 23 Nov 2023 21:55:46 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 1
X-Firefox-Spdy: h2
|
|
| nanouwho.com/27/f25f1c6c40628cb1ef6a5c1930793a6f | 139.45.197.242 | 200 OK | 0 B |
URL HTTP/2nanouwho.com/27/f25f1c6c40628cb1ef6a5c1930793a6f IP139.45.197.242:0
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /27/f25f1c6c40628cb1ef6a5c1930793a6f HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Cookie: scm=1; OAID=94e4f18633314b34a59693a03d4a8515; oaidts=1673839147
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 03:19:07 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Wed, 11 Jan 2023 04:05:53 GMT
expires: Wed, 10 Feb 2083 04:05:53 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| c0.wp.com/c/6.1.1/wp-includes/css/dist/block-library/style.min.css | 192.0.77.37 | 200 OK | 0 B |
URL HTTP/2c0.wp.com/c/6.1.1/wp-includes/css/dist/block-library/style.min.css IP192.0.77.37:0
GET /c/6.1.1/wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 03:19:05 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
content-encoding: br
expires: Tue, 16 Jan 2024 03:19:05 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| c0.wp.com/c/6.1.1/wp-includes/js/imagesloaded.min.js | 192.0.77.37 | 200 OK | 0 B |
URL HTTP/2c0.wp.com/c/6.1.1/wp-includes/js/imagesloaded.min.js IP192.0.77.37:0
GET /c/6.1.1/wp-includes/js/imagesloaded.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 03:19:05 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
content-encoding: br
expires: Tue, 16 Jan 2024 03:19:05 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| stats.wp.com/e-202303.js | 192.0.76.3 | 200 OK | 0 B |
IP192.0.76.3:0
GET /e-202303.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 03:19:05 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Mon, 15 Jan 2024 10:22:23 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
|
|
| c0.wp.com/c/6.1.1/wp-includes/js/comment-reply.min.js | 192.0.77.37 | 200 OK | 0 B |
URL HTTP/2c0.wp.com/c/6.1.1/wp-includes/js/comment-reply.min.js IP192.0.77.37:0
GET /c/6.1.1/wp-includes/js/comment-reply.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 03:19:05 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
content-encoding: br
expires: Tue, 16 Jan 2024 03:19:05 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| glizauvo.net/500/5368935?excludes=&oaid=828faeb2078b4246b5054ffe45d7e4ef&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=5&pl=https%3A%2F%2Fwww1.realgbedu.com%2Fthe-last-of-us-season-1-s01%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false | 139.45.197.236 | 200 OK | 0 B |
URL HTTP/2glizauvo.net/500/5368935?excludes=&oaid=828faeb2078b4246b5054ffe45d7e4ef&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=5&pl=https%3A%2F%2Fwww1.realgbedu.com%2Fthe-last-of-us-season-1-s01%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false IP139.45.197.236:0
GET /500/5368935?excludes=&oaid=828faeb2078b4246b5054ffe45d7e4ef&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=5&pl=https%3A%2F%2Fwww1.realgbedu.com%2Fthe-last-of-us-season-1-s01%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: glizauvo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://www1.realgbedu.com
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Cookie: OAID=3538c85081d24c4eb123d952c3abab3b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 03:19:07 GMT
content-type: application/javascript
x-trace-id: 99fbc790dc536a570c7b258012c1d5ae
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://www1.realgbedu.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=828faeb2078b4246b5054ffe45d7e4ef; expires=Tue, 16 Jan 2024 03:19:07 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www1.realgbedu.com/the-last-of-us-season-1-s01/ | 104.21.60.170 | 200 OK | 0 B |
URL HTTP/2www1.realgbedu.com/the-last-of-us-season-1-s01/ IP104.21.60.170:0
GET /the-last-of-us-season-1-s01/ HTTP/1.1
Host: www1.realgbedu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 16 Jan 2023 03:19:05 GMT
content-type: text/html; charset=UTF-8
x-dns-prefetch-control: on
x-litespeed-tag: 5be_HTTP.200
x-pingback: https://www1.realgbedu.com/xmlrpc.php
link: <https://www1.realgbedu.com/wp-json/>; rel="https://api.w.org/", <https://www1.realgbedu.com/wp-json/wp/v2/posts/33944>; rel="alternate"; type="application/json", <https://www1.realgbedu.com/?p=33944>; rel=shortlink
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
cache-control: max-age=0
expires: Mon, 16 Jan 2023 03:19:04 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1gDGYPXesPv567Y87JeujyMxveJgNPWBYYCM2sZzTU%2BOZ5fNpJsslC6U0SYqjrL6QBUZSIFUZQtZaIQP6XUsNAsSi7k58599VBXEI8ll0RHDzKkty2AE7P1rAMS2GAC64r3R8E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a3b519fc811c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| woafoame.net/5/5368933/?oo=1&aab=1 | 139.45.197.239 | 200 OK | 0 B |
URL HTTP/2woafoame.net/5/5368933/?oo=1&aab=1 IP139.45.197.239:0
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /5/5368933/?oo=1&aab=1 HTTP/1.1
Host: woafoame.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www1.realgbedu.com
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 03:19:06 GMT
content-type: application/json
x-trace-id: ee149c871a6736b49ae1d3cf8ed2849c
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://www1.realgbedu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=03567730a1bb49038ef1c9d61ecc1098; expires=Tue, 16 Jan 2024 03:19:06 GMT; path=/; secure; SameSite=None
oaidts=1673839146; expires=Tue, 16 Jan 2024 03:19:06 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| c0.wp.com/p/jetpack/11.7/_inc/social-logos/social-logos.min.css | 192.0.77.37 | 200 OK | 0 B |
URL HTTP/2c0.wp.com/p/jetpack/11.7/_inc/social-logos/social-logos.min.css IP192.0.77.37:0
GET /p/jetpack/11.7/_inc/social-logos/social-logos.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 03:19:05 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 30 Jun 2020 14:24:10 GMT
content-encoding: br
expires: Tue, 16 Jan 2024 03:19:05 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| jetpack.wordpress.com/jetpack-comment/?blogid=168641237&postid=33944&comment_registration=0&require_name_email=0&stc_enabled=0&stb_enabled=0&show_avatars=1&avatar_default=gravatar_default&greeting=Leave+a+Reply&jetpack_comments_nonce=2653ae0756&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_GB&jetpack_version=11.7&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=02191b45e596878aaf7e2ce49c20b1b054c4d52e | 192.0.78.33 | 200 OK | 0 B |
URL HTTP/2jetpack.wordpress.com/jetpack-comment/?blogid=168641237&postid=33944&comment_registration=0&require_name_email=0&stc_enabled=0&stb_enabled=0&show_avatars=1&avatar_default=gravatar_default&greeting=Leave+a+Reply&jetpack_comments_nonce=2653ae0756&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_GB&jetpack_version=11.7&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=02191b45e596878aaf7e2ce49c20b1b054c4d52e IP192.0.78.33:0
GET /jetpack-comment/?blogid=168641237&postid=33944&comment_registration=0&require_name_email=0&stc_enabled=0&stb_enabled=0&show_avatars=1&avatar_default=gravatar_default&greeting=Leave+a+Reply&jetpack_comments_nonce=2653ae0756&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_GB&jetpack_version=11.7&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=02191b45e596878aaf7e2ce49c20b1b054c4d52e HTTP/1.1
Host: jetpack.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 03:19:06 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
host-header: WordPress.com
content-encoding: br
x-ac: 4.arn _dca EXPIRED
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| s0.wp.com/_static/??/wp-content/js/textarea-autosize.min.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1663141412j | 192.0.77.32 | 200 OK | 0 B |
URL HTTP/2s0.wp.com/_static/??/wp-content/js/textarea-autosize.min.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1663141412j IP192.0.77.32:0
GET /_static/??/wp-content/js/textarea-autosize.min.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1663141412j HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 03:19:07 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 14 Sep 2022 07:43:45 GMT
etag: W/"63218631-a4f5"
content-encoding: br
expires: Thu, 14 Sep 2023 07:43:50 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 1
X-Firefox-Spdy: h2
|
|
| s0.wp.com/_static/??-eJx9jtEOwiAMRX/Iri4zmy/GTzEIncIoIJQY/15mjE9mT71t77ktPhPoGISCIFdIvt5sKOhIktLLt8eUo6labAzITXkquEJKC8wxM7qCa4Uir7brXNnh/1xvl8Y+KlW6q2A85Q2zMmwDXFVGVkUoNwWS21tbF9RiC5PA0O3xYoP+Deb8MZvGnvnUj9NwmIbx2Ls3LS1gNg== | 192.0.77.32 | 200 OK | 0 B |
URL HTTP/2s0.wp.com/_static/??-eJx9jtEOwiAMRX/Iri4zmy/GTzEIncIoIJQY/15mjE9mT71t77ktPhPoGISCIFdIvt5sKOhIktLLt8eUo6labAzITXkquEJKC8wxM7qCa4Uir7brXNnh/1xvl8Y+KlW6q2A85Q2zMmwDXFVGVkUoNwWS21tbF9RiC5PA0O3xYoP+Deb8MZvGnvnUj9NwmIbx2Ls3LS1gNg== IP192.0.77.32:0
GET /_static/??-eJx9jtEOwiAMRX/Iri4zmy/GTzEIncIoIJQY/15mjE9mT71t77ktPhPoGISCIFdIvt5sKOhIktLLt8eUo6labAzITXkquEJKC8wxM7qCa4Uir7brXNnh/1xvl8Y+KlW6q2A85Q2zMmwDXFVGVkUoNwWS21tbF9RiC5PA0O3xYoP+Deb8MZvGnvnUj9NwmIbx2Ls3LS1gNg== HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 03:19:07 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 11 Jan 2023 21:48:12 GMT
etag: W/"63bf2e9c-861a"
content-encoding: br
expires: Thu, 11 Jan 2024 21:55:25 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 1
X-Firefox-Spdy: h2
|
|
| www.youtube.com/embed/uLtkt8BonwM?feature=oembed | 142.250.74.14 | 200 OK | 0 B |
URL HTTP/2www.youtube.com/embed/uLtkt8BonwM?feature=oembed IP142.250.74.14:0
GET /embed/uLtkt8BonwM?feature=oembed HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.realgbedu.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 16 Jan 2023 03:19:06 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=foMkN1QDIB8; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=gD_EtFndkJ4; Domain=.youtube.com; Expires=Sat, 15-Jul-2023 03:19:06 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU0T1RBNE5ETTVNalF3TURRd09UQTROUT09EKqEk54GGKqEk54G; Domain=.youtube.com; Expires=Sat, 15-Jul-2023 03:19:06 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+876; expires=Wed, 15-Jan-2025 03:19:06 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| s0.wp.com/wp-includes/js/wp-emoji-release.min.js?m=1652185836h&ver=6.2-alpha-54936 | 192.0.77.32 | 200 OK | 0 B |
URL HTTP/2s0.wp.com/wp-includes/js/wp-emoji-release.min.js?m=1652185836h&ver=6.2-alpha-54936 IP192.0.77.32:0
GET /wp-includes/js/wp-emoji-release.min.js?m=1652185836h&ver=6.2-alpha-54936 HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 03:19:07 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"627a5af9-48b9"
content-encoding: br
expires: Fri, 12 Jan 2024 13:15:05 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca MISS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
|
|
| www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js | 142.250.74.14 | 200 OK | 0 B |
URL HTTP/2www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js IP142.250.74.14:0
GET /s/player/4248d311/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/uLtkt8BonwM?feature=oembed
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 611243
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 16:05:03 GMT
expires: Fri, 12 Jan 2024 16:05:03 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
content-type: text/javascript
age: 299643
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|