r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6dd4587c98aef98ad0939030a6976a7f
92dc5966ac2deb0c3ac7fdd02bf8d28f9239801e
a382476d14b6ae14003333e7acdfbbd9ae8775d4c1a7d5c31116f33987043cff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A382476D14B6AE14003333E7ACDFBBD9AE8775D4C1A7D5C31116F33987043CFF"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7997
Expires: Thu, 29 Sep 2022 07:07:06 GMT
Date: Thu, 29 Sep 2022 04:53:49 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 29 Sep 2022 04:15:52 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: QAEqWh-JjGdujNBH6UCkt5wMG79r1pD-PRSkqipnHT64FXqv0wLK3A==
Age: 2277
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8afc4649e99d0e42b9bf5b133eebed5c
e3e7e0e614af3262b74bd4b6267ef23293bdb5f0
e16e8b782b441ecb9a57c3fc3db9884b5a3034967b846cca67b2f53644fcabdf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E16E8B782B441ECB9A57C3FC3DB9884B5A3034967B846CCA67B2F53644FCABDF"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6309
Expires: Thu, 29 Sep 2022 06:38:58 GMT
Date: Thu, 29 Sep 2022 04:53:49 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: zNimsqwR3k3hhWENJM6oY0S90C+iPPf6yLKm9WzJ6Gzp6UmXtJaowwfa2M9zM//3KDzhwUpLwYw=
x-amz-request-id: KQGR74ADR7JBRT44
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 29 Sep 2022 04:50:27 GMT
age: 202
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 04:53:49 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
pgbcblanchard.com/
192.185.16.233200 OK 13 kB IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (8135), with CRLF, LF line terminators
Hash 4db0045240372dea74ced4ecf9f94501
fe035dab95015923ef86047ea9e425b239658fb5
657c9aece963082a27b8309f61ac7564c35aabde65d84c10c9f536b12a32701c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:49 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=UTF-8
Content-Length: 13271
X-Pingback: http://pgbcblanchard.com/xmlrpc.php
Link: <http://pgbcblanchard.com/wp-json/>; rel="https://api.w.org/", <http://pgbcblanchard.com/wp-json/wp/v2/pages/72>; rel="alternate"; type="application/json", <http://pgbcblanchard.com/>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
X-Server-Cache: true
X-Proxy-Cache: EXPIRED
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 04:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 29 Sep 2022 04:37:34 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nc2l6z1aqLcZftOsxytb-ysTfUqmjC7NH-W6R3zDFGzRSCpbV9mHig==
Age: 1457
pgbcblanchard.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
192.185.16.233200 OK 17 kB URL HTTP/1.1 pgbcblanchard.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (43771)
Hash 2a67a4888baa44de739f3fe56203ce07
da175eae57f26b655747d79f055477e3fee1abb9
3a4d7627476a0099ca4bcc101685f27de04cb49dd66ef842d72c6cda270599dd
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:50 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Tue, 12 Jul 2022 18:50:31 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16594
Content-Type: text/css
pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/academicons.ttf?v=1.8.6
192.185.16.233200 OK 48 kB URL HTTP/1.1 pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/academicons.ttf?v=1.8.6
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type TrueType Font data, 11 tables, 1st "OS/2", 24 names, Macintosh, type 1 string, Academicons\012- data
Hash 1afcbd6a1c454e7b7f0bc58155558b9d
6946cb2f01c31c1e5dfdc6a7e4ad64dc2e4cdca8
107cca07d33ea31bbfe719513aa2b36e8cb8c8c8bcd521148746f652738c7101
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/academicons.ttf?v=1.8.6 HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:50 GMT
Server: nginx/1.21.6
Content-Type: font/ttf
Content-Length: 47500
Last-Modified: Mon, 26 Sep 2022 18:40:33 GMT
X-Server-Cache: true
X-Proxy-Cache: EXPIRED
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3526d5ce1381ba26cbc553db057e1915
fe01c920696448e8bf12e6fff877bce8281d34a2
09604aed7cbca7971bfcb5afcb53591600b944f28eff21aa65dc601e78cdda53
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3424
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 04:53:50 GMT
Last-Modified: Thu, 29 Sep 2022 03:56:46 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/Genericons.ttf
192.185.16.233200 OK 22 kB URL HTTP/1.1 pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/Genericons.ttf
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type TrueType Font data, 13 tables, 1st "FFTM", 14 names, Macintosh\012- data
Hash 008827208ffc4eeab99bf3cc14fe1e56
e024a5229566e3864856d72b7796a56ca7127252
7cd8dcb9820d7558bcb35bde35d9923a77c8eb9d2a274366261ad55948dfed31
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/Genericons.ttf HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:50 GMT
Server: nginx/1.21.6
Content-Type: font/ttf
Content-Length: 22188
Last-Modified: Mon, 26 Sep 2022 18:40:33 GMT
X-Server-Cache: true
X-Proxy-Cache: EXPIRED
Accept-Ranges: bytes
pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/fontawesome-webfont.woff2?v=4.7.0
192.185.16.233200 OK 77 kB URL HTTP/1.1 pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/fontawesome-webfont.woff2?v=4.7.0
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:50 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Mon, 26 Sep 2022 18:40:33 GMT
Accept-Ranges: bytes
Content-Length: 77160
Content-Type: font/woff2
pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/academicons.woff?v=1.8.6
192.185.16.233200 OK 48 kB URL HTTP/1.1 pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/academicons.woff?v=1.8.6
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 47576, version 1.8\012- data
Hash 2552b354cabf01815628a244fde0636e
3c5e7d85d7e5030b8db8177daeb760abf97ed7dc
bbf62cb77adfebbdcf36ef1cf8d2587f4cfa9bf56e23118613749778f94d8e14
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/academicons.woff?v=1.8.6 HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:50 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Mon, 26 Sep 2022 18:40:33 GMT
Accept-Ranges: bytes
Content-Length: 47576
Content-Type: font/woff
pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/Genericons.woff
192.185.16.233200 OK 14 kB URL HTTP/1.1 pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/Genericons.woff
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 13988, version 0.0\012- data
Hash f3f73b280148eeed102d4a6874ac7886
973bfcd63513292f1bb220c241f6dde6509f1168
970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/Genericons.woff HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:50 GMT
Server: Apache
Last-Modified: Mon, 26 Sep 2022 18:40:33 GMT
Accept-Ranges: bytes
Content-Length: 13988
Content-Type: font/woff
pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/fontawesome-webfont.woff?v=4.7.0
192.185.16.233200 OK 98 kB URL HTTP/1.1 pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/fontawesome-webfont.woff?v=4.7.0
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 98024, version 4.7\012- data
Hash fee66e712a8a08eef5805a46892932ad
28b782240b3e76db824e12c02754a9731a167527
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/fontawesome-webfont.woff?v=4.7.0 HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:50 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Mon, 26 Sep 2022 18:40:33 GMT
Accept-Ranges: bytes
Content-Length: 98024
Content-Type: font/woff
pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/socicon.woff?v=4.2.7
192.185.16.233200 OK 75 kB URL HTTP/1.1 pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/socicon.woff?v=4.2.7
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 74744, version 1.0\012- data
Hash 1d1d144b6d09f9b3866a0bf99541a086
fd4c075db8fd4ccb0ecc91c705dd0105238356da
2c5c3f5cb3a6bf68b11e59afe36cab6aa5cc3e7d9485b734cf0082fcc94f7234
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/socicon.woff?v=4.2.7 HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:50 GMT
Server: Apache
Last-Modified: Mon, 26 Sep 2022 18:40:33 GMT
Accept-Ranges: bytes
Content-Length: 74744
Content-Type: font/woff
pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/block/dist/style-wpzoom-social-icons.css?ver=4.2.7
192.185.16.233200 OK 1.4 kB URL HTTP/1.1 pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/block/dist/style-wpzoom-social-icons.css?ver=4.2.7
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (8857)
Hash 6b13f55c6e60e245265e7e09d05193ee
1b296c86352c5dc036c4fcf1b40968b6c8d831da
6397d0b006b1c71617b76be352990efb49a2ebc5ce10f88a5f7c1203e0315699
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/social-icons-widget-by-wpzoom/block/dist/style-wpzoom-social-icons.css?ver=4.2.7 HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:50 GMT
Server: Apache
Last-Modified: Mon, 26 Sep 2022 18:40:33 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1437
Content-Type: text/css
pgbcblanchard.com/wp-content/plugins/better-block-patterns/assets/css/bbp-fontawesome-all-min.css?ver=5.15.4
192.185.16.233200 OK 13 kB URL HTTP/1.1 pgbcblanchard.com/wp-content/plugins/better-block-patterns/assets/css/bbp-fontawesome-all-min.css?ver=5.15.4
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (59119)
Hash b0f8e87e9981af1674b7eaa9c70b9385
0eb6e98f3c168af517091717c2704470ca77e2a5
8f20f3d4b106ffd48712adf2fc7394dce546d73b3d48e3485308f977c621981a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/better-block-patterns/assets/css/bbp-fontawesome-all-min.css?ver=5.15.4 HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:50 GMT
Server: Apache
Last-Modified: Tue, 12 Jul 2022 02:22:31 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12852
Content-Type: text/css
push.services.mozilla.com/
35.165.143.157101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.165.143.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: la4pACQDVGtZeNWK812meA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KL5bHt2e521/k2uKAQd8JPcK2ig=
pgbcblanchard.com/wp-content/plugins/better-block-patterns/assets/css/bbp-flexslider.css?ver=1.0.3
192.185.16.233200 OK 1.4 kB URL HTTP/1.1 pgbcblanchard.com/wp-content/plugins/better-block-patterns/assets/css/bbp-flexslider.css?ver=1.0.3
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 5661fa618c43aefe648ee8bb9decbf60
b1e23d06359a3ca108f9a452d526a481515895c4
a710f3390823c36522684d4d58ca3b570a179efdd0ec288f012779e883cc9f81
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/better-block-patterns/assets/css/bbp-flexslider.css?ver=1.0.3 HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:50 GMT
Server: Apache
Last-Modified: Tue, 12 Jul 2022 02:22:31 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1413
Content-Type: text/css
pgbcblanchard.com/wp-content/uploads/bbp-core.css?ver=1.0.3
192.185.16.233200 OK 3.7 kB URL HTTP/1.1 pgbcblanchard.com/wp-content/uploads/bbp-core.css?ver=1.0.3
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF, LF line terminators
Hash 68ee08dbfedc5262dece5179581c9958
eb271330a04ff8cdac5ecddb83c61009acdd5195
77ec8bbc07081e8ff39723334a0fe3e919a3347221bd2588b0354efc3286e2cb
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/uploads/bbp-core.css?ver=1.0.3 HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:50 GMT
Server: Apache
Last-Modified: Tue, 12 Jul 2022 02:44:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3675
Content-Type: text/css
pgbcblanchard.com/wp-content/themes/faith/style.css?ver=6.0.2
192.185.16.233200 OK 22 kB URL HTTP/1.1 pgbcblanchard.com/wp-content/themes/faith/style.css?ver=6.0.2
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (439), with CRLF line terminators
Hash 3fceea0d4797d4eadb051a35dfaaf5cf
9b012bef5e834b590769a43beb1db55e8a76e473
76dccf241b2695a72ed180d56c6a995704cc339ac4442a70e02e9396349944de
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/faith/style.css?ver=6.0.2 HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:50 GMT
Server: Apache
Last-Modified: Tue, 07 Jun 2022 20:03:21 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/css
pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/fontawesome-webfont.ttf?v=4.7.0
192.185.16.233200 OK 166 kB URL HTTP/1.1 pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/fontawesome-webfont.ttf?v=4.7.0
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type TrueType Font data, 13 tables, 1st "FFTM", 24 names, Macintosh\012- data
Size 166 kB (165548 bytes)
Hash b06871f281fee6b241d60582ae9369b9
13b1eab65a983c7a73bc7997c479d66943f7c6cb
aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/fontawesome-webfont.ttf?v=4.7.0 HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:50 GMT
Server: nginx/1.21.6
Content-Type: font/ttf
Content-Length: 165548
Last-Modified: Mon, 26 Sep 2022 18:40:33 GMT
X-Server-Cache: true
X-Proxy-Cache: EXPIRED
Accept-Ranges: bytes
pgbcblanchard.com/wp-content/themes/faith-child/style.css?ver=1.0.10.1594344231
192.185.16.233200 OK 474 B URL HTTP/1.1 pgbcblanchard.com/wp-content/themes/faith-child/style.css?ver=1.0.10.1594344231
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (321)
Hash dcc97bb4465713eaa5a45073ba46d0f7
f4c33cdc095a351d4d661e612d6d14fffc46defd
a2dfc989951a39b821a4ef0f77832e9bc0093f63104e93f2b20d868daf11b919
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/faith-child/style.css?ver=1.0.10.1594344231 HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:50 GMT
Server: Apache
Last-Modified: Fri, 10 Jul 2020 01:23:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 474
Content-Type: text/css
pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/socicon.ttf?v=4.2.7
192.185.16.233200 OK 75 kB URL HTTP/1.1 pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/socicon.ttf?v=4.2.7
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, socicon \012- data
Hash 2ff860f5f4c4f92499ae3b11087d918b
03f1fc20b3be507907a4e9123874a230a60ac1f2
d112e5a07ab11472f271092f3a874b9041d7aeab1f325ce12e28e1318522688e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/socicon.ttf?v=4.2.7 HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:50 GMT
Server: nginx/1.21.6
Content-Type: font/ttf
Content-Length: 74668
Last-Modified: Mon, 26 Sep 2022 18:40:33 GMT
X-Server-Cache: true
X-Proxy-Cache: EXPIRED
Accept-Ranges: bytes
pgbcblanchard.com/wp-content/themes/faith/css/icomoon.css?ver=1.0.10.1594344231
192.185.16.233200 OK 499 B URL HTTP/1.1 pgbcblanchard.com/wp-content/themes/faith/css/icomoon.css?ver=1.0.10.1594344231
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 982eca0950af82760ca39290278fb24a
a8d92574541363725bad52e8de61d4bf2b0b85f1
986e36a60da0dc9b81da4c8e326d49cc2f6f465634713c6f5bcea2e90d033c59
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/faith/css/icomoon.css?ver=1.0.10.1594344231 HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:51 GMT
Server: Apache
Last-Modified: Tue, 07 Jun 2022 20:03:21 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 499
Content-Type: text/css
pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/wpzoom-socicon.css?ver=1664217633
192.185.16.233200 OK 4.0 kB URL HTTP/1.1 pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/wpzoom-socicon.css?ver=1664217633
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 24fdc8f9a799bb64a8b535622a94fe41
7cabaf6d3437db41bb2e752d736421e101ec461a
0d2c432085ef6974c21ad5ec32f7a386945c50eed90e2e551b3dd9002bc6de3e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/wpzoom-socicon.css?ver=1664217633 HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:51 GMT
Server: Apache
Last-Modified: Mon, 26 Sep 2022 18:40:33 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4005
Content-Type: text/css
pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/genericons.css?ver=1664217633
192.185.16.233200 OK 2.0 kB URL HTTP/1.1 pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/genericons.css?ver=1664217633
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d6a67b29fa2018d779f173849f1b082a
ec24b7305f519424f2bf7e79c7c57a34b830a01e
1499a2ec88ba077b1551324ca86a51a369ecd5aca2ccebea7f4a665b244ec0bf
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/genericons.css?ver=1664217633 HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:51 GMT
Server: Apache
Last-Modified: Mon, 26 Sep 2022 18:40:33 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2005
Content-Type: text/css
pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/academicons.min.css?ver=1664217633
192.185.16.233200 OK 1.2 kB URL HTTP/1.1 pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/academicons.min.css?ver=1664217633
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 6bce61cc64c1f703125fd1e1bf584a25
fc6db6cd1bd078c83300ea5400f7f8894f83b179
3b04eb06269717462018ad519f47edc1bed71318fc59fed57bdaa64fc94b59a3
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/academicons.min.css?ver=1664217633 HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:51 GMT
Server: Apache
Last-Modified: Mon, 26 Sep 2022 18:40:33 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1245
Content-Type: text/css
pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/font-awesome-3.min.css?ver=1664217633
192.185.16.233200 OK 7.1 kB URL HTTP/1.1 pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/font-awesome-3.min.css?ver=1664217633
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (30852)
Hash 2bd552d26e41db23c48f2f115780a6d7
e34c01b65a3de3a4284b87dd2de1ce11de3093ff
27b366ff576d652f994f1c8cc25276ee177213c4449097d210b310548224be1f
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/font-awesome-3.min.css?ver=1664217633 HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:51 GMT
Server: Apache
Last-Modified: Mon, 26 Sep 2022 18:40:33 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7119
Content-Type: text/css
pgbcblanchard.com/wp-includes/css/dashicons.min.css?ver=6.0.2
192.185.16.233200 OK 36 kB URL HTTP/1.1 pgbcblanchard.com/wp-includes/css/dashicons.min.css?ver=6.0.2
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (58981)
Hash ff6c9e677e54008818f72708ab0f9382
32746d4ae1f8fbeccb280d16fee8fc192f403aeb
88d3e64209eb0f3fb5098328ddfcb0da5bd11711f144d811536674b2ed36b1f3
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/css/dashicons.min.css?ver=6.0.2 HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:51 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 08:07:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/css
pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/wpzoom-social-icons-styles.css?ver=1664217633
192.185.16.233200 OK 975 B URL HTTP/1.1 pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/wpzoom-social-icons-styles.css?ver=1664217633
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 06ba7f32ca3f4cbf88b2dd56bb004406
0dd2b4fa6d213beacd9056d262386c4aa0c2bf90
fcb81d5d803f9cfdbfa02181e560a9f22fbf890183a87e5636ea925c53b98dd9
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/wpzoom-social-icons-styles.css?ver=1664217633 HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:51 GMT
Server: Apache
Last-Modified: Mon, 26 Sep 2022 18:40:33 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 975
Content-Type: text/css
pgbcblanchard.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
192.185.16.233200 OK 4.6 kB URL HTTP/1.1 pgbcblanchard.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash c4beffeac3dad33022ae2410fb8e8dc8
579d5dd85bf074290fa2d4ac39f0af10d5e18f85
cbb6de4dade2852218d51e9660704e93595a7de584306620bccde3ba2f12f3b7
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:51 GMT
Server: Apache
Last-Modified: Sun, 14 Aug 2022 08:33:17 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4635
Content-Type: application/javascript
pgbcblanchard.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
192.185.16.233200 OK 39 kB URL HTTP/1.1 pgbcblanchard.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65447)
Hash 6df07fc07a7cc20a05f1b0802b494d4c
a5342ba5a75fcb183f6f0d2a31e7e0cfc7416db4
be1c421108ef38f04f3228095d56c0dc448370e24eb71e717a1f3f79f4cf8884
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:51 GMT
Server: Apache
Last-Modified: Sun, 14 Aug 2022 08:33:31 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript
pgbcblanchard.com/wp-content/themes/faith/js/superfish.min.js?ver=1
192.185.16.233200 OK 2.0 kB URL HTTP/1.1 pgbcblanchard.com/wp-content/themes/faith/js/superfish.min.js?ver=1
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4271)
Hash a57374e88611cb00ca19562b49cce7a5
b7b2b756d326817989773e837f34192ec263cdeb
ba6dd6e50b6f547d8a814b2e276e39c4c7d7c2d9f2b8c8329099e8b77e221e97
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/faith/js/superfish.min.js?ver=1 HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:51 GMT
Server: Apache
Last-Modified: Sun, 14 Aug 2022 08:35:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2031
Content-Type: application/javascript
pgbcblanchard.com/wp-content/themes/faith/js/jquery.flexslider-min.js?ver=1
192.185.16.233200 OK 9.1 kB URL HTTP/1.1 pgbcblanchard.com/wp-content/themes/faith/js/jquery.flexslider-min.js?ver=1
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (23471)
Hash b8feb5158143ec8f50ae3bc48cd666cd
62b11c54e9b5c1c2af71d8817514872990d9bff8
2097b02581191973cf8445b017e4200c6f4f7641b0cacbddb3bc614dcaaaf9f7
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/faith/js/jquery.flexslider-min.js?ver=1 HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:51 GMT
Server: Apache
Last-Modified: Sun, 14 Aug 2022 08:34:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9097
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7f6c1bbbde940ad17ceda150b7b1664d
7273da22f182d9540784068537cc678ec27800d3
4d8a6cd94e298a71543331248750230237a56a67cef251c7a204291612dbb569
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 04:53:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pgbcblanchard.com/wp-content/plugins/better-block-patterns/assets/js/flexslider-min.js?ver=2.7.2
192.185.16.233200 OK 9.1 kB URL HTTP/1.1 pgbcblanchard.com/wp-content/plugins/better-block-patterns/assets/js/flexslider-min.js?ver=2.7.2
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (23471)
Hash b8feb5158143ec8f50ae3bc48cd666cd
62b11c54e9b5c1c2af71d8817514872990d9bff8
2097b02581191973cf8445b017e4200c6f4f7641b0cacbddb3bc614dcaaaf9f7
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/better-block-patterns/assets/js/flexslider-min.js?ver=2.7.2 HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:51 GMT
Server: Apache
Last-Modified: Sun, 14 Aug 2022 08:37:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9097
Content-Type: application/javascript
pgbcblanchard.com/wp-content/plugins/better-block-patterns/assets/js/flexslider-init.js?ver=1.0.0
192.185.16.233200 OK 379 B URL HTTP/1.1 pgbcblanchard.com/wp-content/plugins/better-block-patterns/assets/js/flexslider-init.js?ver=1.0.0
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash e77d6fb5545b1998d410f5423b7b7cfe
480c006b17b4088670048b275514adbe173116f7
7e1eab384ada9fbb0a745991c7ec743e05adb78bc319922be520c689b3014c96
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/better-block-patterns/assets/js/flexslider-init.js?ver=1.0.0 HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:51 GMT
Server: Apache
Last-Modified: Sun, 14 Aug 2022 08:38:10 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 379
Content-Type: application/javascript
pgbcblanchard.com/wp-content/themes/faith/js/faith.js?ver=1.0.10.1594344231
192.185.16.233200 OK 647 B URL HTTP/1.1 pgbcblanchard.com/wp-content/themes/faith/js/faith.js?ver=1.0.10.1594344231
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash b955a2d3b90264ba1de39cbfee4179e2
a8c90484c70425350cdfe30c55d45d851e98f32c
47f0478237391c9c8cb95f61b6dddb11c53a520e24fe3865a9049525cca09b67
GET /wp-content/themes/faith/js/faith.js?ver=1.0.10.1594344231 HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:51 GMT
Server: Apache
Last-Modified: Sun, 14 Aug 2022 08:34:11 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 647
Content-Type: application/javascript
pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/js/social-icons-widget-frontend.js?ver=1664217633
192.185.16.233200 OK 290 B URL HTTP/1.1 pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/js/social-icons-widget-frontend.js?ver=1664217633
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 3108ac869e6160526e766f7888a3e652
f850c304852ab61cc105ac3566d6784c47e11bd0
cdc8252512fe47bcbd9dd1b200d94482d532455d4afd0d6c412026b078f57509
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/js/social-icons-widget-frontend.js?ver=1664217633 HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:51 GMT
Server: Apache
Last-Modified: Mon, 26 Sep 2022 18:40:33 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 290
Content-Type: application/javascript
pgbcblanchard.com/wp-content/themes/faith/fonts/rubik-v18-latin-regular.woff2
192.185.16.233200 OK 17 kB URL HTTP/1.1 pgbcblanchard.com/wp-content/themes/faith/fonts/rubik-v18-latin-regular.woff2
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 17144, version 1.0\012- data
Hash b8fd53c58dc08126027abfd33797aede
a18747b7a453f091b4501e67916d4f1b03bcc3d6
7bc7fee8ec77f177caa06256240e5f3897ce8258481d3cd42fb32c43cfafa436
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/faith/fonts/rubik-v18-latin-regular.woff2 HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://pgbcblanchard.com/wp-content/themes/faith/style.css?ver=6.0.2
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:51 GMT
Server: Apache
Last-Modified: Tue, 07 Jun 2022 20:03:21 GMT
Accept-Ranges: bytes
Content-Length: 17144
Content-Type: font/woff2
pgbcblanchard.com/wp-content/themes/faith/fonts/rubik-v18-latin-600.woff2
192.185.16.233200 OK 17 kB URL HTTP/1.1 pgbcblanchard.com/wp-content/themes/faith/fonts/rubik-v18-latin-600.woff2
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 17260, version 1.0\012- data
Hash 5f06934fc6868bfd9b2a83283f963d00
98f7dbee1b128f8b8b27dff936b396bab7caae77
4c0730bbb70d540e5d89b5af06148f33f8b3e76db670382320feb93d0cf8f494
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/faith/fonts/rubik-v18-latin-600.woff2 HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://pgbcblanchard.com/wp-content/themes/faith/style.css?ver=6.0.2
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:51 GMT
Server: Apache
Last-Modified: Tue, 07 Jun 2022 20:03:21 GMT
Accept-Ranges: bytes
Content-Length: 17260
Content-Type: font/woff2
www.youtube.com/s/player/5248e50a/www-player.css
142.250.74.78200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/5248e50a/www-player.css
IP 142.250.74.78:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash cc646a7986a47f1d11f5c9e88bdd1c8c
8180d1408b9cae9385f26bb829572697b6c4143d
0972e1f4438c1a29d68feae99ee9d60c751702c833d637456b8b896ec8083406
GET /s/player/5248e50a/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/9Ti6rKRIa7Y
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49798
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 14:50:44 GMT
expires: Thu, 28 Sep 2023 14:50:44 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 28 Sep 2022 00:24:52 GMT
content-type: text/css
age: 50587
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/5248e50a/www-embed-player.vflset/www-embed-player.js
142.250.74.78200 OK 97 kB URL HTTP/2 www.youtube.com/s/player/5248e50a/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (570)
Hash 5c12e56d9aa76c36cc367d8ee02ed4b5
6dc7e01808e6589cb1b04fc30b7d6482b0a6749b
d8e4e109f178614f3afbd73ab3fc385ce1145bb3265bebba392eacbec47a5157
GET /s/player/5248e50a/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/9Ti6rKRIa7Y
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97166
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 14:56:51 GMT
expires: Thu, 28 Sep 2023 14:56:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 28 Sep 2022 00:24:52 GMT
content-type: text/javascript
age: 50220
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/5248e50a/fetch-polyfill.vflset/fetch-polyfill.js
142.250.74.78200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/5248e50a/fetch-polyfill.vflset/fetch-polyfill.js
IP 142.250.74.78:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/5248e50a/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/9Ti6rKRIa7Y
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 14:56:51 GMT
expires: Thu, 28 Sep 2023 14:56:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 28 Sep 2022 00:24:52 GMT
content-type: text/javascript
age: 50220
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7f6c1bbbde940ad17ceda150b7b1664d
7273da22f182d9540784068537cc678ec27800d3
4d8a6cd94e298a71543331248750230237a56a67cef251c7a204291612dbb569
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 04:53:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pgbcblanchard.com/wp-content/themes/faith/fonts/rubik-v18-latin-700.woff2
192.185.16.233200 OK 17 kB URL HTTP/1.1 pgbcblanchard.com/wp-content/themes/faith/fonts/rubik-v18-latin-700.woff2
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 17228, version 1.0\012- data
Hash 94a8e2ccc5cbf6a70c20571caf08dac5
89cfab24a321a7e296e1b2880cce57dc2de4e803
c919b53c16a449bef30abd0515176b17e9e93eb0e1690c3aa738a38a600fa2d1
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/faith/fonts/rubik-v18-latin-700.woff2 HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://pgbcblanchard.com/wp-content/themes/faith/style.css?ver=6.0.2
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:51 GMT
Server: Apache
Last-Modified: Tue, 07 Jun 2022 20:03:21 GMT
Accept-Ranges: bytes
Content-Length: 17228
Content-Type: font/woff2
pgbcblanchard.com/wp-content/uploads/2020/07/cropped-pgbclogo-1.png
192.185.16.233200 OK 10 kB URL HTTP/1.1 pgbcblanchard.com/wp-content/uploads/2020/07/cropped-pgbclogo-1.png
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 200 x 56, 8-bit/color RGBA, non-interlaced\012- data
Hash 29d1ee2a169b3d815d1dc1e0f085e7c9
99c866b573f92d490ff8cfef86911aaf0689fb76
42aa485a1ef2cfd8dee21539741f430e5aaaa9367afdd6ff59cd52e1977272e1
GET /wp-content/uploads/2020/07/cropped-pgbclogo-1.png HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:51 GMT
Server: Apache
Last-Modified: Fri, 10 Jul 2020 02:15:30 GMT
Accept-Ranges: bytes
Content-Length: 10402
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15dbf298fc5c3f79b34abf59118cc01c
c48dc908b9aa86adb5017683a23b625d8fd1b955
9061294bc67906630f52dfdb486941691a8b9291b938c032076cef3f7bf21ce7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 04:53:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pgbcblanchard.com/wp-content/uploads/2020/10/aisle-480x300.jpg
192.185.16.233200 OK 27 kB URL HTTP/1.1 pgbcblanchard.com/wp-content/uploads/2020/10/aisle-480x300.jpg
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2, orientation=upper-left], baseline, precision 8, 480x300, components 3\012- data
Hash 20bc4b8b5a96b8b70272e706e448ba6a
77ae8825acf3452a8503afb146b51b6393a641fa
4c2c8de0c38e5db84e85543d5dd2fe8c87891ff943a008559a44294bcdc25834
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2020/10/aisle-480x300.jpg HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:51 GMT
Server: Apache
Last-Modified: Fri, 09 Oct 2020 20:31:42 GMT
Accept-Ranges: bytes
Content-Length: 27162
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15dbf298fc5c3f79b34abf59118cc01c
c48dc908b9aa86adb5017683a23b625d8fd1b955
9061294bc67906630f52dfdb486941691a8b9291b938c032076cef3f7bf21ce7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 04:53:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 12:31:58 GMT
expires: Sun, 24 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 404513
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Sep 2022 00:48:31 GMT
expires: Sat, 23 Sep 2023 00:48:31 GMT
cache-control: public, max-age=31536000
age: 533120
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pgbcblanchard.com/wp-content/uploads/2020/09/IMG_0907-480x300.jpg
192.185.16.233200 OK 61 kB URL HTTP/1.1 pgbcblanchard.com/wp-content/uploads/2020/09/IMG_0907-480x300.jpg
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=9], baseline, precision 8, 480x300, components 3\012- data
Hash 022d9d6ba9f96d48da3ed5388c62fc5a
0a2299a943104ecea2ab559c75c4ea6d4f3c6a6d
2661bfceca536b08a5824857dd91f8a217f73ae74d4d45b39996c62677e9e336
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2020/09/IMG_0907-480x300.jpg HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:51 GMT
Server: Apache
Last-Modified: Wed, 09 Sep 2020 19:22:23 GMT
Accept-Ranges: bytes
Content-Length: 60670
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15dbf298fc5c3f79b34abf59118cc01c
c48dc908b9aa86adb5017683a23b625d8fd1b955
9061294bc67906630f52dfdb486941691a8b9291b938c032076cef3f7bf21ce7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 04:53:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/socicon.ttf?v=4.1.1
192.185.16.233200 OK 75 kB URL HTTP/1.1 pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/socicon.ttf?v=4.1.1
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, socicon \012- data
Hash 2ff860f5f4c4f92499ae3b11087d918b
03f1fc20b3be507907a4e9123874a230a60ac1f2
d112e5a07ab11472f271092f3a874b9041d7aeab1f325ce12e28e1318522688e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/socicon.ttf?v=4.1.1 HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/wpzoom-socicon.css?ver=1664217633
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:51 GMT
Server: nginx/1.21.6
Content-Type: font/ttf
Content-Length: 74668
Last-Modified: Mon, 26 Sep 2022 18:40:33 GMT
X-Server-Cache: true
X-Proxy-Cache: EXPIRED
Accept-Ranges: bytes
pgbcblanchard.com/wp-content/uploads/2020/10/contact-480x300.png
192.185.16.233409 Conflict 83 B URL HTTP/1.1 pgbcblanchard.com/wp-content/uploads/2020/10/contact-480x300.png
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2020/10/contact-480x300.png HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 409 Conflict
Date: Thu, 29 Sep 2022 04:53:51 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14492
Expires: Thu, 29 Sep 2022 08:55:23 GMT
Date: Thu, 29 Sep 2022 04:53:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14491
Expires: Thu, 29 Sep 2022 08:55:23 GMT
Date: Thu, 29 Sep 2022 04:53:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14491
Expires: Thu, 29 Sep 2022 08:55:23 GMT
Date: Thu, 29 Sep 2022 04:53:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14491
Expires: Thu, 29 Sep 2022 08:55:23 GMT
Date: Thu, 29 Sep 2022 04:53:52 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facd7b538-d96a-4708-95ed-af68304277d4.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facd7b538-d96a-4708-95ed-af68304277d4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dca86bc432ad7d82538e6edac4744212
06a379cb61f7d7f113225b46e3f5e7ced25c6878
55e111e036369e426b8f32f4a43ecec7fb8257b20de8445ae533676acbacb8de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facd7b538-d96a-4708-95ed-af68304277d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9312
x-amzn-requestid: 0982fd37-74e6-4b48-8c8c-3a34fd383655
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZJo02EEQIAMFsIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333bb52-66367f6431f844e965b07df5;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 03:11:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: b4jMrNUwy5xlh8naPaqMLAUgG7EbnDgial9xpvOD2Dxn4s7BOAQlTg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 04:20:40 GMT
age: 1992
etag: "06a379cb61f7d7f113225b46e3f5e7ced25c6878"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F783cca30-851d-4c3b-97b3-dfc92f711d23.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F783cca30-851d-4c3b-97b3-dfc92f711d23.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aed4d25286420a1405c3274931194002
c17c7bdfa4b40f9a0634da65c610869e5c410bf1
f32058bdd49930b927d1f9fdfd204ed054b4f85e0d679eff067d522d42ac504a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F783cca30-851d-4c3b-97b3-dfc92f711d23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4093
x-amzn-requestid: 88076712-b2bb-4aee-81a7-ae35201748ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKZtEXeoAMFVbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334bdd7-317a47e2018160b928a40ff9;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:34:15 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: VztBCwvlCphzQJw_HAODqlJjRAaYDoKFzmkAYhrhUTZJ5rmNtNSzuQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:50:26 GMT
age: 25406
etag: "c17c7bdfa4b40f9a0634da65c610869e5c410bf1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pgbcblanchard.com/wp-content/uploads/2020/07/g1858.png
192.185.16.233200 OK 13 kB URL HTTP/1.1 pgbcblanchard.com/wp-content/uploads/2020/07/g1858.png
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 178 x 203, 8-bit/color RGBA, non-interlaced\012- data
Hash 4fd5bdd7c649e6b9440a82162748ab5e
e4880c32cec2dc31328ac10583f41063700ffd96
8fe8a8d18148feb1323a468fd7d7128a399d6fee116e14fb2c35b5c45f7d64cd
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2020/07/g1858.png HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:51 GMT
Server: Apache
Last-Modified: Fri, 10 Jul 2020 01:57:28 GMT
Accept-Ranges: bytes
Content-Length: 12567
Content-Type: image/png
pgbcblanchard.com/wp-content/uploads/2020/07/g1858-150x150.png
192.185.16.233200 OK 12 kB URL HTTP/1.1 pgbcblanchard.com/wp-content/uploads/2020/07/g1858-150x150.png
IP 192.185.16.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 364b736c14e362bf208a7f5606ff3e81
2787fbb408ff4cd8cb14e7ff1dad6a1a7048c002
a05dfc32cf36bef33060300a3be78d7039380a88156c6d5f0f33c1f594dc6d5e
GET /wp-content/uploads/2020/07/g1858-150x150.png HTTP/1.1
Host: pgbcblanchard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pgbcblanchard.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 04:53:51 GMT
Server: Apache
Last-Modified: Fri, 10 Jul 2020 01:57:28 GMT
Accept-Ranges: bytes
Content-Length: 12222
Content-Type: image/png
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff61695e2-14b2-44b1-b2d0-93aed95788f3.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff61695e2-14b2-44b1-b2d0-93aed95788f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 33d8a1c1782f57095619cfba8c58a4a5
9f21cefa8882ea63961ae2eb51b7cd406b2358d6
47c04dd3680f76a5bc54157c64d64dcb7dea517c8dace4fdcf8e46df43fa9cae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff61695e2-14b2-44b1-b2d0-93aed95788f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10272
x-amzn-requestid: 443e641f-25dc-456c-bb7f-ae23153dc52d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGVSwECzoAMFpeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633268de-20524e433a72428653175a94;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:07:10 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: U4PCOUZJFTvrqjsqGT3JpVnrbjqvkvG4vvqZbyFGk1ri0k_U33N3TA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 03:58:34 GMT
age: 3318
etag: "9f21cefa8882ea63961ae2eb51b7cd406b2358d6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a48a423-ea95-40fe-9f8b-55ca1ca874fc.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a48a423-ea95-40fe-9f8b-55ca1ca874fc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 28799c10f9ea39af55c7003f4254cc60
523da6aeec4cc23897fe01b0bc8b5da254edb3a8
2d1640fbd1f61aee3f2be670b37eb06e20bb265f702a428fadb550a4b51d64ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a48a423-ea95-40fe-9f8b-55ca1ca874fc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9688
x-amzn-requestid: 68e9fd78-af17-4a8f-ad4b-6fe563ae94fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK4JHF5IAMFSXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be9a-603f13d3016d77fa2ca94492;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gIg0vR5I9vnA6Z7MJtTNaXn2TK8YeHWWcJEodiNJ6BEB7z7LUrcV1Q==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 22:04:56 GMT
age: 24536
etag: "523da6aeec4cc23897fe01b0bc8b5da254edb3a8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6acbf011-a3c6-43cd-8ac6-b264d0806686.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6acbf011-a3c6-43cd-8ac6-b264d0806686.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2dae2d2b731dbea3d72711eb4dff2567
9d4b472b38d146bb1d9b46ee881628abb8cd5dc5
21f6b8a436e6ac990601a046f85ed78a2a4af899550d80ce66c43cfdfdcdaae7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6acbf011-a3c6-43cd-8ac6-b264d0806686.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12387
x-amzn-requestid: f1d334f6-9f3b-4af0-bc93-3b9e276311e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGVYsE0DoAMFkZQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63326904-581bb7ec2cb9af0330ea7e8a;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:07:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7zfJvYN8mMu2wVHGvgHE7_JFuIcAKPXjQ8b5a_imzddg1OBQVkpaXg==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 03:26:01 GMT
age: 5271
etag: "9d4b472b38d146bb1d9b46ee881628abb8cd5dc5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5724d6da-9431-4843-a505-d3e09b3288d0.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5724d6da-9431-4843-a505-d3e09b3288d0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b2b1199932a09517125a796542aaeddf
6189f15b09a582c678661657b6428b919e2ae09c
e31dc7cf7a636e5612a7ab9101b6e251af22dae8a3f65a4368f5bc7b4a75b072
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5724d6da-9431-4843-a505-d3e09b3288d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5461
x-amzn-requestid: 4206a547-f263-43be-839d-2f7f6ed98e25
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKnoFjRoAMFa0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be30-5558305f2182858a72a41137;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:35:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gq7CF9rjNa70vwDe4emTa7fBxBJTD3W_GI07BO2hcrdKpsJd4TYbkg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:49:42 GMT
age: 25450
etag: "6189f15b09a582c678661657b6428b919e2ae09c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ecbbfb2f255dc4b33f85b26000dfe7ff
d764f67263f72988d44442c80adc72f25bebd02b
d523bf0d71f08c9bde753eecf562f997169b07401ad15c061a8b87447675d285
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 04:53:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3499488d099934e02c894c15f11025ed
f0436afc962b71d22959b7607dd9e19ee53b99cb
c1375cff21e4f3c7bf53c8938829342f4901e48ff190080e6995f73c82c06460
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 04:53:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
216.58.207.230200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 216.58.207.230:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 04:48:02 GMT
expires: Thu, 29 Sep 2022 05:03:02 GMT
cache-control: public, max-age=900
age: 350
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.34302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Thu, 29 Sep 2022 04:53:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3499488d099934e02c894c15f11025ed
f0436afc962b71d22959b7607dd9e19ee53b99cb
c1375cff21e4f3c7bf53c8938829342f4901e48ff190080e6995f73c82c06460
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 04:53:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ecbbfb2f255dc4b33f85b26000dfe7ff
d764f67263f72988d44442c80adc72f25bebd02b
d523bf0d71f08c9bde753eecf562f997169b07401ad15c061a8b87447675d285
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 04:53:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3e9d3eab1fba386c4fdf3af9a757cfa9
b50127a1072c95ed71110b07dd58eab72747e6f8
869e09d135cff97a1073e32fa1808d0068195421369d138ad6bba86cfef18091
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 04:53:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3e9d3eab1fba386c4fdf3af9a757cfa9
b50127a1072c95ed71110b07dd58eab72747e6f8
869e09d135cff97a1073e32fa1808d0068195421369d138ad6bba86cfef18091
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 04:53:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 29 Sep 2022 04:53:52 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0acb404c6e5e614b2b45960b66540566
9dd62de9f34b30f89ff0fbe054affd8114562b65
78195875441b18f2c34830e59c85bfba8aa9e4afb3953ea232352b49d67d76bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 04:53:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/NAdTarfwBmmVN2jO9_ZDZXbW2JobdXK1pZJ09rC2Bcw.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/NAdTarfwBmmVN2jO9_ZDZXbW2JobdXK1pZJ09rC2Bcw.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (35947)
Hash e50215251e55ca26c783e2e9b382e4a9
80a0845ea0b8569e6b04532c7f958ba759b4f207
85041f26f46486b46c2b91fa99da2e214250de0ec79a3c6edb94c73f7fc9243f
GET /js/th/NAdTarfwBmmVN2jO9_ZDZXbW2JobdXK1pZJ09rC2Bcw.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14149
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 07:45:40 GMT
expires: Mon, 25 Sep 2023 07:45:40 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 15:00:00 GMT
content-type: text/javascript
age: 335292
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 93f982eca1eccfaf6256054dfae58886
c4d33f10d6e49808478712e53d1317cf66736746
5ff7bc420e6b3ea6b8f0ad52cf3fea53b3e3c42ec962090a3a2e79554690d059
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 29 Sep 2022 04:53:52 GMT
server: ESF
cache-control: private
content-length: 30889
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3e9d3eab1fba386c4fdf3af9a757cfa9
b50127a1072c95ed71110b07dd58eab72747e6f8
869e09d135cff97a1073e32fa1808d0068195421369d138ad6bba86cfef18091
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 04:53:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a9c5b4e541b27b804afeac1038e46025
3db88fb6eb91f1cfdf62f71d9254a5bab0ddeefe
8e0c9c28d0130a66c859d712fed89f33d2158101e2767d712b2e32792935dd06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 04:53:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/9Ti6rKRIa7Y/sddefault.webp
142.250.74.86200 OK 55 kB URL HTTP/2 i.ytimg.com/vi_webp/9Ti6rKRIa7Y/sddefault.webp
IP 142.250.74.86:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 19157e8687be47c0b133076ad8c8aa78
e3971ec8ed5d846afcb088a929f0a15bfa413935
f251abd19a9d990a9ec6f3fc4e52acec0d08986493b21b427e025b2257b05ed6
GET /vi_webp/9Ti6rKRIa7Y/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 55036
date: Thu, 29 Sep 2022 04:53:52 GMT
expires: Thu, 29 Sep 2022 06:53:52 GMT
cache-control: public, max-age=7200
etag: "1588447657"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 60862e3cfa179f3df2b96a58912f6787
ff537827cbde6445205715d36d3ae25fa1d6430f
8d359daecf4a7e4b1816e03d675e0f87ad87f729d9f1c9d0d7ef3598a2cbdf08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 04:53:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a9c5b4e541b27b804afeac1038e46025
3db88fb6eb91f1cfdf62f71d9254a5bab0ddeefe
8e0c9c28d0130a66c859d712fed89f33d2158101e2767d712b2e32792935dd06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 04:53:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.106200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 29 Sep 2022 04:53:52 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.106200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f01813816ca5ad9c5b0307fd0180c8a1
23a8097a622c8fa90040aca302b9c640d2f6b20c
d4319d75b6f3fea3a03dca2a824300a6570e06129387f89eac08ccbf8e82e9a8
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 952
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 29 Sep 2022 04:53:52 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yt3.ggpht.com/ytc/AMLnZu_vpmz1-gEliyncOfMCz3ThEKnAwp3nhGdWjUI=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 3.8 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu_vpmz1-gEliyncOfMCz3ThEKnAwp3nhGdWjUI=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash bba2796741bc01fc321fc5cc874e0dd7
2a3c3b6c5b9d992cfa82a714db67fa72d5644936
bf8611dc76e0b03bc158a97734caeea7b73b7fae8b852fdffa0df93722b98f98
GET /ytc/AMLnZu_vpmz1-gEliyncOfMCz3ThEKnAwp3nhGdWjUI=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v30"
expires: Fri, 30 Sep 2022 04:53:52 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 29 Sep 2022 04:53:52 GMT
server: fife
content-length: 3837
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 60862e3cfa179f3df2b96a58912f6787
ff537827cbde6445205715d36d3ae25fa1d6430f
8d359daecf4a7e4b1816e03d675e0f87ad87f729d9f1c9d0d7ef3598a2cbdf08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 04:53:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/5248e50a/player_ias.vflset/en_US/base.js
142.250.74.78200 OK 0 B URL HTTP/2 www.youtube.com/s/player/5248e50a/player_ias.vflset/en_US/base.js
IP 142.250.74.78:0
GET /s/player/5248e50a/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/9Ti6rKRIa7Y
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 591334
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 14:53:56 GMT
expires: Thu, 28 Sep 2023 14:53:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 28 Sep 2022 00:24:52 GMT
content-type: text/javascript
age: 50395
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/embed/9Ti6rKRIa7Y
142.250.74.78200 OK 0 B URL HTTP/2 www.youtube.com/embed/9Ti6rKRIa7Y
IP 142.250.74.78:0
GET /embed/9Ti6rKRIa7Y HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pgbcblanchard.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 29 Sep 2022 04:53:51 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=1APKSCpo4qY; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=HLvBFcJx-wI; Domain=.youtube.com; Expires=Tue, 28-Mar-2023 04:53:51 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+050; expires=Sat, 28-Sep-2024 04:53:51 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2