r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12624
Expires: Thu, 06 Oct 2022 07:39:26 GMT
Date: Thu, 06 Oct 2022 04:09:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
54.230.111.65200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.65:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Vx1Qwu9BpPecC4WsJn7YphC_pi9bHNDnN9nKYyrs3Bp08GXLDxSzrw==
Age: 44504
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
54.230.111.64200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 54.230.111.64:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 06 Oct 2022 04:02:33 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fWysttdyk8HjhRAojhHhNuge3J1w6fQszriE7a8KXU5OaUXSJUmSuQ==
age: 390
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 04:09:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ggdiet.com/
150.95.255.38200 OK 2.3 kB IP 150.95.255.38:0
ASN #7506 GMO Internet,Inc
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash bbc39ca6964509e4358ea52a0b248156
ffa6c9dcf43b85776e8a0bc0604d7e1f25736fa9
3945dc2d1b55f01dbedfe40bb2719380e681138ed440d8cadb0e3e5130a36dd5
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: ggdiet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:09:02 GMT
Server: Apache
Content-Length: 2308
Connection: close
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.65200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.65:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Thu, 06 Oct 2022 03:29:41 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 06 Oct 2022 03:56:13 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: YysEgvrbeD-6Gf905xSiKJ8aoboQAiEFx0Xw1f7R5yJ2QuTSm3Kz2Q==
Age: 2361
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1561c6be7c89d1357a80d12de47b6e74
9a705277922ecca583c867af58b3efce099f83bd
e33dc034dbf4b3b627cd3c1af2d942e2ca5704ec9a4aad5c46ad39eb070e82ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2369
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 04:09:02 GMT
Last-Modified: Thu, 06 Oct 2022 03:29:33 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ggdiet.com/css/style.css?1665029342
150.95.255.38200 OK 3.8 kB URL HTTP/1.1 ggdiet.com/css/style.css?1665029342
IP 150.95.255.38:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (3777), with CRLF line terminators
Hash 2137ea5d6d4330fa76a099d8c6cf73cd
646c8b3f9145d9ff62b2dbc44fb6a613a749eded
6ca4c704054a43b2ebccb4fa780930c22b058cc9b86436fcd78bd067fd5bd096
Analyzer Verdict Alert quad9 Sinkholed
GET /css/style.css?1665029342 HTTP/1.1
Host: ggdiet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:09:02 GMT
Server: Apache
Last-Modified: Fri, 16 Oct 2020 03:09:12 GMT
ETag: "ec3-5b1c116bf6600"
Accept-Ranges: bytes
Content-Length: 3779
Connection: close
Content-Type: text/css
www.googletagmanager.com/gtm.js?id=GTM-PXWVMT
142.250.74.168302 Found 250 B URL HTTP/1.1 www.googletagmanager.com/gtm.js?id=GTM-PXWVMT
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 1bc44c175d7df761a27217e6a392a5e6
d0a3282bc3353895a7fec7b38fd7dd74e8c8d5f5
cf37e87d37039f0b30c48a3d867985afaf51c18a2c2eff4b15ec2d48bcedb07c
GET /gtm.js?id=GTM-PXWVMT HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-PXWVMT
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 06 Oct 2022 04:09:03 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
push.services.mozilla.com/
34.210.107.213101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.210.107.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BKf941Wx4k/6TT6UfeI3vQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 80ew0FVW+jhddLf1NL3PV5XqCvA=
cache.img.gmo.jp/onamae/images/logo.svg
163.171.134.109200 OK 28 kB URL HTTP/1.1 cache.img.gmo.jp/onamae/images/logo.svg
IP 163.171.134.109:0
ASN #54994 QUANTILNETWORKS
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (10462)
Hash 3a98348e489618314d9070557019a36c
5f5b0fe03f676b1980190eb0b7381fd91331c42f
38d2a961276192286a34b9c937c8d0be462b5ec0eaf79f1a873e1698b17a9cf6
GET /onamae/images/logo.svg HTTP/1.1
Host: cache.img.gmo.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:09:03 GMT
Content-Type: image/svg+xml
Content-Length: 27730
Connection: keep-alive
Server: PWS/8.3.1.0.8
Last-Modified: Mon, 29 Aug 2022 02:04:32 GMT
ETag: "6c52-5e757af47ba4e"
Accept-Ranges: bytes
Age: 81244
Via: 1.1 PSxjpSin5jv185:7 (W), 1.1 PSdgflkfFRA1bc200:6 (W), 1.1 PS-ARN-01C8L93:5 (W)
X-Px: ht PS-ARN-01C8L93ARN
X-Ws-Request-Id: 633e54df_PS-ARN-01C8L93_45280-31780
Cache-Control: max-age=86400
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f763a685d14b05b6ced9792151da30b8
b25be5359245be857ffa1bddcb197cb771a36a45
505ad6dc6417d58207f0d68862c4423f4611660ccc6afe165fd3ec2ccb1c893d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 04:09:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-PXWVMT
142.250.74.168200 OK 101 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PXWVMT
IP 142.250.74.168:0
File type Unicode text, UTF-8 text, with very long lines (37641)
Size 101 kB (100795 bytes)
Hash 689738c1232f5512aa6e43e9abe663a7
f663854aefbacf3104d56e335931bb53ac19d307
a2b676d2a8734010cc3545fa5e3e659d1defbca085f39c68c10c9e85f49f0f3c
GET /gtm.js?id=GTM-PXWVMT HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ggdiet.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 06 Oct 2022 04:09:03 GMT
expires: Thu, 06 Oct 2022 04:09:03 GMT
cache-control: private, max-age=900
last-modified: Thu, 06 Oct 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100795
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f763a685d14b05b6ced9792151da30b8
b25be5359245be857ffa1bddcb197cb771a36a45
505ad6dc6417d58207f0d68862c4423f4611660ccc6afe165fd3ec2ccb1c893d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 04:09:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ggdiet.com/js/script.js?1665029342
150.95.255.38200 OK 285 B URL HTTP/1.1 ggdiet.com/js/script.js?1665029342
IP 150.95.255.38:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with CRLF line terminators
Hash ebd843ee8aa39b667d3852d31caf7b79
7b2d185aa0ab07e7a06fe1ffba22868a2cb403a7
c0b86a9dabd485a2dec68b7b8461dc5583ce59dfeaceaf656c545efa460d502f
Analyzer Verdict Alert quad9 Sinkholed
GET /js/script.js?1665029342 HTTP/1.1
Host: ggdiet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:09:03 GMT
Server: Apache
Last-Modified: Fri, 16 Oct 2020 03:09:12 GMT
ETag: "11d-5b1c116bf6600"
Accept-Ranges: bytes
Content-Length: 285
Connection: close
Content-Type: application/javascript
www.googletagmanager.com/gtag/js?id=G-SKHZPJHJCP&l=dataLayer&cx=c
142.250.74.168302 Found 278 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=G-SKHZPJHJCP&l=dataLayer&cx=c
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 37974ce0212af165086b1f0b8be79527
55b38db5ae6cd7fb9a031cd3b84995e0f6db47d0
a3cd2c4a9369d283919acd0495d8d2bb46b2d45fed71b67f1146dafe4ab2bad2
GET /gtag/js?id=G-SKHZPJHJCP&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=G-SKHZPJHJCP&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 06 Oct 2022 04:09:03 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0
www.googletagmanager.com/gtm.js?id=GTM-WFB538P&l=dataLayer
142.250.74.168302 Found 267 B URL HTTP/1.1 www.googletagmanager.com/gtm.js?id=GTM-WFB538P&l=dataLayer
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash c6ae9ab8744fb2d85487d2c2c0a24bab
354cbb900e7d15af2bd125b5b045d9304ac2d8b1
a2ee68cc2397711c88b591bba6e8d69458ea0fffcca10af51972ac00af1c35fd
GET /gtm.js?id=GTM-WFB538P&l=dataLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-WFB538P&l=dataLayer
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 06 Oct 2022 04:09:03 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 267
X-XSS-Protection: 0
cdn.jsdelivr.net/npm/@amplitude/amplitude-js-gtm@2.0.2/dist/index.js
151.101.85.229200 OK 1.3 kB URL HTTP/2 cdn.jsdelivr.net/npm/@amplitude/amplitude-js-gtm@2.0.2/dist/index.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (2850), with no line terminators
Hash 7ca5c1ffa7b465551c971018fd5e3769
33836bc950b7f20705d064d956cebc6362923524
23781a4d7ab649a5ecefd43e6738eff99e507db7a347ed9b345ef3103ed28ae0
GET /npm/@amplitude/amplitude-js-gtm@2.0.2/dist/index.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ggdiet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.0.2
x-jsd-version-type: version
etag: W/"b22-n2o9T9k7cye7ujWQ0K/tCJdFJAM"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 06 Oct 2022 04:09:03 GMT
age: 6222355
x-served-by: cache-fra19147-FRA, cache-bma1622-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1301
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash 282a402bb843f7e742da11ce60a83d68
c39951d76795859f65b92a6a760a857c530d2df4
5a0c5b060dedb85324b5508e7e458bd3828ed20b6e2d356f23d65d9d939ffa44
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:09:03 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "D165828B485D35902E5C879D0A9CCAEB932AA083"
Expires: Thu, 06 Oct 2022 15:00:00 GMT
Last-Modified: Thu, 06 Oct 2022 03:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 482
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b8a140d5a1bfe-OSL
ggdiet.com/include/parking.html
150.95.255.38200 OK 16 kB URL HTTP/1.1 ggdiet.com/include/parking.html
IP 150.95.255.38:0
ASN #7506 GMO Internet,Inc
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash 1038a5ed9f68707eb15d1b13044cfe12
c6ed39a20ff8fb358f2431ad7f241996f1893ab0
a0d9b0beaf52bd7e1fbfc525d911690190a2517a4ae4e6dcd17700e2a1ef5bfd
Analyzer Verdict Alert quad9 Sinkholed
GET /include/parking.html HTTP/1.1
Host: ggdiet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:09:03 GMT
Server: Apache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ggdiet.com/include/swiper.min.css
150.95.255.38200 OK 14 kB URL HTTP/1.1 ggdiet.com/include/swiper.min.css
IP 150.95.255.38:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (13411)
Hash 6f831a2cd3a66125860b090b99b5497e
deef2feb26d0aec53dd92f3afc8d7328cbe2fab8
67e54a2ad4686f2024e769df1f2f2d4ad53011cf2d83db0eec93729f995cc516
Analyzer Verdict Alert quad9 Sinkholed
GET /include/swiper.min.css HTTP/1.1
Host: ggdiet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/include/parking.html
Cookie: _gcl_au=1.1.1790762910.1665029343; _ga_SKHZPJHJCP=GS1.1.1665029343.1.0.1665029343.60.0.0; _ga=GA1.1.995636457.1665029343
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:09:03 GMT
Server: Apache
Last-Modified: Thu, 06 Oct 2022 01:03:06 GMT
ETag: "3563-5ea5341875594"
Accept-Ranges: bytes
Content-Length: 13667
Connection: close
Content-Type: text/css
hm.mieru-ca.com/service/js/mieruca-hm.js?v=1665029343826
54.230.111.92200 OK 7.1 kB URL HTTP/1.1 hm.mieru-ca.com/service/js/mieruca-hm.js?v=1665029343826
IP 54.230.111.92:0
File type ASCII text, with very long lines (7137), with no line terminators
Hash e1ca146c865f212efe0f789363392847
e6737eeb51273038d431706dbc0aacafda6ace09
2240b4d5174a5876038e7dde5c821d5fe451d2bcc74336035bb8867a196ecef6
GET /service/js/mieruca-hm.js?v=1665029343826 HTTP/1.1
Host: hm.mieru-ca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 7137
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 02:20:16 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 05 Oct 2022 16:08:20 GMT
ETag: "e1ca146c865f212efe0f789363392847"
X-Cache: Hit from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 94ZggkXicxtz41ZUQHqcR4UYHNMpBTu2PRtxcRbclZpI9DXsAbj8dQ==
Age: 43331
region1.analytics.google.com/g/collect?v=2&tid=G-SKHZPJHJCP>m=2oea50&_p=1061545310&_gaz=1&cid=995636457.1665029343&ul=en-us&sr=1280x1024&_s=1&sid=1665029343&sct=1&seg=0&dl=http%3A%2F%2Fggdiet.com%2F&dt=ggdiet.com%20%E2%80%93%20%E3%81%93%E3%81%AE%E3%83%89%E3%83%A1%E3%82%A4%E3%83%B3%E3%81%AF%E3%81%8A%E5%90%8D%E5%89%8D.com%E3%81%A7%E5%8F%96%E5%BE%97%E3%81%95%E3%82%8C%E3%81%A6%E3%81%84%E3%81%BE%E3%81%99%E3%80%82&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-SKHZPJHJCP>m=2oea50&_p=1061545310&_gaz=1&cid=995636457.1665029343&ul=en-us&sr=1280x1024&_s=1&sid=1665029343&sct=1&seg=0&dl=http%3A%2F%2Fggdiet.com%2F&dt=ggdiet.com%20%E2%80%93%20%E3%81%93%E3%81%AE%E3%83%89%E3%83%A1%E3%82%A4%E3%83%B3%E3%81%AF%E3%81%8A%E5%90%8D%E5%89%8D.com%E3%81%A7%E5%8F%96%E5%BE%97%E3%81%95%E3%82%8C%E3%81%A6%E3%81%84%E3%81%BE%E3%81%99%E3%80%82&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-SKHZPJHJCP>m=2oea50&_p=1061545310&_gaz=1&cid=995636457.1665029343&ul=en-us&sr=1280x1024&_s=1&sid=1665029343&sct=1&seg=0&dl=http%3A%2F%2Fggdiet.com%2F&dt=ggdiet.com%20%E2%80%93%20%E3%81%93%E3%81%AE%E3%83%89%E3%83%A1%E3%82%A4%E3%83%B3%E3%81%AF%E3%81%8A%E5%90%8D%E5%89%8D.com%E3%81%A7%E5%8F%96%E5%BE%97%E3%81%95%E3%82%8C%E3%81%A6%E3%81%84%E3%81%BE%E3%81%99%E3%80%82&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ggdiet.com
Connection: keep-alive
Referer: http://ggdiet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://ggdiet.com
date: Thu, 06 Oct 2022 04:09:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eac86f868b3967f1946c7f5fc712b25f
e2ae8eb09715a0af0791c085eb35bf66e0548e30
bceb14e7a478c0e34a0f1d8286eb954566c62051e996bc36189de922a76a6e06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 04:09:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/g/collect?v=2&tid=G-SKHZPJHJCP&cid=995636457.1665029343>m=2oea50&aip=1
173.194.73.156204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-SKHZPJHJCP&cid=995636457.1665029343>m=2oea50&aip=1
IP 173.194.73.156:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-SKHZPJHJCP&cid=995636457.1665029343>m=2oea50&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ggdiet.com
Connection: keep-alive
Referer: http://ggdiet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://ggdiet.com
date: Thu, 06 Oct 2022 04:09:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eac86f868b3967f1946c7f5fc712b25f
e2ae8eb09715a0af0791c085eb35bf66e0548e30
bceb14e7a478c0e34a0f1d8286eb954566c62051e996bc36189de922a76a6e06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 04:09:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ggdiet.com/include/parking.css
150.95.255.38200 OK 58 kB URL HTTP/1.1 ggdiet.com/include/parking.css
IP 150.95.255.38:0
ASN #7506 GMO Internet,Inc
File type Unicode text, UTF-8 text, with very long lines (57413)
Hash 7903a1bde84469b2cbd99c6cb04555e7
284ac9eac357da4ed135501b867bb6079018ef9b
e157c916ea7d2ab5f3c1ac3adf4009bbc63dfdb51aecd450899394f2cb444593
Analyzer Verdict Alert quad9 Sinkholed
GET /include/parking.css HTTP/1.1
Host: ggdiet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/include/parking.html
Cookie: _gcl_au=1.1.1790762910.1665029343; _ga_SKHZPJHJCP=GS1.1.1665029343.1.0.1665029343.60.0.0; _ga=GA1.1.995636457.1665029343
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:09:03 GMT
Server: Apache
Last-Modified: Thu, 06 Oct 2022 01:03:06 GMT
ETag: "e092-5ea53418751ac"
Accept-Ranges: bytes
Content-Length: 57490
Connection: close
Content-Type: text/css
ggdiet.com/include/jquery-1.12.4.min.js
150.95.255.38200 OK 97 kB URL HTTP/1.1 ggdiet.com/include/jquery-1.12.4.min.js
IP 150.95.255.38:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (32077)
Hash 4f252523d4af0b478c810c2547a63e19
5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Analyzer Verdict Alert quad9 Sinkholed
GET /include/jquery-1.12.4.min.js HTTP/1.1
Host: ggdiet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/include/parking.html
Cookie: _gcl_au=1.1.1790762910.1665029343; _ga_SKHZPJHJCP=GS1.1.1665029343.1.0.1665029343.60.0.0; _ga=GA1.1.995636457.1665029343
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:09:03 GMT
Server: Apache
Last-Modified: Thu, 06 Oct 2022 01:03:06 GMT
ETag: "17b8b-5ea5341874dc4"
Accept-Ranges: bytes
Content-Length: 97163
Connection: close
Content-Type: application/javascript
jscdn.appier.net/aa.js?id=onamae.com
23.36.76.203200 OK 20 kB URL HTTP/1.1 jscdn.appier.net/aa.js?id=onamae.com
IP 23.36.76.203:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (31981)
Hash 7d4729cb037d7715cb7ac46ff6aefbf4
a53ad6a08cf4f37c628208410807952a72306f08
cd254b4bf93c3e5c4665d35b0fbfd1b806887285595aedec35ef5cb5769bb028
GET /aa.js?id=onamae.com HTTP/1.1
Host: jscdn.appier.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/javascript; charset=utf-8
ETag: W/"1f3acb4991ca202b7d7a0497424b152b"
Content-Encoding: gzip
Content-Length: 20158
Cache-Control: max-age=300
Date: Thu, 06 Oct 2022 04:09:04 GMT
Connection: keep-alive
Vary: Accept-Encoding
hpjp.mieru-ca.com/embed?service=heatmap-popup&tokenId=203397161&protocol=http:&hostname=ggdiet.com&pathname=%2F&search=&hash=&dv=d
54.150.27.186200 OK 73 B URL HTTP/1.1 hpjp.mieru-ca.com/embed?service=heatmap-popup&tokenId=203397161&protocol=http:&hostname=ggdiet.com&pathname=%2F&search=&hash=&dv=d
IP 54.150.27.186:0
File type ASCII text, with no line terminators
Hash 1015fe24eb7a44ed1720ca021a38650b
18ead847489881866bb715fae5c0ab1ac195abc3
3781e6a0ee299fb580df8e48f1a97e7d79014ace9136cab4ca90294e8c3fd4b6
GET /embed?service=heatmap-popup&tokenId=203397161&protocol=http:&hostname=ggdiet.com&pathname=%2F&search=&hash=&dv=d HTTP/1.1
Host: hpjp.mieru-ca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:09:04 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 73
Connection: keep-alive
server: Mieruca HeatMap
access-control-allow-headers: Content-Type
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Accept-Encoding
accept-ranges: bytes
ntjp.mieru-ca.com/hm
18.180.225.8101 Switching Protocols 0 B IP 18.180.225.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /hm HTTP/1.1
Host: ntjp.mieru-ca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Sec-WebSocket-Version: 13
Origin: http://ggdiet.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vi5f3UNYOP6bmGb8/cwo5A==
Connection: keep-alive, Upgrade
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Thu, 06 Oct 2022 04:09:04 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: pSagP32UlXvDNoy96h4DP13aUKg=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8344
Expires: Thu, 06 Oct 2022 06:28:08 GMT
Date: Thu, 06 Oct 2022 04:09:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dbba56f647bf5989ca51863632bbebfc
26694f34166345ee5693653e0101db6b910e68ba
ec5cc38f2a77e8e655aeeb7a376cf882ccb7163e4ef9d1ce4633ab4754e48765
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4140
x-amzn-requestid: 13fcd792-1fcc-44b5-aa9e-d2773a60fe77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uHrbIAMFbqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-5b5f5d781b9d651b68c04f2e;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: wfnbRpTKni8hbAmJXO9vdisV6ZPoRP-eBb3wP4RzPS7MlXvp7282dw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 6a63e853422f3197776fb098fab5a416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:36:41 GMT
age: 23543
etag: "26694f34166345ee5693653e0101db6b910e68ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8344
Expires: Thu, 06 Oct 2022 06:28:08 GMT
Date: Thu, 06 Oct 2022 04:09:04 GMT
Connection: keep-alive
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20039
Date: Thu, 06 Oct 2022 02:22:02 GMT
Expires: Thu, 06 Oct 2022 04:22:02 GMT
Cache-Control: public, max-age=7200
Age: 6422
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e238ccaa3b9fa88476a8514855e8232f
447cbf348ef10d0136a1811e843c46937defbba1
43dce3c1eb388dfaddca4176acb6eb32f76fc4c03fca18e7a315c9ddb43d2b02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7270
x-amzn-requestid: f2f15f43-6054-40f5-943a-530671e772dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjOZjF3aIAMFW9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df770-5e2253791a927c8c40a0ff0d;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:30:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: xRuMce_9OkP3R2DqHjZI34GwkDezdfGKsgntCMTZG2c6SJUcyv0Ckg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:56:40 GMT
etag: "447cbf348ef10d0136a1811e843c46937defbba1"
content-type: image/jpeg
age: 22344
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4fc2ddd86450d64d3fb659ab4e78be58
bbe71936b78a8c34d03ab87948dc840b35c6948f
84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: szhtD9f4RuQaDKXe7LElSR0yOKo9cYa1i2YMeG3eSpBXP8ePcdzQig==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 07:29:32 GMT
age: 74372
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbffd8689-87c3-4efb-b880-4109e3dc9294.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbffd8689-87c3-4efb-b880-4109e3dc9294.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 72ad6f9b79e7a3d11e3ace6b0e969614
a9cd62230d4aabfcc2e8b2494e687d854254113e
1d59cd22b3316da6f1d44076089ba983faed5327d174ddb3cb3d58f487ccae51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbffd8689-87c3-4efb-b880-4109e3dc9294.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7919
x-amzn-requestid: 01497827-07e5-4129-abf2-120b00eed8c0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPs5F1LoAMF8Ww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df985-4b0c175142a6ace915d5e5d2;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:39:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: QElSCxuAj2dM9Psp2_fPTSi1goaNKkylf7D9ITOplorOFLIGIV332g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:52:46 GMT
age: 22578
etag: "a9cd62230d4aabfcc2e8b2494e687d854254113e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F913c841b-40a5-4fa4-bc55-0e9d1369640e.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F913c841b-40a5-4fa4-bc55-0e9d1369640e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a508ac9cd743bec987b2a24454418265
8c7ecefe6908387e2128dc849a6ba857991ba0ab
afb2c2b51f2ce445ada599068901551beee594b15c152ed7551ab7a8835dde6d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F913c841b-40a5-4fa4-bc55-0e9d1369640e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10809
x-amzn-requestid: db4d1d2a-05b8-403e-a7ca-8b8a6a0a4087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQb-HrTIAMFtNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfab2-74f184406a48e42c0ecc4ec9;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: tv80OXQUu13gDuuFESnEnXMuFdNBmGc1y592euL7QnfZW5PwJym9-g==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:53:39 GMT
age: 22525
etag: "8c7ecefe6908387e2128dc849a6ba857991ba0ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1d4c3917173bd92c4b3208cdf2c7c345
726a9aa16eef5844afde825f9faf1b505d31e69b
572eebfaf735eb8aa1b3563d0317d52f5d22e9e83e5f5b6723f65da83fb15f22
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 04:09:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d3175ca-da8b-4a6f-a315-9f1d92299891.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d3175ca-da8b-4a6f-a315-9f1d92299891.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57f90a95d91632baf3b89d7b3b46361f
0f37ee870c8855919900c99204ffffe736548a3f
a3449e46854b90fdcda4a0ba83b4b0892a7888b17211d814c0db930116bb9a32
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d3175ca-da8b-4a6f-a315-9f1d92299891.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6693
x-amzn-requestid: 1531f482-cdf5-4506-ba1c-18a66173457b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQNxF45oAMFxJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfa57-28e8e572281d5f110c26dcf1;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:42:47 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: RIa9NLHuV7fSlBeUyYv0LF3sapZQiWMRqKgY9Oa3cdLywQznXbTDOQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 a4479a6315f90864adc6175b280f8f44.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 22:56:19 GMT
age: 18765
etag: "0f37ee870c8855919900c99204ffffe736548a3f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 40a4de06678d96242b71d5318f2fd4ef
546a7d1d92df81916f14155943427b5453ae3924
aed9af25ae57c181702a137d48cb00f5b30297180161451de3b628359dc9ec6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 04:09:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SKHZPJHJCP&cid=995636457.1665029343>m=2oea50&aip=1&z=272824466
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SKHZPJHJCP&cid=995636457.1665029343>m=2oea50&aip=1&z=272824466
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SKHZPJHJCP&cid=995636457.1665029343>m=2oea50&aip=1&z=272824466 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ggdiet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 04:09:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ggdiet.com/include/secondary_auction_icon.svg
150.95.255.38200 OK 1.5 kB URL HTTP/1.1 ggdiet.com/include/secondary_auction_icon.svg
IP 150.95.255.38:0
ASN #7506 GMO Internet,Inc
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1533), with no line terminators
Hash f33934e7a627486bf074e6b97b1ca2ae
a8fcdfed6b78ed98ec07d4c1b05a4192e70b78c5
d1998eb5f85f983680734d8223efda72378c5c195884e9238dc8c05f4d8ab7e4
Analyzer Verdict Alert quad9 Sinkholed
GET /include/secondary_auction_icon.svg HTTP/1.1
Host: ggdiet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/include/parking.html
Cookie: _gcl_au=1.1.1790762910.1665029343; _ga_SKHZPJHJCP=GS1.1.1665029343.1.0.1665029343.60.0.0; _ga=GA1.1.995636457.1665029343
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:09:04 GMT
Server: Apache
Last-Modified: Thu, 06 Oct 2022 01:03:06 GMT
ETag: "5fd-5ea53418751ac"
Accept-Ranges: bytes
Content-Length: 1533
Connection: close
Content-Type: image/svg+xml
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 15 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1654)
Hash 8766c5a801f08afceca9b66ff9097e6a
ce7640d1d166eddeb9d40be642ec34652f790713
f448f99b4ad9a9b50daa9c38054cf16ab2b9fcb5d83ddad60571fb6a8a432a99
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ggdiet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 06 Oct 2022 04:09:04 GMT
expires: Thu, 06 Oct 2022 04:09:04 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 17557423932572341828
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15187
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1d4c3917173bd92c4b3208cdf2c7c345
726a9aa16eef5844afde825f9faf1b505d31e69b
572eebfaf735eb8aa1b3563d0317d52f5d22e9e83e5f5b6723f65da83fb15f22
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 04:09:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/j/collect?v=1&_v=j98&a=1061545310&t=pageview&_s=1&dl=http%3A%2F%2Fggdiet.com%2F&ul=en-us&de=UTF-8&dt=ggdiet.com%20%E2%80%93%20%E3%81%93%E3%81%AE%E3%83%89%E3%83%A1%E3%82%A4%E3%83%B3%E3%81%AF%E3%81%8A%E5%90%8D%E5%89%8D.com%E3%81%A7%E5%8F%96%E5%BE%97%E3%81%95%E3%82%8C%E3%81%A6%E3%81%84%E3%81%BE%E3%81%99%E3%80%82&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YADAAEABAAAAACAAI~&jid=1471924449&gjid=738719110&cid=995636457.1665029343&tid=UA-47544241-5&_gid=927018872.1665029344&_r=1>m=2wga50PXWVMT&z=709453859
142.250.74.174200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=1061545310&t=pageview&_s=1&dl=http%3A%2F%2Fggdiet.com%2F&ul=en-us&de=UTF-8&dt=ggdiet.com%20%E2%80%93%20%E3%81%93%E3%81%AE%E3%83%89%E3%83%A1%E3%82%A4%E3%83%B3%E3%81%AF%E3%81%8A%E5%90%8D%E5%89%8D.com%E3%81%A7%E5%8F%96%E5%BE%97%E3%81%95%E3%82%8C%E3%81%A6%E3%81%84%E3%81%BE%E3%81%99%E3%80%82&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YADAAEABAAAAACAAI~&jid=1471924449&gjid=738719110&cid=995636457.1665029343&tid=UA-47544241-5&_gid=927018872.1665029344&_r=1>m=2wga50PXWVMT&z=709453859
IP 142.250.74.174:0
File type ASCII text, with no line terminators
Hash cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
POST /j/collect?v=1&_v=j98&a=1061545310&t=pageview&_s=1&dl=http%3A%2F%2Fggdiet.com%2F&ul=en-us&de=UTF-8&dt=ggdiet.com%20%E2%80%93%20%E3%81%93%E3%81%AE%E3%83%89%E3%83%A1%E3%82%A4%E3%83%B3%E3%81%AF%E3%81%8A%E5%90%8D%E5%89%8D.com%E3%81%A7%E5%8F%96%E5%BE%97%E3%81%95%E3%82%8C%E3%81%A6%E3%81%84%E3%81%BE%E3%81%99%E3%80%82&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YADAAEABAAAAACAAI~&jid=1471924449&gjid=738719110&cid=995636457.1665029343&tid=UA-47544241-5&_gid=927018872.1665029344&_r=1>m=2wga50PXWVMT&z=709453859 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://ggdiet.com
Connection: keep-alive
Referer: http://ggdiet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://ggdiet.com
date: Thu, 06 Oct 2022 04:09:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f9371f81e2eeeead7fe351a49f3b1c40
ae23d6c6c57dd7cf568c3a74594c377b7bb7df43
03c4ba0faa3199d061d1bb37df5d48ba6d81f77a83e243922075efc4d4acf456
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 04:09:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/1033267383/?random=1665029344533&cv=9&fst=1665029344533&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wga50&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fggdiet.com%2F&tiba=ggdiet.com%20%E2%80%93%20%E3%81%93%E3%81%AE%E3%83%89%E3%83%A1%E3%82%A4%E3%83%B3%E3%81%AF%E3%81%8A%E5%90%8D%E5%89%8D.com%E3%81%A7%E5%8F%96%E5%BE%97%E3%81%95%E3%82%8C%E3%81%A6%E3%81%84%E3%81%BE%E3%81%99%E3%80%82&auid=1790762910.1665029343&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.2200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1033267383/?random=1665029344533&cv=9&fst=1665029344533&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wga50&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fggdiet.com%2F&tiba=ggdiet.com%20%E2%80%93%20%E3%81%93%E3%81%AE%E3%83%89%E3%83%A1%E3%82%A4%E3%83%B3%E3%81%AF%E3%81%8A%E5%90%8D%E5%89%8D.com%E3%81%A7%E5%8F%96%E5%BE%97%E3%81%95%E3%82%8C%E3%81%A6%E3%81%84%E3%81%BE%E3%81%99%E3%80%82&auid=1790762910.1665029343&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.2:0
File type ASCII text, with very long lines (2540), with no line terminators
Hash 63448c138ec92aa2e579dd92fbd4e4e5
b8351ca386f8e200e469e5f51578cac11b4d635e
178ad2ecd806c05f7561f2311bf72bb31317f0cfa6610c8a9fa4c2e74ba20425
GET /pagead/viewthroughconversion/1033267383/?random=1665029344533&cv=9&fst=1665029344533&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wga50&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fggdiet.com%2F&tiba=ggdiet.com%20%E2%80%93%20%E3%81%93%E3%81%AE%E3%83%89%E3%83%A1%E3%82%A4%E3%83%B3%E3%81%AF%E3%81%8A%E5%90%8D%E5%89%8D.com%E3%81%A7%E5%8F%96%E5%BE%97%E3%81%95%E3%82%8C%E3%81%A6%E3%81%84%E3%81%BE%E3%81%99%E3%80%82&auid=1790762910.1665029343&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ggdiet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 04:09:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1090
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 06-Oct-2022 04:24:04 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ggdiet.com/include/s_code.js
150.95.255.38200 OK 53 kB URL HTTP/1.1 ggdiet.com/include/s_code.js
IP 150.95.255.38:0
ASN #7506 GMO Internet,Inc
File type Unicode text, UTF-8 text, with very long lines (1005), with CRLF line terminators
Hash e2350508e48bf51a129fbadfe78fc2f1
f4608dc83696fcc3beb15c5919f152b27df8e85f
f6c77a3d6e402cc7a0bf781b7fb7944586adfa6b6cb19de65f2d0909f0e1bb6e
Analyzer Verdict Alert quad9 Sinkholed
GET /include/s_code.js HTTP/1.1
Host: ggdiet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/include/parking.html
Cookie: _gcl_au=1.1.1790762910.1665029343; _ga_SKHZPJHJCP=GS1.1.1665029343.1.0.1665029343.60.0.0; _ga=GA1.1.995636457.1665029343
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:09:04 GMT
Server: Apache
Last-Modified: Thu, 06 Oct 2022 01:03:06 GMT
ETag: "ce46-5ea53418751ac"
Accept-Ranges: bytes
Content-Length: 52806
Connection: close
Content-Type: application/javascript
www.clarity.ms/eus2/s/0.6.42/clarity.js
13.107.213.53200 OK 23 kB URL HTTP/2 www.clarity.ms/eus2/s/0.6.42/clarity.js
IP 13.107.213.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (54141)
Hash f016daac053b80575e11e20b6644142b
bc23277b8eae567b77c3dfc3f03b91fb054feda7
ee91529c076bf5e87a26b3c045e0b6e63326e6aa871dafea1c1509f73454123d
GET /eus2/s/0.6.42/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ggdiet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-length: 23382
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8d8e58fdaa9d4"
vary: Accept-Encoding
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-cache: CONFIG_NOCACHE
x-azure-ref: 04FQ+YwAAAAA9ocPD2F62RpSui7ZFAgi3U1ZHMjBFREdFMDUyMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Thu, 06 Oct 2022 04:09:04 GMT
X-Firefox-Spdy: h2
ggdiet.com/include/swiper.min.js
150.95.255.38200 OK 138 kB URL HTTP/1.1 ggdiet.com/include/swiper.min.js
IP 150.95.255.38:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (65280)
Size 138 kB (138499 bytes)
Hash cd5e9023967a0cd17a7633c9aaca748a
e99576a0513d1c1dfc4e8730ff6ad74609eba8f4
3cad5361705995f61ac053ca047f4e9b02eb99832561de41809e9ffb4d671063
Analyzer Verdict Alert quad9 Sinkholed
GET /include/swiper.min.js HTTP/1.1
Host: ggdiet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/include/parking.html
Cookie: _gcl_au=1.1.1790762910.1665029343; _ga_SKHZPJHJCP=GS1.1.1665029343.1.0.1665029343.60.0.0; _ga=GA1.1.995636457.1665029343
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:09:03 GMT
Server: Apache
Last-Modified: Thu, 06 Oct 2022 01:03:05 GMT
ETag: "21d03-5ea53417cb596"
Accept-Ranges: bytes
Content-Length: 138499
Connection: close
Content-Type: application/javascript
ggdiet.com/include/bulkdomain.png
150.95.255.38200 OK 4.8 kB URL HTTP/1.1 ggdiet.com/include/bulkdomain.png
IP 150.95.255.38:0
ASN #7506 GMO Internet,Inc
File type PNG image data, 680 x 272, 8-bit colormap, non-interlaced\012- data
Hash 24b8df64f43149e4f21b189fc54237e2
122008e44ef61279ba6d9474b219527b7e6c6d4b
6f14f8526064e3a4c9a82af9277863b83fecccbce0c7ce18b7870192895b155b
Analyzer Verdict Alert quad9 Sinkholed
GET /include/bulkdomain.png HTTP/1.1
Host: ggdiet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/include/parking.html
Cookie: _gcl_au=1.1.1790762910.1665029343; _ga_SKHZPJHJCP=GS1.1.1665029343.1.0.1665029343.60.0.0; _ga=GA1.1.995636457.1665029343
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:09:04 GMT
Server: Apache
Last-Modified: Thu, 06 Oct 2022 01:03:06 GMT
ETag: "12c4-5ea53418749dc"
Accept-Ranges: bytes
Content-Length: 4804
Connection: close
Content-Type: image/png
ggdiet.com/include/banner.png
150.95.255.38200 OK 31 kB URL HTTP/1.1 ggdiet.com/include/banner.png
IP 150.95.255.38:0
ASN #7506 GMO Internet,Inc
File type PNG image data, 2160 x 480, 8-bit colormap, non-interlaced\012- data
Hash 5bf41a9eda59c2de0fae6ee74aad826c
73a6b65180262d622941c3dd1ac508fa2bda9688
8bf4919bd3e5571d6306cc5edafdfedd7695defb0835945ea72c537ea4e13e19
Analyzer Verdict Alert quad9 Sinkholed
GET /include/banner.png HTTP/1.1
Host: ggdiet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/include/parking.html
Cookie: _gcl_au=1.1.1790762910.1665029343; _ga_SKHZPJHJCP=GS1.1.1665029343.1.0.1665029343.60.0.0; _ga=GA1.1.995636457.1665029343
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:09:04 GMT
Server: Apache
Last-Modified: Thu, 06 Oct 2022 01:03:06 GMT
ETag: "79d8-5ea53418749dc"
Accept-Ranges: bytes
Content-Length: 31192
Connection: close
Content-Type: image/png
ggdiet.com/include/onamae_domain_icon.woff
150.95.255.38200 OK 7.1 kB URL HTTP/1.1 ggdiet.com/include/onamae_domain_icon.woff
IP 150.95.255.38:0
ASN #7506 GMO Internet,Inc
File type Web Open Font Format, TrueType, length 7124, version 1.0\012- data
Hash e0c7d06ee03bb3fb4351eee7e7ba8edb
ada31299cd708945fbb49347006d916eb5949a62
87ef17955794fea2f5a22fb8149520a3378fba3e365743e58aaff88943931968
Analyzer Verdict Alert quad9 Sinkholed
GET /include/onamae_domain_icon.woff HTTP/1.1
Host: ggdiet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ggdiet.com/include/parking.css
Cookie: _gcl_au=1.1.1790762910.1665029343; _ga_SKHZPJHJCP=GS1.1.1665029343.1.0.1665029343.60.0.0; _ga=GA1.1.995636457.1665029343
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:09:04 GMT
Server: Apache
Last-Modified: Thu, 06 Oct 2022 01:03:05 GMT
ETag: "1bd4-5ea53417cb1ae"
Accept-Ranges: bytes
Content-Length: 7124
Connection: close
Content-Type: application/font-woff
ggdiet.com/favicon.ico
150.95.255.38302 Found 210 B IP 150.95.255.38:0
ASN #7506 GMO Internet,Inc
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 49f438e0a5ed23fa962fb757827efab0
124ef6dc5ece6a3a27b2c81c29893ce050a58edc
a42f7ab147e2a37e8d538b340c8f7c9b53dca8478b0104606a1f6d7017cffc86
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: ggdiet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/
Cookie: _gcl_au=1.1.1790762910.1665029343; _ga_SKHZPJHJCP=GS1.1.1665029343.1.0.1665029343.60.0.0; _ga=GA1.1.995636457.1665029343
HTTP/1.1 302 Found
Date: Thu, 06 Oct 2022 04:09:04 GMT
Server: Apache
Location: http://dfltweb1.onamae.com
Content-Length: 210
Connection: close
Content-Type: text/html; charset=iso-8859-1
cdn.amplitude.com/libs/amplitude-8.18.1-min.gz.js
54.230.245.209200 OK 25 kB URL HTTP/2 cdn.amplitude.com/libs/amplitude-8.18.1-min.gz.js
IP 54.230.245.209:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash c3ec696faef16420de280b85d83e117f
a68b3f52ffef1e195a0b4b8ab3cc529ebd39c90c
1bc43df38598427bed5b681a8731618ffd8270fab6a935c96cd94f33919f2d7f
GET /libs/amplitude-8.18.1-min.gz.js HTTP/1.1
Host: cdn.amplitude.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ggdiet.com
Connection: keep-alive
Referer: http://ggdiet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 25443
date: Thu, 06 Oct 2022 04:09:05 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Wed, 06 Apr 2022 01:05:30 GMT
etag: "c3ec696faef16420de280b85d83e117f"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: II_SYzym81QVleeRt9SdBWN0SkU4nVoj
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 64CqnGA-ld55bMoXUZN2ZuiUgb_urRSo7A5qiMYM-ThPi6IA51t4Sw==
X-Firefox-Spdy: h2
ggdiet.com/include/inc_85off.png
150.95.255.38200 OK 6.2 kB URL HTTP/1.1 ggdiet.com/include/inc_85off.png
IP 150.95.255.38:0
ASN #7506 GMO Internet,Inc
File type PNG image data, 680 x 272, 8-bit colormap, non-interlaced\012- data
Hash 85438fc2114ef3c32dc50641df0b1bf3
1effff61f7bfe320f50191d8641cdccf26ced2a6
50574ece6efecd5af55f5765b0665e22bbfec1ecd68513a0c1f6d1c55e7059d1
Analyzer Verdict Alert quad9 Sinkholed
GET /include/inc_85off.png HTTP/1.1
Host: ggdiet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/include/parking.html
Cookie: _gcl_au=1.1.1790762910.1665029343; _ga_SKHZPJHJCP=GS1.1.1665029343.1.0.1665029343.60.0.0; _ga=GA1.1.995636457.1665029343
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:09:05 GMT
Server: Apache
Last-Modified: Thu, 06 Oct 2022 01:03:06 GMT
ETag: "183d-5ea5341874dc4"
Accept-Ranges: bytes
Content-Length: 6205
Connection: close
Content-Type: image/png
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 20564
Origin: http://ggdiet.com
Connection: keep-alive
Referer: http://ggdiet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: http://ggdiet.com
access-control-allow-credentials: true
date: Thu, 06 Oct 2022 04:09:04 GMT
X-Firefox-Spdy: h2
ggdiet.com/include/server_wp_b.png
150.95.255.38200 OK 11 kB URL HTTP/1.1 ggdiet.com/include/server_wp_b.png
IP 150.95.255.38:0
ASN #7506 GMO Internet,Inc
File type PNG image data, 680 x 272, 8-bit colormap, non-interlaced\012- data
Hash e7a6de387c84acd212659d31ab7ea76d
b259c0a4ea790465c42d6ff01658609d844aad60
08624056ac3d2db1ef641eccf7eaa2aac254f6dffee6faea022cd4377e7b443a
Analyzer Verdict Alert quad9 Sinkholed
GET /include/server_wp_b.png HTTP/1.1
Host: ggdiet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/include/parking.html
Cookie: _gcl_au=1.1.1790762910.1665029343; _ga_SKHZPJHJCP=GS1.1.1665029343.1.0.1665029343.60.0.0; _ga=GA1.1.995636457.1665029343
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:09:05 GMT
Server: Apache
Last-Modified: Thu, 06 Oct 2022 01:03:06 GMT
ETag: "296a-5ea5341875594"
Accept-Ranges: bytes
Content-Length: 10602
Connection: close
Content-Type: image/png
ggdiet.com/include/whatdomain.svg
150.95.255.38200 OK 19 kB URL HTTP/1.1 ggdiet.com/include/whatdomain.svg
IP 150.95.255.38:0
ASN #7506 GMO Internet,Inc
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (19049), with no line terminators
Hash bd28ae99952a4e5bc7d14d13feaef181
57ce8678a05ed6450848c8b1fd7e0afb59ea6e7d
196cb08a0052f8acaef647963a9b8d130ca4c21b97b2ea27d72d4862ee5f2db4
Analyzer Verdict Alert quad9 Sinkholed
GET /include/whatdomain.svg HTTP/1.1
Host: ggdiet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/include/parking.html
Cookie: _gcl_au=1.1.1790762910.1665029343; _ga_SKHZPJHJCP=GS1.1.1665029343.1.0.1665029343.60.0.0; _ga=GA1.1.995636457.1665029343
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:09:05 GMT
Server: Apache
Last-Modified: Thu, 06 Oct 2022 01:03:06 GMT
ETag: "4a69-5ea5341875594"
Accept-Ranges: bytes
Content-Length: 19049
Connection: close
Content-Type: image/svg+xml
ggdiet.com/include/server_0yen_03.png
150.95.255.38200 OK 15 kB URL HTTP/1.1 ggdiet.com/include/server_0yen_03.png
IP 150.95.255.38:0
ASN #7506 GMO Internet,Inc
File type PNG image data, 680 x 272, 8-bit colormap, non-interlaced\012- data
Hash e35c75607868c71b3179698f5dd63303
eec60ff74731236aaf34a81f75fe039296cb5587
b40ed9ea5e7e2c2d0eb7897380fa09af5647d764593a9b67a6c57abecc231cb4
Analyzer Verdict Alert quad9 Sinkholed
GET /include/server_0yen_03.png HTTP/1.1
Host: ggdiet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/include/parking.html
Cookie: _gcl_au=1.1.1790762910.1665029343; _ga_SKHZPJHJCP=GS1.1.1665029343.1.0.1665029343.60.0.0; _ga=GA1.1.995636457.1665029343
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:09:05 GMT
Server: Apache
Last-Modified: Thu, 06 Oct 2022 01:03:05 GMT
ETag: "3c26-5ea53417cb1ae"
Accept-Ranges: bytes
Content-Length: 15398
Connection: close
Content-Type: image/png
ggdiet.com/include/card_search.svg
150.95.255.38200 OK 1.7 kB URL HTTP/1.1 ggdiet.com/include/card_search.svg
IP 150.95.255.38:0
ASN #7506 GMO Internet,Inc
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1682), with no line terminators
Hash 7a32739001a6ec5ffa482b8713a15b21
8ca37f39814eefbe8ae337fbefc2b90cb9ca30ea
bfef035cd2207ec5b19ab0738fbf540c89dfd2d4374d7147a94a9c0a06199c0a
Analyzer Verdict Alert quad9 Sinkholed
GET /include/card_search.svg HTTP/1.1
Host: ggdiet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/include/parking.html
Cookie: _gcl_au=1.1.1790762910.1665029343; _ga_SKHZPJHJCP=GS1.1.1665029343.1.0.1665029343.60.0.0; _ga=GA1.1.995636457.1665029343
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:09:05 GMT
Server: Apache
Last-Modified: Thu, 06 Oct 2022 01:03:05 GMT
ETag: "692-5ea53417ca5f6"
Accept-Ranges: bytes
Content-Length: 1682
Connection: close
Content-Type: image/svg+xml
ocsp.comodoca.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 9f002335490b9ef4545bdbff38d361bb
cb3b2481ee3374164d971b6dc9ec3f537264d140
fecb048c58f4d8e3f67ca890133ab00c2d67ff2495801aead2d401d5474a74c4
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:09:05 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 03:38:20 GMT
Expires: Wed, 12 Oct 2022 03:38:19 GMT
Etag: "cb3b2481ee3374164d971b6dc9ec3f537264d140"
Cache-Control: max-age=602531,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1571
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b8a22bfd9b527-OSL
ocsp.comodoca.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 9f002335490b9ef4545bdbff38d361bb
cb3b2481ee3374164d971b6dc9ec3f537264d140
fecb048c58f4d8e3f67ca890133ab00c2d67ff2495801aead2d401d5474a74c4
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:09:05 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 03:38:20 GMT
Expires: Wed, 12 Oct 2022 03:38:19 GMT
Etag: "cb3b2481ee3374164d971b6dc9ec3f537264d140"
Cache-Control: max-age=602531,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1571
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b8a22bbe5b4ee-OSL
ggdiet.com/include/23rd.png
150.95.255.38200 OK 86 kB URL HTTP/1.1 ggdiet.com/include/23rd.png
IP 150.95.255.38:0
ASN #7506 GMO Internet,Inc
File type PNG image data, 680 x 272, 8-bit/color RGB, non-interlaced\012- data
Hash 2ab055dcabb128ed0d1b3f8c378e8e75
6a89b04b2788246fdafa6d98736f5ea1e0a2d799
a58dd5a07064650a36ec1738ecad81421fea3e8a4cdf5763b3cfd2212c2564fa
Analyzer Verdict Alert quad9 Sinkholed
GET /include/23rd.png HTTP/1.1
Host: ggdiet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/include/parking.html
Cookie: _gcl_au=1.1.1790762910.1665029343; _ga_SKHZPJHJCP=GS1.1.1665029343.1.0.1665029343.60.0.0; _ga=GA1.1.995636457.1665029343
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:09:05 GMT
Server: Apache
Last-Modified: Thu, 06 Oct 2022 01:03:05 GMT
ETag: "14f94-5ea53417ca5f6"
Accept-Ranges: bytes
Content-Length: 85908
Connection: close
Content-Type: image/png
ggdiet.com/include/card_transfer.svg
150.95.255.38200 OK 1.4 kB URL HTTP/1.1 ggdiet.com/include/card_transfer.svg
IP 150.95.255.38:0
ASN #7506 GMO Internet,Inc
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1412), with no line terminators
Hash d36f759c60eaa99cea9d519f6cac80c5
7acaca97d71d1df552ae3b23ed2c8c1c6a589c0a
b077e2146c5e0a2d3ec43cbd8c2bea1cafd2a055d58c2bd80822ce1266741e77
Analyzer Verdict Alert quad9 Sinkholed
GET /include/card_transfer.svg HTTP/1.1
Host: ggdiet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/include/parking.html
Cookie: _gcl_au=1.1.1790762910.1665029343; _ga_SKHZPJHJCP=GS1.1.1665029343.1.0.1665029343.60.0.0; _ga=GA1.1.995636457.1665029343
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:09:05 GMT
Server: Apache
Last-Modified: Thu, 06 Oct 2022 01:03:05 GMT
ETag: "584-5ea53417ca9de"
Accept-Ranges: bytes
Content-Length: 1412
Connection: close
Content-Type: image/svg+xml
ggdiet.com/include/lancers.png
150.95.255.38200 OK 16 kB URL HTTP/1.1 ggdiet.com/include/lancers.png
IP 150.95.255.38:0
ASN #7506 GMO Internet,Inc
File type PNG image data, 680 x 272, 8-bit colormap, non-interlaced\012- data
Hash c4729a08b57d2c4be49667b5a9c3f3e7
49172fc0a697a6f9caa7ddd6e98c1facd5b4adc2
56b2611acefd13e316fba34760fa760644591f6f28bb997b6930d7bfb7eef52a
Analyzer Verdict Alert quad9 Sinkholed
GET /include/lancers.png HTTP/1.1
Host: ggdiet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/include/parking.html
Cookie: _gcl_au=1.1.1790762910.1665029343; _ga_SKHZPJHJCP=GS1.1.1665029343.1.0.1665029343.60.0.0; _ga=GA1.1.995636457.1665029343
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:09:05 GMT
Server: Apache
Last-Modified: Thu, 06 Oct 2022 01:03:05 GMT
ETag: "3d5e-5ea53417cadc6"
Accept-Ranges: bytes
Content-Length: 15710
Connection: close
Content-Type: image/png
dfltweb1.onamae.com/
150.95.255.38200 OK 2.3 kB IP 150.95.255.38:0
ASN #7506 GMO Internet,Inc
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash 5184cc0e5c9e139aa1db6054bdacb3d2
daa7c95aa5f00d61612a96b370ad953d48b2f938
c5e4bf44f072d49fd96eca20c590c77932621e3a2b58b633e723625c1400388c
GET / HTTP/1.1
Host: dfltweb1.onamae.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ggdiet.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:09:05 GMT
Server: Apache
Content-Length: 2317
Connection: close
Content-Type: text/html; charset=UTF-8
ggdiet.com/include/card_renew.svg
150.95.255.38200 OK 1.1 kB URL HTTP/1.1 ggdiet.com/include/card_renew.svg
IP 150.95.255.38:0
ASN #7506 GMO Internet,Inc
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1097), with no line terminators
Hash f52f3038bc5f58e4626b4dc152bebe24
d10ee1980ae4b5a72ea9bfec33f245c3ef79ca5e
87c003abb45d57cc66fc55510efc6e07f71b93584ac5d355b370f61d9a522805
Analyzer Verdict Alert quad9 Sinkholed
GET /include/card_renew.svg HTTP/1.1
Host: ggdiet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/include/parking.html
Cookie: _gcl_au=1.1.1790762910.1665029343; _ga_SKHZPJHJCP=GS1.1.1665029343.1.0.1665029343.60.0.0; _ga=GA1.1.995636457.1665029343
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:09:05 GMT
Server: Apache
Last-Modified: Thu, 06 Oct 2022 01:03:06 GMT
ETag: "449-5ea53418749dc"
Accept-Ranges: bytes
Content-Length: 1097
Connection: close
Content-Type: image/svg+xml
ggdiet.com/include/card_server.svg
150.95.255.38200 OK 1.2 kB URL HTTP/1.1 ggdiet.com/include/card_server.svg
IP 150.95.255.38:0
ASN #7506 GMO Internet,Inc
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1244), with no line terminators
Hash 42ba038cb3f3433156e99da2618466e1
afd3b6aedb30523184b6e6a5f28d863aa23a00ef
11db717da9c728aa73decfde3f1903f472fe7eadf91c7f1c8fe35b006b8c2b69
Analyzer Verdict Alert quad9 Sinkholed
GET /include/card_server.svg HTTP/1.1
Host: ggdiet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/include/parking.html
Cookie: _gcl_au=1.1.1790762910.1665029343; _ga_SKHZPJHJCP=GS1.1.1665029343.1.0.1665029343.60.0.0; _ga=GA1.1.995636457.1665029343
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:09:05 GMT
Server: Apache
Last-Modified: Thu, 06 Oct 2022 01:03:06 GMT
ETag: "4dc-5ea53418749dc"
Accept-Ranges: bytes
Content-Length: 1244
Connection: close
Content-Type: image/svg+xml
api.amplitude.com/
54.71.80.26200 OK 0 B IP 54.71.80.26:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS / HTTP/1.1
Host: api.amplitude.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: cross-origin-resource-policy
Referer: http://ggdiet.com/
Origin: http://ggdiet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 04:09:05 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: cross-origin-resource-policy
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
ggdiet.com/include/card_dns.svg
150.95.255.38200 OK 2.7 kB URL HTTP/1.1 ggdiet.com/include/card_dns.svg
IP 150.95.255.38:0
ASN #7506 GMO Internet,Inc
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (2727), with no line terminators
Hash 036a4f435b593fc7ca707e8833a9cd54
d5f6bf87a620a3e5ccdecc9e480f26348cc69f30
1234e2b68c7f7dc9b8c8291db70aa6bf13465026edb1f3fa887c8463f63f289f
Analyzer Verdict Alert quad9 Sinkholed
GET /include/card_dns.svg HTTP/1.1
Host: ggdiet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/include/parking.html
Cookie: _gcl_au=1.1.1790762910.1665029343; _ga_SKHZPJHJCP=GS1.1.1665029343.1.0.1665029343.60.0.0; _ga=GA1.1.995636457.1665029343
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:09:06 GMT
Server: Apache
Last-Modified: Thu, 06 Oct 2022 01:03:05 GMT
ETag: "aa7-5ea53417ca5f6"
Accept-Ranges: bytes
Content-Length: 2727
Connection: close
Content-Type: image/svg+xml
api.amplitude.com/
54.71.80.26200 OK 7 B IP 54.71.80.26:0
File type ASCII text, with no line terminators
Hash 260ca9dd8a4577fc00b7bd5810298076
53a5687cb26dc41f2ab4033e97e13adefd3740d6
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
POST / HTTP/1.1
Host: api.amplitude.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 1357
Origin: http://ggdiet.com
Connection: keep-alive
Referer: http://ggdiet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 04:09:06 GMT
content-type: text/html;charset=utf-8
content-length: 7
access-control-allow-origin: *
access-control-allow-methods: GET, POST
trace-id: Root=1-633e54e2-588a85c83a41af8c6d85fef8
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
ggdiet.com/include/card_whois.svg
150.95.255.38200 OK 2.5 kB URL HTTP/1.1 ggdiet.com/include/card_whois.svg
IP 150.95.255.38:0
ASN #7506 GMO Internet,Inc
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (2465), with no line terminators
Hash f0d265c519a59f0fe7e482316be4f7de
4755f81539652f148ff84afe310673f07a485d1e
662f3099ec415e9c3e3c07ddb0cf9a1caf5bfd5931ada3ff910107a5dfb9c804
Analyzer Verdict Alert quad9 Sinkholed
GET /include/card_whois.svg HTTP/1.1
Host: ggdiet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/include/parking.html
Cookie: _gcl_au=1.1.1790762910.1665029343; _ga_SKHZPJHJCP=GS1.1.1665029343.1.0.1665029343.60.0.0; _ga=GA1.1.995636457.1665029343
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:09:06 GMT
Server: Apache
Last-Modified: Thu, 06 Oct 2022 01:03:06 GMT
ETag: "9a1-5ea53418749dc"
Accept-Ranges: bytes
Content-Length: 2465
Connection: close
Content-Type: image/svg+xml
ggdiet.com/include/card_moving.svg
150.95.255.38200 OK 1.2 kB URL HTTP/1.1 ggdiet.com/include/card_moving.svg
IP 150.95.255.38:0
ASN #7506 GMO Internet,Inc
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1217), with no line terminators
Hash 7cee6c46bfafb9089ff5a351277c6ed7
15b3a0b94a54187c7cb9d11b51cd1eaf76be0227
813f9a194531058745f101e5774b0d4eed108eed2f47243bdfed0d16a05cd1fa
Analyzer Verdict Alert quad9 Sinkholed
GET /include/card_moving.svg HTTP/1.1
Host: ggdiet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/include/parking.html
Cookie: _gcl_au=1.1.1790762910.1665029343; _ga_SKHZPJHJCP=GS1.1.1665029343.1.0.1665029343.60.0.0; _ga=GA1.1.995636457.1665029343
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:09:06 GMT
Server: Apache
Last-Modified: Thu, 06 Oct 2022 01:03:05 GMT
ETag: "4c1-5ea53417ca5f6"
Accept-Ranges: bytes
Content-Length: 1217
Connection: close
Content-Type: image/svg+xml
ggdiet.com/include/card_ssl.svg
150.95.255.38200 OK 1.3 kB URL HTTP/1.1 ggdiet.com/include/card_ssl.svg
IP 150.95.255.38:0
ASN #7506 GMO Internet,Inc
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1269), with no line terminators
Hash 85243b2c5c333e6b0894bea4297f4e2c
fe2c5e5eeda3d6172cb78a57a3ca1eabf3f4429d
72488a34b47dfcfe7007f7615f62e099272c174ea91d914299a5eda4b7544707
Analyzer Verdict Alert quad9 Sinkholed
GET /include/card_ssl.svg HTTP/1.1
Host: ggdiet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/include/parking.html
Cookie: _gcl_au=1.1.1790762910.1665029343; _ga_SKHZPJHJCP=GS1.1.1665029343.1.0.1665029343.60.0.0; _ga=GA1.1.995636457.1665029343
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 04:09:06 GMT
Server: Apache
Last-Modified: Thu, 06 Oct 2022 01:03:06 GMT
ETag: "4f5-5ea53418749dc"
Accept-Ranges: bytes
Content-Length: 1269
Connection: close
Content-Type: image/svg+xml
gmointernet.112.2o7.net/b/ss/gmoinonamaecom/1/JS-2.8.0/s97782143817879?AQB=1&ndh=1&pf=1&t=6%2F9%2F2022%204%3A9%3A4%204%200&fid=135C8D95D7394EFF-37B748C3DD2FC1FD&ce=UTF-8&ns=gmointernet&cdp=2&pageName=https%3A%2F%2Fwww.onamae.com%2Finclude%2Fparking.html&g=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&cc=JPY&ch=include&c6=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c18=%7C%7CnotKaiin%7C%7C&v18=%7C%7CnotKaiin%7C%7C&c19=%7C%7CnotKaiin%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&v19=%7C%7CnotKaiin%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c24=notAD&v24=notAD&c25=New&v25=New&c26=2022%2F10%2F6&v26=2022%2F10%2F6&c27=1%3A00PM&v27=1%3A00PM&c28=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&v28=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c29=%7CnotAd%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c30=%7CNew%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&v34=D%3Dc34&c44=20151225_1%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c45=20151225_1&c48=ggdiet.com&v48=ggdiet.com&c49=D%3Dr&c50=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=150&AQE=1
15.188.95.229302 Found 0 B URL HTTP/1.1 gmointernet.112.2o7.net/b/ss/gmoinonamaecom/1/JS-2.8.0/s97782143817879?AQB=1&ndh=1&pf=1&t=6%2F9%2F2022%204%3A9%3A4%204%200&fid=135C8D95D7394EFF-37B748C3DD2FC1FD&ce=UTF-8&ns=gmointernet&cdp=2&pageName=https%3A%2F%2Fwww.onamae.com%2Finclude%2Fparking.html&g=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&cc=JPY&ch=include&c6=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c18=%7C%7CnotKaiin%7C%7C&v18=%7C%7CnotKaiin%7C%7C&c19=%7C%7CnotKaiin%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&v19=%7C%7CnotKaiin%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c24=notAD&v24=notAD&c25=New&v25=New&c26=2022%2F10%2F6&v26=2022%2F10%2F6&c27=1%3A00PM&v27=1%3A00PM&c28=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&v28=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c29=%7CnotAd%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c30=%7CNew%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&v34=D%3Dc34&c44=20151225_1%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c45=20151225_1&c48=ggdiet.com&v48=ggdiet.com&c49=D%3Dr&c50=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=150&AQE=1
IP 15.188.95.229:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/ss/gmoinonamaecom/1/JS-2.8.0/s97782143817879?AQB=1&ndh=1&pf=1&t=6%2F9%2F2022%204%3A9%3A4%204%200&fid=135C8D95D7394EFF-37B748C3DD2FC1FD&ce=UTF-8&ns=gmointernet&cdp=2&pageName=https%3A%2F%2Fwww.onamae.com%2Finclude%2Fparking.html&g=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&cc=JPY&ch=include&c6=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c18=%7C%7CnotKaiin%7C%7C&v18=%7C%7CnotKaiin%7C%7C&c19=%7C%7CnotKaiin%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&v19=%7C%7CnotKaiin%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c24=notAD&v24=notAD&c25=New&v25=New&c26=2022%2F10%2F6&v26=2022%2F10%2F6&c27=1%3A00PM&v27=1%3A00PM&c28=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&v28=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c29=%7CnotAd%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c30=%7CNew%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&v34=D%3Dc34&c44=20151225_1%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c45=20151225_1&c48=ggdiet.com&v48=ggdiet.com&c49=D%3Dr&c50=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=150&AQE=1 HTTP/1.1
Host: gmointernet.112.2o7.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ggdiet.com/
HTTP/1.1 302 Found
access-control-allow-origin: *
vary: Origin
date: Thu, 06 Oct 2022 04:09:06 GMT
content-type: text/plain;charset=utf-8
expires: Wed, 05 Oct 2022 04:09:06 GMT
last-modified: Fri, 07 Oct 2022 04:09:06 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi=[CS]v1|319F2A714E905113-40001EFD611C33C9[CE]; Path=/; Domain=gmointernet.112.2o7.net; Max-Age=63072000; Expires=Sat, 05 Oct 2024 04:09:09 GMT; SameSite=None;
location: http://gmointernet.112.2o7.net/b/ss/gmoinonamaecom/1/JS-2.8.0/s97782143817879?AQB=1&pccr=true&vidn=319F2A714E905113-40001EFD611C33C9&ndh=1&pf=1&t=6%2F9%2F2022%204%3A9%3A4%204%200&fid=135C8D95D7394EFF-37B748C3DD2FC1FD&ce=UTF-8&ns=gmointernet&cdp=2&pageName=https%3A%2F%2Fwww.onamae.com%2Finclude%2Fparking.html&g=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&cc=JPY&ch=include&c6=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c18=%7C%7CnotKaiin%7C%7C&v18=%7C%7CnotKaiin%7C%7C&c19=%7C%7CnotKaiin%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&v19=%7C%7CnotKaiin%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c24=notAD&v24=notAD&c25=New&v25=New&c26=2022%2F10%2F6&v26=2022%2F10%2F6&c27=1%3A00PM&v27=1%3A00PM&c28=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&v28=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c29=%7CnotAd%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c30=%7CNew%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&v34=D%3Dc34&c44=20151225_1%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c45=20151225_1&c48=ggdiet.com&v48=ggdiet.com&c49=D%3Dr&c50=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=150&AQE=1
content-length: 0
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
gmointernet.112.2o7.net/b/ss/gmoinonamaecom/1/JS-2.8.0/s97782143817879?AQB=1&pccr=true&vidn=319F2A714E905113-40001EFD611C33C9&ndh=1&pf=1&t=6%2F9%2F2022%204%3A9%3A4%204%200&fid=135C8D95D7394EFF-37B748C3DD2FC1FD&ce=UTF-8&ns=gmointernet&cdp=2&pageName=https%3A%2F%2Fwww.onamae.com%2Finclude%2Fparking.html&g=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&cc=JPY&ch=include&c6=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c18=%7C%7CnotKaiin%7C%7C&v18=%7C%7CnotKaiin%7C%7C&c19=%7C%7CnotKaiin%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&v19=%7C%7CnotKaiin%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c24=notAD&v24=notAD&c25=New&v25=New&c26=2022%2F10%2F6&v26=2022%2F10%2F6&c27=1%3A00PM&v27=1%3A00PM&c28=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&v28=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c29=%7CnotAd%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c30=%7CNew%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&v34=D%3Dc34&c44=20151225_1%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c45=20151225_1&c48=ggdiet.com&v48=ggdiet.com&c49=D%3Dr&c50=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=150&AQE=1
15.188.95.229200 OK 43 B URL HTTP/1.1 gmointernet.112.2o7.net/b/ss/gmoinonamaecom/1/JS-2.8.0/s97782143817879?AQB=1&pccr=true&vidn=319F2A714E905113-40001EFD611C33C9&ndh=1&pf=1&t=6%2F9%2F2022%204%3A9%3A4%204%200&fid=135C8D95D7394EFF-37B748C3DD2FC1FD&ce=UTF-8&ns=gmointernet&cdp=2&pageName=https%3A%2F%2Fwww.onamae.com%2Finclude%2Fparking.html&g=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&cc=JPY&ch=include&c6=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c18=%7C%7CnotKaiin%7C%7C&v18=%7C%7CnotKaiin%7C%7C&c19=%7C%7CnotKaiin%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&v19=%7C%7CnotKaiin%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c24=notAD&v24=notAD&c25=New&v25=New&c26=2022%2F10%2F6&v26=2022%2F10%2F6&c27=1%3A00PM&v27=1%3A00PM&c28=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&v28=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c29=%7CnotAd%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c30=%7CNew%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&v34=D%3Dc34&c44=20151225_1%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c45=20151225_1&c48=ggdiet.com&v48=ggdiet.com&c49=D%3Dr&c50=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=150&AQE=1
IP 15.188.95.229:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/gmoinonamaecom/1/JS-2.8.0/s97782143817879?AQB=1&pccr=true&vidn=319F2A714E905113-40001EFD611C33C9&ndh=1&pf=1&t=6%2F9%2F2022%204%3A9%3A4%204%200&fid=135C8D95D7394EFF-37B748C3DD2FC1FD&ce=UTF-8&ns=gmointernet&cdp=2&pageName=https%3A%2F%2Fwww.onamae.com%2Finclude%2Fparking.html&g=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&cc=JPY&ch=include&c6=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c18=%7C%7CnotKaiin%7C%7C&v18=%7C%7CnotKaiin%7C%7C&c19=%7C%7CnotKaiin%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&v19=%7C%7CnotKaiin%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c24=notAD&v24=notAD&c25=New&v25=New&c26=2022%2F10%2F6&v26=2022%2F10%2F6&c27=1%3A00PM&v27=1%3A00PM&c28=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&v28=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c29=%7CnotAd%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c30=%7CNew%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&v34=D%3Dc34&c44=20151225_1%7Chttp%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&c45=20151225_1&c48=ggdiet.com&v48=ggdiet.com&c49=D%3Dr&c50=http%3A%2F%2Fggdiet.com%2Finclude%2Fparking.html&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=150&AQE=1 HTTP/1.1
Host: gmointernet.112.2o7.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ggdiet.com/
Connection: keep-alive
HTTP/1.1 200 OK
access-control-allow-origin: *
date: Thu, 06 Oct 2022 04:09:06 GMT
expires: Wed, 05 Oct 2022 04:09:06 GMT
last-modified: Fri, 07 Oct 2022 04:09:06 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi=[CS]v1|319F2A7174A5229C-6000132481195B39[CE]; Path=/; Domain=gmointernet.112.2o7.net; Max-Age=63072000; Expires=Sat, 05 Oct 2024 04:09:09 GMT; SameSite=None;
etag: 3575623295932104704-4619377259048426296
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ggdiet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=F3891AA19D224ACE8ACEF8482D7F2B81&RedC=c.clarity.ms&MXFR=28A536FE9A2A6F172B6F24CB9E2A6166
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=28A536FE9A2A6F172B6F24CB9E2A6166; domain=.clarity.ms; expires=Tue, 31-Oct-2023 04:09:06 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Thu, 06 Oct 2022 04:09:05 GMT
content-length: 0
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=F3891AA19D224ACE8ACEF8482D7F2B81&RedC=c.clarity.ms&MXFR=28A536FE9A2A6F172B6F24CB9E2A6166
13.107.21.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=F3891AA19D224ACE8ACEF8482D7F2B81&RedC=c.clarity.ms&MXFR=28A536FE9A2A6F172B6F24CB9E2A6166
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=F3891AA19D224ACE8ACEF8482D7F2B81&RedC=c.clarity.ms&MXFR=28A536FE9A2A6F172B6F24CB9E2A6166 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ggdiet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=F3891AA19D224ACE8ACEF8482D7F2B81&MUID=1E218C3955F1690A2BEE9E0C540468F5
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=1E218C3955F1690A2BEE9E0C540468F5; domain=c.bing.com; expires=Tue, 31-Oct-2023 04:09:06 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 977F561BF6804CA58EA3B1DA34AAB414 Ref B: OSL30EDGE0207 Ref C: 2022-10-06T04:09:06Z
date: Thu, 06 Oct 2022 04:09:06 GMT
content-length: 0
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=F3891AA19D224ACE8ACEF8482D7F2B81&MUID=1E218C3955F1690A2BEE9E0C540468F5
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=F3891AA19D224ACE8ACEF8482D7F2B81&MUID=1E218C3955F1690A2BEE9E0C540468F5
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=F3891AA19D224ACE8ACEF8482D7F2B81&MUID=1E218C3955F1690A2BEE9E0C540468F5 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ggdiet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
accept-ranges: bytes
etag: "8d3298b0aac7d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Thu, 06-Oct-2022 04:19:06 GMT; path=/; SameSite=None; Secure;
date: Thu, 06 Oct 2022 04:09:05 GMT
content-length: 42
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1832
Origin: http://ggdiet.com
Connection: keep-alive
Referer: http://ggdiet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: http://ggdiet.com
access-control-allow-credentials: true
date: Thu, 06 Oct 2022 04:09:06 GMT
X-Firefox-Spdy: h2
www.clarity.ms/tag/5bqcl3zem4
13.107.213.53200 OK 0 B URL HTTP/2 www.clarity.ms/tag/5bqcl3zem4
IP 13.107.213.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
GET /tag/5bqcl3zem4 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ggdiet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=7923e5ae24e84c1ba88fab596ab46e40.20221006.20231006; expires=Fri, 06 Oct 2023 04:09:04 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
x-cache: CONFIG_NOCACHE
x-azure-ref: 04FQ+YwAAAABsO5mQmmYqR7YclrvNRy5dU1ZHMjBFREdFMDUyMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Thu, 06 Oct 2022 04:09:04 GMT
X-Firefox-Spdy: h2