Report - www.plymouthmind.com/info/4

Report Overview

Visited public
2023-09-23 03:30:00
Tags
URL
www.plymouthmind.com/info/4
Finishing URL
goalooes.net/
IP / ASN
162.0.209.219
#22612 NAMECHEAP-NET
Title
Visa288 - Judi Bola, Poker, Casino & Slot Online Deposit Pulsa Terbaik

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-09-22 05:10:04	2.3 kB	4.9 kB	142.250.74.131
lifeinmovementfilm.com	unknown	2011-06-09	2014-02-27 06:33:59	2023-09-15 17:43:33	485 B	36 kB	172.67.157.206
whatpaulharriswrote.org	unknown	2005-11-04	2014-03-27 03:34:08	2023-06-04 04:48:00	488 B	56 kB	188.114.96.1
www.plymouthmind.com	unknown	2010-01-06	2013-08-20 21:03:17	2020-11-05 09:35:32	483 B	1.2 kB	162.0.209.219
visa288paris.xyz	unknown	2023-07-20	2023-08-07 19:15:42	2023-09-16 04:17:42	479 B	935 B	162.0.217.128
visa288jakarta.xyz	unknown	2023-07-20	2023-08-13 12:31:44	2023-09-06 09:50:12	481 B	929 B	162.0.217.128
goalooes.net	unknown	2020-06-19	2021-05-12 08:40:33	2023-09-12 04:45:16	8.1 kB	1.2 MB	162.0.217.128
cdn.ampproject.org	329	2015-08-31	2015-10-09 06:27:01	2023-09-22 08:20:58	3.1 kB	145 kB	142.250.74.97
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-09-22 07:31:34	554 B	777 B	142.250.74.168
ocsp.sectigo.com	487	2018-08-16	2019-11-29 12:50:24	2023-09-22 07:26:58	1.3 kB	3.9 kB	104.18.14.101

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-09-23 03:29:57	high	54.37.238.86	Client IP	ET POLICY PE EXE or DLL Windows file download HTTP

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (6)

	URL	From	Size	First Seen	Last Seen
	cdn.ampproject.org/v0/amp-sidebar-0.1.js	ScriptElement	31 kB	2023-09-20	2023-09-26
Pretty URL cdn.ampproject.org/v0/amp-sidebar-0.1.js IP 142.250.74.97 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-20 08:26 Last Seen2023-09-26 09:13 Times Seen14 Hash f9982f7ec71e4fdb18a671e56b71ab4c 4eaa292f39d5bede63a516c336104bd23186552a 30bdf82816190e65c8c6c0fd833cc4f21dd641eb6311a467d2ba48c84882d400 Loading...

	cdn.ampproject.org/rtv/012309082229000/v0/amp-loader-0.1.js	ScriptElement	13 kB	2023-09-20	2023-09-26
Pretty URL cdn.ampproject.org/rtv/012309082229000/v0/amp-loader-0.1.js IP 142.250.74.97 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-20 07:05 Last Seen2023-09-26 14:23 Times Seen28 Hash 551104111512a991e54fe22bf0233c06 dbebe853c73ff3ca8275bc8d80de1dd24d6a2599 94d24d38cbc44ff8e2821d5172b11409ce6c6c0485fd3a3c2ea56c679a6aaa61 Loading...

	cdn.ampproject.org/rtv/012309082229000/v0/amp-auto-lightbox-0.1.js	ScriptElement	7.8 kB	2023-09-20	2023-09-26
Pretty URL cdn.ampproject.org/rtv/012309082229000/v0/amp-auto-lightbox-0.1.js IP 142.250.74.97 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-20 07:05 Last Seen2023-09-26 14:23 Times Seen33 Hash e2f444a06ccd04f12f69770d3c42f3d2 fff00c36dac92240d2671ee445dfe3a87cecb754 620ffdaa666bbf15e58038ef061ba78acbf5729c714fa3e991c025089009c23c Loading...

	cdn.ampproject.org/v0/amp-carousel-0.1.js	ScriptElement	39 kB	2023-09-20	2023-09-26
Pretty URL cdn.ampproject.org/v0/amp-carousel-0.1.js IP 142.250.74.97 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-20 08:26 Last Seen2023-09-26 09:13 Times Seen15 Hash 92c54951f16b2cc727740d25c232150e bdb139c59b7c341bba06e8b03996618844f66fdf 98c3bd2e43a30c99df9d6c32ebbefbf4f0d511dc1e71ac536c4474f186fa11b8 Loading...

	cdn.ampproject.org/v0/amp-analytics-0.1.js	ScriptElement	112 kB	2023-09-19	2023-09-26
Pretty URL cdn.ampproject.org/v0/amp-analytics-0.1.js IP 142.250.74.97 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-19 22:44 Last Seen2023-09-26 21:41 Times Seen39 Hash daef5ebdb99b68bd564663f36c4d8116 3fb206dfb719c184ac797bbd61fbbdbe6cfcadbe 593dcf703b3dd6a15b5130c1c82bc85076d4fa5aadccad68e62ef4a44a8f87ab Loading...

	cdn.ampproject.org/v0.js	ScriptElement	284 kB	2023-09-20	2023-09-26
Pretty URL cdn.ampproject.org/v0.js IP 142.250.74.97 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-20 07:05 Last Seen2023-09-26 14:23 Times Seen38 Hash 43727c9d390fb002098c53e602c9ffe5 dea3288035923c808a5f084fa0d67f99369c20f8 e5b67149257bc5b172463989ab9e0f33a2229adc07012eb7a7c90468505bd6d1 Loading...

HTTP Transactions (42)

	URL	IP	Response	Size
	ocsp.sectigo.com/	104.18.14.101		471 B
URL ocsp.sectigo.com/ IP 104.18.14.101:0 ASN #13335 CLOUDFLARENET File type data Size 471 B (471 bytes) Hash e62e5201b1b9744fe87fb7c987fe97a9 4f7693cde323d75c4c61927a049935e19b1735f5 01f22cea8de986dd3cc628af5e9fad69a90ae4e3326acd83ebcd38df2bc5a421 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sat, 23 Sep 2023 03:29:41 GMT Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Last-Modified: Sat, 23 Sep 2023 02:16:12 GMT Expires: Sat, 30 Sep 2023 02:16:11 GMT Etag: "4f7693cde323d75c4c61927a049935e19b1735f5" Cache-Control: max-age=599789,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb4 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 80afb46b9c5e569d-OSL`

	www.plymouthmind.com/info/4	162.0.209.219	301 Moved Permanently	707 B
URL User Request GET HTTP/2 www.plymouthmind.com/info/4 IP 162.0.209.219:443 ASN #22612 NAMECHEAP-NET Certificate IssuerSectigo Limited Subjectplymouthmind.com Fingerprint74:22:45:06:63:89:6A:AE:26:D0:18:EC:97:43:66:12:AE:93:E1:30 ValidityTue, 18 Apr 2023 00:00:00 GMT - Thu, 18 Apr 2024 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators Size 707 B (707 bytes) Hash 1304294c0823ca486542ba408ed761e3 b2a70fb2d810ca13985882e6981f33998823e83e 3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982 HTTP Headers `GET /info/4 HTTP/1.1 Host: www.plymouthmind.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 301 Moved Permanently content-type: text/html content-length: 707 date: Sat, 23 Sep 2023 03:29:42 GMT server: LiteSpeed location: https://lifeinmovementfilm.com/info/4 x-turbo-charged-by: LiteSpeed x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff strict-transport-security: max-age=31536000; includeSubDomains; preload; referrer-policy: no-referrer-when-downgrade X-Firefox-Spdy: h2`

	ocsp.sectigo.com/	104.18.14.101		471 B
URL ocsp.sectigo.com/ IP 104.18.14.101:0 ASN #13335 CLOUDFLARENET File type data Size 471 B (471 bytes) Hash 5aad382f86e06070dc0a9a8f4cfc8e9c f20059582d8a87d111ceb4a048ee79c95a83bcdd e8fc33f23cb164824f6539b36c99d92350d30c3dabbb01d40c969d728165dc55 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sat, 23 Sep 2023 03:29:42 GMT Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Last-Modified: Fri, 22 Sep 2023 03:16:18 GMT Expires: Fri, 29 Sep 2023 03:16:17 GMT Etag: "f20059582d8a87d111ceb4a048ee79c95a83bcdd" Cache-Control: max-age=516994,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb5 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 80afb471aed3569d-OSL`

	visa288paris.xyz/info/4	162.0.217.128	301 Moved Permanently	707 B
URL User Request GET HTTP/2 visa288paris.xyz/info/4 IP 162.0.217.128:443 ASN #22612 NAMECHEAP-NET Certificate IssuerSectigo Limited Subjectvisa288paris.xyz Fingerprint59:E3:AE:63:9C:10:D6:37:AA:43:66:1C:3C:1A:27:0D:93:7F:98:15 ValidityMon, 07 Aug 2023 00:00:00 GMT - Wed, 07 Aug 2024 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators Size 707 B (707 bytes) Hash 1304294c0823ca486542ba408ed761e3 b2a70fb2d810ca13985882e6981f33998823e83e 3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982 HTTP Headers `GET /info/4 HTTP/1.1 Host: visa288paris.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 301 Moved Permanently content-type: text/html content-length: 707 date: Sat, 23 Sep 2023 03:29:42 GMT server: LiteSpeed location: https://visa288jakarta.xyz/info/4 x-turbo-charged-by: LiteSpeed X-Firefox-Spdy: h2`

	ocsp.sectigo.com/	104.18.14.101		471 B
URL ocsp.sectigo.com/ IP 104.18.14.101:0 ASN #13335 CLOUDFLARENET File type data Size 471 B (471 bytes) Hash f7ec8c25c40e4f3f329aef95cea90258 0d3afcd04575a8a798258b3b61ab04292d63e692 d14e38042324707ccf226d0def22fbb48e33e40b6f3fcac03e930c97c16643e9 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sat, 23 Sep 2023 03:29:43 GMT Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Last-Modified: Wed, 20 Sep 2023 06:38:58 GMT Expires: Wed, 27 Sep 2023 06:38:57 GMT Etag: "0d3afcd04575a8a798258b3b61ab04292d63e692" Cache-Control: max-age=356353,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb5 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 80afb4730f4d569d-OSL`

	visa288jakarta.xyz/info/4	162.0.217.128	301 Moved Permanently	707 B
URL User Request GET HTTP/2 visa288jakarta.xyz/info/4 IP 162.0.217.128:443 ASN #22612 NAMECHEAP-NET Certificate IssuerSectigo Limited Subjectvisa288jakarta.xyz FingerprintC1:58:0C:69:28:22:00:FE:F9:FC:F9:1A:C5:D2:93:0F:9A:FF:A0:23 ValiditySun, 13 Aug 2023 00:00:00 GMT - Tue, 13 Aug 2024 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators Size 707 B (707 bytes) Hash 1304294c0823ca486542ba408ed761e3 b2a70fb2d810ca13985882e6981f33998823e83e 3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982 HTTP Headers `GET /info/4 HTTP/1.1 Host: visa288jakarta.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 301 Moved Permanently content-type: text/html content-length: 707 date: Sat, 23 Sep 2023 03:29:43 GMT server: LiteSpeed location: https://goalooes.net/info/4 x-turbo-charged-by: LiteSpeed X-Firefox-Spdy: h2`

	ocsp.sectigo.com/	104.18.14.101		472 B
URL ocsp.sectigo.com/ IP 104.18.14.101:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash 8eab8246c2bf4ec2dd28d09ab9198d30 fb88514dc8fea9035a3c7bfbdf974e868dbcc542 ffc931f0c4967aae082ac7b23cea456254596a9ba3ea5f770f4e5a42a9d2ce36 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sat, 23 Sep 2023 03:29:43 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Sat, 23 Sep 2023 02:36:24 GMT Expires: Sat, 30 Sep 2023 02:36:23 GMT Etag: "fb88514dc8fea9035a3c7bfbdf974e868dbcc542" Cache-Control: max-age=600999,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb4 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 80afb4751871569d-OSL`

	goalooes.net/info/4	162.0.217.128	302 Found	683 B
URL User Request GET HTTP/2 goalooes.net/info/4 IP 162.0.217.128:443 ASN #22612 NAMECHEAP-NET Certificate IssuerSectigo Limited Subjectgoalooes.net FingerprintB1:5C:7C:AF:48:B0:00:03:0F:33:16:39:C8:FD:EA:91:39:D7:C2:C1 ValiditySat, 02 Sep 2023 00:00:00 GMT - Mon, 02 Sep 2024 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators Size 683 B (683 bytes) Hash 6371befc85069a96b0cb3c52e754a55a de3def799f60ce2a16721687937ffb2a3f9bd3ae db6f3663ecb5b124f3c02ce15691739fe69888b7ed6112f03062489470517f77 HTTP Headers `GET /info/4 HTTP/1.1 Host: goalooes.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 302 Found content-type: text/html content-length: 683 date: Sat, 23 Sep 2023 03:29:43 GMT server: LiteSpeed cache-control: no-cache, no-store, must-revalidate, max-age=0 location: https://goalooes.net x-turbo-charged-by: LiteSpeed X-Firefox-Spdy: h2`

	goalooes.net/	162.0.217.128	200 OK	12 kB
URL User Request GET HTTP/2 goalooes.net/ IP 162.0.217.128:443 ASN #22612 NAMECHEAP-NET Certificate IssuerSectigo Limited Subjectgoalooes.net FingerprintB1:5C:7C:AF:48:B0:00:03:0F:33:16:39:C8:FD:EA:91:39:D7:C2:C1 ValiditySat, 02 Sep 2023 00:00:00 GMT - Mon, 02 Sep 2024 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11451), with CRLF line terminators Size 12 kB (12331 bytes) Hash 345cc9760869314409607a5cbf10d336 3c0a3ec2ef10154582ba9d22809dfedbd6136117 290874809365bca036eb10083a226f32201b3a4587bff09b839b31d02b9624ec HTTP Headers `GET / HTTP/1.1 Host: goalooes.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK content-type: text/html last-modified: Sun, 10 Sep 2023 16:49:46 GMT accept-ranges: bytes content-encoding: br vary: Accept-Encoding content-length: 12331 date: Sat, 23 Sep 2023 03:29:43 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.131		472 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 686a7a18814ae4c1a70f8cbb152f69e2 967fffef71085ab8f06dc383ecfdd1b3854459a1 9ef01e8a0952f5d492e8352b333a2c0a9e1ae2b3ab2704210d75fe4793cbbb56 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 23 Sep 2023 03:29:44 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131		472 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 686a7a18814ae4c1a70f8cbb152f69e2 967fffef71085ab8f06dc383ecfdd1b3854459a1 9ef01e8a0952f5d492e8352b333a2c0a9e1ae2b3ab2704210d75fe4793cbbb56 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 23 Sep 2023 03:29:44 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131		472 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 686a7a18814ae4c1a70f8cbb152f69e2 967fffef71085ab8f06dc383ecfdd1b3854459a1 9ef01e8a0952f5d492e8352b333a2c0a9e1ae2b3ab2704210d75fe4793cbbb56 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 23 Sep 2023 03:29:44 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131		472 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 686a7a18814ae4c1a70f8cbb152f69e2 967fffef71085ab8f06dc383ecfdd1b3854459a1 9ef01e8a0952f5d492e8352b333a2c0a9e1ae2b3ab2704210d75fe4793cbbb56 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 23 Sep 2023 03:29:44 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	lifeinmovementfilm.com/info/4	172.67.157.206	301 Moved Permanently	35 kB
URL User Request GET HTTP/2 lifeinmovementfilm.com/info/4 IP 172.67.157.206:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services LLC Subjectlifeinmovementfilm.com Fingerprint10:C2:DF:50:83:88:55:E8:BD:D3:62:83:99:C3:5E:22:A5:FC:AC:08 ValidityFri, 15 Sep 2023 14:40:49 GMT - Thu, 14 Dec 2023 14:40:48 GMT File type data Size 35 kB (35285 bytes) Hash 27d30f7c2dcd68b43744554200687791 1cbe67dd568b15ec16ae724068f3c9cdd5d9b69a 890013836d24c60449c9fc8b8b50ee2e7391e28ede2d8f88054b75ccf654313c HTTP Headers `GET /info/4 HTTP/1.1 Host: lifeinmovementfilm.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 301 Moved Permanently date: Sat, 23 Sep 2023 03:29:42 GMT content-type: text/html location: https://whatpaulharriswrote.org/info/4 x-turbo-charged-by: LiteSpeed cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ErxpyVpLBhMCNmNTBYNx5SREALe143io%2FFX5YnaczsbblPXBnjRqLpRUdKgZoGzDsChoSXkJ9Cvu5Le%2Bd9Sq3vIJvt5U7OBgEGTmaXXlzKn6%2BMjb6yQiyIsJKy6vEPkDMlEi6q1p%2FWqp"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 80afb46ecaf956c4-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	cdn.ampproject.org/v0/amp-carousel-0.1.js	142.250.74.97	200 OK	12 kB
URL GET HTTP/2 cdn.ampproject.org/v0/amp-carousel-0.1.js IP 142.250.74.97:443 ASN #15169 GOOGLE Requested by https://goalooes.net/ Certificate IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint2A:C8:A6:0B:C5:83:EA:CB:79:32:10:3B:A4:EE:C8:11:F2:B1:AB:8F ValidityMon, 04 Sep 2023 08:18:49 GMT - Mon, 27 Nov 2023 08:18:48 GMT File type Unicode text, UTF-8 text, with very long lines (38616) Size 12 kB (11517 bytes) Hash 92c54951f16b2cc727740d25c232150e bdb139c59b7c341bba06e8b03996618844f66fdf 98c3bd2e43a30c99df9d6c32ebbefbf4f0d511dc1e71ac536c4474f186fa11b8 HTTP Headers `GET /v0/amp-carousel-0.1.js HTTP/1.1 Host: cdn.ampproject.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://goalooes.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: br content-type: text/javascript; charset=UTF-8 access-control-allow-origin: * content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available" report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} timing-allow-origin: * content-length: 11517 date: Sat, 23 Sep 2023 03:29:44 GMT expires: Sat, 23 Sep 2023 03:29:44 GMT cache-control: private, max-age=604800, stale-while-revalidate=604800 etag: "28a7807ad18ceac4" strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	cdn.ampproject.org/v0/amp-sidebar-0.1.js	142.250.74.97	200 OK	9.6 kB
URL GET HTTP/2 cdn.ampproject.org/v0/amp-sidebar-0.1.js IP 142.250.74.97:443 ASN #15169 GOOGLE Requested by https://goalooes.net/ Certificate IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint2A:C8:A6:0B:C5:83:EA:CB:79:32:10:3B:A4:EE:C8:11:F2:B1:AB:8F ValidityMon, 04 Sep 2023 08:18:49 GMT - Mon, 27 Nov 2023 08:18:48 GMT File type ASCII text, with very long lines (31248) Size 9.6 kB (9641 bytes) Hash f9982f7ec71e4fdb18a671e56b71ab4c 4eaa292f39d5bede63a516c336104bd23186552a 30bdf82816190e65c8c6c0fd833cc4f21dd641eb6311a467d2ba48c84882d400 HTTP Headers `GET /v0/amp-sidebar-0.1.js HTTP/1.1 Host: cdn.ampproject.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://goalooes.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: br content-type: text/javascript; charset=UTF-8 access-control-allow-origin: * content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available" report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} timing-allow-origin: * content-length: 9641 date: Sat, 23 Sep 2023 03:29:44 GMT expires: Sat, 23 Sep 2023 03:29:44 GMT cache-control: private, max-age=604800, stale-while-revalidate=604800 etag: "c9c47f39b31037df" strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	cdn.ampproject.org/v0/amp-analytics-0.1.js	142.250.74.97	200 OK	32 kB
URL GET HTTP/2 cdn.ampproject.org/v0/amp-analytics-0.1.js IP 142.250.74.97:443 ASN #15169 GOOGLE Requested by https://goalooes.net/ Certificate IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint2A:C8:A6:0B:C5:83:EA:CB:79:32:10:3B:A4:EE:C8:11:F2:B1:AB:8F ValidityMon, 04 Sep 2023 08:18:49 GMT - Mon, 27 Nov 2023 08:18:48 GMT File type ASCII text, with very long lines (65534) Size 32 kB (32117 bytes) Hash daef5ebdb99b68bd564663f36c4d8116 3fb206dfb719c184ac797bbd61fbbdbe6cfcadbe 593dcf703b3dd6a15b5130c1c82bc85076d4fa5aadccad68e62ef4a44a8f87ab HTTP Headers `GET /v0/amp-analytics-0.1.js HTTP/1.1 Host: cdn.ampproject.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://goalooes.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: br content-type: text/javascript; charset=UTF-8 access-control-allow-origin: * content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available" report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} timing-allow-origin: * content-length: 32117 date: Sat, 23 Sep 2023 03:29:44 GMT expires: Sat, 23 Sep 2023 03:29:44 GMT cache-control: private, max-age=604800, stale-while-revalidate=604800 etag: "a2077d8c9b16930f" strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	cdn.ampproject.org/v0.js	142.250.74.97	200 OK	73 kB
URL GET HTTP/2 cdn.ampproject.org/v0.js IP 142.250.74.97:443 ASN #15169 GOOGLE Requested by https://goalooes.net/ Certificate IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint2A:C8:A6:0B:C5:83:EA:CB:79:32:10:3B:A4:EE:C8:11:F2:B1:AB:8F ValidityMon, 04 Sep 2023 08:18:49 GMT - Mon, 27 Nov 2023 08:18:48 GMT File type Unicode text, UTF-8 text, with very long lines (64684) Size 73 kB (73017 bytes) Hash 43727c9d390fb002098c53e602c9ffe5 dea3288035923c808a5f084fa0d67f99369c20f8 e5b67149257bc5b172463989ab9e0f33a2229adc07012eb7a7c90468505bd6d1 HTTP Headers `GET /v0.js HTTP/1.1 Host: cdn.ampproject.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://goalooes.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: br content-type: text/javascript; charset=UTF-8 access-control-allow-origin: * content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available" report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} timing-allow-origin: * content-length: 73017 date: Sat, 23 Sep 2023 03:29:44 GMT expires: Sat, 23 Sep 2023 03:29:44 GMT cache-control: private, max-age=3000, stale-while-revalidate=1206600 etag: "1fbcd51b50b3cf51" strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	goalooes.net/assets/img/ico-footer.png	162.0.217.128	200 OK	20 kB
URL GET HTTP/2 goalooes.net/assets/img/ico-footer.png IP 162.0.217.128:443 ASN #22612 NAMECHEAP-NET Requested by https://goalooes.net/ Certificate IssuerSectigo Limited Subjectgoalooes.net FingerprintB1:5C:7C:AF:48:B0:00:03:0F:33:16:39:C8:FD:EA:91:39:D7:C2:C1 ValiditySat, 02 Sep 2023 00:00:00 GMT - Mon, 02 Sep 2024 23:59:59 GMT File type PNG image data, 1382 x 66, 8-bit colormap, non-interlaced\012- data Size 20 kB (20221 bytes) Hash 0e867485f4ee75d30d1114f7453442f9 709845629119edfba21e8363a6a269a9f4b20f89 ff09a8568f3baa4860a0a04f1c5f97dee7967d53162fdf71fa6dabe35d3d563c HTTP Headers `GET /assets/img/ico-footer.png HTTP/1.1 Host: goalooes.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://goalooes.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Sat, 30 Sep 2023 03:29:43 GMT content-type: image/png last-modified: Sat, 02 Sep 2023 02:37:48 GMT accept-ranges: bytes content-length: 20221 date: Sat, 23 Sep 2023 03:29:43 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed X-Firefox-Spdy: h2`

	goalooes.net/assets/img/bg-header.jpg	162.0.217.128	200 OK	54 kB
URL GET HTTP/2 goalooes.net/assets/img/bg-header.jpg IP 162.0.217.128:443 ASN #22612 NAMECHEAP-NET Requested by https://goalooes.net/ Certificate IssuerSectigo Limited Subjectgoalooes.net FingerprintB1:5C:7C:AF:48:B0:00:03:0F:33:16:39:C8:FD:EA:91:39:D7:C2:C1 ValiditySat, 02 Sep 2023 00:00:00 GMT - Mon, 02 Sep 2024 23:59:59 GMT File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x75, components 3\012- data Size 54 kB (54314 bytes) Hash f2df3c9817d352c9ce21ee4b0ccb6690 0635b2776b637f823dabc161166bc69fa0e1ee0c abc725f8e0cd490947e5360f6f73a852774cc691586bbecad0e378b6826ce50b HTTP Headers `GET /assets/img/bg-header.jpg HTTP/1.1 Host: goalooes.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://goalooes.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Sat, 30 Sep 2023 03:29:43 GMT content-type: image/jpeg last-modified: Sat, 02 Sep 2023 02:37:48 GMT accept-ranges: bytes content-length: 54314 date: Sat, 23 Sep 2023 03:29:43 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed X-Firefox-Spdy: h2`

	goalooes.net/assets/img/bg-main.jpg	162.0.217.128	200 OK	314 kB
URL GET HTTP/2 goalooes.net/assets/img/bg-main.jpg IP 162.0.217.128:443 ASN #22612 NAMECHEAP-NET Requested by https://goalooes.net/ Certificate IssuerSectigo Limited Subjectgoalooes.net FingerprintB1:5C:7C:AF:48:B0:00:03:0F:33:16:39:C8:FD:EA:91:39:D7:C2:C1 ValiditySat, 02 Sep 2023 00:00:00 GMT - Mon, 02 Sep 2024 23:59:59 GMT File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x948, components 3\012- data Size 314 kB (314192 bytes) Hash ff9adfef802fe1354ea00ada6cca3c2c 92a3be43f297d74620d0429f6e67a6d651c4c96a b1e04f6edb7e1ab466384a3ce043e03ad128f5a21051243fb477a889f2175625 HTTP Headers `GET /assets/img/bg-main.jpg HTTP/1.1 Host: goalooes.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://goalooes.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Sat, 30 Sep 2023 03:29:43 GMT content-type: image/jpeg last-modified: Sat, 02 Sep 2023 02:37:48 GMT accept-ranges: bytes content-length: 314192 date: Sat, 23 Sep 2023 03:29:43 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.131		472 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 686a7a18814ae4c1a70f8cbb152f69e2 967fffef71085ab8f06dc383ecfdd1b3854459a1 9ef01e8a0952f5d492e8352b333a2c0a9e1ae2b3ab2704210d75fe4793cbbb56 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 23 Sep 2023 03:29:44 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	cdn.ampproject.org/rtv/012309082229000/v0/amp-loader-0.1.js	142.250.74.97	200 OK	3.9 kB
URL GET HTTP/2 cdn.ampproject.org/rtv/012309082229000/v0/amp-loader-0.1.js IP 142.250.74.97:443 ASN #15169 GOOGLE Requested by https://goalooes.net/ Certificate IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint2A:C8:A6:0B:C5:83:EA:CB:79:32:10:3B:A4:EE:C8:11:F2:B1:AB:8F ValidityMon, 04 Sep 2023 08:18:49 GMT - Mon, 27 Nov 2023 08:18:48 GMT File type ASCII text, with very long lines (12615) Size 3.9 kB (3934 bytes) Hash 551104111512a991e54fe22bf0233c06 dbebe853c73ff3ca8275bc8d80de1dd24d6a2599 94d24d38cbc44ff8e2821d5172b11409ce6c6c0485fd3a3c2ea56c679a6aaa61 HTTP Headers `GET /rtv/012309082229000/v0/amp-loader-0.1.js HTTP/1.1 Host: cdn.ampproject.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://goalooes.net DNT: 1 Connection: keep-alive Referer: https://goalooes.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK accept-ranges: bytes content-encoding: br access-control-allow-origin: * content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available" report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} timing-allow-origin: * content-length: 3934 strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 19 Sep 2023 19:02:12 GMT expires: Wed, 18 Sep 2024 19:02:12 GMT cache-control: public, max-age=31536000 etag: "178fe5d904a50e55" content-type: text/javascript; charset=UTF-8 vary: Accept-Encoding age: 289652 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	goalooes.net/assets/img/favicon.png	162.0.217.128	200 OK	1.5 kB
URL GET HTTP/2 goalooes.net/assets/img/favicon.png IP 162.0.217.128:443 ASN #22612 NAMECHEAP-NET Requested by https://goalooes.net/ Certificate IssuerSectigo Limited Subjectgoalooes.net FingerprintB1:5C:7C:AF:48:B0:00:03:0F:33:16:39:C8:FD:EA:91:39:D7:C2:C1 ValiditySat, 02 Sep 2023 00:00:00 GMT - Mon, 02 Sep 2024 23:59:59 GMT File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data Size 1.5 kB (1480 bytes) Hash 80e7d6d04b225867f14cbf5db58dacda e9e6f2899fa7d661d375e568370ce95968a7422f bbc35cf56954e3508543f404fdaca5de001af6b6aa7a493250543d193e73363e HTTP Headers `GET /assets/img/favicon.png HTTP/1.1 Host: goalooes.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://goalooes.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Sat, 30 Sep 2023 03:29:44 GMT content-type: image/png last-modified: Sat, 02 Sep 2023 02:37:48 GMT accept-ranges: bytes content-length: 1480 date: Sat, 23 Sep 2023 03:29:44 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed X-Firefox-Spdy: h2`

	goalooes.net/assets/img/logo.png	162.0.217.128	200 OK	10 kB
URL GET HTTP/2 goalooes.net/assets/img/logo.png IP 162.0.217.128:443 ASN #22612 NAMECHEAP-NET Requested by https://goalooes.net/ Certificate IssuerSectigo Limited Subjectgoalooes.net FingerprintB1:5C:7C:AF:48:B0:00:03:0F:33:16:39:C8:FD:EA:91:39:D7:C2:C1 ValiditySat, 02 Sep 2023 00:00:00 GMT - Mon, 02 Sep 2024 23:59:59 GMT File type PNG image data, 155 x 45, 8-bit/color RGBA, non-interlaced\012- data Size 10 kB (10259 bytes) Hash 566ae3d7f9d74c695d1a233037c0c57e f4203b88a2d7d0456af7c42a8ce785bf927d0875 1b9d3733e96a87d7e5e0db2ecf9948544657a17d785e59d6e9ba3364d2b7c1b9 HTTP Headers `GET /assets/img/logo.png HTTP/1.1 Host: goalooes.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://goalooes.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Sat, 30 Sep 2023 03:29:44 GMT content-type: image/png last-modified: Sat, 02 Sep 2023 02:37:48 GMT accept-ranges: bytes content-length: 10259 date: Sat, 23 Sep 2023 03:29:44 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed X-Firefox-Spdy: h2`

	goalooes.net/assets/img/banner/m1.jpg	162.0.217.128	200 OK	17 kB
URL GET HTTP/2 goalooes.net/assets/img/banner/m1.jpg IP 162.0.217.128:443 ASN #22612 NAMECHEAP-NET Requested by https://goalooes.net/ Certificate IssuerSectigo Limited Subjectgoalooes.net FingerprintB1:5C:7C:AF:48:B0:00:03:0F:33:16:39:C8:FD:EA:91:39:D7:C2:C1 ValiditySat, 02 Sep 2023 00:00:00 GMT - Mon, 02 Sep 2024 23:59:59 GMT File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 340x172, components 3\012- data Size 17 kB (16731 bytes) Hash 3014640817bc1a0be7da5700ce4f2437 001be33313d064527ebb9195fea85806fc651098 60ddf4e18788808dd613fd9677dd6c4738f6bbb52e7465fe680a5404da2041dc HTTP Headers `GET /assets/img/banner/m1.jpg HTTP/1.1 Host: goalooes.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://goalooes.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Sat, 30 Sep 2023 03:29:44 GMT content-type: image/jpeg last-modified: Sat, 02 Sep 2023 02:37:48 GMT accept-ranges: bytes content-length: 16731 date: Sat, 23 Sep 2023 03:29:44 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed X-Firefox-Spdy: h2`

	goalooes.net/assets/img/banner/m2.jpg	162.0.217.128	200 OK	21 kB
URL GET HTTP/2 goalooes.net/assets/img/banner/m2.jpg IP 162.0.217.128:443 ASN #22612 NAMECHEAP-NET Requested by https://goalooes.net/ Certificate IssuerSectigo Limited Subjectgoalooes.net FingerprintB1:5C:7C:AF:48:B0:00:03:0F:33:16:39:C8:FD:EA:91:39:D7:C2:C1 ValiditySat, 02 Sep 2023 00:00:00 GMT - Mon, 02 Sep 2024 23:59:59 GMT File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 340x172, components 3\012- data Size 21 kB (21168 bytes) Hash 8c54221656c905ad0f537eca2318daea 772083cfba2a7bdd1e8cd16fba99e0bda11a5cbb 1f39aa885200dbfef4158bbdf620718b24f99127564196cb049549178aa3a3f4 HTTP Headers `GET /assets/img/banner/m2.jpg HTTP/1.1 Host: goalooes.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://goalooes.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Sat, 30 Sep 2023 03:29:44 GMT content-type: image/jpeg last-modified: Sat, 02 Sep 2023 02:37:48 GMT accept-ranges: bytes content-length: 21168 date: Sat, 23 Sep 2023 03:29:44 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed X-Firefox-Spdy: h2`

	goalooes.net/assets/img/banner/m3.jpg	162.0.217.128	200 OK	19 kB
URL GET HTTP/2 goalooes.net/assets/img/banner/m3.jpg IP 162.0.217.128:443 ASN #22612 NAMECHEAP-NET Requested by https://goalooes.net/ Certificate IssuerSectigo Limited Subjectgoalooes.net FingerprintB1:5C:7C:AF:48:B0:00:03:0F:33:16:39:C8:FD:EA:91:39:D7:C2:C1 ValiditySat, 02 Sep 2023 00:00:00 GMT - Mon, 02 Sep 2024 23:59:59 GMT File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 340x172, components 3\012- data Size 19 kB (18754 bytes) Hash 90467caa0c19aab09b1f2aebf92bdb54 2700a05620b8703b5900567d0f6ab9317e647998 b8d1db2dace19e1ed78284d4186c36196f870acaf0e5035906e5f18f8a6b441a HTTP Headers `GET /assets/img/banner/m3.jpg HTTP/1.1 Host: goalooes.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://goalooes.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Sat, 30 Sep 2023 03:29:44 GMT content-type: image/jpeg last-modified: Sat, 02 Sep 2023 02:37:48 GMT accept-ranges: bytes content-length: 18754 date: Sat, 23 Sep 2023 03:29:44 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed X-Firefox-Spdy: h2`

	goalooes.net/assets/img/banner/s2.jpg	162.0.217.128	200 OK	165 kB
URL GET HTTP/2 goalooes.net/assets/img/banner/s2.jpg IP 162.0.217.128:443 ASN #22612 NAMECHEAP-NET Requested by https://goalooes.net/ Certificate IssuerSectigo Limited Subjectgoalooes.net FingerprintB1:5C:7C:AF:48:B0:00:03:0F:33:16:39:C8:FD:EA:91:39:D7:C2:C1 ValiditySat, 02 Sep 2023 00:00:00 GMT - Mon, 02 Sep 2024 23:59:59 GMT File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 685x349, components 3\012- data Size 165 kB (165213 bytes) Hash 187f11f569f8147757c6369b29c603c3 34ed11fe07e490a3a32c927eb1049dbb8c53714b 45216a8fdacf2b9eda8f2cf921c4c1d2803df4bb7424821abf70040fba856aec HTTP Headers `GET /assets/img/banner/s2.jpg HTTP/1.1 Host: goalooes.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://goalooes.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Sat, 30 Sep 2023 03:29:45 GMT content-type: image/jpeg last-modified: Sat, 02 Sep 2023 02:37:48 GMT accept-ranges: bytes content-length: 165213 date: Sat, 23 Sep 2023 03:29:45 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed X-Firefox-Spdy: h2`

	cdn.ampproject.org/rtv/012309082229000/v0/amp-auto-lightbox-0.1.js	142.250.74.97	200 OK	3.0 kB
URL GET HTTP/3 cdn.ampproject.org/rtv/012309082229000/v0/amp-auto-lightbox-0.1.js IP 142.250.74.97:443 ASN #15169 GOOGLE Requested by https://goalooes.net/ Certificate IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint2A:C8:A6:0B:C5:83:EA:CB:79:32:10:3B:A4:EE:C8:11:F2:B1:AB:8F ValidityMon, 04 Sep 2023 08:18:49 GMT - Mon, 27 Nov 2023 08:18:48 GMT File type ASCII text, with very long lines (7690) Size 3.0 kB (2974 bytes) Hash e2f444a06ccd04f12f69770d3c42f3d2 fff00c36dac92240d2671ee445dfe3a87cecb754 620ffdaa666bbf15e58038ef061ba78acbf5729c714fa3e991c025089009c23c HTTP Headers `GET /rtv/012309082229000/v0/amp-auto-lightbox-0.1.js HTTP/1.1 Host: cdn.ampproject.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://goalooes.net DNT: 1 Connection: keep-alive Referer: https://goalooes.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes content-encoding: br access-control-allow-origin: * content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available" report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} timing-allow-origin: * content-length: 2974 strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 19 Sep 2023 19:02:12 GMT expires: Wed, 18 Sep 2024 19:02:12 GMT cache-control: public, max-age=31536000 etag: "a25d3dc3efab77a0" content-type: text/javascript; charset=UTF-8 vary: Accept-Encoding age: 289653 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	goalooes.net/assets/img/banner/r2.jpg	162.0.217.128	200 OK	28 kB
URL GET HTTP/2 goalooes.net/assets/img/banner/r2.jpg IP 162.0.217.128:443 ASN #22612 NAMECHEAP-NET Requested by https://goalooes.net/ Certificate IssuerSectigo Limited Subjectgoalooes.net FingerprintB1:5C:7C:AF:48:B0:00:03:0F:33:16:39:C8:FD:EA:91:39:D7:C2:C1 ValiditySat, 02 Sep 2023 00:00:00 GMT - Mon, 02 Sep 2024 23:59:59 GMT File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 340x172, components 3\012- data Size 28 kB (27479 bytes) Hash b040a604c5ae0da0619d49133dd54281 e001b552bc93f521d0c0368941895941ac51adb3 8d22a776f45e0d1cb8af861017c90b946c270d800120700a6de2ab4bcd3c02f3 HTTP Headers `GET /assets/img/banner/r2.jpg HTTP/1.1 Host: goalooes.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://goalooes.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Sat, 30 Sep 2023 03:29:45 GMT content-type: image/jpeg last-modified: Sat, 02 Sep 2023 02:37:48 GMT accept-ranges: bytes content-length: 27479 date: Sat, 23 Sep 2023 03:29:45 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed X-Firefox-Spdy: h2`

	goalooes.net/assets/img/banner/r1.jpg	162.0.217.128	200 OK	26 kB
URL GET HTTP/2 goalooes.net/assets/img/banner/r1.jpg IP 162.0.217.128:443 ASN #22612 NAMECHEAP-NET Requested by https://goalooes.net/ Certificate IssuerSectigo Limited Subjectgoalooes.net FingerprintB1:5C:7C:AF:48:B0:00:03:0F:33:16:39:C8:FD:EA:91:39:D7:C2:C1 ValiditySat, 02 Sep 2023 00:00:00 GMT - Mon, 02 Sep 2024 23:59:59 GMT File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 340x172, components 3\012- data Size 26 kB (25579 bytes) Hash 49ad30ae16290445104b7d11868cfd00 ec903db72a804c9ef9513f4af0c4b3789f3e0854 c3f5c56d7b5b103e5dfcc55e3129a52da33de5427d664a8bda47d5ebec15aa17 HTTP Headers `GET /assets/img/banner/r1.jpg HTTP/1.1 Host: goalooes.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://goalooes.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Sat, 30 Sep 2023 03:29:45 GMT content-type: image/jpeg last-modified: Sat, 02 Sep 2023 02:37:48 GMT accept-ranges: bytes content-length: 25579 date: Sat, 23 Sep 2023 03:29:45 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed X-Firefox-Spdy: h2`

	goalooes.net/assets/img/banner/r4.jpg	162.0.217.128	200 OK	17 kB
URL GET HTTP/2 goalooes.net/assets/img/banner/r4.jpg IP 162.0.217.128:443 ASN #22612 NAMECHEAP-NET Requested by https://goalooes.net/ Certificate IssuerSectigo Limited Subjectgoalooes.net FingerprintB1:5C:7C:AF:48:B0:00:03:0F:33:16:39:C8:FD:EA:91:39:D7:C2:C1 ValiditySat, 02 Sep 2023 00:00:00 GMT - Mon, 02 Sep 2024 23:59:59 GMT File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 340x172, components 3\012- data Size 17 kB (17441 bytes) Hash 4ee248aeb8c977c276b1f8c01de405b6 97cf84a71df27dafb7222291273deee9ca337c0f 194f49273dc9305faf2903302ab1539b3362db5cfb6127ef8b471046885c259d HTTP Headers `GET /assets/img/banner/r4.jpg HTTP/1.1 Host: goalooes.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://goalooes.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Sat, 30 Sep 2023 03:29:45 GMT content-type: image/jpeg last-modified: Sat, 02 Sep 2023 02:37:48 GMT accept-ranges: bytes content-length: 17441 date: Sat, 23 Sep 2023 03:29:45 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed X-Firefox-Spdy: h2`

	goalooes.net/assets/img/banner/r3.jpg	162.0.217.128	200 OK	16 kB
URL GET HTTP/2 goalooes.net/assets/img/banner/r3.jpg IP 162.0.217.128:443 ASN #22612 NAMECHEAP-NET Requested by https://goalooes.net/ Certificate IssuerSectigo Limited Subjectgoalooes.net FingerprintB1:5C:7C:AF:48:B0:00:03:0F:33:16:39:C8:FD:EA:91:39:D7:C2:C1 ValiditySat, 02 Sep 2023 00:00:00 GMT - Mon, 02 Sep 2024 23:59:59 GMT File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 340x172, components 3\012- data Size 16 kB (15533 bytes) Hash 01022f19c9324d6eddec55e862982f53 87ba91a50a2167999ec758e52c4b5ae32e67451a 797a6c7dc81b9936301730e7b1b8be25e1645a33731c5f47bba233ff58b04840 HTTP Headers `GET /assets/img/banner/r3.jpg HTTP/1.1 Host: goalooes.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://goalooes.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Sat, 30 Sep 2023 03:29:45 GMT content-type: image/jpeg last-modified: Sat, 02 Sep 2023 02:37:48 GMT accept-ranges: bytes content-length: 15533 date: Sat, 23 Sep 2023 03:29:45 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed X-Firefox-Spdy: h2`

	goalooes.net/assets/img/banner/s0.jpg	162.0.217.128	200 OK	218 kB
URL GET HTTP/2 goalooes.net/assets/img/banner/s0.jpg IP 162.0.217.128:443 ASN #22612 NAMECHEAP-NET Requested by https://goalooes.net/ Certificate IssuerSectigo Limited Subjectgoalooes.net FingerprintB1:5C:7C:AF:48:B0:00:03:0F:33:16:39:C8:FD:EA:91:39:D7:C2:C1 ValiditySat, 02 Sep 2023 00:00:00 GMT - Mon, 02 Sep 2024 23:59:59 GMT File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 685x349, components 3\012- data Size 218 kB (218306 bytes) Hash 70617f6ab5de8fd53230868cc1811375 2e78e5b70597f8a9cac0eea86d45bba0bcd8e45e ee36325d938d5accb1f392ea45caa0921d9736e0c9b7e2a1ba03ce1b1b7ae834 HTTP Headers `GET /assets/img/banner/s0.jpg HTTP/1.1 Host: goalooes.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://goalooes.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Sat, 30 Sep 2023 03:29:45 GMT content-type: image/jpeg last-modified: Sat, 02 Sep 2023 02:37:48 GMT accept-ranges: bytes content-length: 218306 date: Sat, 23 Sep 2023 03:29:45 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed X-Firefox-Spdy: h2`

	goalooes.net/assets/img/banner/s1.jpg	162.0.217.128	200 OK	257 kB
URL GET HTTP/2 goalooes.net/assets/img/banner/s1.jpg IP 162.0.217.128:443 ASN #22612 NAMECHEAP-NET Requested by https://goalooes.net/ Certificate IssuerSectigo Limited Subjectgoalooes.net FingerprintB1:5C:7C:AF:48:B0:00:03:0F:33:16:39:C8:FD:EA:91:39:D7:C2:C1 ValiditySat, 02 Sep 2023 00:00:00 GMT - Mon, 02 Sep 2024 23:59:59 GMT File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 685x349, components 3\012- data Size 257 kB (256569 bytes) Hash cdd7c65fe916dd6f21cf772e7ffdd4b0 2e5322ee7405af251a77f1b5d6d5850c5f47382d 94f81f1164a02455bfcfff6d75cacfde5eb311581177b8ba0fc7aa1e16a66c63 HTTP Headers `GET /assets/img/banner/s1.jpg HTTP/1.1 Host: goalooes.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://goalooes.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Sat, 30 Sep 2023 03:29:45 GMT content-type: image/jpeg last-modified: Sat, 02 Sep 2023 02:37:48 GMT accept-ranges: bytes content-length: 256569 date: Sat, 23 Sep 2023 03:29:45 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed X-Firefox-Spdy: h2`

	cdn.ampproject.org/rtv/012309082229000/v0/analytics-vendors/gtag.json	142.250.74.97	200 OK	926 B
URL GET HTTP/3 cdn.ampproject.org/rtv/012309082229000/v0/analytics-vendors/gtag.json IP 142.250.74.97:443 ASN #15169 GOOGLE Requested by https://goalooes.net/ Certificate IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint2A:C8:A6:0B:C5:83:EA:CB:79:32:10:3B:A4:EE:C8:11:F2:B1:AB:8F ValidityMon, 04 Sep 2023 08:18:49 GMT - Mon, 27 Nov 2023 08:18:48 GMT File type JSON data\012- , ASCII text, with very long lines (2574), with no line terminators Size 926 B (926 bytes) Hash a5e4bdaaa9f13a15282cbe87c3612bf1 4f77670868217bd6ce11c7434a2e182cb6127a78 0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81 HTTP Headers `GET /rtv/012309082229000/v0/analytics-vendors/gtag.json HTTP/1.1 Host: cdn.ampproject.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://goalooes.net/ Origin: https://goalooes.net DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes content-encoding: br access-control-allow-origin: * content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available" report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} timing-allow-origin: * content-length: 926 strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 19 Sep 2023 19:01:55 GMT expires: Wed, 18 Sep 2024 19:01:55 GMT cache-control: public, max-age=31536000 etag: "30ed414252d96630" content-type: application/json vary: Accept-Encoding age: 289670 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	ocsp.pki.goog/gts1c3	142.250.74.131		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 94111c3420bb2c6a13c84437834119c2 a60b1aaa235c754b4f840e14e5c32f3bd1920d3b 9f0636387ba07be147b51285a1e30b77ad2e4e77126f1c1082775fd981b32d78 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 23 Sep 2023 03:29:45 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fgoalooes.net	142.250.74.168	200 OK	6 B
URL POST HTTP/2 www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fgoalooes.net IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://goalooes.net/ Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint00:ED:16:68:8D:DB:14:8B:43:01:81:CA:83:9A:AE:5B:24:AB:11:18 ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT File type JSON data\012- , ASCII text, with no line terminators Size 6 B (6 bytes) Hash 99914b932bd37a50b983c5e7c90ae93b bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a HTTP Headers POST /gtag/amp?__amp_source_origin=https%3A%2F%2Fgoalooes.net HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://goalooes.net/ Content-Type: text/plain;charset=utf-8 Content-Length: 235 Origin: https://goalooes.net DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK access-control-allow-origin: https://goalooes.net access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin amp-access-control-allow-source-origin: https://goalooes.net access-control-allow-credentials: true content-type: application/json; charset=UTF-8 content-disposition: attachment; filename="amp.json" content-encoding: br vary: date: Sat, 23 Sep 2023 03:29:45 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 6 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 94111c3420bb2c6a13c84437834119c2 a60b1aaa235c754b4f840e14e5c32f3bd1920d3b 9f0636387ba07be147b51285a1e30b77ad2e4e77126f1c1082775fd981b32d78 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 23 Sep 2023 03:29:45 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	whatpaulharriswrote.org/info/4	188.114.96.1	301 Moved Permanently	55 kB
URL User Request GET HTTP/2 whatpaulharriswrote.org/info/4 IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services LLC Subjectwhatpaulharriswrote.org Fingerprint75:DF:83:97:08:28:4C:25:21:29:0C:AF:9D:9B:1C:57:F2:B9:41:54 ValidityTue, 12 Sep 2023 13:20:13 GMT - Mon, 11 Dec 2023 13:20:12 GMT File type Size 55 kB (55437 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /info/4 HTTP/1.1 Host: whatpaulharriswrote.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 301 Moved Permanently date: Sat, 23 Sep 2023 03:29:42 GMT content-type: text/html location: https://visa288paris.xyz/info/4 x-turbo-charged-by: LiteSpeed cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KmQY77SBVobrR9yXBherRadCaA940xND9TxPUSDd8vGZgMI88ph3KhX4B8laZw2nZIZIFtCal22R96U4tqvLRuDBBJei1pphBw9R2pCNMqqAwUoo5pBUAfTzvJpSIo0ZYFbfWFZc6BrIWQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 80afb4701e70b51e-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	goalooes.net/assets/img/lcvisa.png	162.0.217.128	200 OK	35 kB
URL GET HTTP/2 goalooes.net/assets/img/lcvisa.png IP 162.0.217.128:443 ASN #22612 NAMECHEAP-NET Requested by https://goalooes.net/ Certificate IssuerSectigo Limited Subjectgoalooes.net FingerprintB1:5C:7C:AF:48:B0:00:03:0F:33:16:39:C8:FD:EA:91:39:D7:C2:C1 ValiditySat, 02 Sep 2023 00:00:00 GMT - Mon, 02 Sep 2024 23:59:59 GMT File type PNG image data, 394 x 423, 8-bit colormap, non-interlaced\012- data Size 35 kB (34578 bytes) Hash 01c5dbdf34e51b1bc3fc79603d730a02 91b71c93d58bc36e9354e67a2ed1255e306fad36 5c05c4339fc7c17ec36f9df2d052bd0489e4b1f7c6ad3a23a9597b3e56fb2579 HTTP Headers `GET /assets/img/lcvisa.png HTTP/1.1 Host: goalooes.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://goalooes.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Sat, 30 Sep 2023 03:29:43 GMT content-type: image/png last-modified: Sat, 02 Sep 2023 02:37:48 GMT accept-ranges: bytes content-length: 34578 date: Sat, 23 Sep 2023 03:29:43 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed X-Firefox-Spdy: h2`

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (42)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP