r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8286265a56e3e10efd41b41618a54071
5f10ac9a050e15f5598674dc7ee3865b325d01a8
2da2fa0b2b86ccc4029d0baa4e9c5b21a6433228b84b451b72b1d318561d4ef2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2DA2FA0B2B86CCC4029D0BAA4E9C5B21A6433228B84B451B72B1D318561D4EF2"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17867
Expires: Sun, 06 Nov 2022 13:37:03 GMT
Date: Sun, 06 Nov 2022 08:39:16 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 72c64df35304c35cd95e4ed6e101e795
a39287987854d644a8da295da536fb31de8b44c1
a9bf0da57e0f108b376781ede4b9762ae1b0d088910d26fb7be98c2d03e69092
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6551
Cache-Control: max-age=96059
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 08:39:16 GMT
Etag: "63662d58-1d7"
Expires: Mon, 07 Nov 2022 11:20:15 GMT
Last-Modified: Sat, 05 Nov 2022 09:31:04 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9f3527f898221f8ba6b5015f6decc100
ead93baa0e9d3a6297be3377dc3a624e5a3f509a
73a068f907cc50dd60af18d545b4264dd44bc4b9f40bf9adfceea157fdc33099
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "73A068F907CC50DD60AF18D545B4264DD44BC4B9F40BF9ADFCEEA157FDC33099"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11524
Expires: Sun, 06 Nov 2022 11:51:20 GMT
Date: Sun, 06 Nov 2022 08:39:16 GMT
Connection: keep-alive
allthatshreds.com/steel-panther-releases-new-video-always-gonna-be-a-ho
63.250.43.137301 Moved Permanently 0 B URL HTTP/1.1 allthatshreds.com/steel-panther-releases-new-video-always-gonna-be-a-ho
IP 63.250.43.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /steel-panther-releases-new-video-always-gonna-be-a-ho HTTP/1.1
Host: allthatshreds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
content-length: 0
location: https://allthatshreds.com/steel-panther-releases-new-video-always-gonna-be-a-ho
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 9I8+YYw68Ii+T3Q3ZwR8Uuo82XNbngRhK4FroEnAZlcGkXVYQ322SYxS75HMfA2vnGGrli2OrvU=
x-amz-request-id: 1HNDQ2WWP6S71PQM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 06 Nov 2022 07:47:33 GMT
age: 3103
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 08:39:16 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash db63d54b77502dd6c7bdc792d4fd093e
026ad8186833988279468829c004c6e2a2f2626f
eff89ef67baa622e8a196ffcadc44d29aafff009bb531da3e979a1f47c3b1c36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4189
Cache-Control: max-age=88640
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 08:39:16 GMT
Etag: "63661997-1d7"
Expires: Mon, 07 Nov 2022 09:16:36 GMT
Last-Modified: Sat, 05 Nov 2022 08:06:47 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 1f97c98c9e4a21405418bc74532b058e
430363ab8bbcac9a9fd0a5ace178a34f996430e0
6e103a5203888a96320933209dd19b97d10dd0cb2759a671bf0a41df80ef3a9b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 08:39:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 06 Nov 2022 04:49:37 GMT
Expires: Sun, 13 Nov 2022 04:49:36 GMT
Etag: "430363ab8bbcac9a9fd0a5ace178a34f996430e0"
Cache-Control: max-age=590419,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765c8489cfe40b45-OSL
push.services.mozilla.com/
52.89.255.30101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.255.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1o1lP7gPnx2/qMkpdgTcBA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: EJbrtPR00acLBbfOaOYOr+qYUdI=
allthatshreds.com/steel-panther-releases-new-video-always-gonna-be-a-ho
63.250.43.136301 Moved Permanently 0 B URL HTTP/2 allthatshreds.com/steel-panther-releases-new-video-always-gonna-be-a-ho
IP 63.250.43.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /steel-panther-releases-new-video-always-gonna-be-a-ho HTTP/1.1
Host: allthatshreds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 06 Nov 2022 08:39:17 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, public
x-redirect-by: WordPress
location: https://allthatshreds.com/steel-panther-releases-new-video-always-gonna-be-a-ho/
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
age: 0
x-cache: MISS
content-length: 0
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7bb75cda180838bb141d84bc6237047c
3bfc21e05d99392259a744b8b6246c4e87c121f4
97b56f9370203a7d906a51562dc75f23414138e8d82423410bce14ac5c1fcca2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4496
Cache-Control: max-age=167813
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 08:39:17 GMT
Etag: "63674daa-117"
Expires: Tue, 08 Nov 2022 07:16:10 GMT
Last-Modified: Sun, 06 Nov 2022 06:01:14 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
c0.wp.com/c/6.1/wp-includes/css/classic-themes.min.css
192.0.77.37200 OK 217 B URL HTTP/2 c0.wp.com/c/6.1/wp-includes/css/classic-themes.min.css
IP 192.0.77.37:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
GET /c/6.1/wp-includes/css/classic-themes.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 08:39:17 GMT
content-type: text/css
content-length: 217
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
expires: Mon, 06 Nov 2023 08:39:17 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
allthatshreds.com/steel-panther-releases-new-video-always-gonna-be-a-ho/
63.250.43.136200 OK 23 kB URL HTTP/2 allthatshreds.com/steel-panther-releases-new-video-always-gonna-be-a-ho/
IP 63.250.43.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11338)
Hash 55e1dc45f6d0cbf8e5eb63259c392d3a
2a87524739cf53ddf21ac16672fcc5a53d4d3ab3
a589b1d5c76943fc47f10b111fafd76699f9582d2a29ea07a4722d7112828eef
Analyzer Verdict Alert fortinet Malware
GET /steel-panther-releases-new-video-always-gonna-be-a-ho/ HTTP/1.1
Host: allthatshreds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 08:33:55 GMT
content-type: text/html; charset=UTF-8
link: <https://allthatshreds.com/wp-json/>; rel="https://api.w.org/", <https://allthatshreds.com/wp-json/wp/v2/posts/9575>; rel="alternate"; type="application/json", <https://wp.me/p7OQHi-2ur>; rel=shortlink
cache-control: no-cache, public
last-modified: Sun, 06 Nov 2022 08:33:55 GMT
wpo-cache-status: saving to cache
content-encoding: gzip
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-cacheable: YES
age: 321
x-cache: HIT
accept-ranges: bytes
content-length: 22758
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3ebbd65a2bdd5c6f3dea5a6b99b25f0d
484be27b25b736a7e7e2b1d5ef9760aecdcec01b
5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 08:39:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7bb75cda180838bb141d84bc6237047c
3bfc21e05d99392259a744b8b6246c4e87c121f4
97b56f9370203a7d906a51562dc75f23414138e8d82423410bce14ac5c1fcca2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4496
Cache-Control: max-age=167813
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 08:39:17 GMT
Etag: "63674daa-117"
Expires: Tue, 08 Nov 2022 07:16:10 GMT
Last-Modified: Sun, 06 Nov 2022 06:01:14 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
www.googletagmanager.com/gtag/js?id=UA-103393275-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-103393275-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 17737e707a553e85a10056a2dd6a437a
edcbc65c4fc6bf439c88f3be9e529a5c9eb28ab8
c5e71d0fdbc3f953a0e902cdeca3dd87a5c8ee2e4e58c39762a2d66fd78a6a61
GET /gtag/js?id=UA-103393275-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 06 Nov 2022 08:39:17 GMT
expires: Sun, 06 Nov 2022 08:39:17 GMT
cache-control: private, max-age=900
last-modified: Sun, 06 Nov 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43654
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
allthatshreds.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css
63.250.43.136200 OK 3.3 kB URL HTTP/2 allthatshreds.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css
IP 63.250.43.136:0
File type ASCII text, with very long lines (21597)
Hash 1e3b01a3e26d350e56a2604e9911fafe
35c2e8eca6d5f5a5a54614798b3db97f62405e0b
e521a2453c8cca89a4a9ea93f7d9a6e5034e82660b5a5a4fdcccb73f38936535
GET /wp-content/plugins/instagram-feed/css/sbi-styles.min.css HTTP/1.1
Host: allthatshreds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/steel-panther-releases-new-video-always-gonna-be-a-ho/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 16:12:53 GMT
last-modified: Wed, 26 Oct 2022 17:23:56 GMT
etag: "63596d2c-545e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 59184
x-cache: HIT
accept-ranges: bytes
content-length: 3295
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
c0.wp.com/c/6.1/wp-includes/js/comment-reply.min.js
192.0.77.37200 OK 1.7 kB URL HTTP/2 c0.wp.com/c/6.1/wp-includes/js/comment-reply.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (2946)
Hash 3137166479c4f745501f4db557335faf
88b1959a1957e9a8b8f10e5356f28fa81f4c900d
99575f09d470f5c01e688ee8f22959c44f3c55f8e7bdc9bf6d874f1484654960
GET /c/6.1/wp-includes/js/comment-reply.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 08:39:17 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
content-encoding: br
expires: Mon, 06 Nov 2023 08:39:17 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
allthatshreds.com/wp-content/cache/wmac/css/wmac_single_6396520849c95db518a4bb349fd6dc20.css
63.250.43.136200 OK 134 B URL HTTP/2 allthatshreds.com/wp-content/cache/wmac/css/wmac_single_6396520849c95db518a4bb349fd6dc20.css
IP 63.250.43.136:0
File type ASCII text, with no line terminators
Hash 362baac9ee096a60d688687ede361a8c
cb438ddbf0d7246d7ad8ff81a838cea8b4070a42
dd9523c09d6a99e2f677ca7f3bb7eb482cbe48b4cc707679f8eee06c8f873f0c
GET /wp-content/cache/wmac/css/wmac_single_6396520849c95db518a4bb349fd6dc20.css HTTP/1.1
Host: allthatshreds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/steel-panther-releases-new-video-always-gonna-be-a-ho/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 16:12:53 GMT
last-modified: Mon, 19 Sep 2022 18:32:36 GMT
etag: "6328b5c4-86"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: text/css
content-length: 134
x-cacheable: YES
age: 59184
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
allthatshreds.com/wp-content/plugins/custom-twitter-feeds/css/ctf-styles.min.css
63.250.43.136200 OK 3.1 kB URL HTTP/2 allthatshreds.com/wp-content/plugins/custom-twitter-feeds/css/ctf-styles.min.css
IP 63.250.43.136:0
File type ASCII text, with very long lines (17189), with no line terminators
Hash fe5311184c8c54a1547ff22c71844229
ffa39b08562f6102e717f28b43c33b733eb7f803
19da29c9a0050554825136666db2bc3f84daa6acf265c8e78d8607784e872824
GET /wp-content/plugins/custom-twitter-feeds/css/ctf-styles.min.css HTTP/1.1
Host: allthatshreds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/steel-panther-releases-new-video-always-gonna-be-a-ho/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 16:12:53 GMT
last-modified: Thu, 25 Aug 2022 21:32:16 GMT
etag: "6307ea60-4325"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 59184
x-cache: HIT
accept-ranges: bytes
content-length: 3051
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
i0.wp.com/allthatshreds.com/wp-content/uploads/2022/02/cropped-cropped-cropped-all-that-shreds-2022-1-1.jpg?w=1280&ssl=1
192.0.77.2200 OK 161 kB URL HTTP/2 i0.wp.com/allthatshreds.com/wp-content/uploads/2022/02/cropped-cropped-cropped-all-that-shreds-2022-1-1.jpg?w=1280&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x719, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 161 kB (161008 bytes)
Hash 1111c2ebbc6f57a6bac122e8017fd2cb
72640e0b46cf8b0ff18f27c8d0805ee1d2e3ea67
1441d247a70f325f6100a9b06921f002f6ce2428dad10111f488aec35ad4d23a
GET /allthatshreds.com/wp-content/uploads/2022/02/cropped-cropped-cropped-all-that-shreds-2022-1-1.jpg?w=1280&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 08:39:17 GMT
content-type: image/webp
content-length: 161008
last-modified: Fri, 24 Jun 2022 02:17:42 GMT
expires: Sun, 23 Jun 2024 14:17:42 GMT
cache-control: public, max-age=63115200
link: <https://allthatshreds.com/wp-content/uploads/2022/02/cropped-cropped-cropped-all-that-shreds-2022-1-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "745e82b127a6511f"
vary: Accept
x-nc: HIT arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
allthatshreds.com/wp-content/cache/wmac/css/wmac_single_dfbcd0ce22028c5ebc58a3ebfc8f265d.css
63.250.43.136200 OK 5.3 kB URL HTTP/2 allthatshreds.com/wp-content/cache/wmac/css/wmac_single_dfbcd0ce22028c5ebc58a3ebfc8f265d.css
IP 63.250.43.136:0
File type ASCII text, with very long lines (35290), with no line terminators
Hash 91a4fedd79d194226953d98bd6e83d27
0d484dd075abb12a8fd0bc3dccecf3b79e63be77
ee54ddcbdeb90a903a656613a7e9677206de901ea344d18098dbcd7c52d2e0e3
GET /wp-content/cache/wmac/css/wmac_single_dfbcd0ce22028c5ebc58a3ebfc8f265d.css HTTP/1.1
Host: allthatshreds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/steel-panther-releases-new-video-always-gonna-be-a-ho/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 16:12:53 GMT
last-modified: Thu, 03 Nov 2022 14:52:23 GMT
etag: "6363d5a7-89da"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 59184
x-cache: HIT
accept-ranges: bytes
content-length: 5279
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.5.1/_inc/build/likes/queuehandler.min.js
192.0.77.37200 OK 2.5 kB URL HTTP/2 c0.wp.com/p/jetpack/11.5.1/_inc/build/likes/queuehandler.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (6088), with no line terminators
Hash be45d9e6880c1e47f3f20f436cb168ec
923299157d07e099bc4c0d0a67fea86e54f8037b
3d0153f0cf818ed14cf3571e8a00df67a7e730fe96a373f004922b7ce0c9f5e8
GET /p/jetpack/11.5.1/_inc/build/likes/queuehandler.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 08:39:17 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 22 Sep 2022 17:43:06 GMT
content-encoding: br
expires: Mon, 06 Nov 2023 08:39:17 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
allthatshreds.com/wp-content/themes/chromenews/assets/bootstrap/css/bootstrap.min.css
63.250.43.136200 OK 20 kB URL HTTP/2 allthatshreds.com/wp-content/themes/chromenews/assets/bootstrap/css/bootstrap.min.css
IP 63.250.43.136:0
File type ASCII text, with very long lines (65371)
Hash d9a93acac88d83cb5282a8b1accb8f8f
0db2c6a5733e5cab931578564559b797993084a3
ce6532dbf8f0bfc432db90ea0fae4484a6b5d754e9b033a1934ec6e766fe96db
GET /wp-content/themes/chromenews/assets/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: allthatshreds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/steel-panther-releases-new-video-always-gonna-be-a-ho/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 16:12:53 GMT
last-modified: Thu, 03 Nov 2022 14:52:29 GMT
etag: "6363d5ad-1d988"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 59184
x-cache: HIT
accept-ranges: bytes
content-length: 19693
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
allthatshreds.com/wp-content/themes/chromenews/assets/font-awesome/css/all.min.css
63.250.43.136200 OK 13 kB URL HTTP/2 allthatshreds.com/wp-content/themes/chromenews/assets/font-awesome/css/all.min.css
IP 63.250.43.136:0
File type ASCII text, with very long lines (59158)
Hash ec28881f94373ca699b82164b944915a
4abd68ea4dd8e75b907092030283332d8e037ee0
800119a3bea6194c052f582d6005bbb8f280b8e51cc9d3a487c2bccfc01eff81
GET /wp-content/themes/chromenews/assets/font-awesome/css/all.min.css HTTP/1.1
Host: allthatshreds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/steel-panther-releases-new-video-always-gonna-be-a-ho/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 16:12:53 GMT
last-modified: Thu, 03 Nov 2022 14:52:29 GMT
etag: "6363d5ad-e7d0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 59184
x-cache: HIT
accept-ranges: bytes
content-length: 12868
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
allthatshreds.com/wp-content/themes/chromenews/assets/slick/css/slick.min.css
63.250.43.136200 OK 479 B URL HTTP/2 allthatshreds.com/wp-content/themes/chromenews/assets/slick/css/slick.min.css
IP 63.250.43.136:0
File type ASCII text, with very long lines (1297), with no line terminators
Hash dccd4582f989e4502f589bbee430768b
74a54c10b7d3de27d692bf8cbbe93199c91c75f6
5548bf564e1afd4c6600b1fbdca874aee07e965a24dcaf6ce673624114e5bb3f
GET /wp-content/themes/chromenews/assets/slick/css/slick.min.css HTTP/1.1
Host: allthatshreds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/steel-panther-releases-new-video-always-gonna-be-a-ho/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 16:12:53 GMT
last-modified: Thu, 03 Nov 2022 14:52:29 GMT
etag: "6363d5ad-511"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 59184
x-cache: HIT
accept-ranges: bytes
content-length: 479
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
allthatshreds.com/wp-content/cache/wmac/css/wmac_single_361b2979703e912f22406a3a11c46494.css
63.250.43.136200 OK 376 B URL HTTP/2 allthatshreds.com/wp-content/cache/wmac/css/wmac_single_361b2979703e912f22406a3a11c46494.css
IP 63.250.43.136:0
File type ASCII text, with very long lines (692), with no line terminators
Hash aa14ca653d268f9cd4ce1d8e500ea88f
acb7552f54237979d483b741f5a0a685ce74b651
b0d3f4fbe970efb81179b6dbc47c373f5b05cbb2b2f6ea58afa18a9909647886
GET /wp-content/cache/wmac/css/wmac_single_361b2979703e912f22406a3a11c46494.css HTTP/1.1
Host: allthatshreds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/steel-panther-releases-new-video-always-gonna-be-a-ho/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 16:12:53 GMT
last-modified: Mon, 19 Sep 2022 18:31:45 GMT
etag: "6328b591-2b4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 59184
x-cache: HIT
accept-ranges: bytes
content-length: 376
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
allthatshreds.com/wp-content/cache/wmac/css/wmac_single_30b593b71d7672658f89bfea0ab360c9.css
63.250.43.136200 OK 1.6 kB URL HTTP/2 allthatshreds.com/wp-content/cache/wmac/css/wmac_single_30b593b71d7672658f89bfea0ab360c9.css
IP 63.250.43.136:0
File type ASCII text, with very long lines (5243), with no line terminators
Hash ae08bf2c338d615272802e414f9ec29c
6858de987ee17f90eca2e5e88178c0a0d27a74df
b0678ce9266333e448aa81b94b705777600c97392747fab2734255513357a25c
GET /wp-content/cache/wmac/css/wmac_single_30b593b71d7672658f89bfea0ab360c9.css HTTP/1.1
Host: allthatshreds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/steel-panther-releases-new-video-always-gonna-be-a-ho/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 16:12:53 GMT
last-modified: Mon, 19 Sep 2022 18:31:45 GMT
etag: "6328b591-147b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 59184
x-cache: HIT
accept-ranges: bytes
content-length: 1558
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
allthatshreds.com/wp-content/cache/wmac/css/wmac_single_cb4f93271a3ee0783706f5d2d3345823.css
63.250.43.136200 OK 43 kB URL HTTP/2 allthatshreds.com/wp-content/cache/wmac/css/wmac_single_cb4f93271a3ee0783706f5d2d3345823.css
IP 63.250.43.136:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash f30fb272f9d723e7f2707169c91c2d9e
2a27b4d533ee8e5f998bafa1e727c89711ea1567
25ff424bd03ced408f6ee03bf800add26e5282c2fd7978a8ca5175e74e69e550
GET /wp-content/cache/wmac/css/wmac_single_cb4f93271a3ee0783706f5d2d3345823.css HTTP/1.1
Host: allthatshreds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/steel-panther-releases-new-video-always-gonna-be-a-ho/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 16:12:53 GMT
last-modified: Thu, 03 Nov 2022 14:52:58 GMT
etag: "6363d5ca-52ec6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 59184
x-cache: HIT
accept-ranges: bytes
content-length: 43058
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
allthatshreds.com/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css
63.250.43.136200 OK 1.8 kB URL HTTP/2 allthatshreds.com/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css
IP 63.250.43.136:0
File type ASCII text, with very long lines (8319)
Hash 4ef76087ceebf8f309ed48ec12e63876
8c01ce47d1fd1bdbdf77f4b4b1e002ccd7d92afa
2a79fd037132847cedca153e7cb2ac6057afb3a33af627d63c0fce9a5393b8d5
GET /wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css HTTP/1.1
Host: allthatshreds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/steel-panther-releases-new-video-always-gonna-be-a-ho/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 16:12:53 GMT
last-modified: Thu, 03 Nov 2022 14:51:07 GMT
etag: "6363d55b-2080"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 59184
x-cache: HIT
accept-ranges: bytes
content-length: 1786
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
allthatshreds.com/wp-content/plugins/custom-facebook-feed/assets/css/cff-style.min.css
63.250.43.136200 OK 3.4 kB URL HTTP/2 allthatshreds.com/wp-content/plugins/custom-facebook-feed/assets/css/cff-style.min.css
IP 63.250.43.136:0
File type ASCII text, with very long lines (17495), with no line terminators
Hash ab80b346e019d296433388bdd34e7766
3f3a7358556cb022f88b74a2dd7eba0bda4ce605
fce554e8f55e529737f89abc2f0f1cc554d4cf926f9db821cd2b9393cd20b33a
GET /wp-content/plugins/custom-facebook-feed/assets/css/cff-style.min.css HTTP/1.1
Host: allthatshreds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/steel-panther-releases-new-video-always-gonna-be-a-ho/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 16:12:53 GMT
last-modified: Thu, 25 Aug 2022 21:32:41 GMT
etag: "6307ea79-4457"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 59184
x-cache: HIT
accept-ranges: bytes
content-length: 3382
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
allthatshreds.com/wp-content/cache/wmac/js/wmac_6413b82b52147188a770dc091846c464.js
63.250.43.136200 OK 71 kB URL HTTP/2 allthatshreds.com/wp-content/cache/wmac/js/wmac_6413b82b52147188a770dc091846c464.js
IP 63.250.43.136:0
File type ASCII text, with very long lines (28685)
Hash dc88dcc14c788f8a7e22f616a5a38f07
8a334caebbd7914bce381fbade5cabd78b159e81
580cee9dc97c525e0647bdd871dcbf1ce228eb4a779bb4550639d5f9468d32a8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/cache/wmac/js/wmac_6413b82b52147188a770dc091846c464.js HTTP/1.1
Host: allthatshreds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/steel-panther-releases-new-video-always-gonna-be-a-ho/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 16:11:41 GMT
last-modified: Thu, 03 Nov 2022 14:53:35 GMT
etag: "6363d5ef-40125"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 59256
x-cache: HIT
accept-ranges: bytes
content-length: 71396
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10241
Expires: Sun, 06 Nov 2022 11:29:59 GMT
Date: Sun, 06 Nov 2022 08:39:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10241
Expires: Sun, 06 Nov 2022 11:29:59 GMT
Date: Sun, 06 Nov 2022 08:39:18 GMT
Connection: keep-alive
platform-api.sharethis.com/js/sharethis.js
143.204.55.6200 OK 44 kB URL HTTP/2 platform-api.sharethis.com/js/sharethis.js
IP 143.204.55.6:0
Hash 1c162023dd8d198137ae8f3fae1735e3
d0ce161e7d4fdaee1b0e151ca065e6271e9556ef
383c5b1bbeb69f203a8fdc0affc335a7e232380521fb3ec191a02f48336723ed
GET /js/sharethis.js HTTP/1.1
Host: platform-api.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-encoding: gzip
edge-control: cache-maxage=60m,downstream-ttl=60m
x-frame-options: SAMEORIGIN
date: Sun, 06 Nov 2022 08:38:14 GMT
cache-control: max-age=600, public
etag: W/"302c5-xv+434/YRClN3FoC1ia4zCamsAQ"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XNnIUKie_-O0SwNLHrK0aB0JwnbuKvLmVXRdzc8IqiZO5mddKaLelQ==
age: 63
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10241
Expires: Sun, 06 Nov 2022 11:29:59 GMT
Date: Sun, 06 Nov 2022 08:39:18 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44419343-1ead-483b-bb26-c35907f5e9b8.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44419343-1ead-483b-bb26-c35907f5e9b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c92234d28d67355984873ddf7f2bc85c
309a09b99f2419d6c45c271b67f387a6a62abd4a
436c965529e1e01b2b175fd72f45bab799f77028f1671978c16a37c61e267074
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44419343-1ead-483b-bb26-c35907f5e9b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12098
x-amzn-requestid: f8b11dcd-fb4c-4eda-a84d-2c36b08dfd16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJbDWE7SoAMFatw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d87b-386cc0282685a0e8611a24ce;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:41:15 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yckvvWFuqJHFQG0zwUbbPe6x-oFmk09nZHjoqSEXcoxR4mdUh1PfxQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:04:09 GMT
age: 38109
etag: "309a09b99f2419d6c45c271b67f387a6a62abd4a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b46edc3-3c38-432b-abec-6c61e93e3e1c.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b46edc3-3c38-432b-abec-6c61e93e3e1c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7b37723112370a0b108acac266a6dcfd
5434be2648f63624b7729c931c950e54c84d79a9
ae97a46d3825531022f51be38b5932c879fe3996073bad8bcf150e712c571814
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b46edc3-3c38-432b-abec-6c61e93e3e1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5944
x-amzn-requestid: d3d52642-194b-455f-9e12-5fd306607035
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJatbFmLIAMFp1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7ef-03be7b6f337c5cf934c0d741;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:55 GMT
x-amz-cf-pop: SFO5-C3, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: uPywpcAug5apW-t_nd1lbXisNE0l01PMo4k99YA6uO_6KcLJDG9lkw==
via: 1.1 7ba3caf71ae7a52dd411d1a543e80cd8.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:06:54 GMT
age: 37944
etag: "5434be2648f63624b7729c931c950e54c84d79a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
c0.wp.com/c/6.1/wp-includes/js/jquery/jquery-migrate.min.js
192.0.77.37200 OK 13 kB URL HTTP/2 c0.wp.com/c/6.1/wp-includes/js/jquery/jquery-migrate.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (11126)
Hash ad79d13ddfdf3f6e5ebeda96341d7361
28852811de00a1102cc36afd0764a2d1b3e6d2bc
08d5526887d63e6cdb34f44b95285c8b6955fb0ea22ed236df85ef7830b28bd9
GET /c/6.1/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 08:39:17 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
content-encoding: br
expires: Mon, 06 Nov 2023 08:39:17 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa77f05b1af971db287607d9d9a30e0f
276f1493d6da74c8fa3ef83dee77bf48850ff4b4
005d0273b7fe7b68081d1db630df9444c4082140be87c34f3e9e5fb7db9a4160
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14415
x-amzn-requestid: 9eadfbeb-38b2-483a-894a-375e00f646dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJabgHcMoAMFTLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d77c-104fa5e61c64aaf230ffb045;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:37:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 1rzBJigxxARLwKhQ_2PvkVnWD2wUH9UPfyVKIe9lmvtmtMRwWjR21g==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:17:20 GMT
etag: "276f1493d6da74c8fa3ef83dee77bf48850ff4b4"
content-type: image/jpeg
age: 37318
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b18a8c9f5539ce33476f843f5811e01d
11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b
fc20e507eedccb52078979f2132434b11b9d50d917cab512d8e0c99515b1236c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7573
x-amzn-requestid: d56e7b27-f2cb-4cd3-9f67-ba18d1bfe270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bDkhGHmjoAMFxxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364813a-3a1c18b13c41f38673890b00;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 03:04:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: c-u9tBFoIve3sEwtbUvIFZoPu6eudy3ZFQi8j2m9mTPNEarihTvddw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 03:24:54 GMT
age: 18864
etag: "11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: z6Lnru_eeTvRGdsz-q37-HGFgFfIT6fLSFcJBvT3oPjAPilszTWkDw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 09:11:34 GMT
age: 84464
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=ext&blog=115553324&post=9575&tz=-5&srv=allthatshreds.com&j=1%3A11.5.1&host=allthatshreds.com&ref=&fcp=0&rand=0.2635220208356742
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&blog=115553324&post=9575&tz=-5&srv=allthatshreds.com&j=1%3A11.5.1&host=allthatshreds.com&ref=&fcp=0&rand=0.2635220208356742
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&blog=115553324&post=9575&tz=-5&srv=allthatshreds.com&j=1%3A11.5.1&host=allthatshreds.com&ref=&fcp=0&rand=0.2635220208356742 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 08:39:18 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.ywxi.net/js/1.js
54.230.111.63200 OK 4.6 kB IP 54.230.111.63:0
File type ASCII text, with very long lines (580)
Hash 0684a3c86e3c326e97dca2edd6503d7a
4995006b1ff9c66ed53a5a29e6871602eb1b3f1b
d8b6dfd93f2469d87d65d41a1a9e937d98f0d84675da7d2faafa64d68a22c824
GET /js/1.js HTTP/1.1
Host: cdn.ywxi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 4567
date: Sun, 06 Nov 2022 07:44:30 GMT
server: Apache
content-security-policy-report-only: report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expires: Sun, 06 Nov 2022 08:44:30 GMT
access-control-allow-origin: *
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tlbiCO4Zn3CQC698KOd4Y3gfma6uDSMN3qHDUsESDeL2iS5MTo-LPg==
age: 3288
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d2b4c49a0fb79e3d3bc40d2a28b27120
3f53633851cf851451354ccfd2931f2ec7a9e40f
a8a4ca2c09bae5cc3375077e531b357e2c1724693433a085ad038e3e6adfd96b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 08:39:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 08:39:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 08:39:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/jost/v14/92zatBhPNqw73oTd4g.woff2
216.58.207.195200 OK 26 kB URL HTTP/2 fonts.gstatic.com/s/jost/v14/92zatBhPNqw73oTd4g.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 26304, version 1.0\012- data
Hash 29404b5009a74d47f2a7923da5741fd5
c8c7a68af3f7e4f92d932203efda0c38e4d170ab
0b7e3af1cb23f3b1cc2c3418f3c31ab3bbadeaa2ba5e72f3cb818e4b44c420f4
GET /s/jost/v14/92zatBhPNqw73oTd4g.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://allthatshreds.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26304
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 31 Oct 2022 02:54:36 GMT
expires: Tue, 31 Oct 2023 02:54:36 GMT
cache-control: public, max-age=31536000
age: 539082
last-modified: Mon, 11 Jul 2022 20:29:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/notoserif/v21/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
216.58.207.195200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/notoserif/v21/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 23948, version 1.0\012- data
Hash aeb92e524ca62170347fa63974605767
1e10bfbd720481e42035a5469d7ce8fc51d34aab
25475d82cc976fb2c71b15b3e416c22bf636dd247bbb268d312e7c076ec5b6e4
GET /s/notoserif/v21/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://allthatshreds.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23948
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 31 Oct 2022 21:05:10 GMT
expires: Tue, 31 Oct 2023 21:05:10 GMT
cache-control: public, max-age=31536000
age: 473648
last-modified: Mon, 09 May 2022 19:47:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/notoserif/v21/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
216.58.207.195200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/notoserif/v21/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 27456, version 1.0\012- data
Hash 80becb8b7638756b35eebf31518f8904
ba154f44545a98796887a9b5cfd84d765d3d0c05
a0a9ce1553fa74dad4d8cf55b7df7d012a3acdec01cd39d682fce0e5b52e99f2
GET /s/notoserif/v21/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://allthatshreds.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27456
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 31 Oct 2022 21:05:17 GMT
expires: Tue, 31 Oct 2023 21:05:17 GMT
cache-control: public, max-age=31536000
age: 473641
last-modified: Mon, 09 May 2022 20:10:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/notoserif/v21/ga6Kaw1J5X9T9RW6j9bNfFImajC7.woff2
216.58.207.195200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/notoserif/v21/ga6Kaw1J5X9T9RW6j9bNfFImajC7.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 21916, version 1.0\012- data
Hash 4b63cb477ab7d5e6977a788100ae58d5
c6e58ffe35827e911091dfbe4447b9902406c9d0
b5bc6e295567ab6723e8b71b9cebbaf12239f9a94c804af09e57412ce70c3177
GET /s/notoserif/v21/ga6Kaw1J5X9T9RW6j9bNfFImajC7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://allthatshreds.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21916
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Nov 2022 03:38:05 GMT
expires: Wed, 01 Nov 2023 03:38:05 GMT
cache-control: public, max-age=31536000
age: 450073
last-modified: Mon, 09 May 2022 19:18:51 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 08:39:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d2b4c49a0fb79e3d3bc40d2a28b27120
3f53633851cf851451354ccfd2931f2ec7a9e40f
a8a4ca2c09bae5cc3375077e531b357e2c1724693433a085ad038e3e6adfd96b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 08:39:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Nov 2022 12:31:58 GMT
expires: Sun, 05 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 72440
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 21:46:16 GMT
expires: Fri, 03 Nov 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 211982
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
allthatshreds.com/wp-content/themes/chromenews/assets/font-awesome/webfonts/fa-solid-900.woff2
63.250.43.136200 OK 78 kB URL HTTP/2 allthatshreds.com/wp-content/themes/chromenews/assets/font-awesome/webfonts/fa-solid-900.woff2
IP 63.250.43.136:0
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/chromenews/assets/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: allthatshreds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://allthatshreds.com/wp-content/themes/chromenews/assets/font-awesome/css/all.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 16:12:53 GMT
last-modified: Thu, 03 Nov 2022 14:52:29 GMT
etag: "6363d5ad-13174"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://allthatshreds.com
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: font/woff2
content-length: 78196
x-cacheable: YES
age: 59184
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
allthatshreds.com/wp-content/themes/chromenews/assets/font-awesome/webfonts/fa-regular-400.woff2
63.250.43.136200 OK 13 kB URL HTTP/2 allthatshreds.com/wp-content/themes/chromenews/assets/font-awesome/webfonts/fa-regular-400.woff2
IP 63.250.43.136:0
File type Web Open Font Format (Version 2), TrueType, length 13276, version 331.-31261\012- data
Hash f0f8230116992e521526097a28f54066
0447c6b10bbf73f97b23dcfd6e6a48510822cb6e
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/chromenews/assets/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: allthatshreds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://allthatshreds.com/wp-content/themes/chromenews/assets/font-awesome/css/all.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 16:12:53 GMT
last-modified: Thu, 03 Nov 2022 14:52:29 GMT
etag: "6363d5ad-33dc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://allthatshreds.com
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: font/woff2
content-length: 13276
x-cacheable: YES
age: 59184
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
s0.wp.com/_static/??-eJx9i0EOwjAMBD+Ea1BFe0I8BZnEgJvYlDhRv0/EgRNiT6PVDG4rhKdVtoraYM3tLuaYJbHjq3HjB1nMXIbFd/hbpqhicKWCSl65dIJaKCT/FyVx5QrjsMeLWPget/KRY2/PejpMfeM0z8flDaXAPmE=
192.0.77.32200 OK 20 kB URL HTTP/2 s0.wp.com/_static/??-eJx9i0EOwjAMBD+Ea1BFe0I8BZnEgJvYlDhRv0/EgRNiT6PVDG4rhKdVtoraYM3tLuaYJbHjq3HjB1nMXIbFd/hbpqhicKWCSl65dIJaKCT/FyVx5QrjsMeLWPget/KRY2/PejpMfeM0z8flDaXAPmE=
IP 192.0.77.32:0
Hash 54efbee9ff5bf8aff269f1f6f45a70c3
98a0d5155aa916c880c4db3f253fc4c83d63c51e
7d840752d452224fd4727118d9fb681a638c1b0289078ed5564b92c582257b15
GET /_static/??-eJx9i0EOwjAMBD+Ea1BFe0I8BZnEgJvYlDhRv0/EgRNiT6PVDG4rhKdVtoraYM3tLuaYJbHjq3HjB1nMXIbFd/hbpqhicKWCSl65dIJaKCT/FyVx5QrjsMeLWPget/KRY2/PejpMfeM0z8flDaXAPmE= HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 08:39:18 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 24 Oct 2022 18:39:41 GMT
etag: W/"6356dbed-785e"
content-encoding: br
expires: Tue, 24 Oct 2023 18:39:46 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
0.gravatar.com/js/gprofiles.js?ver=202244z
192.0.73.2200 OK 8.0 kB URL HTTP/2 0.gravatar.com/js/gprofiles.js?ver=202244z
IP 192.0.73.2:0
File type ASCII text, with very long lines (24043), with no line terminators
Hash fe74d3d3fcb996ce59f54ffe7e530809
b002c7e2493ca11723dc90995945afb4f744a3c2
f811fb02df4770e5a3dfdf2393c767502eadd1466f9f390029e810663eba80a0
GET /js/gprofiles.js?ver=202244z HTTP/1.1
Host: 0.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 08:39:18 GMT
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 11:48:47 GMT
etag: W/"6323111f-5deb"
content-encoding: br
expires: Sun, 13 Nov 2022 08:39:18 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
s0.wp.com/wp-content/mu-plugins/highlander-comments/images/button-back.gif
192.0.77.32200 OK 1.2 kB URL HTTP/2 s0.wp.com/wp-content/mu-plugins/highlander-comments/images/button-back.gif
IP 192.0.77.32:0
File type GIF image data, version 89a, 2 x 26\012- data
Hash 41570c42d47e846f51422b154ebe8cc8
eed821bb5bf98caf32c563a56a1ebf145f7aca74
0dab369eac5fd3a06420395d02d292bc3e3ab0bf62add857c72804fd9f4edd35
GET /wp-content/mu-plugins/highlander-comments/images/button-back.gif HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.wp.com/wp-content/mu-plugins/highlander-comments/style.css?m=1663315160h&cssminify=yes
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 08:39:18 GMT
content-type: image/gif
content-length: 1232
last-modified: Thu, 29 Nov 2018 13:53:37 GMT
etag: "5bffef61-4d0"
expires: Thu, 10 Nov 2022 15:10:54 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 498a93ef6474e78f5c7b8ec391786b1c
2fdbd636d3ec6c2476c2ac34697ba171eecdb768
ab9705c42b3e1f2c2cc005974f4dd27f75c27a053bd29e81d2a99824200dcef7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1709
Cache-Control: max-age=155630
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 08:39:18 GMT
Etag: "636728f7-1d7"
Expires: Tue, 08 Nov 2022 03:53:08 GMT
Last-Modified: Sun, 06 Nov 2022 03:24:39 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25
192.0.73.2200 OK 439 B URL HTTP/2 1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25
IP 192.0.73.2:0
File type PNG image data, 25 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 11dc3e5b84e467ac07bb1446b8303e6f
c53b55b22ec90ce640e805f1b76fc88d7cd2f90e
d3ddd29db765914b449b4573e5a3c24e1982838d9f55befd894cb73333f8149a
GET /avatar/ad516503a11cd5ca435acc9bb6523536?s=25 HTTP/1.1
Host: 1.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 08:39:18 GMT
content-type: image/png
content-length: 439
last-modified: Sat, 01 Mar 2008 02:44:06 GMT
link: <https://www.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25>; rel="canonical"
content-disposition: inline; filename="ad516503a11cd5ca435acc9bb6523536.png"
access-control-allow-origin: *
expires: Sun, 06 Nov 2022 08:44:18 GMT
cache-control: max-age=300
x-nc: HIT arn 2
accept-ranges: bytes
X-Firefox-Spdy: h2
jetpack.wordpress.com/jetpack-comment/?blogid=115553324&postid=9575&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&jetpack_comments_nonce=6aa12ddecb&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=11.5.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=7a0b01761533f550e67685587b0e7fca835730b9
192.0.78.32200 OK 37 kB URL HTTP/2 jetpack.wordpress.com/jetpack-comment/?blogid=115553324&postid=9575&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&jetpack_comments_nonce=6aa12ddecb&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=11.5.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=7a0b01761533f550e67685587b0e7fca835730b9
IP 192.0.78.32:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1816)
Hash f97b23184677260edcca407528381b5f
f621b00a48f2f2f247b9bde8e37ced1f498e2385
3e580c527d2c78498927feb48ad612dc4fa18ecf67206be29c0aa702b3bb3dce
GET /jetpack-comment/?blogid=115553324&postid=9575&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&jetpack_comments_nonce=6aa12ddecb&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=11.5.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=7a0b01761533f550e67685587b0e7fca835730b9 HTTP/1.1
Host: jetpack.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 08:39:18 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
host-header: WordPress.com
content-encoding: br
x-ac: 4.arn _dca BYPASS
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
google-analytics.com/analytics.js
216.58.211.4200 OK 20 kB URL HTTP/2 google-analytics.com/analytics.js
IP 216.58.211.4:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 06 Nov 2022 07:27:57 GMT
expires: Sun, 06 Nov 2022 09:27:57 GMT
cache-control: public, max-age=7200
age: 4281
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s0.wp.com/wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1610363240h
192.0.77.32200 OK 28 kB URL HTTP/2 s0.wp.com/wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1610363240h
IP 192.0.77.32:0
File type ASCII text, with very long lines (365)
Hash 0c65742e8ad4c571b812f92744583d70
25e4676848e43a58c1952651a72af56fe567d521
4f21b280851e56c6588e8d39e5dc4412cc91bf86f2284875e3c388c4198b667c
GET /wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1610363240h HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 08:39:18 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"5ffc31a9-465"
content-encoding: br
expires: Wed, 23 Nov 2022 13:57:43 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 498a93ef6474e78f5c7b8ec391786b1c
2fdbd636d3ec6c2476c2ac34697ba171eecdb768
ab9705c42b3e1f2c2cc005974f4dd27f75c27a053bd29e81d2a99824200dcef7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1709
Cache-Control: max-age=155630
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 08:39:18 GMT
Etag: "636728f7-1d7"
Expires: Tue, 08 Nov 2022 03:53:08 GMT
Last-Modified: Sun, 06 Nov 2022 03:24:39 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 329e0daac9196aeac36e91ac1223f2c5
5b1ced390872426294c39865df9c510e292b9ddb
676e0a055fa947e7f9804afbb668a8851e0db57bca973f567e6b2daf6293e600
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=123652
Date: Sun, 06 Nov 2022 08:39:18 GMT
Etag: "6366a1f5-1d7"
Expires: Mon, 07 Nov 2022 19:00:10 GMT
Last-Modified: Sat, 05 Nov 2022 17:48:37 GMT
Server: ECS (nyb/1D12)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ICxqbQ2D8OwkHGNZh988mOMpCpOjBmfDdjcgd72q8X9WFNuiu5jOYw==
Age: 4293
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 329e0daac9196aeac36e91ac1223f2c5
5b1ced390872426294c39865df9c510e292b9ddb
676e0a055fa947e7f9804afbb668a8851e0db57bca973f567e6b2daf6293e600
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=122848
Date: Sun, 06 Nov 2022 08:39:18 GMT
Etag: "6366a1f5-1d7"
Expires: Mon, 07 Nov 2022 18:46:46 GMT
Last-Modified: Sat, 05 Nov 2022 17:48:37 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9-XLQfKnuZDIkr4O9MZXh_WNFVpgNW2J3h_QZ0moyLNy46YdcEfIXA==
Age: 3489
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash ccc010f14c751f4bcc7a5a07b91997ad
fdd16aeaf1d313fd24b28dbc98514f1f36ecaf79
9c27893901dbd5f5f75d5009fea9f8f33a5667971e659fd8565bae1020399b6a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=119595
Date: Sun, 06 Nov 2022 08:39:19 GMT
Etag: "63669999-1d7"
Expires: Mon, 07 Nov 2022 17:52:34 GMT
Last-Modified: Sat, 05 Nov 2022 17:12:57 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gLEpPnmLxrCrgRkiyXrjg5r2YTdev6My2sFQImZlnPBu8f-GBsqGkw==
Age: 2377
l.sharethis.com/pview?event=pview&hostname=allthatshreds.com&location=%2Fsteel-panther-releases-new-video-always-gonna-be-a-ho%2F&product=ga&url=https%3A%2F%2Fallthatshreds.com%2Fsteel-panther-releases-new-video-always-gonna-be-a-ho%2F&source=googleanalytics-wordpress&fcmp=false&fcmpv2=false&has_segmentio=false&title=Steel%20Panther%20Releases%20New%20Video%20%22Always%20Gonna%20Be%20A%20Ho%22&cms=unknown&publisher=5af52b217056220011b9fdc8&sop=true&version=st_sop.js&lang=en&description=Song%20Comes%20From%20Their%20Recently%20Announced%205th%20Studio%20Album%20Heavy%20Metal%20Rules%20Scheduled%20for%20Release%20on%20September%2027th%20https%3A%2F%2Flnk.to%2FHeavyMetalRules%20Band%20Set%20To%20Hit%20The%20Road%20In%20The%20Fall%20in%20Support%20Of%20New%20Album%20https%3A%2F%2Fwww.steelpantherrocks.com%2Fpages%2Ftour%20On%20the%20heels%20of%20the%20recently%20announced%20new%20album%20and%20headline%20tour%2C%20California%E2%80%99s%20greatest%20export%20and%20relationship%20experts%20Steel%20Panther%20are%20back%20with%20another%20music%20video
35.156.179.150204 No Content 0 B URL HTTP/1.1 l.sharethis.com/pview?event=pview&hostname=allthatshreds.com&location=%2Fsteel-panther-releases-new-video-always-gonna-be-a-ho%2F&product=ga&url=https%3A%2F%2Fallthatshreds.com%2Fsteel-panther-releases-new-video-always-gonna-be-a-ho%2F&source=googleanalytics-wordpress&fcmp=false&fcmpv2=false&has_segmentio=false&title=Steel%20Panther%20Releases%20New%20Video%20%22Always%20Gonna%20Be%20A%20Ho%22&cms=unknown&publisher=5af52b217056220011b9fdc8&sop=true&version=st_sop.js&lang=en&description=Song%20Comes%20From%20Their%20Recently%20Announced%205th%20Studio%20Album%20Heavy%20Metal%20Rules%20Scheduled%20for%20Release%20on%20September%2027th%20https%3A%2F%2Flnk.to%2FHeavyMetalRules%20Band%20Set%20To%20Hit%20The%20Road%20In%20The%20Fall%20in%20Support%20Of%20New%20Album%20https%3A%2F%2Fwww.steelpantherrocks.com%2Fpages%2Ftour%20On%20the%20heels%20of%20the%20recently%20announced%20new%20album%20and%20headline%20tour%2C%20California%E2%80%99s%20greatest%20export%20and%20relationship%20experts%20Steel%20Panther%20are%20back%20with%20another%20music%20video
IP 35.156.179.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pview?event=pview&hostname=allthatshreds.com&location=%2Fsteel-panther-releases-new-video-always-gonna-be-a-ho%2F&product=ga&url=https%3A%2F%2Fallthatshreds.com%2Fsteel-panther-releases-new-video-always-gonna-be-a-ho%2F&source=googleanalytics-wordpress&fcmp=false&fcmpv2=false&has_segmentio=false&title=Steel%20Panther%20Releases%20New%20Video%20%22Always%20Gonna%20Be%20A%20Ho%22&cms=unknown&publisher=5af52b217056220011b9fdc8&sop=true&version=st_sop.js&lang=en&description=Song%20Comes%20From%20Their%20Recently%20Announced%205th%20Studio%20Album%20Heavy%20Metal%20Rules%20Scheduled%20for%20Release%20on%20September%2027th%20https%3A%2F%2Flnk.to%2FHeavyMetalRules%20Band%20Set%20To%20Hit%20The%20Road%20In%20The%20Fall%20in%20Support%20Of%20New%20Album%20https%3A%2F%2Fwww.steelpantherrocks.com%2Fpages%2Ftour%20On%20the%20heels%20of%20the%20recently%20announced%20new%20album%20and%20headline%20tour%2C%20California%E2%80%99s%20greatest%20export%20and%20relationship%20experts%20Steel%20Panther%20are%20back%20with%20another%20music%20video HTTP/1.1
Host: l.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/
Origin: https://allthatshreds.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: https://allthatshreds.com
Access-Control-Expose-Headers: stid
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 06 Nov 2022 08:39:19 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
s3-us-west-2.amazonaws.com/mfesecure-public/host/allthatshreds.com/client.json?source=jsmain
52.218.182.104403 Forbidden 243 B URL HTTP/1.1 s3-us-west-2.amazonaws.com/mfesecure-public/host/allthatshreds.com/client.json?source=jsmain
IP 52.218.182.104:0
File type XML 1.0 document text\012- XML document, ASCII text
Hash 88955c93271a459c612a57b7ccea3cf0
171024d40ee9ac9117a5854f0082ad07020eab6b
9ffa7803db9ddff21f8732fe36400a2f01b635a1015e687dc3810b77c6bd45b2
GET /mfesecure-public/host/allthatshreds.com/client.json?source=jsmain HTTP/1.1
Host: s3-us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/
Origin: https://allthatshreds.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Access-Control-Allow-Origin: https://allthatshreds.com
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Access-Control-Max-Age: 60
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: TW733CXHC7A3NBYB
x-amz-id-2: JjLgErr5JARpf4RtZURZwYb9VkhmfQcWp0fVb5UyhMGQBfN6C/XJUcMji0fWAAU0ro8yzoDIrrg=
Content-Type: application/xml
Transfer-Encoding: chunked
Date: Sun, 06 Nov 2022 08:39:18 GMT
Server: AmazonS3
s3-us-west-2.amazonaws.com/mfesecure-public/host/allthatshreds.com/client.json?source=jsinline
52.218.182.104403 Forbidden 243 B URL HTTP/1.1 s3-us-west-2.amazonaws.com/mfesecure-public/host/allthatshreds.com/client.json?source=jsinline
IP 52.218.182.104:0
File type XML 1.0 document text\012- XML document, ASCII text
Hash 576906c9443cdf60717943e85c8c06aa
49ce6714f6475fa842679bddd4906d207ab517ec
0d35da9b67108f7487e8a20df43e051748ec65fb53dc4e64db07cdf712899a22
GET /mfesecure-public/host/allthatshreds.com/client.json?source=jsinline HTTP/1.1
Host: s3-us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/
Origin: https://allthatshreds.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Access-Control-Allow-Origin: https://allthatshreds.com
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Access-Control-Max-Age: 60
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: TW7921P8BMRDCGGW
x-amz-id-2: 5vZoXUkwH4sDwFpYfdVtt81EigSVVXz7mdBSiq6tuoZMTaaPvjJhMmG0uAMrQLQsaTHt3WcU3Uw=
Content-Type: application/xml
Transfer-Encoding: chunked
Date: Sun, 06 Nov 2022 08:39:18 GMT
Server: AmazonS3
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e20220595764996da3b132db809444b2
7b5e25e40df30de11e8bd6088f59b7131a2702db
b2f5ca6be41e0113663f5f75edc856f49297cd40700043080f3e27c1cce3a185
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 08:39:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f3832eb0418d94ec98c40df1bcf3ce5b
74dd7fa6ff4f9da9324c0772d075da5f42ab5879
cc42acc8dffa6c7f0c4c3a16ffe8c88919daf4859b7524a7a0ffc6e4b169c50d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 08:39:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.166200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.166:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 06 Nov 2022 08:29:05 GMT
expires: Sun, 06 Nov 2022 08:44:05 GMT
cache-control: public, max-age=900
age: 614
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
172.217.21.162302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 172.217.21.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sun, 06 Nov 2022 08:39:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s0.wp.com/_static/??/wp-content/js/textarea-autosize.min.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1663141412j
192.0.77.32200 OK 12 kB URL HTTP/2 s0.wp.com/_static/??/wp-content/js/textarea-autosize.min.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1663141412j
IP 192.0.77.32:0
File type Unicode text, UTF-8 text, with very long lines (3416)
Hash eadc4d5cde8d79be96f4001e98f03661
93190556b037c0f22719eef5a78c01082b124587
bb5ae45d43984e3f3912393e8c6ac8c6d5ef891a9601dbb844e3e5677cb14123
GET /_static/??/wp-content/js/textarea-autosize.min.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1663141412j HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 08:39:18 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 14 Sep 2022 07:43:45 GMT
etag: W/"63218631-a4f5"
content-encoding: br
expires: Thu, 14 Sep 2023 07:43:50 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 06 Nov 2022 08:39:19 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f3832eb0418d94ec98c40df1bcf3ce5b
74dd7fa6ff4f9da9324c0772d075da5f42ab5879
cc42acc8dffa6c7f0c4c3a16ffe8c88919daf4859b7524a7a0ffc6e4b169c50d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 08:39:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e20220595764996da3b132db809444b2
7b5e25e40df30de11e8bd6088f59b7131a2702db
b2f5ca6be41e0113663f5f75edc856f49297cd40700043080f3e27c1cce3a185
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 08:39:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash a3404dcfc6e2a0f7eea7173440ae7034
49f3cec9c869025d6a891fc414427e80ccbaf39d
3f124792323c5e5249d6f5b1ff3cc474f01d8ac460621925fbe96c6973972f8d
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 06 Nov 2022 08:39:19 GMT
server: ESF
cache-control: private
content-length: 30726
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6b72bfaacba486284aa2ecb4bcd8ebba
89fa4ef09e60380fc432c73b7919a29f26117088
fed14b27362ffe0dfbe0b1696e8dab5f6bba3e08b76bec620e75f0f3f213f69b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 08:39:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4581b506f0ccd486206fae4fe79eb8fd
ea8f75b339daf79e4d6db6b288f23045dd7b47e2
db3f58f8fbd1b53920f8b71348ff31ea8b886e3dfb3d6171d2c68b414b3a6e7c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 08:39:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/EWuoZ_9LU3hL76PT3YFLg_EjKJdTpZ6rgtgTJA98OBY.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/EWuoZ_9LU3hL76PT3YFLg_EjKJdTpZ6rgtgTJA98OBY.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (35974)
Hash 89da5756c3061bf086f28e85c062ea28
d46d62afb0048e31e65c624e26fc5620eb1e7fdd
7c5e7453571c65550671610b433b6a9ce831d3532c6c503539f8a060e5b264df
GET /js/th/EWuoZ_9LU3hL76PT3YFLg_EjKJdTpZ6rgtgTJA98OBY.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14351
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 06 Nov 2022 00:27:13 GMT
expires: Mon, 06 Nov 2023 00:27:13 GMT
cache-control: public, max-age=31536000
age: 29526
last-modified: Thu, 20 Oct 2022 10:30:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/bkV0M1qbkcw/sddefault.webp
142.250.74.86200 OK 27 kB URL HTTP/2 i.ytimg.com/vi_webp/bkV0M1qbkcw/sddefault.webp
IP 142.250.74.86:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 529a8385a7d331be2db60e4037f981e2
6cab501eee0ba78e345b7031533d85233ef49cb3
cc52a387031d649dc2dbf92be9128776e55a233d25d350c7a30d68ba9870d58d
GET /vi_webp/bkV0M1qbkcw/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 27092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 06 Nov 2022 08:39:19 GMT
expires: Sun, 06 Nov 2022 10:39:19 GMT
cache-control: public, max-age=7200
etag: "1565295728"
content-type: image/webp
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=617276359124073&ev=PageView&dl=https%3A%2F%2Fallthatshreds.com%2Fsteel-panther-releases-new-video-always-gonna-be-a-ho%2F&rl=&if=false&ts=1667723957611&sw=1280&sh=1024&v=2.9.89&r=stable&a=wordpress-6.1-3.0.8&ec=0&o=30&fbp=fb.1.1667723957609.2054944743&it=1667723957114&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=617276359124073&ev=PageView&dl=https%3A%2F%2Fallthatshreds.com%2Fsteel-panther-releases-new-video-always-gonna-be-a-ho%2F&rl=&if=false&ts=1667723957611&sw=1280&sh=1024&v=2.9.89&r=stable&a=wordpress-6.1-3.0.8&ec=0&o=30&fbp=fb.1.1667723957609.2054944743&it=1667723957114&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=617276359124073&ev=PageView&dl=https%3A%2F%2Fallthatshreds.com%2Fsteel-panther-releases-new-video-always-gonna-be-a-ho%2F&rl=&if=false&ts=1667723957611&sw=1280&sh=1024&v=2.9.89&r=stable&a=wordpress-6.1-3.0.8&ec=0&o=30&fbp=fb.1.1667723957609.2054944743&it=1667723957114&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 06 Nov 2022 08:39:19 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0c958806c8cb4256576529cd7ac57208
ed90ea4236d2e8c96707cda1309a86a2189baf42
d4b6e268c60fcbfff53d5d7387cedb5a8d11f72e60402281b87b48b3edc5e292
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 08:39:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4581b506f0ccd486206fae4fe79eb8fd
ea8f75b339daf79e4d6db6b288f23045dd7b47e2
db3f58f8fbd1b53920f8b71348ff31ea8b886e3dfb3d6171d2c68b414b3a6e7c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 08:39:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/U5Kv06EFJLyuvomV1hvemJyBrGPaoVunuWfTRPR5yWxyYiT7C7pFSlzmQiyGMIWdKYRIZF6TLeQ=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 4.8 kB URL HTTP/2 yt3.ggpht.com/U5Kv06EFJLyuvomV1hvemJyBrGPaoVunuWfTRPR5yWxyYiT7C7pFSlzmQiyGMIWdKYRIZF6TLeQ=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 06ead0714bfe88b88b0c5ac65ec72105
9fb12770d9890aa921e1dda589fb27e8f6d852ef
62c56373af18520d80840e4e25e0f6fe44b861af9c099a8df981d4d81f15608b
GET /U5Kv06EFJLyuvomV1hvemJyBrGPaoVunuWfTRPR5yWxyYiT7C7pFSlzmQiyGMIWdKYRIZF6TLeQ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4761
x-xss-protection: 0
date: Sun, 06 Nov 2022 08:23:31 GMT
expires: Wed, 26 Oct 2022 05:47:43 GMT
cache-control: public, max-age=86400, no-transform
age: 948
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0c958806c8cb4256576529cd7ac57208
ed90ea4236d2e8c96707cda1309a86a2189baf42
d4b6e268c60fcbfff53d5d7387cedb5a8d11f72e60402281b87b48b3edc5e292
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 08:39:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 06 Nov 2022 08:39:19 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 545bbe760d5af9d1a063fcd447a07238
80cfa961253632912955f1cfdbcee182cb28e499
1c0f0c602f4077008d8a7e90e20e3a8bcb027db5005c3626264c959e8c18adf8
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1235
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 06 Nov 2022 08:39:19 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
allthatshreds.com/wp-content/plugins/official-facebook-pixel/js/openbridge_plugin.js
63.250.43.136200 OK 58 kB URL HTTP/2 allthatshreds.com/wp-content/plugins/official-facebook-pixel/js/openbridge_plugin.js
IP 63.250.43.136:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 057e148c244d3e3e24096a02ceafc6c6
5d71f9b027259db8a0371b1c33dd03f7aaeccf5b
f9ff6bf44934f78c5b574be53cbbaec8595bb0e86597d5a8d9a8d1889fb64ea4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/official-facebook-pixel/js/openbridge_plugin.js HTTP/1.1
Host: allthatshreds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/steel-panther-releases-new-video-always-gonna-be-a-ho/
Connection: keep-alive
Cookie: _ga=GA1.2.1714253899.1667723957; _gid=GA1.2.417182497.1667723957; _gat_gtag_UA_103393275_1=1; _gat=1; _fbp=fb.1.1667723957609.2054944743
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 16:11:43 GMT
last-modified: Thu, 03 Nov 2022 14:51:16 GMT
etag: "6363d564-2d799"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 59256
x-cache: HIT
accept-ranges: bytes
content-length: 58029
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Jost:200,300,400,500,600,700,900|Noto%20Serif:400,400italic,700|Jost:200,300,400,500,600,700,900&subset=latin,latin-ext
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Jost:200,300,400,500,600,700,900|Noto%20Serif:400,400italic,700|Jost:200,300,400,500,600,700,900&subset=latin,latin-ext
IP 142.250.74.10:0
GET /css?family=Jost:200,300,400,500,600,700,900|Noto%20Serif:400,400italic,700|Jost:200,300,400,500,600,700,900&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 06 Nov 2022 08:39:17 GMT
date: Sun, 06 Nov 2022 08:39:17 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.wp.com/e-202244.js
192.0.76.3200 OK 0 B IP 192.0.76.3:0
GET /e-202244.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 08:39:17 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Sun, 22 Oct 2023 15:09:52 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.5.1/css/jetpack.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/11.5.1/css/jetpack.css
IP 192.0.77.37:0
GET /p/jetpack/11.5.1/css/jetpack.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 08:39:17 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 25 Oct 2022 13:51:34 GMT
content-encoding: br
expires: Mon, 06 Nov 2023 08:39:17 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1/wp-includes/js/jquery/jquery.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1/wp-includes/js/jquery/jquery.min.js
IP 192.0.77.37:0
GET /c/6.1/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 08:39:17 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
content-encoding: br
expires: Mon, 06 Nov 2023 08:39:17 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.youtube.com/embed/bkV0M1qbkcw?enablejsapi=1&origin=https://allthatshreds.com&autoplay=0&cc_load_policy=0&cc_lang_pref=&iv_load_policy=1&loop=0&modestbranding=0&rel=1&fs=1&playsinline=0&autohide=2&theme=dark&color=red&controls=1&
142.250.74.14200 OK 0 B URL HTTP/2 www.youtube.com/embed/bkV0M1qbkcw?enablejsapi=1&origin=https://allthatshreds.com&autoplay=0&cc_load_policy=0&cc_lang_pref=&iv_load_policy=1&loop=0&modestbranding=0&rel=1&fs=1&playsinline=0&autohide=2&theme=dark&color=red&controls=1&
IP 142.250.74.14:0
GET /embed/bkV0M1qbkcw?enablejsapi=1&origin=https://allthatshreds.com&autoplay=0&cc_load_policy=0&cc_lang_pref=&iv_load_policy=1&loop=0&modestbranding=0&rel=1&fs=1&playsinline=0&autohide=2&theme=dark&color=red&controls=1& HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 06 Nov 2022 08:39:18 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=Y_2b8VN5KjM; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=87TWI7D-H_A; Domain=.youtube.com; Expires=Fri, 05-May-2023 08:39:18 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+066; expires=Tue, 05-Nov-2024 08:39:18 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c0.wp.com/c/6.1/wp-includes/css/dist/block-library/style.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1/wp-includes/css/dist/block-library/style.min.css
IP 192.0.77.37:0
GET /c/6.1/wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 08:39:17 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 25 Oct 2022 19:19:41 GMT
content-encoding: br
expires: Mon, 06 Nov 2023 08:39:17 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP 192.0.77.37:0
GET /c/6.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 08:39:17 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Mon, 06 Nov 2023 08:39:17 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.5.1/_inc/social-logos/social-logos.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/11.5.1/_inc/social-logos/social-logos.min.css
IP 192.0.77.37:0
GET /p/jetpack/11.5.1/_inc/social-logos/social-logos.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 08:39:17 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 30 Jun 2020 14:24:10 GMT
content-encoding: br
expires: Mon, 06 Nov 2023 08:39:17 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1/wp-includes/js/imagesloaded.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1/wp-includes/js/imagesloaded.min.js
IP 192.0.77.37:0
GET /c/6.1/wp-includes/js/imagesloaded.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 08:39:17 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
content-encoding: br
expires: Mon, 06 Nov 2023 08:39:17 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.5.1/_inc/build/sharedaddy/sharing.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/11.5.1/_inc/build/sharedaddy/sharing.min.js
IP 192.0.77.37:0
GET /p/jetpack/11.5.1/_inc/build/sharedaddy/sharing.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 08:39:17 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 31 May 2022 10:02:49 GMT
content-encoding: br
expires: Mon, 06 Nov 2023 08:39:17 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
s0.wp.com/wp-content/mu-plugins/highlander-comments/style.css?m=1663315160h&cssminify=yes
192.0.77.32200 OK 0 B URL HTTP/2 s0.wp.com/wp-content/mu-plugins/highlander-comments/style.css?m=1663315160h&cssminify=yes
IP 192.0.77.32:0
GET /wp-content/mu-plugins/highlander-comments/style.css?m=1663315160h&cssminify=yes HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 08:39:18 GMT
content-type: text/css
vary: Accept-Encoding
etag: W/"63242ce6-45a9"
content-encoding: br
expires: Sat, 16 Sep 2023 07:59:40 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
s0.wp.com/_static/??/wp-content/js/postmessage.js,/wp-content/js/tannin/compat.min.js,/wp-content/js/wpcom-proxy-request.js,/wp-content/js/likes-rest-nojquery.js?m=20220105
192.0.77.32200 OK 0 B URL HTTP/2 s0.wp.com/_static/??/wp-content/js/postmessage.js,/wp-content/js/tannin/compat.min.js,/wp-content/js/wpcom-proxy-request.js,/wp-content/js/likes-rest-nojquery.js?m=20220105
IP 192.0.77.32:0
GET /_static/??/wp-content/js/postmessage.js,/wp-content/js/tannin/compat.min.js,/wp-content/js/wpcom-proxy-request.js,/wp-content/js/likes-rest-nojquery.js?m=20220105 HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgets.wp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 08:39:18 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 05 Jan 2022 12:39:57 GMT
etag: W/"61d5919d-142fa"
content-encoding: br
expires: Thu, 05 Jan 2023 13:04:48 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
public-api.wordpress.com/wp-admin/rest-proxy/
192.0.78.22200 OK 0 B URL HTTP/2 public-api.wordpress.com/wp-admin/rest-proxy/
IP 192.0.78.22:0
GET /wp-admin/rest-proxy/ HTTP/1.1
Host: public-api.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgets.wp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 08:39:18 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
set-cookie: wp_api=%20; expires=Sat, 06-Nov-2021 08:39:18 GMT; Max-Age=0; path=/wp-admin/rest-proxy/; domain=public-api.wordpress.com; secure; SameSite=None
wp_api_sec=%20; expires=Sat, 06-Nov-2021 08:39:18 GMT; Max-Age=0; path=/; domain=public-api.wordpress.com; secure; HttpOnly; SameSite=None
content-encoding: br
x-ac: 2.arn _dca BYPASS
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
c0.wp.com/c/6.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP 192.0.77.37:0
GET /c/6.1/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 08:39:17 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Mon, 06 Nov 2023 08:39:17 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.11.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.11.207:0
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 08:39:17 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 722, 617
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 2021-03-10 20:26:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 121d365db7a9aba3915641185d93b963
cdn-cache: HIT
cf-cache-status: HIT
age: 17034764
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 765c849069a3b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.5.1/_inc/build/photon/photon.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/11.5.1/_inc/build/photon/photon.min.js
IP 192.0.77.37:0
GET /p/jetpack/11.5.1/_inc/build/photon/photon.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 08:39:17 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
content-encoding: br
expires: Mon, 06 Nov 2023 08:39:17 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1/wp-includes/js/masonry.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1/wp-includes/js/masonry.min.js
IP 192.0.77.37:0
GET /c/6.1/wp-includes/js/masonry.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 08:39:17 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
content-encoding: br
expires: Mon, 06 Nov 2023 08:39:17 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.wp.com/likes/master.html?ver=202244
192.0.77.32200 OK 0 B URL HTTP/2 widgets.wp.com/likes/master.html?ver=202244
IP 192.0.77.32:0
GET /likes/master.html?ver=202244 HTTP/1.1
Host: widgets.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allthatshreds.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 08:39:18 GMT
content-type: text/html
last-modified: Wed, 05 Jan 2022 13:04:34 GMT
vary: Accept-Encoding
etag: W/"61d59762-ae1"
content-encoding: br
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
s0.wp.com/wp-content/js/rlt-proxy.js?m=20211122
192.0.77.32200 OK 0 B URL HTTP/2 s0.wp.com/wp-content/js/rlt-proxy.js?m=20211122
IP 192.0.77.32:0
GET /wp-content/js/rlt-proxy.js?m=20211122 HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgets.wp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 08:39:18 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"619d635a-1c9d"
content-encoding: br
expires: Wed, 23 Nov 2022 21:55:44 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
0.gravatar.com/dist/css/hovercard.min.css?ver=202244z
192.0.73.2200 OK 0 B URL HTTP/2 0.gravatar.com/dist/css/hovercard.min.css?ver=202244z
IP 192.0.73.2:0
GET /dist/css/hovercard.min.css?ver=202244z HTTP/1.1
Host: 0.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 08:39:18 GMT
content-type: text/css
last-modified: Wed, 11 Nov 2020 15:57:10 GMT
etag: W/"5fac09d6-1e86"
content-encoding: br
expires: Sun, 13 Nov 2022 08:39:18 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2