w1.grandblue.us Open in urlscan Pro
2606:4700:3034::6815:db1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://grandblue.us/
Effective URL:
https://w1.grandblue.us/
Submission: On June 19 via manual (June 19th 2024, 2:31:55 pm UTC) from US — Scanned from US

Summary HTTP 57 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 10 domains to perform 57 HTTP transactions. The main IP is 2606:4700:3034::6815:db1, located in United States and belongs to CLOUDFLARENET, US. The main domain is w1.grandblue.us.
TLS certificate: Issued by WE1 on June 19th 2024. Valid for: 3 months.

This is the only time w1.grandblue.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	2606:4700:303... 2606:4700:3031::ac43:9cdd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2606:4700:303... 2606:4700:3034::6815:db1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	23.109.170.28 23.109.170.28	7979 (SERVERS-COM) (SERVERS-COM)
4	2a02:6ea0:e20... 2a02:6ea0:e200::17	60068 (CDN77 _) (CDN77 _)
2	68.169.106.76 68.169.106.76	30602 (ISPRIME) (ISPRIME)
2	68.169.106.41 68.169.106.41	30602 (ISPRIME) (ISPRIME)
4	2607:f8b0:400... 2607:f8b0:400d:c01::5f	15169 (GOOGLE) (GOOGLE)
6	2606:4700:10:... 2606:4700:10::ac43:8b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2607:f8b0:400... 2607:f8b0:400d:c0e::5e	15169 (GOOGLE) (GOOGLE)
1	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
57	11

3 2606:4700:3031::ac43:9cdd (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

grandblue.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2606:4700:3034::6815:db1 (United States)

ASN13335 (CLOUDFLARENET, US)

w1.grandblue.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.109.170.28 (Netherlands)

ASN7979 (SERVERS-COM, US)

vallarymedlars.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fritdugs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6ea0:e200::17 (Ashburn, United States)

ASN60068 (CDN77 _, GB)

a.exdynsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.pemsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.169.106.76 (United States)

ASN30602 (ISPRIME, US)

syndication.exdynsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.169.106.41 (United States)

ASN30602 (ISPRIME, US)

s.pemsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:400d:c01::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:10::ac43:8b9 (United States)

ASN13335 (CLOUDFLARENET, US)

storage.ko-fi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:400d:c0e::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

grand-blue-7.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	grandblue.us 1 redirects grandblue.us w1.grandblue.us	551 KB
6	gstatic.com fonts.gstatic.com	155 KB
6	ko-fi.com storage.ko-fi.com — Cisco Umbrella Rank: 67796	12 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	2 KB
4	pemsrv.com a.pemsrv.com — Cisco Umbrella Rank: 26454 s.pemsrv.com — Cisco Umbrella Rank: 18634	38 KB
4	exdynsrv.com a.exdynsrv.com — Cisco Umbrella Rank: 88130 syndication.exdynsrv.com — Cisco Umbrella Rank: 93499	16 KB
2	fritdugs.com fritdugs.com	2 KB
2	vallarymedlars.com vallarymedlars.com	2 KB
1	disqus.com grand-blue-7.disqus.com	2 KB
0	twitcount.com Failed static1.twitcount.com Failed
57	10

	Domain	Requested by
25	w1.grandblue.us	w1.grandblue.us
6	fonts.gstatic.com	fonts.googleapis.com
6	storage.ko-fi.com	w1.grandblue.us storage.ko-fi.com
4	fonts.googleapis.com	w1.grandblue.us storage.ko-fi.com
3	grandblue.us	1 redirects w1.grandblue.us
2	s.pemsrv.com	a.pemsrv.com
2	a.pemsrv.com	w1.grandblue.us
2	syndication.exdynsrv.com	a.exdynsrv.com
2	a.exdynsrv.com	w1.grandblue.us
2	fritdugs.com	w1.grandblue.us
2	vallarymedlars.com	w1.grandblue.us
1	grand-blue-7.disqus.com	w1.grandblue.us
0	static1.twitcount.com Failed	w1.grandblue.us
57	13

This site contains links to these domains. Also see Links.

Domain
grandblue.us
mangahasu.se
ko-fi.com

Subject Issuer	Validity	Valid
grandblue.us WE1	`2024-06-19` - `2024-09-17`	3 months	crt.sh
vallarymedlars.com R3	`2024-04-27` - `2024-07-26`	3 months	crt.sh
fritdugs.com R3	`2024-05-22` - `2024-08-20`	3 months	crt.sh
1852405956.rsc.cdn77.org R3	`2024-05-20` - `2024-08-18`	3 months	crt.sh
exdynsrv.com R3	`2024-04-30` - `2024-07-29`	3 months	crt.sh
pemsrv.com R3	`2024-04-30` - `2024-07-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-05-27` - `2024-08-19`	3 months	crt.sh
ko-fi.com GTS CA 1P5	`2024-05-07` - `2024-08-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2024-04-16` - `2025-04-16`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://w1.grandblue.us/
Frame ID: 7A18876F6EEE90760F6736F599D32659
Requests: 57 HTTP requests in this frame

Frame: https://storage.ko-fi.com/cdn/scripts/floating-chat-main.css
Frame ID: C4E55EEFE3A6FD1D06762C69768AC2D6
Requests: 4 HTTP requests in this frame

Frame: https://storage.ko-fi.com/cdn/scripts/floating-chat-main.css
Frame ID: 268AF43A7C5514461A544F7A444F6787
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Grand Blue Manga Online

Page URL History Show full URLs

http://grandblue.us/ HTTP 307
https://grandblue.us/ HTTP 301
https://w1.grandblue.us/ Page URL
https://w1.grandblue.us/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

57
Requests

98 %
HTTPS

60 %
IPv6

10
Domains

13
Subdomains

11
IPs

2
Countries

793 kB
Transfer

1889 kB
Size

6
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://grandblue.us/
Title: Grand Blue

Search URL Search Domain Scan URL

URL: https://mangahasu.se/grand-blue-oorLaaLZyLZZ-p17660.html
Title: manga

Search URL Search Domain Scan URL

URL: https://ko-fi.com/mangalife56093
Title: ko-fi.com/mangalife56093

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://grandblue.us/ HTTP 307
https://grandblue.us/ HTTP 301
https://w1.grandblue.us/ Page URL
https://w1.grandblue.us/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://grandblue.us/ HTTP 307
https://grandblue.us/ HTTP 301
https://w1.grandblue.us/

57 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
w1.grandblue.us/
Redirect Chain

http://grandblue.us/
https://grandblue.us/
https://w1.grandblue.us/

73 KB
19 KB

405ms
357ms

Document
text/html

2606:4700:3034::6815:db1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w1.grandblue.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:db1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 79a94549888e62ab0e3ec2d9f562f6f500d7ebeb79cdcac724bdb6be485224e8

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89643996e9c74364-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 19 Jun 2024 14:31:49 GMT
link: <https://w1.grandblue.us/wp-json/>; rel="https://api.w.org/" <https://w1.grandblue.us/wp-json/wp/v2/pages/48>; rel="alternate"; type="application/json" <https://w1.grandblue.us/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EnffC9GkFucgSBspB74a%2FMwqu8RUiKGROAwTPAnShnETLJg%2FtDo6OVCoCM8QSQZVa4taIaUX5Cjg61Wb1sMK1a3ko7Uq5Ue4Eq2zQlPiYTbVVkxFy6jXiQXUcQnPmRPxG3Zj5gFreMHOhhatIcA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-dns-prefetch-control: on
x-litespeed-cache: hit
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 896439896ddf423f-EWR
content-type: text/html; charset=UTF-8
date: Wed, 19 Jun 2024 14:31:49 GMT
location: https://w1.grandblue.us/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K%2F%2FdXo2k1UYrhptcAYdL%2BlFyFmUt3Q9UALQHGhTV2EJ8Vbzt3tK5mpxpJKbRAJZlDARo9WxNVSH%2BxQhDtWx%2Fn5kBu8wwOaEdHJPlwElIWhNqRtc94%2BHMqOh4jl93Njuv%2FXcU6sUxju7ysFI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-dns-prefetch-control: on
x-litespeed-cache: miss
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress
x-turbo-charged-by: LiteSpeed

GET
H/1.1 200
OK 73921
vallarymedlars.com/rtDQ18svfrnkM/ 0
1 KB 415ms
91ms Script
application/javascript 23.109.170.28
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://vallarymedlars.com/rtDQ18svfrnkM/73921

Requested by

Host: w1.grandblue.us
URL: https://w1.grandblue.us/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

23.109.170.28 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 14:31:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: https://w1.grandblue.us
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=20
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires

GET
H2 200 0de637d5084a000d98cee88dbaf959ed.css
w1.grandblue.us/wp-content/litespeed/css/ 269 KB
49 KB 29ms
27ms Stylesheet
text/css 2606:4700:3034::6815:db1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w1.grandblue.us/wp-content/litespeed/css/0de637d5084a000d98cee88dbaf959ed.css?ver=bf554
Requested by: Host: w1.grandblue.us
URL: https://w1.grandblue.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:db1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bca953e7f6fbfb4949b2f8bac47b7cbc8e694425d3531c45a2cb01af76631ec

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 14:31:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Jun 2024 22:16:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 576028
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qfmm9kATmreZ1stHGx9w2OBEzI2hQUAYUchPKF9%2FXMpyvr0QzFj1XOz2zLeERB%2Bbufs9SzRUGv0GjnP6Xove4loAljfAM4Jvfnr4zM0Pe6ERGQ7f5lnLt5sBQcK%2FqH9ml8wkgrHWDZYSu%2BXDPiI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 896439993c814364-EWR
alt-svc: h3=":443"; ma=86400
expires: Fri, 13 Jun 2025 04:31:21 GMT

GET
H/1.1 200
OK 67638
fritdugs.com/rsd3Wdrc080AqH/ 0
1 KB 460ms
90ms Script
application/javascript 23.109.170.28
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://fritdugs.com/rsd3Wdrc080AqH/67638

Requested by

Host: w1.grandblue.us
URL: https://w1.grandblue.us/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

23.109.170.28 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 14:31:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: https://w1.grandblue.us
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=20
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires

GET
H2 200 video-slider.js Show response
a.exdynsrv.com/ 45 KB
14 KB 75ms
15ms Script
application/javascript 2a02:6ea0:e200::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://a.exdynsrv.com/video-slider.js
Requested by: Host: w1.grandblue.us
URL: https://w1.grandblue.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:e200::17 Ashburn, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3900641f81ef339a65fb910e789fdcf4b43b071781c4a66b39fdc6577425f4a0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: ashburnUSVA
date: Wed, 19 Jun 2024 14:31:50 GMT
content-encoding: gzip
x-accel-date-max: 1718625924
x-77-cache: HIT
x-cache: HIT
x-age: 9452
x-accel-date: 1718798058
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBbT1b5QH37CQAAAwBuTvfFAH3BQMAAA
x-accel-expires: @1718808794
x-77-age: 9452
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
server: CDN77-Turbo
etag: W/"e6386c0539235496f8a7eb493ac"
x-77-nzt-ray: 0f63d4196a44c829d6eb7266c79ebe00
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=10800
x-robots-tag: noindex, follow
expires: Mon, 17 Jun 2024 14:52:31 GMT

GET
H/1.1 200
OK splash.php Show response
syndication.exdynsrv.com/ 61 B
886 B 51ms
16ms XHR
text/xml 68.169.106.76
ISPRIME

General

Check archive.org

Show headers Download Go to

Full URL: https://syndication.exdynsrv.com/splash.php?idzone=3913800&cookieconsent=true
Requested by: Host: a.exdynsrv.com
URL: https://a.exdynsrv.com/video-slider.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.169.106.76 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software: nginx /
Resource Hash: 0bca11b67cc31b14d949f5d2d086b468439869e5e351e0cadb52e44f11089805

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 14:31:50 GMT
Content-Encoding: gzip
Server: nginx
Accept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://w1.grandblue.us
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex, follow
Access-Control-Allow-Headers: X-CH-VALUES

GET
DATA 200
OK truncated
/ 169 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2c126216a9afe1af4b80590ed3cdb88f338a1339a8acd71a49d50600766a704

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 popunder1000.js Show response
a.pemsrv.com/ 97 KB
37 KB 79ms
27ms Script
application/javascript 2a02:6ea0:e200::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pemsrv.com/popunder1000.js
Requested by: Host: w1.grandblue.us
URL: https://w1.grandblue.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:e200::17 Ashburn, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: bb87048cbc401e184bc3a3a2cd351eeccc64495059a7f36c2604ce94ec729adb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: ashburnUSVA
date: Wed, 19 Jun 2024 14:31:50 GMT
content-encoding: gzip
x-accel-date-max: 1718625622
x-77-cache: HIT
x-cache: HIT
x-age: 9787
x-accel-date: 1718797723
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBbT1b5QH3OyYAAAwBnJI74gH3ywIAAA
x-accel-expires: @1718808523
x-77-age: 9787
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
server: CDN77-Turbo
etag: W/"31e5cdb9fdfa2784f3487c90eae"
x-77-nzt-ray: 0f63d4192b3d3b31d6eb726684ea1306
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=10800
x-robots-tag: noindex, follow
expires: Mon, 17 Jun 2024 14:48:27 GMT

POST
H3 200 guest.vary.php
w1.grandblue.us/wp-content/plugins/litespeed-cache/ 16 B
633 B 284ms
284ms Fetch
text/html 2606:4700:3034::6815:db1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w1.grandblue.us/wp-content/plugins/litespeed-cache/guest.vary.php
Requested by: Host: w1.grandblue.us
URL: https://w1.grandblue.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:db1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 14:31:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XUvpXLuee323wYleUk2gCiKbuh4swt2xQPjOXbu9FSzJ4NSHlu7OS6YE%2FxNFJdQBTtn9aRFSoXwIJgquoDt%2F01CjiIA%2FRosuU%2Bur4a6dRLahpr6b9%2BbLd7aWZDxNCML5U4pqZH5n3c%2F9YecoWJY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-litespeed-cache-control: no-cache
x-turbo-charged-by: LiteSpeed
x-robots-tag: noindex
cf-ray: 89643999dcea42bb-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 JxfYiV.jpg
grandblue.us/wp-content/uploads/2023/08/ 202 KB
202 KB 20ms
20ms Image
image/jpeg 2606:4700:3031::ac43:9cdd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grandblue.us/wp-content/uploads/2023/08/JxfYiV.jpg
Requested by: Host: w1.grandblue.us
URL: https://w1.grandblue.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:9cdd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a14dc066c841ac4fbf1fef28669d0139a6fa1f66a49393ce07b9091ca947eb5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 14:31:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1540572
alt-svc: h3=":443"; ma=86400
content-length: 206425
last-modified: Tue, 29 Aug 2023 11:41:53 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XMsKDL72ZN9g%2BaoahYZ2YKvuU15FPk11mfODvVN5%2B896TeBpBsj1bXoGXxPWb%2BqzHbyFwqBjrxaF6ZqhIEXa27%2FVbUgt%2BXIcI1CZSK0Oeq4uvP77vhDPAuL4%2Bnwx0cNkl2A3uF5qHALbAHE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 89643999ddc6423f-EWR
expires: Mon, 02 Jun 2025 00:35:38 GMT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2296ad963561232639dba37439e330c1bfed2f9f79d62ca1960c242f96a11bcb

Request headers

Referer
Origin: https://w1.grandblue.us
Accept-Language: en-US,en;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H3 200 wpxpress.ttf
w1.grandblue.us/wp-content/plugins/smooth-back-to-top-button/assets/fonts/ 2 KB
2 KB 24ms
23ms Font
font/ttf 2606:4700:3034::6815:db1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w1.grandblue.us/wp-content/plugins/smooth-back-to-top-button/assets/fonts/wpxpress.ttf?9zg56
Requested by: Host: w1.grandblue.us
URL: https://w1.grandblue.us/wp-content/litespeed/css/0de637d5084a000d98cee88dbaf959ed.css?ver=bf554
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:db1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7613f88667432d2b7c096cb01bf5fce0279bea9476d0895caed2884940362487

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/wp-content/litespeed/css/0de637d5084a000d98cee88dbaf959ed.css?ver=bf554
Origin: https://w1.grandblue.us
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 14:31:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 03 Sep 2023 01:01:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1869404
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o7yLoRvD1KgCsvGTLnhXYcmEVZa%2B3EpPyqkkJZcMbO3n%2BLJ%2FctLPbqRSMnuXfddTA0S1fxt2hjis1C09Monhaem3LbuiOWk8YCkWySRk0rJWF6laOts%2F0U3H%2BW7P0T8p75JjgEaVO%2FB4q8NaFzs%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 8964399a0d1f42bb-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 29 May 2025 05:15:06 GMT

GET
H/1.1 200
OK venor.php Show response
s.pemsrv.com/ 1 B
447 B 45ms
12ms XHR
text/html 68.169.106.41
ISPRIME

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pemsrv.com/venor.php
Requested by: Host: a.pemsrv.com
URL: https://a.pemsrv.com/popunder1000.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.169.106.41 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 14:31:50 GMT
Content-Encoding: gzip
Server: nginx
Accept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Robots-Tag: noindex, follow

GET
H3 200 Primary Request / Show response
w1.grandblue.us/ 66 KB
17 KB 189ms
188ms Document
text/html 2606:4700:3034::6815:db1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w1.grandblue.us/
Requested by: Host: w1.grandblue.us
URL: https://w1.grandblue.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:db1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 656443610f6703e0f229516da2409e9288a2078878ca2fe819d12430d0b8c375

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://w1.grandblue.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8964399baf4042bb-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 19 Jun 2024 14:31:50 GMT
link: <https://w1.grandblue.us/wp-json/>; rel="https://api.w.org/" <https://w1.grandblue.us/wp-json/wp/v2/pages/48>; rel="alternate"; type="application/json" <https://w1.grandblue.us/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VDRCJ6buP4phFBPZtzS%2FpxfdbFRtC63qijsa7nJp5RF%2FBvjjKrxTNiBOjBokO9hlBpQx72InncgtPD%2Fg6ettVO0cBxPyui7CBpPQJBLqLMReB8oT7B%2BZjaV5KtlPmGrVsFnr63NSu%2FUZAQKZojc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-dns-prefetch-control: on
x-litespeed-cache: hit
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H/1.1 200
OK 73921 Show response
vallarymedlars.com/rtDQ18svfrnkM/ 0
760 B 90ms
86ms Script
application/javascript 23.109.170.28
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://vallarymedlars.com/rtDQ18svfrnkM/73921

Requested by

Host: w1.grandblue.us
URL: https://w1.grandblue.us/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

23.109.170.28 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 14:31:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: https://w1.grandblue.us
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=20
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires

GET
H3 200 ded6e341bc3e91dfaf19f2d5a6a21fa6.css
w1.grandblue.us/wp-content/litespeed/css/ 102 KB
14 KB 25ms
22ms Stylesheet
text/css 2606:4700:3034::6815:db1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w1.grandblue.us/wp-content/litespeed/css/ded6e341bc3e91dfaf19f2d5a6a21fa6.css?ver=21fa6
Requested by: Host: w1.grandblue.us
URL: https://w1.grandblue.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:db1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db06d19451a1e93a142cfae831094f3e348673366c1ad9bc144544b0f11b2464

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 14:31:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 May 2024 23:15:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1869402
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J%2B4b%2FI7N2Z6SOE%2FBfpVFc%2BQHVcXoSWbDGl4qAMhaBKEUdzGF5lKbJkJ2%2Be8Yej%2BYyZtZSV%2B8cOxKs1YSHzSvvIXRinKP%2F%2BrbcSKkusth%2Bi7NdIeQHWLuPBrOHq7f8sI9Gi7EPTlHhQlFx3CY%2Bfk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 8964399cd86442bb-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 29 May 2025 05:15:08 GMT

GET
H3 200 d12bbed3f84829ddf980bf6a4f937dc2.css
w1.grandblue.us/wp-content/litespeed/css/ 81 KB
9 KB 34ms
31ms Stylesheet
text/css 2606:4700:3034::6815:db1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w1.grandblue.us/wp-content/litespeed/css/d12bbed3f84829ddf980bf6a4f937dc2.css?ver=37dc2
Requested by: Host: w1.grandblue.us
URL: https://w1.grandblue.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:db1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef965d500c827c1cb00706cb59334b9072bf9fe8700911e769c8c7327ea2977e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 14:31:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 May 2024 23:15:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1869402
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bEd7JjGFNP%2FhrblUxLVjxB7WYSMbe7ttu0N3s1pM6XK10iqPoq5%2FZaGWPqR68s5kNHm9V1FIy1ZLFfNmAo0Xt4rflTt%2Fnq%2BlqWM20UIRZVKNCoHwaMRRJahZBQZ6VuQtNpBMVhsD2CNFwHeT3vM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 8964399cd86642bb-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 29 May 2025 05:15:08 GMT

GET
H3 200 35da5f497a3eaa0202d0ae02b709d0b6.css
w1.grandblue.us/wp-content/litespeed/css/ 1 KB
914 B 35ms
32ms Stylesheet
text/css 2606:4700:3034::6815:db1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w1.grandblue.us/wp-content/litespeed/css/35da5f497a3eaa0202d0ae02b709d0b6.css?ver=9d0b6
Requested by: Host: w1.grandblue.us
URL: https://w1.grandblue.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:db1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41c3419f2477034e6a84a06d5130c92ac40703a616be4792031153fb895509dc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 14:31:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 May 2024 23:15:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1869402
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TtWrOnyvO277Ytwf5qaqrZyFQ25q3nmMs2nsg9yAMoci%2B7Eg4K%2BWplQtFFFLAtzSNu5SRhv%2BIf2%2BDjuscD1F7WrjRDxwPEbxOeXfOcexBkMnmvbo8DSo8J8sG3MtvGzGpuL%2FuupfAsvcpslWDMk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 8964399cd86a42bb-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 29 May 2025 05:15:08 GMT

GET
H3 200 7f76292fef4e79a4b7b892a08a259d38.css
w1.grandblue.us/wp-content/litespeed/css/ 620 B
754 B 26ms
23ms Stylesheet
text/css 2606:4700:3034::6815:db1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w1.grandblue.us/wp-content/litespeed/css/7f76292fef4e79a4b7b892a08a259d38.css?ver=59d38
Requested by: Host: w1.grandblue.us
URL: https://w1.grandblue.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:db1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c7272feb882568b3b85da66d3217b564e1455a44e9f74174fa7882f88ee7e21

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 14:31:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 May 2024 23:15:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1869402
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UAElzZWUqpHccrOrfP2g%2Ff2%2B0rCeC6eHZLfmjDxCj5lE%2Fh5gzNUSyZZIElZ%2F2YuMcaYHyelGZsY75BEz5QjVLtwKzXYU49CTSFpmFap3mu7BEIT2nVDOeQSinFkwxlUhVcPgokioSaj1CXgI%2BSE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 8964399cd86b42bb-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 29 May 2025 05:15:08 GMT

GET
H3 200 de173df1814831c51bccf7d7057b71fd.css
w1.grandblue.us/wp-content/litespeed/css/ 74 B
573 B 25ms
22ms Stylesheet
text/css 2606:4700:3034::6815:db1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w1.grandblue.us/wp-content/litespeed/css/de173df1814831c51bccf7d7057b71fd.css?ver=b71fd
Requested by: Host: w1.grandblue.us
URL: https://w1.grandblue.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:db1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 172638a23c0d57350f8c097f80fd9dcf58cecaf5217cd70b8fa552b68a2a62e9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 14:31:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 13 Jun 2024 21:03:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 449700
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E%2FIz3JMI2l85DCb%2BJ1fmGNZroRTQBxEZLlH0HgpkDMZFJyNqmyreWPZk7hStTrCLybyfi3XevWQvtLx3gWkalX%2BEmjOmQnp524WewIDmBcZVuylyHUa%2BKCdVH582lOHh2MMfjOQtgKqWkYdn2Bo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 8964399cd86d42bb-EWR
alt-svc: h3=":443"; ma=86400
expires: Sat, 14 Jun 2025 15:36:50 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 122ms
69ms Stylesheet
text/css 2607:f8b0:400d:c01::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CRaleway%3A400%2C600%2C500%2C700%2C800&subset=latin%2Clatin-ext&display=swap

Requested by

Host: w1.grandblue.us
URL: https://w1.grandblue.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c79a6bb0af63488ce6dc5b03c8b9c6ef8d70df81c8bd206d0ef48f43ee5732a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Jun 2024 14:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 19 Jun 2024 14:31:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Jun 2024 14:31:50 GMT

GET
H3 200 49f90de429b85e6e36210fe7bb1fab8d.css
w1.grandblue.us/wp-content/litespeed/css/ 26 KB
16 KB 26ms
23ms Stylesheet
text/css 2606:4700:3034::6815:db1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w1.grandblue.us/wp-content/litespeed/css/49f90de429b85e6e36210fe7bb1fab8d.css?ver=fab8d
Requested by: Host: w1.grandblue.us
URL: https://w1.grandblue.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:db1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 375a6d135af1d3e13bff3579b1c19015ccd36a1ae4f451a0555cd3db7f50bed6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 14:31:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 May 2024 23:15:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1869402
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ULxeh4T0DIDwaIqyXzKB8Z3ncMu4JunuZ0DRrSOdT%2B6YAzzAao1WZF71ukKXKBuqjvTEB5UO1bnSXbi4jdE2OEYhRhYU%2BgUkB0TGhM8I9MxKE9z0gDWnlCeLhF%2F7%2F%2FHmOiMUAGTDct6WL47s8Ys%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 8964399cd86f42bb-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 29 May 2025 05:15:08 GMT

GET
H3 200 6178106e4f560c0d8ba5eed9dd75f22c.css
w1.grandblue.us/wp-content/litespeed/css/ 55 KB
11 KB 35ms
33ms Stylesheet
text/css 2606:4700:3034::6815:db1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w1.grandblue.us/wp-content/litespeed/css/6178106e4f560c0d8ba5eed9dd75f22c.css?ver=5f22c
Requested by: Host: w1.grandblue.us
URL: https://w1.grandblue.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:db1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fa064297578b5ef83eb7cb7c3c75f4e88e374cbed0e8630e43f51a4cc42651c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 14:31:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 May 2024 23:15:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1869402
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HnSDNdZIu3HrLte7OfgK5FmtJY0LKO4ixXyk%2FFhu5p69%2BEjmbClb7ZfKR8xydwc9Qr0U6qJmTJY%2F6wUeLFOr5Dhim7yMlZFM7EinLnf%2Bl3xoMkWES1pjkrb%2FOmpuAK16RQYiIgsDwbO6yW7xosQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 8964399cd87042bb-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 29 May 2025 05:15:08 GMT

GET
H3 200 c837e01ee80819c2ff987a664f0893b1.css
w1.grandblue.us/wp-content/litespeed/css/ 3 KB
2 KB 36ms
34ms Stylesheet
text/css 2606:4700:3034::6815:db1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w1.grandblue.us/wp-content/litespeed/css/c837e01ee80819c2ff987a664f0893b1.css?ver=893b1
Requested by: Host: w1.grandblue.us
URL: https://w1.grandblue.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:db1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 807319cb9eb4d19de5826569b712622d0963f3f4fafd4960f90a2747fd1ada4d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 14:31:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 May 2024 23:15:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1869402
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iKwHOCe%2Bnm7H7nb32mMdRvFWM3KWZYUb8IYaLa1UZl9%2FFZXIowdAEO2as%2BGdFw8%2FbfgKaxk8SMhaOM5szcmYNhqglXYyLYVHO4mPowOkV8nZwhjeAzommoDRmlDiK%2BAKNP5OtJ2RrPmiIxLwTtM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 8964399cd87142bb-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 29 May 2025 05:15:08 GMT

GET
H3 200 jquery.min.js Show response
w1.grandblue.us/wp-includes/js/jquery/ 85 KB
31 KB 36ms
34ms Script
text/javascript 2606:4700:3034::6815:db1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w1.grandblue.us/wp-includes/js/jquery/jquery.min.js
Requested by: Host: w1.grandblue.us
URL: https://w1.grandblue.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:db1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 14:31:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Aug 2023 21:57:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1869404
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6podK2eGRaHLX8qLovf56yVbutDm%2BKMs073BDF9RpXlUJ7YkedRYfkI2bdr0f2W74Vejoqz9RCJeUHwpbzlGzix%2F5K9zlc%2Bm%2BjFyfr2ECutK3Mmdg%2BAAxm8J1oWfD41TTH2twDBmO7kJku8oLFo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 8964399cd87242bb-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 29 May 2025 05:15:06 GMT

GET
H3 200 b308483e4962810506578125c71ce32f.js Show response
w1.grandblue.us/wp-content/litespeed/js/ 13 KB
5 KB 21ms
20ms Script
text/javascript 2606:4700:3034::6815:db1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w1.grandblue.us/wp-content/litespeed/js/b308483e4962810506578125c71ce32f.js?ver=ce32f
Requested by: Host: w1.grandblue.us
URL: https://w1.grandblue.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:db1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea64f589334f647f2254d595466c036000a3d9150ad078a69eba7f845c0c0713

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 14:31:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 May 2024 23:15:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1869401
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3iDfd%2Bzz9i0kGaMW5MN4e2IYcUGVkVS0KLWQIhD1HvRivA%2FN1wTAlBdDU5DKTFqqtz%2Fwc%2B1KwWvcchwvCI7DOkrZUvuTwKihCZEVGl%2BPftgtLoWibyPg9jlbZmo4t0qTkYEmZ6PPfWLC4IgIc6I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 8964399d68f842bb-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 29 May 2025 05:15:09 GMT

GET
H3 200 5f3d51f8b74e61cadc6f80e0dfee4c5f.js Show response
w1.grandblue.us/wp-content/litespeed/js/ 2 KB
1 KB 23ms
22ms Script
text/javascript 2606:4700:3034::6815:db1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w1.grandblue.us/wp-content/litespeed/js/5f3d51f8b74e61cadc6f80e0dfee4c5f.js?ver=e4c5f
Requested by: Host: w1.grandblue.us
URL: https://w1.grandblue.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:db1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 268527ef5308ace8aeddf517120692ac11bd65e08738f6283588d8fdd8243f99

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 14:31:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 May 2024 23:15:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1869401
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zyX1ShilRYYqdyAwQNA2jrGVd%2FFJZEt3G2kWt8Xzw76IM78d7GNDnOBCsSA3s2vRmprlHW8NSu4INR%2Fy5tWJcYZDemTk6%2FfMUAx4sSD940kndC4OryuULlRjAW7qHBNiK2wZ5qaV6GMKtHFkoQ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 8964399d894942bb-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 29 May 2025 05:15:09 GMT

GET
H/1.1 200
OK 67638 Show response
fritdugs.com/rsd3Wdrc080AqH/ 0
760 B 86ms
86ms Script
application/javascript 23.109.170.28
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://fritdugs.com/rsd3Wdrc080AqH/67638

Requested by

Host: w1.grandblue.us
URL: https://w1.grandblue.us/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

23.109.170.28 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 14:31:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: https://w1.grandblue.us
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=20
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires

GET
H2 200 video-slider.js Show response
a.exdynsrv.com/ 45 KB
0 75ms
15ms Script
application/javascript 2a02:6ea0:e200::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://a.exdynsrv.com/video-slider.js
Requested by: Host: w1.grandblue.us
URL: https://w1.grandblue.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:e200::17 Ashburn, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3900641f81ef339a65fb910e789fdcf4b43b071781c4a66b39fdc6577425f4a0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: ashburnUSVA
date: Wed, 19 Jun 2024 14:31:50 GMT
content-encoding: gzip
x-accel-date-max: 1718625924
x-77-cache: HIT
x-cache: HIT
x-age: 9452
x-accel-date: 1718798058
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBbT1b5QH37CQAAAwBuTvfFAH3BQMAAA
x-accel-expires: @1718808794
x-77-age: 9452
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
server: CDN77-Turbo
etag: W/"e6386c0539235496f8a7eb493ac"
x-77-nzt-ray: 0f63d4196a44c829d6eb7266c79ebe00
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=10800
x-robots-tag: noindex, follow
expires: Mon, 17 Jun 2024 14:52:31 GMT

GET
H3 200 kxQl6Y3VIxZHFq899Vdv1693269746-713x1024.jpg
w1.grandblue.us/wp-content/uploads/2023/08/ 157 KB
158 KB 44ms
42ms Image
image/jpeg 2606:4700:3034::6815:db1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w1.grandblue.us/wp-content/uploads/2023/08/kxQl6Y3VIxZHFq899Vdv1693269746-713x1024.jpg
Requested by: Host: w1.grandblue.us
URL: https://w1.grandblue.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:db1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b867637c1261c84ee19b98f51a5115ec17327c8d82d60a06ba44a01fa5820be0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 14:31:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1835749
alt-svc: h3=":443"; ma=86400
content-length: 160745
last-modified: Tue, 29 Aug 2023 11:37:30 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MJyqWcbqnEjmtO%2Bn77P15vpkl7Ai%2Ftc8MeIFvEmwSqmIf5%2FxHGLQBffV4tCXUd2DXdv4bBdeTG4kAU0GPBwgGr30cDNAlMU5mnPk3c8UfWIZ0j8tbCfySbXTWyTpl8uBtkHMB70ykZaDj3mc8EU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8964399cd87342bb-EWR
expires: Thu, 29 May 2025 14:36:01 GMT

GET
H2 200 overlay-widget.js Show response
storage.ko-fi.com/cdn/scripts/ 16 KB
5 KB 65ms
29ms Script
application/javascript 2606:4700:10::ac43:8b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/overlay-widget.js
Requested by: Host: w1.grandblue.us
URL: https://w1.grandblue.us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::ac43:8b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a8c75fdf88c5cecd850c7da6726f989585e565b7e634a5f3722a24286ee739

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 19 Jun 2024 14:31:50 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: Tt5z7rNW6rgxDlYGY45qMw==
age: 209
cf-polished: origSize=22458
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Sun, 23 Oct 2022 22:21:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f24b6009-001e-0031-5764-721089000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 8964399def4543f8-EWR

GET
H3 200 7b5558953942d81232bf62176f0fa817.js Show response
w1.grandblue.us/wp-content/litespeed/js/ 583 B
764 B 22ms
21ms Script
text/javascript 2606:4700:3034::6815:db1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w1.grandblue.us/wp-content/litespeed/js/7b5558953942d81232bf62176f0fa817.js?ver=fa817
Requested by: Host: w1.grandblue.us
URL: https://w1.grandblue.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:db1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a947e2206db45dd0a6babea0968dbe6dc5358822ea0de9abb35de64f74bc8c87

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 14:31:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 May 2024 23:15:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1869401
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vtjvzLY3wF7M9ateJvPefKNnPPLfF2orLWJCCNzGgt2tAfr1b%2FmmCCwkKz1KS62aINpUIQ2sF25UgRxWH%2FClZLP6JtSE7ZN6YYvL%2F2p4%2FjDiBeyYsclr540XsnWPSsKRgASfNVzXLHVD2ljondc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 8964399db96d42bb-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 29 May 2025 05:15:09 GMT

GET
H3 200 617996cf86541d2d0581fe64b274a245.js Show response
w1.grandblue.us/wp-content/litespeed/js/ 702 B
870 B 26ms
25ms Script
text/javascript 2606:4700:3034::6815:db1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w1.grandblue.us/wp-content/litespeed/js/617996cf86541d2d0581fe64b274a245.js?ver=4a245
Requested by: Host: w1.grandblue.us
URL: https://w1.grandblue.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:db1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f7904698c04fa325fc1b3d09a538c003b1279e88e0aca4926da0f539987b4bb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 14:31:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jun 2024 13:56:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1923
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wc3ocqzVjDYTzpNZIIHjgonCJHYRNvssrn89J%2FEuZjlR8r%2F%2Fb8MA4dNSiIrDy8cRn1Cxmrnkr0D74p8xLI9Wt0b6gHg2rYVQyFPmCI%2BLN0kMpibZn5FEWQ84u3FcSNQRqT43GKr8J1sCtAEICiA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 8964399db97242bb-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Jun 2025 19:59:47 GMT

GET
H3 200 06af55ba50e7aecf912da31fa97dafdd.js Show response
w1.grandblue.us/wp-content/litespeed/js/ 780 B
852 B 28ms
27ms Script
text/javascript 2606:4700:3034::6815:db1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w1.grandblue.us/wp-content/litespeed/js/06af55ba50e7aecf912da31fa97dafdd.js?ver=dafdd
Requested by: Host: w1.grandblue.us
URL: https://w1.grandblue.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:db1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a6efe0dad43b2a269bab49703b67a209efcc5a881813c7854cae0710b2aa748

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 14:31:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 13 Jun 2024 21:03:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 483626
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RaeqC4hnMne6luRT7BhojH7T85xgN3mVaWhrh%2FWFl8eHJ0DA%2FLoS%2FCNaWsPRI0FXF7Kpn%2FayNdjMVa86NnAFNiCHcH88wMX%2FPGwRhIV%2Bs%2BrrfQrp5bIKw50vk3GSwKIo64yFGfho8FPy%2FS2B%2Fqs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 8964399db97442bb-EWR
alt-svc: h3=":443"; ma=86400
expires: Sat, 14 Jun 2025 06:11:24 GMT

GET
H3 200 2dc43a84db032b56f2bacce203f2bc48.js Show response
w1.grandblue.us/wp-content/litespeed/js/ 6 KB
3 KB 23ms
22ms Script
text/javascript 2606:4700:3034::6815:db1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w1.grandblue.us/wp-content/litespeed/js/2dc43a84db032b56f2bacce203f2bc48.js?ver=2bc48
Requested by: Host: w1.grandblue.us
URL: https://w1.grandblue.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:db1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4e4416f838cf7546a57653b813939f3fd5a175126b3de062396451e55b14642

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 14:31:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 17 Jun 2024 13:11:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 177411
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lZKlXFMfe9J8sgwtw4s%2BS4vfeCIqmEOS6S1nge8xgNsyoE0HJyQ3flrDJ1T6WfGCiWGtga6elwYTDb3MJGg62VfdngWmzbyxKRE34AeZEwcPiCfmvboBJ2IJCNYLN2m83lLdTMWVtchEHoog8CQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 8964399db97642bb-EWR
alt-svc: h3=":443"; ma=86400
expires: Tue, 17 Jun 2025 19:14:59 GMT

GET
H3 200 01089b7880138665a989853a8994badc.js Show response
w1.grandblue.us/wp-content/litespeed/js/ 2 KB
863 B 28ms
28ms Script
text/javascript 2606:4700:3034::6815:db1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w1.grandblue.us/wp-content/litespeed/js/01089b7880138665a989853a8994badc.js?ver=4badc
Requested by: Host: w1.grandblue.us
URL: https://w1.grandblue.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:db1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46b5d8ee42c891039597a7dc3336f3acad0e16cba5414f16930a3d50f816db83

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 14:31:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 31 May 2024 00:16:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1689397
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d6aDqN01%2Ftaprg55zloWWQAi6In6cuMy7FVcGzg5drW46P%2B1uacBR%2BuPaInFcKZEqzaU1AuGlzxAY0l%2FSq5ITs9eYujX3bxMGHBYTJ1QZQNlDgYycV761K0nJsmQMr%2FmSwKfgNKZfCFlWD%2BZu40%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 8964399db97742bb-EWR
alt-svc: h3=":443"; ma=86400
expires: Sat, 31 May 2025 07:15:13 GMT

GET
H3 200 5df2dc1b4eb6c378e772edffb8f5cd16.js Show response
w1.grandblue.us/wp-content/litespeed/js/ 1 KB
1 KB 24ms
23ms Script
text/javascript 2606:4700:3034::6815:db1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w1.grandblue.us/wp-content/litespeed/js/5df2dc1b4eb6c378e772edffb8f5cd16.js?ver=5cd16
Requested by: Host: w1.grandblue.us
URL: https://w1.grandblue.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:db1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 997ff59a3f003d278177880c87065c65b998fa3b5975ce1a2197786995a00772

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 14:31:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 May 2024 23:15:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1869401
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ml1AjT9cDF1HFs9N3rsq5D2fLLJVJOuuOMgiLmyNlW9TEqnLEx%2FwluY4lnWchzzlpbK8SQP4jxaZFTs52VmeEMlA%2BuhcInFtqEdRq2L9od8Or425YYOyPGxz%2BigItCFZ3%2B54%2Bcc4nb%2F7xih%2BuQA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 8964399db97842bb-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 29 May 2025 05:15:09 GMT

GET
H/1.1 200
OK splash.php Show response
syndication.exdynsrv.com/ 61 B
886 B 19ms
17ms XHR
text/xml 68.169.106.76
ISPRIME

General

Check archive.org

Show headers Download Go to

Full URL: https://syndication.exdynsrv.com/splash.php?idzone=3913800&cookieconsent=true
Requested by: Host: a.exdynsrv.com
URL: https://a.exdynsrv.com/video-slider.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.169.106.76 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software: nginx /
Resource Hash: 0bca11b67cc31b14d949f5d2d086b468439869e5e351e0cadb52e44f11089805

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 14:31:50 GMT
Content-Encoding: gzip
Server: nginx
Accept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://w1.grandblue.us
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex, follow
Access-Control-Allow-Headers: X-CH-VALUES

GET
H2 200 popunder1000.js Show response
a.pemsrv.com/ 97 KB
0 79ms
27ms Script
application/javascript 2a02:6ea0:e200::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pemsrv.com/popunder1000.js
Requested by: Host: w1.grandblue.us
URL: https://w1.grandblue.us/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:e200::17 Ashburn, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: bb87048cbc401e184bc3a3a2cd351eeccc64495059a7f36c2604ce94ec729adb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: ashburnUSVA
date: Wed, 19 Jun 2024 14:31:50 GMT
content-encoding: gzip
x-accel-date-max: 1718625622
x-77-cache: HIT
x-cache: HIT
x-age: 9787
x-accel-date: 1718797723
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBbT1b5QH3OyYAAAwBnJI74gH3ywIAAA
x-accel-expires: @1718808523
x-77-age: 9787
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
server: CDN77-Turbo
etag: W/"31e5cdb9fdfa2784f3487c90eae"
x-77-nzt-ray: 0f63d4192b3d3b31d6eb726684ea1306
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=10800
x-robots-tag: noindex, follow
expires: Mon, 17 Jun 2024 14:48:27 GMT

GET
DATA 200
OK truncated Show response
/ 218 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 71321816cc04b487e8ab842f932b22253553fb41b5c71a94993255937f92060a

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 390 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6f2480ce4fb13adb52985d6532be0ef0d86718bd9d58bba41911351c2433d6

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 48 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b00bf476095a208ae098505174522b61d60b2d49557edd117bbb505f7dbd70a

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 286 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42a044a5bd352f68d64d8a821989c37451e38056ce05ca665d3a8c2474705113

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H3 200 wpxpress.ttf
w1.grandblue.us/wp-content/plugins/smooth-back-to-top-button/assets/fonts/ 2 KB
0 24ms
23ms Font
font/ttf 2606:4700:3034::6815:db1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w1.grandblue.us/wp-content/plugins/smooth-back-to-top-button/assets/fonts/wpxpress.ttf?9zg56
Requested by: Host: w1.grandblue.us
URL: https://w1.grandblue.us/wp-content/litespeed/css/0de637d5084a000d98cee88dbaf959ed.css?ver=bf554
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:db1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/wp-content/litespeed/css/35da5f497a3eaa0202d0ae02b709d0b6.css?ver=9d0b6
Origin: https://w1.grandblue.us
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 14:31:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 03 Sep 2023 01:01:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1869404
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o7yLoRvD1KgCsvGTLnhXYcmEVZa%2B3EpPyqkkJZcMbO3n%2BLJ%2FctLPbqRSMnuXfddTA0S1fxt2hjis1C09Monhaem3LbuiOWk8YCkWySRk0rJWF6laOts%2F0U3H%2BW7P0T8p75JjgEaVO%2FB4q8NaFzs%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 8964399a0d1f42bb-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 29 May 2025 05:15:06 GMT

GET
DATA 200
OK truncated
/ 14 KB
0 Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
Origin: https://w1.grandblue.us
Accept-Language: en-US,en;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H3 304 JxfYiV.jpg
grandblue.us/wp-content/uploads/2023/08/ 202 KB
498 B 23ms
23ms Image
image/jpeg 2606:4700:3031::ac43:9cdd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grandblue.us/wp-content/uploads/2023/08/JxfYiV.jpg
Requested by: Host: w1.grandblue.us
URL: https://w1.grandblue.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:9cdd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a14dc066c841ac4fbf1fef28669d0139a6fa1f66a49393ce07b9091ca947eb5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
If-Modified-Since: Tue, 29 Aug 2023 11:41:53 GMT
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 14:31:50 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Aug 2023 11:41:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1540572
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hrhZqxAYf0JMP39u1wkbIYYt6RQ%2B%2FakdWSHj8yt6T4MCze611XuiWhEYsYOI3tpKkBrs%2Beg25WOwO7hy9FhaVNhYML9LF2jwTvBAmskm7f1O3BRrI7C5vnmbAxMrhyHBAJMBej971%2BBKbsA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8964399db966423f-EWR
alt-svc: h3=":443"; ma=86400
expires: Mon, 02 Jun 2025 00:35:38 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 122ms
68ms Font
font/woff2 2607:f8b0:400d:c0e::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CRaleway%3A400%2C600%2C500%2C700%2C800&subset=latin%2Clatin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://w1.grandblue.us
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 04:43:57 GMT
x-content-type-options: nosniff
age: 121673
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 04:43:57 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v34/ 47 KB
48 KB 77ms
23ms Font
font/woff2 2607:f8b0:400d:c0e::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://w1.grandblue.us
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 18:25:39 GMT
x-content-type-options: nosniff
age: 590771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48336
x-xss-protection: 0
last-modified: Wed, 01 May 2024 20:31:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jun 2025 18:25:39 GMT

GET
H2 200 S6u_w4BMUTPHjxsI9w2_Gwft.woff2
fonts.gstatic.com/s/lato/v24/ 17 KB
17 KB 110ms
57ms Font
font/woff2 2607:f8b0:400d:c0e::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI9w2_Gwft.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://w1.grandblue.us
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 08:45:44 GMT
x-content-type-options: nosniff
age: 107166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17728
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 08:45:44 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 130ms
77ms Font
font/woff2 2607:f8b0:400d:c0e::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://w1.grandblue.us
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 07:44:07 GMT
x-content-type-options: nosniff
age: 110863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 07:44:07 GMT

GET
H2 200 S6uyw4BMUTPHjxAwXjeu.woff2
fonts.gstatic.com/s/lato/v24/ 5 KB
5 KB 118ms
65ms Font
font/woff2 2607:f8b0:400d:c0e::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://w1.grandblue.us
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 14:39:30 GMT
x-content-type-options: nosniff
age: 604340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5472
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jun 2025 14:39:30 GMT

GET
H/1.1 200
OK venor.php Show response
s.pemsrv.com/ 1 B
447 B 12ms
12ms XHR
text/html 68.169.106.41
ISPRIME

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pemsrv.com/venor.php
Requested by: Host: a.pemsrv.com
URL: https://a.pemsrv.com/popunder1000.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.169.106.41 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 14:31:50 GMT
Content-Encoding: gzip
Server: nginx
Accept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Robots-Tag: noindex, follow

GET
H2 200 floating-chat-main.css
storage.ko-fi.com/cdn/scripts/ Frame C4E5 588 B
409 B 23ms
23ms Stylesheet
text/css 2606:4700:10::ac43:8b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/floating-chat-main.css
Requested by: Host: storage.ko-fi.com
URL: https://storage.ko-fi.com/cdn/scripts/overlay-widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::ac43:8b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d95ba86fa0391a4a86a6388088e53e1a0bfa52fa6f3c7c1e057e898522a30570

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 19 Jun 2024 14:31:50 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: BHz4+3jV+xooBaj1E0Km4g==
age: 3466
cf-polished: origSize=839
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Sun, 23 Oct 2022 22:21:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 499e6f68-e01e-002a-0dec-736d75000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 8964399e3f8b43f8-EWR

GET
H2 200 floating-chat-main.css
storage.ko-fi.com/cdn/scripts/ Frame 268A 588 B
0 25ms
25ms Stylesheet
text/css 2606:4700:10::ac43:8b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/floating-chat-main.css
Requested by: Host: storage.ko-fi.com
URL: https://storage.ko-fi.com/cdn/scripts/overlay-widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::ac43:8b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d95ba86fa0391a4a86a6388088e53e1a0bfa52fa6f3c7c1e057e898522a30570

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 19 Jun 2024 14:31:50 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: BHz4+3jV+xooBaj1E0Km4g==
age: 3466
cf-polished: origSize=839
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Sun, 23 Oct 2022 22:21:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 499e6f68-e01e-002a-0dec-736d75000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 8964399e3f8b43f8-EWR

GET
H2 200 floating-chat-wrapper.css
storage.ko-fi.com/cdn/scripts/ 6 KB
1 KB 31ms
29ms Stylesheet
text/css 2606:4700:10::ac43:8b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/floating-chat-wrapper.css
Requested by: Host: storage.ko-fi.com
URL: https://storage.ko-fi.com/cdn/scripts/overlay-widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::ac43:8b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54bf5af24434f9006216242e7b12b9ff58c736f4e1a4d47f08c433971800b565

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 19 Jun 2024 14:31:50 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: E53X9EMRndzQtdHOHn9Ilw==
age: 3602
cf-polished: origSize=9058
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Sun, 23 Oct 2022 22:21:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: d4e854d7-901e-006a-44d9-73449b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 8964399e3f8f43f8-EWR

GET
H2 200 css
fonts.googleapis.com/ 5 KB
689 B 34ms
32ms Stylesheet
text/css 2607:f8b0:400d:c01::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:400,700,800&display=swap

Requested by

Host: storage.ko-fi.com
URL: https://storage.ko-fi.com/cdn/scripts/overlay-widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a230558c40cdb639bea9b4864e65694d5a6349911c9d661fb00d6cc57e3208fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Jun 2024 14:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 19 Jun 2024 13:02:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Jun 2024 14:31:50 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C4E5 5 KB
0 33ms
33ms Stylesheet
text/css 2607:f8b0:400d:c01::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:400,700,800&display=swap

Requested by

Host: storage.ko-fi.com
URL: https://storage.ko-fi.com/cdn/scripts/overlay-widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a230558c40cdb639bea9b4864e65694d5a6349911c9d661fb00d6cc57e3208fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 14:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 19 Jun 2024 13:02:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Jun 2024 14:31:50 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 268A 5 KB
0 34ms
33ms Stylesheet
text/css 2607:f8b0:400d:c01::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:400,700,800&display=swap

Requested by

Host: storage.ko-fi.com
URL: https://storage.ko-fi.com/cdn/scripts/overlay-widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a230558c40cdb639bea9b4864e65694d5a6349911c9d661fb00d6cc57e3208fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 14:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 19 Jun 2024 13:02:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Jun 2024 14:31:50 GMT

GET
H2 200 cup-border.png
storage.ko-fi.com/cdn/ Frame C4E5 6 KB
6 KB 25ms
25ms Image
image/webp 2606:4700:10::ac43:8b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/cup-border.png
Requested by: Host: w1.grandblue.us
URL: https://w1.grandblue.us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::ac43:8b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 457554ad286ecf6fd5f5e79e6c883602d57638d50f96fb060f6edc19de027834

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 19 Jun 2024 14:31:50 GMT
cf-cache-status: HIT
content-md5: nt+i2V4lVEX5fauLp9jhTw==
age: 3896
cf-polished: origFmt=png, origSize=11273
content-disposition: inline; filename="cup-border.webp"
content-length: 6016
x-ms-lease-status: unlocked
cf-bgj: imgq:100,h2pri,csam-hash
last-modified: Sun, 23 Oct 2022 21:56:48 GMT
server: cloudflare
etag: 0x8DAB5417C366016
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-ms-request-id: dab06017-501e-0033-2b69-75411d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8964399e3f9043f8-EWR

GET
H2 200 cup-border.png
storage.ko-fi.com/cdn/ Frame 268A 6 KB
0 26ms
25ms Image
image/webp 2606:4700:10::ac43:8b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/cup-border.png
Requested by: Host: w1.grandblue.us
URL: https://w1.grandblue.us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::ac43:8b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 457554ad286ecf6fd5f5e79e6c883602d57638d50f96fb060f6edc19de027834

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 19 Jun 2024 14:31:50 GMT
cf-cache-status: HIT
content-md5: nt+i2V4lVEX5fauLp9jhTw==
age: 3896
cf-polished: origFmt=png, origSize=11273
content-disposition: inline; filename="cup-border.webp"
content-length: 6016
x-ms-lease-status: unlocked
cf-bgj: imgq:100,h2pri,csam-hash
last-modified: Sun, 23 Oct 2022 21:56:48 GMT
server: cloudflare
etag: 0x8DAB5417C366016
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-ms-request-id: dab06017-501e-0033-2b69-75411d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8964399e3f9043f8-EWR

GET
H/1.1 200
OK count.js Show response
grand-blue-7.disqus.com/ 1 KB
2 KB 52ms
11ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://grand-blue-7.disqus.com/count.js

Requested by

Host: w1.grandblue.us
URL: https://w1.grandblue.us/wp-content/litespeed/js/617996cf86541d2d0581fe64b274a245.js?ver=4a245

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 14:31:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=300; includeSubdomains
X-Amz-Cf-Pop: DFW3-C1
Age: 118
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 17 Jun 2024 17:49:26 GMT
Server: nginx
ETag: "66707726-367"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: tspf1Zr6v2V8cSM7pyw3_eHs6BkVYHP65OG_2l0rutgYBbWMPv6wZQ==

GET twitcount.js
static1.twitcount.com/js/ 0
0

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ Frame C4E5 38 KB
38 KB 28ms
27ms Font
font/woff2 2607:f8b0:400d:c0e::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:400,700,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://w1.grandblue.us
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 04:05:58 GMT
x-content-type-options: nosniff
age: 469552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39124
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Jun 2025 04:05:58 GMT

GET
H3 200 cropped-png-clipart-granblue-fantasy-anime-grand-blue-character-fantasy-character-purple-dragon-32x32.png
w1.grandblue.us/wp-content/uploads/2023/08/ 2 KB
3 KB 30ms
29ms Other
image/png 2606:4700:3034::6815:db1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w1.grandblue.us/wp-content/uploads/2023/08/cropped-png-clipart-granblue-fantasy-anime-grand-blue-character-fantasy-character-purple-dragon-32x32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:db1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40304c0a9855c3c4fb862dfc66a3f1608273d50a5cde44e4e372bf2acd1cda0c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://w1.grandblue.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 14:31:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1869401
alt-svc: h3=":443"; ma=86400
content-length: 2081
last-modified: Tue, 29 Aug 2023 11:38:39 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BGqT8V5PxM3%2BfcwxTDWovR%2BNjKZay1qK%2B6G%2FNsiqxOz4Ie0heckyHyXH%2ByasVvaP%2BX6T7hQPZCah%2BzFiEDh7R3xlC65OmhMrIxwk4ummXlHPlXWznRBUWJ76wGGrT2Uh8pTcZk9xN0H95tId9Pk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 896439a0dcd942bb-EWR
expires: Thu, 29 May 2025 05:15:10 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static1.twitcount.com
URL: https://static1.twitcount.com/js/twitcount.js

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.exdynsrv.com/	1970-01-21 07:02:47	Name: __uvt Value: a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226672ebd6143fe3.291783621133054747%22%3B%7D
w1.grandblue.us/	1970-01-20 21:29:40	Name: _lscache_vary Value: 28a5accae3ac5e5ea1e1355a41ccea69
vallarymedlars.com/	1970-01-20 21:28:13	Name: GL_UI4 Value: eJw9jU1ugzAYRPknaQPtSBygRzCJoMmy6iG6RB%2B2IW7AjowL6u1rVWpX8zR6owmCIKqeEK7ZHvEXNXgZ6qHtjxdqOa%2BH1wuxQRJr%2BvO5ITqdBMNeLZ2jfpIuwW6ZybrOrQkOo9TSKt5xI2SBZ2%2F9NTdtNp0g7S1pUSCdvTEVyHtrtkXaKkaiaZbI3q%2FW%2BExn%2BjQWcX1sPSvtOWSIzFLF5QPyD6WFH5YHRDUryyzA430iNxg7d0pkIdLRkpAI37Dj5ORo7DdyIZebM3fATKL7939%2F461myIRcFffnxl2l%2FQHDVU7n
vallarymedlars.com/	1970-01-20 21:28:13	Name: GL_GI10 Value: eJwNy7EKwjAUBdC8h1SLVrjYD8gXBJJWdBdHu5QOHUsbJAhJSKP%2Bvp79CCG4PoBdRHVW%2BqqVaVqlGwN6gocePHtUg3fZLrLPU7YrKIG7EZw8dp39yjGkF2g%2BliCH%2FcO0F3l%2FpxAt2K8obyHFkP4TFAsC57DdgNelFqBPcfoBCRMcpA%3D%3D
fritdugs.com/	1970-01-20 21:28:13	Name: GL_UI4 Value: eJw9jU1ugzAYRPknaQPtSBygRzCJoMmy6iG6RB%2B2IW7AjowL6u1rVWpX8zR6owmCIKqeEK7ZHvEXNXgZ6qHtjxdqOa%2BH1wuxQRJr%2BvO5ITqdBMNeLZ2jfpIuwW6ZybrOrQkOo9TSKt5xI2SBZ2%2F9NTdtNp0g7S1pUSCdvTEVyHtrtkXaKkaiaZbI3q%2FW%2BExn%2BjQWcX1sPSvtOWSIzFLF5QPyD6WFH5YHRDUryyzA430iNxg7d0pkIdLRkpAI37Dj5ORo7DdyIZebM3fATKL7939%2F461myIRcFffnxl2l%2FQHDVU7n
fritdugs.com/	1970-01-20 21:28:13	Name: GL_GI10 Value: eJwNy7EKwjAUBdC8h1SLVrjYD8gXBJJWdBdHu5QOHUsbJAhJSKP%2Bvp79CCG4PoBdRHVW%2BqqVaVqlGwN6gocePHtUg3fZLrLPU7YrKIG7EZw8dp39yjGkF2g%2BliCH%2FcO0F3l%2FpxAt2K8obyHFkP4TFAsC57DdgNelFqBPcfoBCRMcpA%3D%3D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	error	URL: https://w1.grandblue.us/(Line 58) Message: Failed to set referrer policy: The value '' is not one of 'always', 'default', 'never', 'origin-when-crossorigin', 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.
rendering	error	URL: https://w1.grandblue.us/(Line 58) Message: Failed to set referrer policy: The value 'https://duckduckgo.com/' is not one of 'always', 'default', 'never', 'origin-when-crossorigin', 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.exdynsrv.com
a.pemsrv.com
fonts.googleapis.com
fonts.gstatic.com
fritdugs.com
grand-blue-7.disqus.com
grandblue.us
s.pemsrv.com
static1.twitcount.com
storage.ko-fi.com
syndication.exdynsrv.com
vallarymedlars.com
w1.grandblue.us
static1.twitcount.com
199.232.196.134
23.109.170.28
2606:4700:10::ac43:8b9
2606:4700:3031::ac43:9cdd
2606:4700:3034::6815:db1
2607:f8b0:400d:c01::5f
2607:f8b0:400d:c0e::5e
2a02:6ea0:e200::17
68.169.106.41
68.169.106.76
0bca11b67cc31b14d949f5d2d086b468439869e5e351e0cadb52e44f11089805
172638a23c0d57350f8c097f80fd9dcf58cecaf5217cd70b8fa552b68a2a62e9
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7
2296ad963561232639dba37439e330c1bfed2f9f79d62ca1960c242f96a11bcb
268527ef5308ace8aeddf517120692ac11bd65e08738f6283588d8fdd8243f99
2a14dc066c841ac4fbf1fef28669d0139a6fa1f66a49393ce07b9091ca947eb5
2f7904698c04fa325fc1b3d09a538c003b1279e88e0aca4926da0f539987b4bb
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
375a6d135af1d3e13bff3579b1c19015ccd36a1ae4f451a0555cd3db7f50bed6
3900641f81ef339a65fb910e789fdcf4b43b071781c4a66b39fdc6577425f4a0
40304c0a9855c3c4fb862dfc66a3f1608273d50a5cde44e4e372bf2acd1cda0c
41c3419f2477034e6a84a06d5130c92ac40703a616be4792031153fb895509dc
42a044a5bd352f68d64d8a821989c37451e38056ce05ca665d3a8c2474705113
457554ad286ecf6fd5f5e79e6c883602d57638d50f96fb060f6edc19de027834
46b5d8ee42c891039597a7dc3336f3acad0e16cba5414f16930a3d50f816db83
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
54bf5af24434f9006216242e7b12b9ff58c736f4e1a4d47f08c433971800b565
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
656443610f6703e0f229516da2409e9288a2078878ca2fe819d12430d0b8c375
6fa064297578b5ef83eb7cb7c3c75f4e88e374cbed0e8630e43f51a4cc42651c
71321816cc04b487e8ab842f932b22253553fb41b5c71a94993255937f92060a
7613f88667432d2b7c096cb01bf5fce0279bea9476d0895caed2884940362487
79a94549888e62ab0e3ec2d9f562f6f500d7ebeb79cdcac724bdb6be485224e8
7c7272feb882568b3b85da66d3217b564e1455a44e9f74174fa7882f88ee7e21
807319cb9eb4d19de5826569b712622d0963f3f4fafd4960f90a2747fd1ada4d
85a8c75fdf88c5cecd850c7da6726f989585e565b7e634a5f3722a24286ee739
8a6efe0dad43b2a269bab49703b67a209efcc5a881813c7854cae0710b2aa748
8b00bf476095a208ae098505174522b61d60b2d49557edd117bbb505f7dbd70a
8bca953e7f6fbfb4949b2f8bac47b7cbc8e694425d3531c45a2cb01af76631ec
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
997ff59a3f003d278177880c87065c65b998fa3b5975ce1a2197786995a00772
a230558c40cdb639bea9b4864e65694d5a6349911c9d661fb00d6cc57e3208fe
a947e2206db45dd0a6babea0968dbe6dc5358822ea0de9abb35de64f74bc8c87
a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083
b867637c1261c84ee19b98f51a5115ec17327c8d82d60a06ba44a01fa5820be0
bb87048cbc401e184bc3a3a2cd351eeccc64495059a7f36c2604ce94ec729adb
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c79a6bb0af63488ce6dc5b03c8b9c6ef8d70df81c8bd206d0ef48f43ee5732a6
d2c126216a9afe1af4b80590ed3cdb88f338a1339a8acd71a49d50600766a704
d95ba86fa0391a4a86a6388088e53e1a0bfa52fa6f3c7c1e057e898522a30570
db06d19451a1e93a142cfae831094f3e348673366c1ad9bc144544b0f11b2464
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea64f589334f647f2254d595466c036000a3d9150ad078a69eba7f845c0c0713
ea6f2480ce4fb13adb52985d6532be0ef0d86718bd9d58bba41911351c2433d6
ef965d500c827c1cb00706cb59334b9072bf9fe8700911e769c8c7327ea2977e
f4e4416f838cf7546a57653b813939f3fd5a175126b3de062396451e55b14642

w1.grandblue.us Open in urlscan Pro 2606:4700:3034::6815:db1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

98 %HTTPS

60 %IPv6

10 Domains

13 Subdomains

11 IPs

2 Countries

793 kBTransfer

1889 kBSize

6 Cookies

3 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

w1.grandblue.us Open in urlscan Pro
2606:4700:3034::6815:db1 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

98 %
HTTPS

60 %
IPv6

10
Domains

13
Subdomains

11
IPs

2
Countries

793 kB
Transfer

1889 kB
Size

6
Cookies

57 HTTP transactions
7 data transactions