r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6988
Expires: Tue, 13 Sep 2022 02:37:40 GMT
Date: Tue, 13 Sep 2022 00:41:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 13 Sep 2022 00:08:33 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WmH4vwbP082sl7JzTZ6iifv936nLZfsSZG-A080uNZhsm83HIoBNCQ==
Age: 1959
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yMSywXok1p_dAyzMa7glaB26yUX2iKuMz-DOwttODfOEcDeiENVFNA==
age: 62640
X-Firefox-Spdy: h2
free-wow.blogspot.com/
142.250.74.161200 OK 9.8 kB IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (4177)
Hash 558cf0d1659689f0c49b1d6dbb38a3b2
79667d5214fe12c2689da337ed7c62f232ca1b02
c61cea1e0a3ff7c42130ea262b56d3bbd9fb223ed6fd275af8ef3ac7e8956172
GET / HTTP/1.1
Host: free-wow.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Tue, 13 Sep 2022 00:41:12 GMT
Date: Tue, 13 Sep 2022 00:41:12 GMT
Cache-Control: private, max-age=0
Last-Modified: Thu, 07 Apr 2022 03:24:01 GMT
ETag: W/"9a4ae0555a770cc350b8987f06018080027e553ea4c796761a8c0db88a12b60c"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 9765
Server: GSE
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 00:41:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.google.com/coop/cse/brand?form=cse-search-box&lang=en
142.250.74.164301 Moved Permanently 237 B URL HTTP/1.1 www.google.com/coop/cse/brand?form=cse-search-box&lang=en
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash bda0dec939809d66ff8388fe5c716412
d768e1edcca0d64e15c1a26978d19c8fdfbd4e4f
334f05a39cdb64bac9f876dd2a2011649d08d578f6d751460c91ca294f3304cd
GET /coop/cse/brand?form=cse-search-box&lang=en HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
HTTP/1.1 301 Moved Permanently
Location: https://www.gstatic.com/prose/brandjs.js
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 237
X-XSS-Protection: 0
Date: Tue, 13 Sep 2022 00:20:49 GMT
Expires: Tue, 13 Sep 2022 00:50:49 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1223
free-wow.blogspot.com/js/cookienotice.js
142.250.74.161200 OK 2.0 kB URL HTTP/1.1 free-wow.blogspot.com/js/cookienotice.js
IP 142.250.74.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: free-wow.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Tue, 13 Sep 2022 00:41:13 GMT
Expires: Tue, 20 Sep 2022 00:41:13 GMT
Cache-Control: public, max-age=604800
Last-Modified: Mon, 12 Sep 2022 22:01:09 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
pagead2.googlesyndication.com/pagead/show_ads.js
142.250.74.98200 OK 40 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/show_ads.js
IP 142.250.74.98:0
File type ASCII text, with very long lines (2535)
Hash 0e318046c701bb39c65e4ce1d70d22c1
630447120d90e0191362db3539a19f3e8c620255
0c4f1f0a7129f994721a650b08dc8ea7a97ccf03a01cd9e893e7e30bfa568969
GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Tue, 13 Sep 2022 00:41:12 GMT
Expires: Tue, 13 Sep 2022 00:41:12 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 3421245504422269830
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 40203
X-XSS-Protection: 0
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 12 Sep 2022 23:56:07 GMT
Expires: Tue, 13 Sep 2022 00:55:14 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Oy4sKwdJKcxdVE6ipF6SSxy9Jssl1xvMayKoiylCwo0XV9D-8l3RBw==
Age: 2706
www.statcounter.com/counter/counter.js
104.20.229.67200 OK 14 kB URL HTTP/1.1 www.statcounter.com/counter/counter.js
IP 104.20.229.67:0
File type ASCII text, with very long lines (43632), with no line terminators
Hash ec70672a2f4620ce69dbd93d41715fb2
68d559ba806e8aa338221616ba9a85ae582e03a3
f6cd20fa5ef3de2a6bd894efa434c1650f12cf6b3c9df03d45489aff18c44b7e
GET /counter/counter.js HTTP/1.1
Host: www.statcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:41:13 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 12 Sep 2022 18:13:53 GMT
ETag: W/"aa70-5e87edbbe08b7"
Cache-Control: max-age=43200
Expires: Tue, 13 Sep 2022 10:57:03 GMT
Access-Control-Allow-Origin: *
P3P: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
User-Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 6250
Server: cloudflare
CF-RAY: 749cd602addeb51d-OSL
www.google-analytics.com/urchin.js
142.250.74.174200 OK 6.8 kB URL HTTP/1.1 www.google-analytics.com/urchin.js
IP 142.250.74.174:0
Hash b2a53ddd32fa730ace44acf796ced69d
248293a9e5a5a062c17517d115a4f59396db6833
d816d84a12f8cebe9ffaaca1b804894f9e46882a6719605359db2aad44afab85
GET /urchin.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
HTTP/1.1 200 OK
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 6847
Date: Mon, 12 Sep 2022 14:37:03 GMT
Expires: Mon, 26 Sep 2022 14:37:03 GMT
Cache-Control: public, max-age=1209600
Age: 36250
Last-Modified: Wed, 13 Apr 2022 21:02:38 GMT
Content-Type: text/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 897ba2cd648f36e4a45f51572df47391
b7236aec7c4cfa72b27f9d015f324836ec581a0a
3a716c35d23fb35307682d7ccbe1951f32fae2cd96733e713025cf232dd459e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:41:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 897ba2cd648f36e4a45f51572df47391
b7236aec7c4cfa72b27f9d015f324836ec581a0a
3a716c35d23fb35307682d7ccbe1951f32fae2cd96733e713025cf232dd459e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:41:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4c1a8fd6ede7215d6833a86cd0783760
ff68ea529e3efd96239b6170f1f3d5c438b0d805
0687639ede01089dab1fdaa1aa1090d7177067052b8f0b6748959297959f4ec6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:41:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:41:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/3753684042-widgets.js
216.58.207.201200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/3753684042-widgets.js
IP 216.58.207.201:0
File type ASCII text, with very long lines (2221)
Hash 9310029f33929201831992bd74c13953
092fc9b60b0fcc7e24b80eb89f40178e91effb98
ed0ad17efb3c922e7bc8feffa0a5718d2ad226c44f2bb183b6ad163684f3b982
GET /static/v1/widgets/3753684042-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 57039
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 01:53:39 GMT
expires: Fri, 08 Sep 2023 01:53:39 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Sep 2022 22:51:39 GMT
content-type: text/javascript
age: 427654
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/js/plusone.js
142.250.74.174200 OK 20 kB URL HTTP/2 apis.google.com/js/plusone.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1277)
Hash 202067c443611dc148225b75c0e3d556
9e6be316508f5c2a2e4b8cecc561b0e7415bd38c
5d9db864eb7c211f62d61436846b80db003b0102c903dda9bc15af29e5eefa39
GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20362
date: Tue, 13 Sep 2022 00:41:13 GMT
expires: Tue, 13 Sep 2022 00:41:13 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "f48c49688fef829d"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
photos1.blogger.com/x/blogger2/6390/345936021090512/410/z/701791/gse_multipart57864.png
216.58.207.196200 OK 45 kB URL HTTP/1.1 photos1.blogger.com/x/blogger2/6390/345936021090512/410/z/701791/gse_multipart57864.png
IP 216.58.207.196:0
File type PNG image data, 406 x 53, 8-bit/color RGBA, non-interlaced\012- data
Hash 754988d549e9b9913f0b6e7425568b86
4d333a8a0ff1b24d0913b23a55faa02806e96637
1d645f76f454efb73647bfeeced51d4f56f5028cda29eaf1b70db045595f13ec
GET /x/blogger2/6390/345936021090512/410/z/701791/gse_multipart57864.png HTTP/1.1
Host: photos1.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/photos
Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="photos"
Report-To: {"group":"photos","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/photos"}]}
Content-Length: 44842
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 09 Sep 2022 06:41:09 GMT
Expires: Sat, 09 Sep 2023 06:41:09 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Sat, 18 Feb 2012 11:16:35 GMT
Content-Type: image/png
Age: 324004
www.topgamesites.net/images/21.jpg
172.67.163.170301 Moved Permanently 0 B URL HTTP/1.1 www.topgamesites.net/images/21.jpg
IP 172.67.163.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/21.jpg HTTP/1.1
Host: www.topgamesites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 00:41:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 13 Sep 2022 01:41:13 GMT
Location: https://www.topgamesites.net/images/21.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CxfSfmENiWOCbpgCt6AbmPVSgmdbHzdEi2NXe04b87bbBDkdxz7omfTlqd%2FyvK1TSA0peB4aoo8la4wQCfk7%2Boj0xMgPJDWnTp6Wb3P6ZgKoeQZJEC6mgQ8pIZV%2FCrtLijVrpfkizA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749cd6031c611bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.xtremetop100.com/tracker.jpg
172.67.68.187301 Moved Permanently 0 B URL HTTP/1.1 www.xtremetop100.com/tracker.jpg
IP 172.67.68.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tracker.jpg HTTP/1.1
Host: www.xtremetop100.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 00:41:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 13 Sep 2022 01:41:13 GMT
Location: https://www.xtremetop100.com/tracker.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWKD6LI58IgoHDF%2Fc31%2BnccbiAVzR92c7%2BKK0otzf0rT8IjPLGJ%2B%2BzYsWCrsMRsxWGGCacLYitygYhK24oE9Ck36MKIl4tg6Y5MxoPnWbRnjbb6tyGJ4zIOxTQk1vBFQcca%2B0%2Bls"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749cd6031d4dfac4-OSL
alt-svc: h2=":443"; ma=60
www.xtremetop100.com/votenew.jpg
172.67.68.187301 Moved Permanently 0 B URL HTTP/1.1 www.xtremetop100.com/votenew.jpg
IP 172.67.68.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /votenew.jpg HTTP/1.1
Host: www.xtremetop100.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 00:41:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 13 Sep 2022 01:41:13 GMT
Location: https://www.xtremetop100.com/votenew.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kb%2BthqfDLsW6GtXNnLxQJBjWZL0iIJq%2Bx%2F%2FflaGbWcqRdNNA%2FvL2rAfB2h9nTzUada20uSM4KwDkLT%2FMZ%2B5rud40er3AmWHTTn0RWH23LzygSQDzK4GUkzaxYt%2BCnBUOB5YUi5K1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749cd6031919b511-OSL
alt-svc: h2=":443"; ma=60
www.top100arena.com/hit.asp?id=712&c=WoW&t=
104.26.1.48403 Forbidden 1.7 kB URL HTTP/1.1 www.top100arena.com/hit.asp?id=712&c=WoW&t=
IP 104.26.1.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (394)
Hash 98ca3b4e0df43449ccc5f4a689e6bbec
3463df0ca932ca7296f9531c3c756333e34fc6df
61f956fd2e648bb4090fcaf307862818df2f6caa2fdfe1a4b87a615a151a8cac
GET /hit.asp?id=712&c=WoW&t= HTTP/1.1
Host: www.top100arena.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
HTTP/1.1 403 Forbidden
Date: Tue, 13 Sep 2022 00:41:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=15
Expires: Tue, 13 Sep 2022 00:41:28 GMT
X-Frame-Options: SAMEORIGIN
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4IYWwAWl2ZfTFaSjBTqe%2FacFoIDShBF7RbJmq89Ebes7OgXAXEaMv5Y%2F62TCGMRNs0jwUjuCMzlus%2BK7fI30SkFh3gJftxX7JsyIlw9aVkA7Ny2Z5N1hv65fEQWRzmxwrZ2N9Cs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749cd6034c970b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.gstatic.com/prose/brandjs.js
142.250.74.163200 OK 5.8 kB URL HTTP/2 www.gstatic.com/prose/brandjs.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (1352)
Hash 10aa07ab4f7de5535f4cafe167ca4fa7
6c804574a29f9d8a77ed2823a7879e56dbc42c22
d111484a9bceee10b129b20ebd4ead4639b5d7dd78117522249195fb84db3cf0
GET /prose/brandjs.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://free-wow.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 5807
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 18:45:16 GMT
expires: Tue, 13 Sep 2022 18:45:16 GMT
cache-control: public, max-age=86400
age: 21357
last-modified: Tue, 06 Apr 2021 15:14:29 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.98200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.98:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Mon, 12 Sep 2022 13:18:16 GMT
Expires: Mon, 26 Sep 2022 13:18:16 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
Age: 40977
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
142.250.74.174200 OK 51 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
IP 142.250.74.174:0
File type ASCII text, with very long lines (580)
Hash 082af8f6ad7e453a93dd3d1e0ed74005
a768614da451435f22b8f19a0cd4977c48a639ce
f53c36c80f6af2bb427ea6b9d34dd82f8dbcf05d23b92d78ce6372af3a46d57c
GET /_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 51184
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 07:12:08 GMT
expires: Thu, 07 Sep 2023 07:12:08 GMT
cache-control: public, max-age=31536000
age: 494945
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_1?le=scs
142.250.74.174200 OK 17 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_1?le=scs
IP 142.250.74.174:0
File type ASCII text, with very long lines (3295)
Hash da083e9d59be400edf9d5f9a1716b91b
27d2025b6936aa58853e5ff3e1e67cef21cf32f5
edd3514aa92d8e00194c2f634d3ef3d4dd7efcd8cc0c33f3cda5f45ca250b0b7
GET /_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_1?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 16710
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 00:24:02 GMT
expires: Thu, 07 Sep 2023 00:24:02 GMT
cache-control: public, max-age=31536000
age: 519431
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ad439cab56126bcc402ee9f92365a209
a4b48a9a733c53cbc7020e190b8c787e1f80f55a
d0e2e52b66a8dec8c57092ec332f452a7348941d778d7b4686ca32696aabd065
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:41:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:41:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.topgamesites.net/images/21.jpg
172.67.163.170200 OK 2.8 kB URL HTTP/2 www.topgamesites.net/images/21.jpg
IP 172.67.163.170:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 88x53, components 3\012- data
Hash 06d8a6062e28eefa7448cc5fe962c949
c60a6fe85c224e6cfabdf2c1bb932ca69b09a7e1
782dd058530ab29bca511c7a27feb981687a0164ff96e49bc12e56b46d2d1fb6
GET /images/21.jpg HTTP/1.1
Host: www.topgamesites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://free-wow.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 00:41:13 GMT
content-type: image/jpeg
content-length: 2785
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 00:02:11 GMT
last-modified: Tue, 04 Jan 2022 01:13:21 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2342
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZdEcaAm7TaJFRRTdL4cxbNp6%2BF9VSbPZ41WhcaFjzCD5c0nQAiF3UDvqI5ZDzwHRGkUKntuBxCtvN5ne2WvW4GM8nNt7Zh1LQMuc%2FOdEKn78jJ9Cd6V5NMUwhll1p2TEoikBojSOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 749cd6043ec10b45-OSL
X-Firefox-Spdy: h2
www.ultimatetop200.com/tracker.php?do=in&id=1420
3.18.7.81302 Found 0 B URL HTTP/1.1 www.ultimatetop200.com/tracker.php?do=in&id=1420
IP 3.18.7.81:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tracker.php?do=in&id=1420 HTTP/1.1
Host: www.ultimatetop200.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
HTTP/1.1 302 Found
content-length: 0
date: Tue, 13 Sep 2022 00:41:13 GMT
location: https://www.hugedomains.com/domain_profile.cfm?d=ultimatetop200.com
www.gtop100.com/images/tracker.jpg
104.26.2.59301 Moved Permanently 604 B URL HTTP/1.1 www.gtop100.com/images/tracker.jpg
IP 104.26.2.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash aedff2519980d627b8e8e9d1b912d7fc
e838ed3164425ae4a6f850757f01e5cfc123da7e
4e9e1bbfc29170fdaed29d0ac3b450eabfccc28397f584deb066db6395304da6
GET /images/tracker.jpg HTTP/1.1
Host: www.gtop100.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 00:41:13 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://gtop100.com/images/tracker.jpg
X-Turbo-Charged-By: LiteSpeed
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jpbSPlvuJhMk6JK64aOCqya3FWIF9YT5DpykEGvb0qw3tLny6va4FQ2tjmxsoz5BZ07RFbXh17PKGjdg9h2G0HtzqbBw4wkCkUA8Bz4ejvHMRrb1cwDks%2BzAr9oYUpwcOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749cd602fa0ab518-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7faa6a78f896de4528c8cc9ed35bfa11
199ad87495595163d7d16b1eddb9506c8ddb4918
7effc4afbb7417799d0ecbb32fce2a94cba732e488fd4ce81ba5a77f4d7c13ca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:41:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/cse/static/images/1x/en/branding.png
142.250.74.164200 OK 1.4 kB URL HTTP/2 www.google.com/cse/static/images/1x/en/branding.png
IP 142.250.74.164:0
File type PNG image data, 124 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 5fa765d6ecd4ddbe72abbac8698fa4b0
468231e63b1ab3ed01a9488f5c981b141a54d024
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
GET /cse/static/images/1x/en/branding.png HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 1372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 00:49:09 GMT
expires: Sat, 09 Sep 2023 00:49:09 GMT
cache-control: public, max-age=31536000
age: 345124
last-modified: Mon, 25 May 2020 08:30:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gtop100.com/images/nvotebutton.jpg
104.26.2.59301 Moved Permanently 604 B URL HTTP/1.1 www.gtop100.com/images/nvotebutton.jpg
IP 104.26.2.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash aedff2519980d627b8e8e9d1b912d7fc
e838ed3164425ae4a6f850757f01e5cfc123da7e
4e9e1bbfc29170fdaed29d0ac3b450eabfccc28397f584deb066db6395304da6
GET /images/nvotebutton.jpg HTTP/1.1
Host: www.gtop100.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 00:41:13 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://gtop100.com/images/nvotebutton.jpg
X-Turbo-Charged-By: LiteSpeed
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HBp3ozI0zdn7XQZ9KhdBdV93LdTEtV%2F8mmNhsRCefDXDqwMUbOuPMpujD%2F1tvWKOVEt0wnUWHjzF%2BBwxFCO4xQecrlwsAGInSekM%2FhW5PhDpzFScyhbVOoSyfO2M7ES4%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749cd602ffc3b509-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7c85e22b75dd559a6c65736bae63c5bd
eb57470991666108a01b8ee0adf707e1c1dc8642
bd05cc5dfc5ddd554cc9ac5395035ce302b0b74343d199a64b2dbdcac0070944
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:41:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i13.tinypic.com/2jg8ao1.png
143.204.55.79301 Moved Permanently 0 B URL HTTP/1.1 i13.tinypic.com/2jg8ao1.png
IP 143.204.55.79:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2jg8ao1.png HTTP/1.1
Host: i13.tinypic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
HTTP/1.1 301 Moved Permanently
Content-Length: 0
Connection: keep-alive
Date: Tue, 13 Sep 2022 00:41:14 GMT
Location: http://tinypic.com/images/goodbye.jpg
Server: AmazonS3
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _Ht1Je17KzKNRbBlFVi3pilvsoInp195dKmFgr94tIl_iftE01HuLQ==
img249.imageshack.us/img249/5435/3487695576b748a56f1sz7.th.jpg
38.99.77.17302 Moved Temporarily 160 B URL HTTP/1.1 img249.imageshack.us/img249/5435/3487695576b748a56f1sz7.th.jpg
IP 38.99.77.17:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 22389f2e81664d2560f38d2dfdd4270b
df7763a88d6a4c2e046d4005338d27fd2cfed05a
388915846036831e8e52e99d9d09fff5a77e1a8b9fbc0182a98d46d6ac8cd355
GET /img249/5435/3487695576b748a56f1sz7.th.jpg HTTP/1.1
Host: img249.imageshack.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
HTTP/1.1 302 Moved Temporarily
Server: nginx/1.2.8
Date: Tue, 13 Sep 2022 00:41:13 GMT
Content-Type: text/html
Content-Length: 160
Connection: keep-alive
Location: https://q2e3s4x2.stackpathcdn.com/no-war-flag.jpg
Cache-Control: no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: imageshack.com
Access-Control-Allow-Headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
img337.imageshack.us/img337/7523/codproofcf0pc9.th.jpg
38.99.77.17302 Moved Temporarily 160 B URL HTTP/1.1 img337.imageshack.us/img337/7523/codproofcf0pc9.th.jpg
IP 38.99.77.17:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 22389f2e81664d2560f38d2dfdd4270b
df7763a88d6a4c2e046d4005338d27fd2cfed05a
388915846036831e8e52e99d9d09fff5a77e1a8b9fbc0182a98d46d6ac8cd355
GET /img337/7523/codproofcf0pc9.th.jpg HTTP/1.1
Host: img337.imageshack.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
HTTP/1.1 302 Moved Temporarily
Server: nginx/1.2.8
Date: Tue, 13 Sep 2022 00:41:13 GMT
Content-Type: text/html
Content-Length: 160
Connection: keep-alive
Location: https://q2e3s4x2.stackpathcdn.com/no-war-flag.jpg
Cache-Control: no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: imageshack.com
Access-Control-Allow-Headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
img337.imageshack.us/img337/2140/cotcl0.th.jpg
38.99.77.17404 Not Found 168 B URL HTTP/1.1 img337.imageshack.us/img337/2140/cotcl0.th.jpg
IP 38.99.77.17:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 341d15013ba4391483b2d5e34cbc5c5c
986399b390a9aaa9a33e459099aaf9f1dbc227ab
376f5045e4dd8bf68ac9e374518a01c18b2fdf76344f2cc08cac143acc4f3cb8
GET /img337/2140/cotcl0.th.jpg HTTP/1.1
Host: img337.imageshack.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
HTTP/1.1 404 Not Found
Server: nginx/1.2.8
Date: Tue, 13 Sep 2022 00:41:13 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
www.gamesites100.net/images/votes.jpg
172.67.129.62200 OK 368 B URL HTTP/1.1 www.gamesites100.net/images/votes.jpg
IP 172.67.129.62:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 88x2, components 3\012- data
Hash c7b12b0ae9b0fd7a28dbef15e875d644
0a73cfaf16d0cf8d85e48205f9549eea56519256
85e6ca03beb80aef83c79a0fc71f6abab335a8bf1a6e089d260fb857217f92b4
GET /images/votes.jpg HTTP/1.1
Host: www.gamesites100.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:41:13 GMT
Content-Type: image/jpeg
Content-Length: 368
Connection: keep-alive
Cache-Control: public, max-age=604800
Expires: Tue, 20 Sep 2022 00:41:12 GMT
Last-Modified: Fri, 23 Dec 2005 00:12:15 GMT
X-Turbo-Charged-By: LiteSpeed
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TLowtSLjUt5xUj08FrhY%2F3X1gTovUZRlEdJOmnE8uVpSrOSsfv57%2B1UkR%2B4U44A1WBkN721u2wkcxCrYPP%2FoM0WNkQwnTIBljdEkMAVftuNhJzUBKfuLzb%2BG4Y9T3V1GLOIrMCCcng%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749cd603489cb529-OSL
alt-svc: h2=":443"; ma=60
img254.imageshack.us/img254/9919/customorderthis200gw2ih5.th.jpg
38.99.77.16404 Not Found 168 B URL HTTP/1.1 img254.imageshack.us/img254/9919/customorderthis200gw2ih5.th.jpg
IP 38.99.77.16:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 341d15013ba4391483b2d5e34cbc5c5c
986399b390a9aaa9a33e459099aaf9f1dbc227ab
376f5045e4dd8bf68ac9e374518a01c18b2fdf76344f2cc08cac143acc4f3cb8
GET /img254/9919/customorderthis200gw2ih5.th.jpg HTTP/1.1
Host: img254.imageshack.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
HTTP/1.1 404 Not Found
Server: nginx/1.2.8
Date: Tue, 13 Sep 2022 00:41:13 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
img504.imageshack.us/img504/4138/sweetob8.th.png
38.99.77.17404 Not Found 168 B URL HTTP/1.1 img504.imageshack.us/img504/4138/sweetob8.th.png
IP 38.99.77.17:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 341d15013ba4391483b2d5e34cbc5c5c
986399b390a9aaa9a33e459099aaf9f1dbc227ab
376f5045e4dd8bf68ac9e374518a01c18b2fdf76344f2cc08cac143acc4f3cb8
GET /img504/4138/sweetob8.th.png HTTP/1.1
Host: img504.imageshack.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
HTTP/1.1 404 Not Found
Server: nginx/1.2.8
Date: Tue, 13 Sep 2022 00:41:13 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
www.top100arena.com/hit.asp?id=712&c=WoW&t=
104.26.1.48403 Forbidden 1.7 kB URL HTTP/1.1 www.top100arena.com/hit.asp?id=712&c=WoW&t=
IP 104.26.1.48:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (394)
Hash 5c42684855f9d715b4faaf3618dc805f
5a1e754b2e5280d5c04113995787923d591500a3
dd5ce57d8efb2a9a6eced060674719437f2a4844734a1d1c5e64a21745bab153
GET /hit.asp?id=712&c=WoW&t= HTTP/1.1
Host: www.top100arena.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
HTTP/1.1 403 Forbidden
Date: Tue, 13 Sep 2022 00:41:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=15
Expires: Tue, 13 Sep 2022 00:41:28 GMT
X-Frame-Options: SAMEORIGIN
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3lMrzCGivSaJCtVQ47ANJOM4g0OG876hzGNtXyLo74DpvDdWM7WriuF4S16oVh8idm0d%2F4i4RIekwAD850BdNV%2BiQsrhUfMwYeh1XNm4MRps7dHDJINksFKKmPUhwArHwCNtYPc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749cd6051d040b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 346bd89ffaa0fb2ac90901c749add97c
ae1d2c5b118fb3353204822b049ad3ac83a39e58
19de9d7d27734e2620013ecafe207347807c9fd9fb4a710d30097cf2ba1c6c9a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "19DE9D7D27734E2620013ECAFE207347807C9FD9FB4A710D30097CF2BA1C6C9A"
Last-Modified: Sat, 10 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4508
Expires: Tue, 13 Sep 2022 01:56:21 GMT
Date: Tue, 13 Sep 2022 00:41:13 GMT
Connection: keep-alive
www.gamesites100.net/images/nvotebutton.jpg
172.67.129.62200 OK 4.5 kB URL HTTP/1.1 www.gamesites100.net/images/nvotebutton.jpg
IP 172.67.129.62:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 88x56, components 3\012- data
Hash d0c7dff9ad02c3ced00d4d9fc60f2466
cadbb5484b87ec6005fd93197f1dca7c85510023
477b032ef82eb2a1b1e7ffd25ad51ec8b6ea487b2e9dbc24b8f6fc5d0b8afca2
GET /images/nvotebutton.jpg HTTP/1.1
Host: www.gamesites100.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:41:13 GMT
Content-Type: image/jpeg
Content-Length: 4498
Connection: keep-alive
Cache-Control: public, max-age=604800
Expires: Tue, 20 Sep 2022 00:41:12 GMT
Last-Modified: Wed, 10 Mar 2010 22:53:47 GMT
X-Turbo-Charged-By: LiteSpeed
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WEWIJ3Gih5JeRYAZ9%2FpM1yMJolEtA4UuJdpSSaVEFQgLbObt62GBTnBqGPsVtbBTdz%2FEgoo9BDX7ObIu0Yag00POSLn6nZxuf3tXrBybC1epm%2BpqO%2F0fQdpfzqFFpYalAT4lQgxR2A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749cd6034e640b45-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cb674936db4af4be99c3c397eff8c6ae
de79d76bac3fae5799b0ff35ecc19360595dfb06
992b884b64f9f6fdb76a6ba91c48fed329325b95b99d8003b282879a52093c08
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1562
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:41:13 GMT
Last-Modified: Tue, 13 Sep 2022 00:15:11 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 346bd89ffaa0fb2ac90901c749add97c
ae1d2c5b118fb3353204822b049ad3ac83a39e58
19de9d7d27734e2620013ecafe207347807c9fd9fb4a710d30097cf2ba1c6c9a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "19DE9D7D27734E2620013ECAFE207347807C9FD9FB4A710D30097CF2BA1C6C9A"
Last-Modified: Sat, 10 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8691
Expires: Tue, 13 Sep 2022 03:06:04 GMT
Date: Tue, 13 Sep 2022 00:41:13 GMT
Connection: keep-alive
www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=566046833&utmcs=UTF-8&utmsr=1280x1024&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Free%20WoW%20-%20World%20of%20Warcraft&utmhn=free-wow.blogspot.com&utmhid=1906171442&utmr=-&utmp=/&utmac=UA-2031044-2&utmcc=__utma%3D62686203.566046833.1663029661.1663029661.1663029661.1%3B%2B__utmz%3D62686203.1663029661.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B
142.250.74.174200 OK 35 B URL HTTP/1.1 www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=566046833&utmcs=UTF-8&utmsr=1280x1024&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Free%20WoW%20-%20World%20of%20Warcraft&utmhn=free-wow.blogspot.com&utmhid=1906171442&utmr=-&utmp=/&utmac=UA-2031044-2&utmcc=__utma%3D62686203.566046833.1663029661.1663029661.1663029661.1%3B%2B__utmz%3D62686203.1663029661.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B
IP 142.250.74.174:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /__utm.gif?utmwv=1.4&utmn=566046833&utmcs=UTF-8&utmsr=1280x1024&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Free%20WoW%20-%20World%20of%20Warcraft&utmhn=free-wow.blogspot.com&utmhid=1906171442&utmr=-&utmp=/&utmac=UA-2031044-2&utmcc=__utma%3D62686203.566046833.1663029661.1663029661.1663029661.1%3B%2B__utmz%3D62686203.1663029661.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Mon, 12 Sep 2022 17:40:34 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 25239
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209070101/show_ads_impl_with_ama_fy2021.js?client=pub-3084664284474584&plah=free-wow.blogspot.com
142.250.74.98200 OK 124 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209070101/show_ads_impl_with_ama_fy2021.js?client=pub-3084664284474584&plah=free-wow.blogspot.com
IP 142.250.74.98:0
File type ASCII text, with very long lines (5015)
Size 124 kB (124393 bytes)
Hash ed029da18677a788d7dd91716e0ca815
e4bbc1a7f4e34304913618b00e6bc08e28c6fb0b
bec7238cb51a547c974a6ab25cab5cd7353e0a6cea7509b2d9aa716652659509
GET /pagead/managed/js/adsense/m202209070101/show_ads_impl_with_ama_fy2021.js?client=pub-3084664284474584&plah=free-wow.blogspot.com HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 13 Sep 2022 00:41:13 GMT
expires: Tue, 13 Sep 2022 00:41:13 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 4055217469953318642
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 124393
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tinypic.com/images/goodbye.jpg
143.204.55.79200 OK 16 kB URL HTTP/1.1 tinypic.com/images/goodbye.jpg
IP 143.204.55.79:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 32af06ac4b80d728f7e4c8780eb6b6d7
dd3198f4361e94f2c3606474e04a629e42402d02
f610dc2752e938d77dab1c4e9fb1f0f7f53b25e527d130ce4e034b7de09da053
GET /images/goodbye.jpg HTTP/1.1
Host: tinypic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://free-wow.blogspot.com/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 15616
Connection: keep-alive
Last-Modified: Wed, 18 Sep 2019 21:23:53 GMT
Server: AmazonS3
Date: Mon, 12 Sep 2022 01:38:35 GMT
ETag: "32af06ac4b80d728f7e4c8780eb6b6d7"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KJdUrKbbgOpY2PwklnqsHxNk1IOo1RHP8ROW_0KdMBezPaHXnhhGQw==
Age: 83342
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7c85e22b75dd559a6c65736bae63c5bd
eb57470991666108a01b8ee0adf707e1c1dc8642
bd05cc5dfc5ddd554cc9ac5395035ce302b0b74343d199a64b2dbdcac0070944
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:41:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.xtremetop100.com/tracker.jpg
172.67.68.187200 OK 430 B URL HTTP/2 www.xtremetop100.com/tracker.jpg
IP 172.67.68.187:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 88x2, components 3\012- data
Hash 529c2710ffa5e6b10c90a69b7517b358
3bdc08cd578550f4c4a76666fdec84560310852e
b46563873d33c3e19e8f741fd7c35f111d616ce82c6e119f13e8c6c37f949081
GET /tracker.jpg HTTP/1.1
Host: www.xtremetop100.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://free-wow.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 00:41:13 GMT
content-type: image/jpeg
content-length: 430
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 00:41:13 GMT
last-modified: Sat, 11 Dec 2021 14:01:15 GMT
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=os7Q4N5q49xXn1SL3LydShTwcB8tJAzpyp9%2Ba8wTnsEHrnE6plxNAXHyQLe3MAAJPl7OSXnviatSyONGnC1twJG8XVC%2FHYuj7h7B1XCISsgHsVv6%2BuZEIJpCyvrmkqQMbH%2FY0607"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 749cd60559adb4f4-OSL
X-Firefox-Spdy: h2
q2e3s4x2.stackpathcdn.com/no-war-flag.jpg
151.139.128.11200 OK 7.5 kB URL HTTP/2 q2e3s4x2.stackpathcdn.com/no-war-flag.jpg
IP 151.139.128.11:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c8bd00a44eb4431a38dce642587d7487
21ef59b3a982107a91bd914a0844adad7fee02ce
31c5b97fc7e14e78110d5e81041a3e4e6a52620be3350ba73d30b6d584d8d3c9
GET /no-war-flag.jpg HTTP/1.1
Host: q2e3s4x2.stackpathcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://free-wow.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 00:41:13 GMT
content-length: 7450
content-type: image/webp
last-modified: Thu, 03 Mar 2022 23:25:26 GMT
accept-ranges: bytes
server: nginx
access-control-allow-origin: *
x-original-quality: 75
x-original-response-code: 200
x-original-filesize: 13022
x-origin-fetch-time: 41
x-original-resolution: 800x532
x-imagizer-host: 6ogdd8ow.imagizer.com
xkey: 6ogdd8ow.imagizer.com
cache-control: s-maxage=2678400
etag: c4ca4238a0b923820dcc509a6f75849b
x-ops: {"quality":75,"width":1400,"dpr":1}
s3-cache-processed: MISS:6ogdd8ow.imagizer.com/processed/0f4371ae88d7bf8a4e5850289ab9d1c9
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN
age: 39
x-cache-hits: 6
x-hw: 1663029673.cds212.sk1.hn,1663029673.cds222.sk1.c
X-Firefox-Spdy: h2
www.jagtoplist.com/images/vbtn88x55.jpg
156.226.113.35301 Moved Permanently 169 B URL HTTP/1.1 www.jagtoplist.com/images/vbtn88x55.jpg
IP 156.226.113.35:0
ASN #133201 ABCDE GROUP COMPANY LIMITED
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 0f952b73d3f5586637ea9a5a789d48f4
b29aff4ffa1d4decd77db5160f920e1c6417e5e9
69d11528ee32902d0c47ed215877f0610399536f755db03ed02a77ecedd74751
GET /images/vbtn88x55.jpg HTTP/1.1
Host: www.jagtoplist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.1
Date: Tue, 13 Sep 2022 00:41:13 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://www.jagtoplist.com/images/vbtn88x55.jpg
www.xtremetop100.com/votenew.jpg
172.67.68.187200 OK 2.5 kB URL HTTP/2 www.xtremetop100.com/votenew.jpg
IP 172.67.68.187:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 88x51, components 3\012- data
Hash 0051c39d0222f389f72ed2d9e07304f7
64d61453b3ea62ff6259026da51579504b65c33d
880eafdb1b65fa738446c86065c64d973c7cb44c11599e04e6b7939f73e610e5
GET /votenew.jpg HTTP/1.1
Host: www.xtremetop100.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://free-wow.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 00:41:14 GMT
content-type: image/jpeg
content-length: 2489
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 00:41:13 GMT
last-modified: Sat, 11 Dec 2021 14:01:15 GMT
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LrRToyBwdPpNyevmvbE75CPt0CvoPrzvqJ1cLDSLhIo9aCBgh%2Bs%2F1NtehMXYw6AJRidKyJA7q%2BdWxHmMCtqAE7m7bW8znxYhdzKRcxDG0q92HooWPMTp5WuSTrOFwqLntqYLBpsR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 749cd605b9c8b4f4-OSL
X-Firefox-Spdy: h2
www.jagtoplist.com/tracker.php?site=1476
156.226.113.35301 Moved Permanently 169 B URL HTTP/1.1 www.jagtoplist.com/tracker.php?site=1476
IP 156.226.113.35:0
ASN #133201 ABCDE GROUP COMPANY LIMITED
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 0f952b73d3f5586637ea9a5a789d48f4
b29aff4ffa1d4decd77db5160f920e1c6417e5e9
69d11528ee32902d0c47ed215877f0610399536f755db03ed02a77ecedd74751
Analyzer Verdict Alert fortinet Malware
GET /tracker.php?site=1476 HTTP/1.1
Host: www.jagtoplist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.1
Date: Tue, 13 Sep 2022 00:41:13 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://www.jagtoplist.com/tracker.php?site=1476
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ad439cab56126bcc402ee9f92365a209
a4b48a9a733c53cbc7020e190b8c787e1f80f55a
d0e2e52b66a8dec8c57092ec332f452a7348941d778d7b4686ca32696aabd065
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:41:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4fd53df42280409cd83e9f2cbd753bb6
c7879abb078bdc6dfd363f72509d1f36e5a8a622
c6eecc725ec5cf4376f99fafaf029eaa6f207dceefb09c09f1e8aaaa1fa1b5f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:41:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=free-wow.blogspot.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=free-wow.blogspot.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=free-wow.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 13 Sep 2022 00:41:14 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=free-wow.blogspot.com
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=free-wow.blogspot.com
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=free-wow.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 13 Sep 2022 00:41:14 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 741400b574ef7f9f3236164e28e58c51
811018b86fd196da2faf32b044905e1130002a90
efb8e915e207a776018a5319e449e47a105b1d8692e08317c2b3014135b01418
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:41:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 741400b574ef7f9f3236164e28e58c51
811018b86fd196da2faf32b044905e1130002a90
efb8e915e207a776018a5319e449e47a105b1d8692e08317c2b3014135b01418
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:41:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/dyn-css/authorization.css?targetBlogID=2833907884773480694&zx=a3172fe1-222b-42fa-9f27-ce24c43875c6
216.58.207.201200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=2833907884773480694&zx=a3172fe1-222b-42fa-9f27-ce24c43875c6
IP 216.58.207.201:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=2833907884773480694&zx=a3172fe1-222b-42fa-9f27-ce24c43875c6 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 13 Sep 2022 00:41:14 GMT
last-modified: Tue, 13 Sep 2022 00:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4fd53df42280409cd83e9f2cbd753bb6
c7879abb078bdc6dfd363f72509d1f36e5a8a622
c6eecc725ec5cf4376f99fafaf029eaa6f207dceefb09c09f1e8aaaa1fa1b5f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:41:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
44.237.239.70101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.239.70:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zliWZ05nClu3EHDPj3O2jg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: B2414lb9QMLAakFdQEdUAUL7PS0=
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3084664284474584&output=html&h=240&adk=85549073&adf=3325609825&w=120&lmt=1649301841&ad_type=text_image&format=120x240_as&color_bg=000000&color_border=000000&color_link=777777&color_text=999999&color_url=99AADD&url=http%3A%2F%2Ffree-wow.blogspot.com%2F&host=pub-1556223355139109&h_ch=00000&wgl=1&dt=1663029661308&bpp=41&bdt=894&idt=273&shv=r20220908&mjsv=m202209070101&ptt=5&saldr=sa&abxe=1&correlator=5609998393077&frm=20&pv=2&ga_vid=566046833.1663029661&ga_sid=1663029661&ga_hid=1906171442&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=744&ady=283&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706&oid=2&pvsid=2770984181428619&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Ejnox1ZiGY&p=http%3A//free-wow.blogspot.com&dtd=390
142.250.74.2200 OK 23 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3084664284474584&output=html&h=240&adk=85549073&adf=3325609825&w=120&lmt=1649301841&ad_type=text_image&format=120x240_as&color_bg=000000&color_border=000000&color_link=777777&color_text=999999&color_url=99AADD&url=http%3A%2F%2Ffree-wow.blogspot.com%2F&host=pub-1556223355139109&h_ch=00000&wgl=1&dt=1663029661308&bpp=41&bdt=894&idt=273&shv=r20220908&mjsv=m202209070101&ptt=5&saldr=sa&abxe=1&correlator=5609998393077&frm=20&pv=2&ga_vid=566046833.1663029661&ga_sid=1663029661&ga_hid=1906171442&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=744&ady=283&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706&oid=2&pvsid=2770984181428619&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Ejnox1ZiGY&p=http%3A//free-wow.blogspot.com&dtd=390
IP 142.250.74.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (65536), with no line terminators
Hash fcb47b49e4172e931265cbcace9abe29
1f966ae9445a1da39b494be3efa5cccf7f8953ff
2ebb3c5f900c38564e694af30f37ba2fd54ca1bb5e6056e072c74e4ac67cc002
GET /pagead/ads?client=ca-pub-3084664284474584&output=html&h=240&adk=85549073&adf=3325609825&w=120&lmt=1649301841&ad_type=text_image&format=120x240_as&color_bg=000000&color_border=000000&color_link=777777&color_text=999999&color_url=99AADD&url=http%3A%2F%2Ffree-wow.blogspot.com%2F&host=pub-1556223355139109&h_ch=00000&wgl=1&dt=1663029661308&bpp=41&bdt=894&idt=273&shv=r20220908&mjsv=m202209070101&ptt=5&saldr=sa&abxe=1&correlator=5609998393077&frm=20&pv=2&ga_vid=566046833.1663029661&ga_sid=1663029661&ga_hid=1906171442&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=744&ady=283&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706&oid=2&pvsid=2770984181428619&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Ejnox1ZiGY&p=http%3A//free-wow.blogspot.com&dtd=390 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 13 Sep 2022 00:41:14 GMT
server: cafe
content-length: 23203
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 13-Sep-2022 00:56:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 13 Sep 2022 00:41:14 GMT
cache-control: private
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6526c70eb74c821b7a95487ad9a4e13d
0b8c610a7755437ab815b845f52cbb27e6c95008
059d15ca6ac7cb1830286ae635731e03b56c01d7d050291dabe2b3f3db866c9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:41:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 535d274bda0c065485a534026ab497a4
0ee92c6de28c6999632b924ba226c3c449ad2e40
14dd3a50213e32e5768046e3e99cd8fc302a94f6b8f9763bbd51d8605ebd16fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:41:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 535d274bda0c065485a534026ab497a4
0ee92c6de28c6999632b924ba226c3c449ad2e40
14dd3a50213e32e5768046e3e99cd8fc302a94f6b8f9763bbd51d8605ebd16fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:41:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 535d274bda0c065485a534026ab497a4
0ee92c6de28c6999632b924ba226c3c449ad2e40
14dd3a50213e32e5768046e3e99cd8fc302a94f6b8f9763bbd51d8605ebd16fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:41:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20220908/r20110914/client/qs_click_protection_fy2021.js
142.250.74.33200 OK 7.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20220908/r20110914/client/qs_click_protection_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (2184)
Hash 8fc1754beb27cdbcdf59d08c7fd0da07
485b36af1848b751ad094159766683b1f2cca286
b5d49fee775dbfd484dd3932044616a903a115033a0e5401c75da40775dd3789
GET /pagead/js/r20220908/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 7592
x-xss-protection: 0
date: Mon, 12 Sep 2022 19:31:04 GMT
expires: Mon, 26 Sep 2022 19:31:04 GMT
cache-control: public, max-age=1209600
age: 18610
etag: 7248493764890666469
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/simgad/2995082223912812547/downsize_200k_v1?w=100&h=100
142.250.74.33200 OK 2.0 kB URL HTTP/2 tpc.googlesyndication.com/simgad/2995082223912812547/downsize_200k_v1?w=100&h=100
IP 142.250.74.33:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 522a368c1548e7bb60d7d69ae4bc0ea5
d5ae6c1935608dcbaa8357a10737c98a68f04822
22a4dad1a8c3ddc3b8427f1404c5423096e77a67f7dac9e9a37e504a4311ad08
GET /simgad/2995082223912812547/downsize_200k_v1?w=100&h=100 HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
content-length: 2022
x-content-type-options: nosniff
x-dns-prefetch-control: off
server: sffe
x-xss-protection: 0
date: Sat, 10 Sep 2022 22:00:14 GMT
expires: Sun, 10 Sep 2023 22:00:14 GMT
cache-control: public, max-age=31536000
age: 182460
last-modified: Mon, 10 May 2021 13:56:17 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20220908/r20110914/client/load_preloaded_resource_fy2021.js
142.250.74.33200 OK 875 B URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20220908/r20110914/client/load_preloaded_resource_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (748)
Hash 7f017195be529ea58c3ab78d8dc1be22
d2a8f25d05226f8b59f74573f2509612c00710f9
59acc2605c947c7e98d070701e01bc7813688e81ad022192bb5a9311e799aa24
GET /pagead/js/r20220908/r20110914/client/load_preloaded_resource_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 875
x-xss-protection: 0
date: Mon, 12 Sep 2022 21:02:22 GMT
expires: Mon, 26 Sep 2022 21:02:22 GMT
cache-control: public, max-age=1209600
age: 13132
etag: 16974406330603315520
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
142.250.74.130200 OK 45 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 142.250.74.130:0
File type ASCII text, with very long lines (3498)
Hash 25cb4a17e1860904b708b740d89ecaf9
74a6c0ebc1efa46424abd24f939a76c0bdecda85
b581f933da7c14f46a3119b6fd3417d0bedcf65b61a38bf92a2232e6b86d8ed0
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 44876
date: Tue, 13 Sep 2022 00:41:14 GMT
expires: Tue, 13 Sep 2022 00:41:14 GMT
cache-control: private, max-age=3000
etag: "1662981969255015"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20220908/r20110914/client/window_focus_fy2021.js
142.250.74.33200 OK 1.4 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20220908/r20110914/client/window_focus_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1120)
Hash 80cd5cb3c635786273462df0f5f46e1a
419d5c86598430982672063ef04bb4966c94b9e8
f7f4c535ed4b9713150261c1c37ad1c2a883d08aef0ed2d6ce38736dd28d7301
GET /pagead/js/r20220908/r20110914/client/window_focus_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1359
x-xss-protection: 0
date: Tue, 13 Sep 2022 00:12:52 GMT
expires: Tue, 27 Sep 2022 00:12:52 GMT
cache-control: public, max-age=1209600
etag: 1484984001845508991
content-type: text/javascript; charset=UTF-8
age: 1702
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20220908/r20110914/abg_lite_fy2021.js
142.250.74.33200 OK 9.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20220908/r20110914/abg_lite_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1621)
Hash 3c5efa479f799e66f1aec6babceef38f
156215ad7299ac993c75f6f096ee0a871a2791c4
edd903d099e731de60a28ebf0e311da7b02ee4d4435d2a905a2e5e2d336296dc
GET /pagead/js/r20220908/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 9632
x-xss-protection: 0
date: Mon, 12 Sep 2022 20:19:31 GMT
expires: Mon, 26 Sep 2022 20:19:31 GMT
cache-control: public, max-age=1209600
age: 15703
etag: 15013890920676311251
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6526c70eb74c821b7a95487ad9a4e13d
0b8c610a7755437ab815b845f52cbb27e6c95008
059d15ca6ac7cb1830286ae635731e03b56c01d7d050291dabe2b3f3db866c9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:41:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 84bfe0af60661ab725abb8e1775aa6cc
716c301362e740b434c5f545dd8206545f6fa2f7
b02004636fa92f73dacec7c5fc5c72a2a50a09a5408ca7d95cbad0f3114b4539
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B02004636FA92F73DACEC7C5FC5C72A2A50A09A5408CA7D95CBAD0F3114B4539"
Last-Modified: Mon, 12 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21582
Expires: Tue, 13 Sep 2022 06:40:56 GMT
Date: Tue, 13 Sep 2022 00:41:14 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 84bfe0af60661ab725abb8e1775aa6cc
716c301362e740b434c5f545dd8206545f6fa2f7
b02004636fa92f73dacec7c5fc5c72a2a50a09a5408ca7d95cbad0f3114b4539
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B02004636FA92F73DACEC7C5FC5C72A2A50A09A5408CA7D95CBAD0F3114B4539"
Last-Modified: Mon, 12 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21542
Expires: Tue, 13 Sep 2022 06:40:16 GMT
Date: Tue, 13 Sep 2022 00:41:14 GMT
Connection: keep-alive
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
142.250.74.163200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Hash 53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 20:35:24 GMT
expires: Thu, 07 Sep 2023 20:35:24 GMT
cache-control: public, max-age=31536000
age: 446750
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3084664284474584&output=html&h=150&adk=3670103587&adf=4268804762&w=180&lmt=1649301841&ad_type=text_image&format=180x150_as&color_bg=000000&color_border=000000&color_link=777777&color_text=999999&color_url=99AADD&url=http%3A%2F%2Ffree-wow.blogspot.com%2F&host=pub-1556223355139109&h_ch=00000&wgl=1&dt=1663029661308&bpp=5&bdt=895&idt=291&shv=r20220908&mjsv=m202209070101&ptt=5&saldr=sa&abxe=1&prev_fmts=120x240_as&correlator=5609998393077&pv_h_ch=00000&frm=20&pv=1&ga_vid=566046833.1663029661&ga_sid=1663029661&ga_hid=1906171442&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=744&ady=2044&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706&oid=2&pvsid=2770984181428619&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=xdLZQMVrxW&p=http%3A//free-wow.blogspot.com&dtd=398
142.250.74.2200 OK 21 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3084664284474584&output=html&h=150&adk=3670103587&adf=4268804762&w=180&lmt=1649301841&ad_type=text_image&format=180x150_as&color_bg=000000&color_border=000000&color_link=777777&color_text=999999&color_url=99AADD&url=http%3A%2F%2Ffree-wow.blogspot.com%2F&host=pub-1556223355139109&h_ch=00000&wgl=1&dt=1663029661308&bpp=5&bdt=895&idt=291&shv=r20220908&mjsv=m202209070101&ptt=5&saldr=sa&abxe=1&prev_fmts=120x240_as&correlator=5609998393077&pv_h_ch=00000&frm=20&pv=1&ga_vid=566046833.1663029661&ga_sid=1663029661&ga_hid=1906171442&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=744&ady=2044&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706&oid=2&pvsid=2770984181428619&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=xdLZQMVrxW&p=http%3A//free-wow.blogspot.com&dtd=398
IP 142.250.74.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash 6c228c69227ae06b16e1b0eb5fe53dbc
c457425761aa9d2a237c934df788cb5b7007ba2c
89291ac9f57f6e2363a6be396c0a0c90ea082d5083b3f2b32113a281af3ee0a6
GET /pagead/ads?client=ca-pub-3084664284474584&output=html&h=150&adk=3670103587&adf=4268804762&w=180&lmt=1649301841&ad_type=text_image&format=180x150_as&color_bg=000000&color_border=000000&color_link=777777&color_text=999999&color_url=99AADD&url=http%3A%2F%2Ffree-wow.blogspot.com%2F&host=pub-1556223355139109&h_ch=00000&wgl=1&dt=1663029661308&bpp=5&bdt=895&idt=291&shv=r20220908&mjsv=m202209070101&ptt=5&saldr=sa&abxe=1&prev_fmts=120x240_as&correlator=5609998393077&pv_h_ch=00000&frm=20&pv=1&ga_vid=566046833.1663029661&ga_sid=1663029661&ga_hid=1906171442&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=744&ady=2044&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706&oid=2&pvsid=2770984181428619&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=xdLZQMVrxW&p=http%3A//free-wow.blogspot.com&dtd=398 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 13 Sep 2022 00:41:14 GMT
server: cafe
content-length: 21140
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 13-Sep-2022 00:56:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 13 Sep 2022 00:41:14 GMT
cache-control: private
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash f8f3eae3fdda1cf46651b7f6fb63ae8b
2d78b273c29dc5ca8cc11c501f30993e2f26508b
37099683ca4ebae4b48d0472956ee09c2ca11a499baab18ea0bc1f9e1b395e86
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 00:41:14 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 12 Sep 2022 13:17:55 GMT
Expires: Mon, 19 Sep 2022 13:17:54 GMT
Etag: "2d78b273c29dc5ca8cc11c501f30993e2f26508b"
Cache-Control: max-age=563199,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 749cd60becd4b529-OSL
free-wow.blogspot.com/favicon.ico
142.250.74.161200 OK 412 B URL HTTP/1.1 free-wow.blogspot.com/favicon.ico
IP 142.250.74.161:0
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 501c61a70f5c41181aa050d9110909ca
5b985d5671a7caf686fdfb1df13488c4407f6c9f
c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
GET /favicon.ico HTTP/1.1
Host: free-wow.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
Cookie: sc_is_visitor_unique=rx2317555.1663029661.79EDC6FF0CE04F3BDFCAB5256DA0E1D4.1.1.1.1.1.1.1.1.1; __utma=62686203.566046833.1663029661.1663029661.1663029661.1; __utmb=62686203; __utmc=62686203; __utmz=62686203.1663029661.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)
HTTP/1.1 200 OK
Content-Type: image/x-icon; charset=UTF-8
Expires: Tue, 13 Sep 2022 00:41:14 GMT
Date: Tue, 13 Sep 2022 00:41:14 GMT
Cache-Control: private, max-age=86400
Last-Modified: Thu, 07 Apr 2022 03:24:01 GMT
ETag: W/"9a4ae0555a770cc350b8987f06018080027e553ea4c796761a8c0db88a12b60c"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE
www.jagtoplist.com/tracker.php?site=1476
156.226.113.35302 Moved Temporarily 0 B URL HTTP/1.1 www.jagtoplist.com/tracker.php?site=1476
IP 156.226.113.35:0
ASN #133201 ABCDE GROUP COMPANY LIMITED
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /tracker.php?site=1476 HTTP/1.1
Host: www.jagtoplist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://free-wow.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx/1.20.1
Date: Tue, 13 Sep 2022 00:41:14 GMT
Content-Type: text/html; charset=gbk
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.40
Location: http://www.jagtoplist.com/home.php
Strict-Transport-Security: max-age=15768000
www.jagtoplist.com/images/vbtn88x55.jpg
156.226.113.35302 Moved Temporarily 0 B URL HTTP/1.1 www.jagtoplist.com/images/vbtn88x55.jpg
IP 156.226.113.35:0
ASN #133201 ABCDE GROUP COMPANY LIMITED
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/vbtn88x55.jpg HTTP/1.1
Host: www.jagtoplist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://free-wow.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx/1.20.1
Date: Tue, 13 Sep 2022 00:41:14 GMT
Content-Type: text/html; charset=gbk
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.40
Location: http://www.jagtoplist.com/home.php
Strict-Transport-Security: max-age=15768000
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2241
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Tue, 13 Sep 2022 00:41:15 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2241
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Tue, 13 Sep 2022 00:41:15 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2241
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Tue, 13 Sep 2022 00:41:15 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2241
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Tue, 13 Sep 2022 00:41:15 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2241
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Tue, 13 Sep 2022 00:41:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9ab2ec10c79b91d15edb1d1e3dc763c
744fee4a0baa22ba3aa352d60620a916972b47dd
f7bb66f5bb572d73f936fc74823f51ede1f2c4e309a939b39d9529ff8f757fbe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9945
x-amzn-requestid: a347749f-a63a-4533-a274-7151b9f235ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXcX8HAKoAMF5EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa765-56cff18515b2a5b3397231df;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:40:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lZ3FmD1gM8YBgZNt97kuYSol1kj0GQqRjyLT_7715VtH9GR1WpMDxA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:42:20 GMT
age: 10735
etag: "744fee4a0baa22ba3aa352d60620a916972b47dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
gtop100.com/images/nvotebutton.jpg
172.67.71.96404 Not Found 11 kB URL HTTP/2 gtop100.com/images/nvotebutton.jpg
IP 172.67.71.96:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1d64871778d30ba6ebd181c360467114
43bc1633ba5b3b9b4f9690f3498f6874244a1e44
60d94f48d3f1523214ad712c2b4179f81d3e5111725c2acc863d389a80ecc94a
GET /images/nvotebutton.jpg HTTP/1.1
Host: gtop100.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://free-wow.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Tue, 13 Sep 2022 00:41:14 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAdAXBfy2ZRlVIjFbwCvaNaYpCHs%2B787k9wSKcRYzXRIzrEKo%2FrUtBSQpkRWcum2sTG%2FaZogOZl3tXFWmT%2BNFDiRt%2FyQJIGFdVByA6NnbqJe3wBNJcLNSetV098S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 749cd6054dc1b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9bab12-4fd5-4be7-b453-25dfb0d4c606.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9bab12-4fd5-4be7-b453-25dfb0d4c606.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c824a7db30839607b01c7a164f6f6ec
bbab791971056750a46dd6ed9c5d7c8e12ab457e
872262a28a383a9eafd1f453014a3edfde4872160b772874271be6358a47449f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9bab12-4fd5-4be7-b453-25dfb0d4c606.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9606
x-amzn-requestid: bf72ce8c-1272-42df-8958-d392210106c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIR7NFh2oAMFXIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631996ad-4646091a428db21e2dce1a61;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 07:15:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4skZVE5BinFMAJV196j5-qtDez6m26DtU8NZvU6K2VuhFnC7E1zXWw==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:56:19 GMT
age: 9896
etag: "bbab791971056750a46dd6ed9c5d7c8e12ab457e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc781d2a6-7a39-471c-a1a0-2e29918b63e9.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc781d2a6-7a39-471c-a1a0-2e29918b63e9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed996f863e0d0dcce9e48acb79fd6827
af756dc52f6b5b042d99c3ceba7a64dcbfaa73b5
57ea1317d878e2727fd8b0f3823e6f14053c7d1d16c5e1872b23a510ab1efdd7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc781d2a6-7a39-471c-a1a0-2e29918b63e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6530
x-amzn-requestid: dd634daa-0aee-4859-a956-c54d5eecf1be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YSKEyHGlIAMFVcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d8a1e-51f715224318bfcf76d1c3ab;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 07:11:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: HMJgr4Kw1vyxFSbLpWcgarqHbVD3E8hPdFNFRzpwW4MqzV30mQyKog==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 01:02:34 GMT
age: 85121
etag: "af756dc52f6b5b042d99c3ceba7a64dcbfaa73b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2fa3e758-893f-4e13-94ae-85209a30089e.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2fa3e758-893f-4e13-94ae-85209a30089e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c3057080b51e9f8360222d0bba39807f
0c9cdc03cf2b5a60542cdb91de6b7b37866254cc
303c7c2f54dd0ef80f6a7b2cc050ff118f8907a79334dcab7e8fa4d4cab3b7bb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2fa3e758-893f-4e13-94ae-85209a30089e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6670
x-amzn-requestid: 6f0e9fd2-a2a3-4b89-a109-e0ada80efb41
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X_Y9vFPHoAMFkBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63160857-3c8f54b87e1e502e2308a204;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 14:31:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: s9XL-JvEdgQ31t_VRIubCZ7fMr7qscSLt7pPtnq9FIKOya2WbUfdfQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 22:02:04 GMT
age: 9551
etag: "0c9cdc03cf2b5a60542cdb91de6b7b37866254cc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d3b6b9b-146c-4409-9d90-4b60cad37e27.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d3b6b9b-146c-4409-9d90-4b60cad37e27.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bade06e72a416ba31c658e41c341a175
722607d59e2fa7de70b7b24daebc0ef74903f272
16033840bfe31372b193a545f5aae57fd865a5e786d12705d67b18dfdbb31388
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d3b6b9b-146c-4409-9d90-4b60cad37e27.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7430
x-amzn-requestid: 7898b8eb-60e3-47b4-980e-061036ac8c4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXbepFinIAMFoqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa5f7-3a120c0143cdf1051f94e142;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eKSciYj4WbRzV_M0LpmWpgrEvYLDfi2haM-slQw4EXm371JAq-pd6Q==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:58:04 GMT
etag: "722607d59e2fa7de70b7b24daebc0ef74903f272"
content-type: image/jpeg
age: 9791
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.jagtoplist.com/home.php
156.226.113.35301 Moved Permanently 169 B URL HTTP/1.1 www.jagtoplist.com/home.php
IP 156.226.113.35:0
ASN #133201 ABCDE GROUP COMPANY LIMITED
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 0f952b73d3f5586637ea9a5a789d48f4
b29aff4ffa1d4decd77db5160f920e1c6417e5e9
69d11528ee32902d0c47ed215877f0610399536f755db03ed02a77ecedd74751
Analyzer Verdict Alert fortinet Malware
GET /home.php HTTP/1.1
Host: www.jagtoplist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://free-wow.blogspot.com/
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.1
Date: Tue, 13 Sep 2022 00:41:15 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://www.jagtoplist.com/home.php
www.jagtoplist.com/home.php
156.226.113.35200 OK 518 B URL HTTP/1.1 www.jagtoplist.com/home.php
IP 156.226.113.35:0
ASN #133201 ABCDE GROUP COMPANY LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 203f323631fd90864e0224ce3bf93396
2ea07b2279013199b5910910f1041b8d9104bb39
0488430011bad6af686a09f299775ac6724502a2d968bfa1ea1fb98a7e3906cf
Analyzer Verdict Alert fortinet Malware
GET /home.php HTTP/1.1
Host: www.jagtoplist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://free-wow.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 13 Sep 2022 00:41:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
www.jagtoplist.com/home.php
156.226.113.35200 OK 518 B URL HTTP/1.1 www.jagtoplist.com/home.php
IP 156.226.113.35:0
ASN #133201 ABCDE GROUP COMPANY LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 203f323631fd90864e0224ce3bf93396
2ea07b2279013199b5910910f1041b8d9104bb39
0488430011bad6af686a09f299775ac6724502a2d968bfa1ea1fb98a7e3906cf
Analyzer Verdict Alert fortinet Malware
GET /home.php HTTP/1.1
Host: www.jagtoplist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://free-wow.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 13 Sep 2022 00:41:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
free-wow.blogspot.com/popup.js
142.250.74.161404 Not Found 0 B URL HTTP/1.1 free-wow.blogspot.com/popup.js
IP 142.250.74.161:0
GET /popup.js HTTP/1.1
Host: free-wow.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Tue, 13 Sep 2022 00:41:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 9606
Server: GSE
gtop100.com/images/tracker.jpg
172.67.71.96404 Not Found 0 B URL HTTP/2 gtop100.com/images/tracker.jpg
IP 172.67.71.96:0
GET /images/tracker.jpg HTTP/1.1
Host: gtop100.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://free-wow.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Tue, 13 Sep 2022 00:41:14 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ritGZaxdlhepTI3BoVAdFMsHpjUGUz8ztMjgy0FMRpakSPEznCFiX78uqSDhgPubT%2FdGek6sj6H%2FpGXDoe%2F2EYEhcDBi9OSHdU6%2BrojpwapFc1dwWDNF5BYM34H7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 749cd6053db5b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
c.statcounter.com/t.php?sc_project=2317555&u1=79EDC6FF0CE04F3BDFCAB5256DA0E1D4&java=1&security=ac6c5378&sc_snum=1&sess=a8f3c4&sc_rum_e_s=1279&sc_rum_e_e=1282&sc_rum_f_s=0&sc_rum_f_e=933&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=http%3A//free-wow.blogspot.com/&t=Free%20WoW%20-%20World%20of%20Warcraft&get_config=true
104.20.228.67200 OK 0 B URL HTTP/2 c.statcounter.com/t.php?sc_project=2317555&u1=79EDC6FF0CE04F3BDFCAB5256DA0E1D4&java=1&security=ac6c5378&sc_snum=1&sess=a8f3c4&sc_rum_e_s=1279&sc_rum_e_e=1282&sc_rum_f_s=0&sc_rum_f_e=933&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=http%3A//free-wow.blogspot.com/&t=Free%20WoW%20-%20World%20of%20Warcraft&get_config=true
IP 104.20.228.67:0
GET /t.php?sc_project=2317555&u1=79EDC6FF0CE04F3BDFCAB5256DA0E1D4&java=1&security=ac6c5378&sc_snum=1&sess=a8f3c4&sc_rum_e_s=1279&sc_rum_e_e=1282&sc_rum_f_s=0&sc_rum_f_e=933&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=http%3A//free-wow.blogspot.com/&t=Free%20WoW%20-%20World%20of%20Warcraft&get_config=true HTTP/1.1
Host: c.statcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://free-wow.blogspot.com
Connection: keep-alive
Referer: http://free-wow.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 00:41:15 GMT
content-type: application/json
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
expires: Mon, 26 Jul 1997 05:00:00 GMT
set-cookie: is_unique=sc2317555.1663029675.0; SameSite=None; Secure; Expires=Saturday, 11-Sep-2027 20:41:15 EDT; Path=/; Domain=.statcounter.com
access-control-allow-origin: http://free-wow.blogspot.com
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 749cd60c4f4e0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
IP 142.250.74.10:0
GET /css?family=Google%20Sans%3A400%2C500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Sep 2022 00:41:14 GMT
date: Tue, 13 Sep 2022 00:41:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2