urlquery - report: gamefabrique.com/dl/games2/pc/race-07-official-wtcc-game.exe

Overview

URL	gamefabrique.com/dl/games2/pc/race-07-official-wtcc-game.exe
IP	89.248.171.137
ASN	IP Volume inc
Location	United Kingdom
Report completed	2022-06-23 23:29:26 UTC
Status	Loading report..
urlquery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Blocklists

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Added / Verified	Severity	Host	Comment
2022-06-23	2	gamefabrique.com/dl/games2/pc/race-07-official-wtcc-game.exe	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

Files

No files detected

Passive DNS (10)

Passive DNS Source	Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP
[Mnemonic Passive DNS]	r3.o.lencr.org (2)	344	2020-12-02 08:52:13 UTC	2022-06-23 04:53:45 UTC	23.36.77.32
[Mnemonic Passive DNS]	ocsp.digicert.com (2)	86	2012-11-29 12:49:49 UTC	2022-06-23 16:00:56 UTC	93.184.220.29
[Mnemonic Passive DNS]	img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-06-23 14:13:18 UTC	34.120.237.76
[Mnemonic Passive DNS]	ocsp.sectigo.com (1)	487	2018-12-17 11:31:55 UTC	2022-06-23 21:30:34 UTC	104.18.32.68
[Mnemonic Passive DNS]	ocsp.pki.goog (3)	175	2017-06-14 07:23:31 UTC	2022-06-23 11:59:42 UTC	142.250.74.3
[Mnemonic Passive DNS]	push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2022-06-23 04:55:40 UTC	34.214.236.46
[Mnemonic Passive DNS]	gamefabrique.com (4)	204391	No data	No data	89.248.171.137
[Mnemonic Passive DNS]	firefox.settings.services.mozilla.com (2)	867	2016-03-17 08:25:01 UTC	2020-05-25 20:01:47 UTC	54.230.111.7
[Mnemonic Passive DNS]	content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-06-23 04:53:43 UTC	54.230.111.14
[Mnemonic Passive DNS]	contile.services.mozilla.com (1)	1114	No data	No data	34.117.237.239

Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 89.248.171.137

Date	UQ / IDS / BL	URL	IP
2022-07-05 18:35:47 +0000	0 - 0 - 1	gamefabrique.com/dl/games2/pc/hopkins-fbi.exe	89.248.171.137
2022-07-05 18:35:42 +0000	0 - 0 - 1	gamefabrique.com/dl/games2/pc/battle-for-troy.exe	89.248.171.137
2022-07-05 18:34:41 +0000	0 - 0 - 1	gamefabrique.com/dl/games2/xbox/delta-force-b (...)	89.248.171.137
2022-07-05 18:32:36 +0000	0 - 0 - 1	gamefabrique.com/dl/games2/pc/monster-girl-la (...)	89.248.171.137
2022-07-05 18:32:23 +0000	0 - 0 - 1	gamefabrique.com/dl/games2/360/grand-theft-au (...)	89.248.171.137
2022-07-05 18:29:49 +0000	0 - 0 - 1	gamefabrique.com/dl/games2/pc/winning-eleven- (...)	89.248.171.137
2022-07-05 16:11:03 +0000	0 - 0 - 1	gamefabrique.com/dl/games2/xbox/teenage-mutan (...)	89.248.171.137
2022-07-05 06:44:07 +0000	0 - 0 - 2	gamefabrique.com/dl/games2/360/darksiders-2.exe	89.248.171.137
2022-07-04 18:12:05 +0000	0 - 0 - 1	gamefabrique.com/dl/games2/xbox/teenage-mutan (...)	89.248.171.137
2022-07-04 18:11:39 +0000	0 - 0 - 1	gamefabrique.com/dl/games2/pc/hopkins-fbi.exe	89.248.171.137

Last 10 reports on ASN: IP Volume inc

Date	UQ / IDS / BL	URL	IP
2022-07-06 04:22:27 +0000	3 - 0 - 1	jg0agsertkllemdt77it8f9l9vo1kgm44e0ld7udgookk (...)	80.82.77.136
2022-07-06 00:20:55 +0000	0 - 0 - 1	siasky.net/fabeyw-y1p7xvk-ddvjztgciziowd85k9t (...)	80.82.77.136
2022-07-05 22:47:48 +0000	0 - 0 - 14	sjcrack.info/zbrush-crack	89.248.168.78
2022-07-05 18:35:47 +0000	0 - 0 - 1	gamefabrique.com/dl/games2/pc/hopkins-fbi.exe	89.248.171.137
2022-07-05 18:35:42 +0000	0 - 0 - 1	gamefabrique.com/dl/games2/pc/battle-for-troy.exe	89.248.171.137
2022-07-05 18:34:41 +0000	0 - 0 - 1	gamefabrique.com/dl/games2/xbox/delta-force-b (...)	89.248.171.137
2022-07-05 18:32:36 +0000	0 - 0 - 1	gamefabrique.com/dl/games2/pc/monster-girl-la (...)	89.248.171.137
2022-07-05 18:32:23 +0000	0 - 0 - 1	gamefabrique.com/dl/games2/360/grand-theft-au (...)	89.248.171.137
2022-07-05 18:29:49 +0000	0 - 0 - 1	gamefabrique.com/dl/games2/pc/winning-eleven- (...)	89.248.171.137
2022-07-05 16:11:03 +0000	0 - 0 - 1	gamefabrique.com/dl/games2/xbox/teenage-mutan (...)	89.248.171.137

Last 10 reports on domain: gamefabrique.com

Date	UQ / IDS / BL	URL	IP
2022-07-05 18:35:47 +0000	0 - 0 - 1	gamefabrique.com/dl/games2/pc/hopkins-fbi.exe	89.248.171.137
2022-07-05 18:35:42 +0000	0 - 0 - 1	gamefabrique.com/dl/games2/pc/battle-for-troy.exe	89.248.171.137
2022-07-05 18:34:41 +0000	0 - 0 - 1	gamefabrique.com/dl/games2/xbox/delta-force-b (...)	89.248.171.137
2022-07-05 18:32:36 +0000	0 - 0 - 1	gamefabrique.com/dl/games2/pc/monster-girl-la (...)	89.248.171.137
2022-07-05 18:32:23 +0000	0 - 0 - 1	gamefabrique.com/dl/games2/360/grand-theft-au (...)	89.248.171.137
2022-07-05 18:29:49 +0000	0 - 0 - 1	gamefabrique.com/dl/games2/pc/winning-eleven- (...)	89.248.171.137
2022-07-05 16:11:03 +0000	0 - 0 - 1	gamefabrique.com/dl/games2/xbox/teenage-mutan (...)	89.248.171.137
2022-07-05 06:44:07 +0000	0 - 0 - 2	gamefabrique.com/dl/games2/360/darksiders-2.exe	89.248.171.137
2022-07-04 18:12:05 +0000	0 - 0 - 1	gamefabrique.com/dl/games2/xbox/teenage-mutan (...)	89.248.171.137
2022-07-04 18:11:39 +0000	0 - 0 - 1	gamefabrique.com/dl/games2/pc/hopkins-fbi.exe	89.248.171.137

JavaScript

Executed Scripts (5)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (23)

Request	Response
GET /dl/games2/pc/race-07-official-wtcc-game.exe HTTP/1.1 Host: gamefabrique.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	89.248.171.137 HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=UTF-8 Date: Thu, 23 Jun 2022 23:29:09 GMT Server: Apache Location: https://gamefabrique.com/dl/games2/pc/race-07-official-wtcc-game.exe/ Cache-Control: max-age=1800 Expires: Thu, 23 Jun 2022 23:59:09 GMT Content-Length: 0 Keep-Alive: timeout=5, max=500 Connection: Keep-Alive --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - fortinet: Malware
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "22A7AFFA696C3188DD074DEB68A2EC519EA227AC839D0238C9F82660B9E14D6A" Last-Modified: Tue, 21 Jun 2022 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=17847 Expires: Fri, 24 Jun 2022 04:26:37 GMT Date: Thu, 23 Jun 2022 23:29:10 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: eb26d947e9927e4df61e0a3392250f80 Sha1: b039cc80d55f1e81ebd78e3e9aa99ec5f065a9a3 Sha256: 22a7affa696c3188dd074deb68a2ec519ea227ac839d0238c9f82660b9e14d6a
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40$ 54.230.111.7 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Thu, 23 Jun 2022 22:33:44 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: tWtGx-BK9pVkmMPvL0p2dXiiRkjXd_3dq5c8lobN3THhK7aFBUZAMA== Age: 3326 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40 Sha1: 57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2 Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 48ca0beea419a9039591cf1aee5179e0$ 54.230.111.14 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Wed, 11 May 2022 19:51:39 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Thu, 23 Jun 2022 02:10:52 GMT etag: "48ca0beea419a9039591cf1aee5179e0" x-cache: Hit from cloudfront via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: 8X-0bFK-1zbo6aeuiWi_0JNid8FDMKQleTwJf5OmvnLo9N4d-P9FNQ== age: 76699 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 48ca0beea419a9039591cf1aee5179e0 Sha1: 9e92629f505fcc07aab51221e8fe62197a23e307 Sha256: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6$ 34.117.237.239 HTTP/2 200 OK server: nginx date: Thu, 23 Jun 2022 23:29:10 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	104.18.32.68 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Jun 2022 23:29:10 GMT Content-Length: 471 Connection: keep-alive Last-Modified: Tue, 21 Jun 2022 20:39:03 GMT Expires: Tue, 28 Jun 2022 20:39:03 GMT ETag: 8544EA79E725E4DA1D3261FFD8BB5D3E699440E6 Cache-Control: max-age=421192,s-maxage=1800,public,no-transform,must-revalidate X-OCSP-Responder-ID: mcdpcaocsp3 CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 72010118b94cb509-OSL --- Additional Info --- Magic: data Size: 471 Md5: 9e2eaf169eb46a442de1fbc7bc49a4b7 Sha1: 8544ea79e725e4da1d3261ffd8bb5d3e699440e6 Sha256: 0ebd0ec354352ab50b8f1b253783236a920c717ac9af442e51cefde306f227f6
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5164 Cache-Control: max-age=115076 Date: Thu, 23 Jun 2022 23:29:10 GMT Etag: "62b4019e-117" Expires: Sat, 25 Jun 2022 07:27:06 GMT Last-Modified: Thu, 23 Jun 2022 06:01:02 GMT Server: ECS (ska/F708) X-Cache: HIT Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: bdcca9c294f5c2768dd61a30d14b98ed Sha1: 6c31af7de029f825edff608d8a3f02b083d05c00 Sha256: 84fdbe753e221b1f67001eb6ff2da0711bc0fab62cbb798233d8695b8fac4f26
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Jun 2022 23:29:10 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: ff76ecdd0136ddba010298ef5f5f93ba Sha1: 3be05ad9d4ee84edf2e33202e5ee69ec9c7bc6c3 Sha256: 29a770a1d2193ade6c1c265333bb36c08961a9e3d2f0f9936783e8f6b7c5aeea
GET /css/style.css HTTP/1.1 Host: gamefabrique.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://gamefabrique.com/ Connection: keep-alive Cookie: _ga=GA1.2.1147732290.1656020378; _gid=GA1.2.216028647.1656020378 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	89.248.171.137 HTTP/1.1 200 OK Content-Type: text/css Date: Thu, 23 Jun 2022 23:29:10 GMT Server: Apache Last-Modified: Mon, 04 Oct 2021 19:51:56 GMT ETag: "20b12-5cd8c3ec88f00-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Cache-Control: max-age=30 Expires: Thu, 23 Jun 2022 23:29:40 GMT Keep-Alive: timeout=5, max=500 Connection: Keep-Alive Transfer-Encoding: chunked --- Additional Info --- Magic: ASCII text, with very long lines (58113), with CRLF line terminators Size: 66840 Md5: 2c34cf35292f8a1b611f3fd807dc1bca Sha1: e74176acb37d2865f154b8b273afa44687026e7d Sha256: b6a1baf87fb326e88388b4a4abba5f83c66d34cc1f529855c479613693b245a7
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243$ 54.230.111.7 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Cache-Control: max-age=3600 Date: Thu, 23 Jun 2022 23:11:58 GMT Expires: Thu, 23 Jun 2022 23:39:32 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: HjS5CIqt77Uc39gGTIt-Rwsg7oAXt_QjEMNRO6wcjNoD_RRe2uIC8g== Age: 1033 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /apple-touch-icon.png HTTP/1.1 Host: gamefabrique.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://gamefabrique.com/ Connection: keep-alive Cookie: _ga=GA1.2.1147732290.1656020378; _gid=GA1.2.216028647.1656020378 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	$Magic: PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data Size: 15197 Md5: e90987bd4adc470d7ba4fd81f76cb183$ 89.248.171.137 HTTP/1.1 200 OK Content-Type: image/png Date: Thu, 23 Jun 2022 23:29:11 GMT Server: Apache Last-Modified: Thu, 16 Nov 2017 21:28:26 GMT ETag: "3b5d-55e204ceb3280" Accept-Ranges: bytes Content-Length: 15197 Cache-Control: max-age=3600 Expires: Fri, 24 Jun 2022 00:29:11 GMT Keep-Alive: timeout=5, max=499 Connection: Keep-Alive --- Additional Info --- Magic: PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data Size: 15197 Md5: e90987bd4adc470d7ba4fd81f76cb183 Sha1: 649344195432c7a8e2e6a74dd9b7bcea6cea2467 Sha256: 4e7b0eee7c58c78a3e0ae5a8a358a7e5feea58687e775620a2b7483f76d3667a
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Jun 2022 23:29:11 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: afde0d5495cfdde334c1d25d647335d5 Sha1: 5906cb825dc3b394eb0c7800bc4347325fbabcc2 Sha256: a4561abd8bf0fb50a895db72193fa66c7c700c09eef38f5dd105c332c61608bd
GET /favicon-16x16.png HTTP/1.1 Host: gamefabrique.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://gamefabrique.com/ Connection: keep-alive Cookie: _ga=GA1.2.1147732290.1656020378; _gid=GA1.2.216028647.1656020378 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	$Magic: PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data Size: 1255 Md5: 1b2691b2de0c451188b888e24630b3f7$ 89.248.171.137 HTTP/1.1 200 OK Content-Type: image/png Date: Thu, 23 Jun 2022 23:29:11 GMT Server: Apache Last-Modified: Thu, 16 Nov 2017 21:28:26 GMT ETag: "4e7-55e204ceb3280" Accept-Ranges: bytes Content-Length: 1255 Cache-Control: max-age=3600 Expires: Fri, 24 Jun 2022 00:29:11 GMT Keep-Alive: timeout=5, max=500 Connection: Keep-Alive --- Additional Info --- Magic: PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data Size: 1255 Md5: 1b2691b2de0c451188b888e24630b3f7 Sha1: a2c32792106fe41e94183f6f3ba7318a9880e66a Sha256: c3a1ec0a77a0d9982242ced81af0fa5f3f539787c00069a546a95e6396eeb9b5
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3737 Cache-Control: 'max-age=158059' Date: Thu, 23 Jun 2022 23:29:11 GMT Last-Modified: Thu, 23 Jun 2022 22:26:54 GMT Server: ECS (ska/F708) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 2c496ae5f0cd4293eb4b64873719fa18 Sha1: b6f208d7d4378645089619c0e0c073bae0fda877 Sha256: 34814a0401d417b44a565e6502aab31c5798bdb92dee0dcb0f8daf8d5f81a2d4
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Jun 2022 23:29:11 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 2de0d27511bef33ab56547ffea1323fe Sha1: c0924642b7fef69a424f129a8186d5ea1f41511b Sha256: 43e3a6ea9aba585ec88eed4723785948fb1b3eab452131146ee7901117c66f34
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: XCV31HjhLwhLqrKOzsRqvw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	34.214.236.46 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: VRwn/cB2UJHQfieC+qX+ysMK7lo= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "1394332035FF30FC505CCB0EB81DD131660600CACDD2559D109B725075B69669" Last-Modified: Tue, 21 Jun 2022 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10223 Expires: Fri, 24 Jun 2022 02:19:36 GMT Date: Thu, 23 Jun 2022 23:29:13 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7bc8229c95ee41c38c54679ba5a88741 Sha1: 29a3dd87d193e5b1e1ebc749d7dbf7d871735406 Sha256: 1394332035ff30fc505ccb0eb81dd131660600cacdd2559d109b725075b69669
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3892679f-4cba-4b4d-9999-d06aff9c2708.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8993 Md5: 4760b9caf6104b37434b30e11467dab9$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 8993 x-amzn-requestid: 08f08197-4277-4810-82d0-c0e0fbc206e5 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: T9Z0wFeZoAMFe-Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62aed684-7b0350b01666a9782ce4b7ef;Sampled=0 x-amzn-remapped-date: Sun, 19 Jun 2022 07:55:48 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: 0yGnupHWNJtm8eX4dRno7ysl_RV8pMeZwm7o2NaLFbUwW3aE8zSeXw== via: 1.1 a4479a6315f90864adc6175b280f8f44.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google date: Thu, 23 Jun 2022 19:43:46 GMT age: 13527 etag: "b71ad03b98790dd12453b50ac6434a2d6b50c5cf" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8993 Md5: 4760b9caf6104b37434b30e11467dab9 Sha1: b71ad03b98790dd12453b50ac6434a2d6b50c5cf Sha256: 8e8d01b1e92d019dfead23f89323c85f540698328b42d780bfc9850e9185644d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b96f859-10eb-474c-8b8c-9e5902b28bd8.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4878 Md5: c90b3735180499df633f9fc6272ff632$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 4878 x-amzn-requestid: 3caca75d-3753-41f1-a4ec-277c173b26b6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UJgx6FZ0IAMFbFg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b3ae72-39f08dc910314e8f247ffd44;Sampled=0 x-amzn-remapped-date: Thu, 23 Jun 2022 00:06:10 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: 0PmqyPibimYVX8rYVY3HbTcsEGTrWDA5L40dzwo1fS0CCyJrgMJOJg== via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google date: Thu, 23 Jun 2022 00:16:23 GMT age: 83570 etag: "1abc297d329369f4aee445a5eabab7fa089ce764" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4878 Md5: c90b3735180499df633f9fc6272ff632 Sha1: 1abc297d329369f4aee445a5eabab7fa089ce764 Sha256: 00f8db77cec74be5fb70d1d5bd351fee3dfdc2d807a861184f28e47344a760ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a9018db-9e51-4804-9c56-7ac1d2176356.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7541 Md5: 0fe5340d565c2ab7d1b311321ed2f8a3$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 7541 x-amzn-requestid: 779e91c5-09a6-4677-b9af-db6164ebb546 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UJhf-GHDoAMF4vg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b3af99-3fcfaf7b7fb299d957dd7c98;Sampled=0 x-amzn-remapped-date: Thu, 23 Jun 2022 00:11:05 GMT x-amz-cf-pop: YVR50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: uDomSO5Rz7P5lmAyxT-p3YnTaROMHeUY0lgSNTApWOhn5Xa0x3nKeA== via: 1.1 ba55932f4947672586f0865cea81e028.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google date: Thu, 23 Jun 2022 00:16:24 GMT age: 83569 etag: "042581a2f8d5f788b6dbf7c6c940a3952ae4bef9" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7541 Md5: 0fe5340d565c2ab7d1b311321ed2f8a3 Sha1: 042581a2f8d5f788b6dbf7c6c940a3952ae4bef9 Sha256: 2085de5ba82db208e4e22402651fb0b795f66da76707c95550d4ebdb54f84c2f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd503013e-1d8c-401f-9cec-1ff9f66e12cc.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6301 Md5: 86fa458d383f4e14f204f22d50693fb6$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 6301 x-amzn-requestid: 36932e67-4488-4899-bc45-ea23fb66b248 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: T8VW-FNNoAMF6nw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62ae68f9-58ca366c64b27fd570ce16d0;Sampled=0 x-amzn-remapped-date: Sun, 19 Jun 2022 00:08:25 GMT x-amz-cf-pop: SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: tVzSdMIep1HK47UfTZnvKvLm-_9_NaESIw_XvbtsfDc834acsAYzlQ== via: 1.1 60b744e5b364d04abea9fa6686121242.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google date: Thu, 23 Jun 2022 01:20:27 GMT age: 79726 etag: "0d1c278b921fb50ab3e7c31851f099efbecbbbc2" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6301 Md5: 86fa458d383f4e14f204f22d50693fb6 Sha1: 0d1c278b921fb50ab3e7c31851f099efbecbbbc2 Sha256: 94629bc0b7076f2af81b4507f9fe8bd2b5cc71ea751957e38101e4220f3681e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8773da87-c09d-42d7-9054-5fd332193a06.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10163 Md5: 486e472ddbc5dc4684b18d17e6cacd7d$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 10163 x-amzn-requestid: e50196c4-867f-4cd7-9d2f-de07b0c514a1 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UMdEUHjFIAMF6vA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b4dbb5-1cf97b3d0b970df06b091796;Sampled=0 x-amzn-remapped-date: Thu, 23 Jun 2022 21:31:33 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: 8g-6kAldCwE5olUMewrXMhVZvVLlgX3WPIYH4C8nJe8rydC9GVGE5Q== via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google date: Thu, 23 Jun 2022 21:42:39 GMT age: 6394 etag: "a63fe56db3c08a52bec457c869094fb37d4abdcd" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10163 Md5: 486e472ddbc5dc4684b18d17e6cacd7d Sha1: a63fe56db3c08a52bec457c869094fb37d4abdcd Sha256: 046c795f40b6f080bf9e97ee894e88126cb64fa87a3e3c96c990f25c310adbef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa820a46a-765f-44c7-a419-1416079d7858.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 14752 Md5: 04d57f33c32649ce18f99c9063b7ca02$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 14752 x-amzn-requestid: 3198cf2a-fea9-41f0-985c-404fb3f7b0d7 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UC6TDFLPIAMF7Lw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b10a79-3f7fa56b3cf26b5c4092f635;Sampled=0 x-amzn-remapped-date: Tue, 21 Jun 2022 00:02:01 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: L4tpQjLVXtmNLUP_lbrY5THXweYSiVcitUcH6sLTCWj_KWROc4YB_Q== via: 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google date: Thu, 23 Jun 2022 01:07:58 GMT age: 80475 etag: "70511c4ed709ee934897dfb4d67e4dcb162acc29" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 14752 Md5: 04d57f33c32649ce18f99c9063b7ca02 Sha1: 70511c4ed709ee934897dfb4d67e4dcb162acc29 Sha256: 321e550281abc225a3176edb6b69b020c7432d284fdd89adc53195c343529c09