r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11048
Expires: Sun, 27 Nov 2022 04:43:10 GMT
Date: Sun, 27 Nov 2022 01:39:02 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3900
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 01:39:02 GMT
Last-Modified: Sun, 27 Nov 2022 00:34:02 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ringsidereport.com/?p=113812
209.126.127.121301 Moved Permanently 162 B URL HTTP/1.1 ringsidereport.com/?p=113812
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Malware
GET /?p=113812 HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 27 Nov 2022 01:39:02 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://ringsidereport.com/?p=113812
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 01:17:34 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1288
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13841
Expires: Sun, 27 Nov 2022 05:29:43 GMT
Date: Sun, 27 Nov 2022 01:39:02 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 85sNJZxItENajy54m8oEmkP4zrqIl+Fsv2NWGb4TcEOMUYbgCnuQVJsZGDjdtUA6R1xqYHFSD40=
x-amz-request-id: VYY8MYK3P87F6ZW6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 00:44:26 GMT
age: 3276
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 01:39:03 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 01:11:12 GMT
cache-control: public,max-age=3600
age: 1671
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e8649a0ed48f66c4082d3c0125aac194
69dcd0f1d4d07ce9a0c3e4e7649b1305901ffe89
409710069ef93263670cfe263f51aa8a51cbb9f058613be8c40c7b20f7835a90
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "409710069EF93263670CFE263F51AA8A51CBB9F058613BE8C40C7B20F7835A90"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21556
Expires: Sun, 27 Nov 2022 07:38:19 GMT
Date: Sun, 27 Nov 2022 01:39:03 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4440
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 01:39:03 GMT
Last-Modified: Sun, 27 Nov 2022 00:25:04 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.39.62.124101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.62.124:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FXMTYDEETL3SoMnbYB6mkw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rBaNBi4QoD8CTQnsxalto6gBiUE=
ringsidereport.com/?p=113812
209.126.127.121200 OK 24 kB URL HTTP/1.1 ringsidereport.com/?p=113812
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash e2a5728201713489d8dce6e2d4b8b9bd
077ac275c5ef13521fa776d2ea2212c182914500
19f21556e26bd1184edee828f42ce27f54fca17005d4dd6da23d48ef70f421c3
Analyzer Verdict Alert fortinet Malware
GET /?p=113812 HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:04 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 23578
Connection: keep-alive
Link: <https://ringsidereport.com/index.php?rest_route=/>; rel="https://api.w.org/", <https://ringsidereport.com/index.php?rest_route=/wp/v2/posts/113812>; rel="alternate"; type="application/json", <https://ringsidereport.com/?p=113812>; rel=shortlink
Set-Cookie: pvc_visits[0]=1669599543b113812; expires=Mon, 28-Nov-2022 01:39:03 GMT; Max-Age=86400; path=/; secure; HttpOnly; SameSite=LAX
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PHP/7.4.33, PleskLin
ringsidereport.com/wp-content/plugins/simple-google-recaptcha/sgr.css?ver=1665178020
209.126.127.121200 OK 173 B URL HTTP/1.1 ringsidereport.com/wp-content/plugins/simple-google-recaptcha/sgr.css?ver=1665178020
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
Hash c93337105d33e39f274dee7249c6af98
aac02c3e1b849f16fcf31d7c823b7882f1c57b9f
85d5913d390c2ef0f1da0ab867305f7c10a8192f8217fcc73ee5394dfe90574f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/simple-google-recaptcha/sgr.css?ver=1665178020 HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:04 GMT
Content-Type: text/css
Content-Length: 173
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Accel-Version: 0.01
Last-Modified: Fri, 07 Oct 2022 21:27:00 GMT
ETag: "e4-5ea78786bc748-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
ringsidereport.com/wp-content/plugins/post-views-counter/css/frontend.min.css?ver=1.3.12
209.126.127.121200 OK 160 B URL HTTP/1.1 ringsidereport.com/wp-content/plugins/post-views-counter/css/frontend.min.css?ver=1.3.12
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with no line terminators
Hash 4df91c91027504c61842f14fe647d07c
dc28721ef85699e731a1d4913969c9023fb67f66
667d125196c7be5569af7877beb880f71e984ef160420054602fd22bd62029d4
GET /wp-content/plugins/post-views-counter/css/frontend.min.css?ver=1.3.12 HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:04 GMT
Content-Type: text/css
Content-Length: 160
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Accel-Version: 0.01
Last-Modified: Sat, 12 Nov 2022 18:04:10 GMT
ETag: "d7-5ed49d54b32b3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 01:39:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 01:39:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9f6cc8d3fe9092a6d3901e873a87fd87
2e0aac117a4cc57596efb3d6f6624c269f94b031
e73982e62b92abac3d15b161f4525448cc2bc8b9bacefdcbfc6f87b74ec372e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 01:39:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-68792455-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-68792455-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash a210a25daa11371fcea42cbcf4026bc6
dd6af8a26b96a7af241320a37bf3ae194ae80f91
438186e3c0b1543f518c15638bf2a12dc5877bcd2e07d846512ebcfd03dcca6a
GET /gtag/js?id=UA-68792455-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 27 Nov 2022 01:39:05 GMT
expires: Sun, 27 Nov 2022 01:39:05 GMT
cache-control: private, max-age=900
last-modified: Sun, 27 Nov 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43721
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ringsidereport.com/wp-includes/css/dist/block-library/style.min.css?ver=8369fdac4380dab2881318a471ec71f2
209.126.127.121200 OK 11 kB URL HTTP/1.1 ringsidereport.com/wp-includes/css/dist/block-library/style.min.css?ver=8369fdac4380dab2881318a471ec71f2
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (47826)
Hash ddbe3b9f44d545e14cfd50fe353e3b47
6d294c7b8b93646644fd7343e6b329dc7951e80f
347aba0ec41916a80c3fe2c9b5702874e664618165b7044a9a419bc170cb0c7f
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=8369fdac4380dab2881318a471ec71f2 HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: text/css
Last-Modified: Tue, 15 Nov 2022 21:27:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63740439-172a9"
X-Powered-By: PleskLin
Content-Encoding: br
ringsidereport.com/wp-content/plugins/custom-twitter-feeds/css/ctf-styles.min.css?ver=2.0.3
209.126.127.121200 OK 2.8 kB URL HTTP/1.1 ringsidereport.com/wp-content/plugins/custom-twitter-feeds/css/ctf-styles.min.css?ver=2.0.3
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (17189), with no line terminators
Hash a3bd7e03346d56b8114cfd37790663bb
39ae53a37943e2d7e7f0d0b1bdacdb2a1029550c
b4959f4c1075d8ec0289fa3660c0d1fe3c02987fc1d80d342888e4e5ce84c586
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/custom-twitter-feeds/css/ctf-styles.min.css?ver=2.0.3 HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: text/css
Last-Modified: Fri, 07 Oct 2022 21:26:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"634099a2-4325"
X-Powered-By: PleskLin
Content-Encoding: br
ringsidereport.com/wp-content/plugins/wp-polls/polls-css.css?ver=2.77.0
209.126.127.121200 OK 637 B URL HTTP/1.1 ringsidereport.com/wp-content/plugins/wp-polls/polls-css.css?ver=2.77.0
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
Hash caf65132f8fc34d68461638c66316e51
0c36585e6454ced0d0b2bc1571e1206f024eb4a0
2441ccf1625fa2e0b44f396025012e401f4fe901554c576e70e38c191842afd8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-polls/polls-css.css?ver=2.77.0 HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: text/css
Last-Modified: Fri, 07 Oct 2022 21:27:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"634099af-a94"
X-Powered-By: PleskLin
Content-Encoding: br
ringsidereport.com/wp-content/plugins/twitter-plugin/css/style.css?ver=8369fdac4380dab2881318a471ec71f2
209.126.127.121200 OK 412 B URL HTTP/1.1 ringsidereport.com/wp-content/plugins/twitter-plugin/css/style.css?ver=8369fdac4380dab2881318a471ec71f2
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
Hash 5e92bfbd8cdd4687fc0a610493d7c7fa
b516b2bbedc1ce433b6b1e88033b72509a99cc89
1e3a8f195e39efdd6a087b02c0ac1a25628380aef0a7ed0b943f644dc0c6310b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/twitter-plugin/css/style.css?ver=8369fdac4380dab2881318a471ec71f2 HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: text/css
Content-Length: 412
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Accel-Version: 0.01
Last-Modified: Mon, 10 Jan 2022 03:04:30 GMT
ETag: "37f-5d531986d4397-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4267
Expires: Sun, 27 Nov 2022 02:50:12 GMT
Date: Sun, 27 Nov 2022 01:39:05 GMT
Connection: keep-alive
www.google.com/recaptcha/api.js?onload=wpformsRecaptchaLoad&render=explicit
142.250.74.164200 OK 579 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=wpformsRecaptchaLoad&render=explicit
IP 142.250.74.164:0
File type ASCII text, with very long lines (915), with no line terminators
Hash 748f62df7437312ba5731f51e0a286fc
af84d7717112390bfa78e058e4bf00d942956f1b
6409ff92f8ce50ce5d7c88fe8427d198620fee26869318041583b2147ca8ca6c
GET /recaptcha/api.js?onload=wpformsRecaptchaLoad&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 27 Nov 2022 01:39:05 GMT
date: Sun, 27 Nov 2022 01:39:05 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 579
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4267
Expires: Sun, 27 Nov 2022 02:50:12 GMT
Date: Sun, 27 Nov 2022 01:39:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7f16c0f8a8e710210ce77c0e4c1c2a2
590c34be54c9889eec4ff7993e070fda836f711f
4224287ba765da59c877ac4f1dec65accc5bec934b7598d9cbbee669ba4ab12e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6883
x-amzn-requestid: 9e3878c9-1817-427e-b121-969a8cbc7ad8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cL1ySF0tIAMFY4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638169a8-5143ffea77b70cf67ef60ad7;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 01:19:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: agN3iI99V_lKDGyKTEkZg_jgR8P6nrI53d-fXsHGHkQP55suaCC2xA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 05:30:06 GMT
age: 72539
etag: "590c34be54c9889eec4ff7993e070fda836f711f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a2bb7d-e57c-4751-a56f-0802ae9eaee6.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a2bb7d-e57c-4751-a56f-0802ae9eaee6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e615cdc2e330b5cf76435abce9aa631a
71f737c3cee7766494157cd6491ce247a785c09e
853f68bf79a553b9fbf0e10391424faf0a3c071370d05d369563f7824d1bda84
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a2bb7d-e57c-4751-a56f-0802ae9eaee6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9063
x-amzn-requestid: f00ac8bd-6466-4c92-9b99-0e71b4b2345c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8Jr4ENtoAMFzvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2318-0e3a57932987e29521388dd7;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:04:56 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: ntfumip5IjOlyoe6ASlwJ1PjPLN1yZHkK_iiDDKfmMCyI__PrrGVMA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 82893cc36087a50f9a150a621d10e740.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 11:33:57 GMT
age: 50708
etag: "71f737c3cee7766494157cd6491ce247a785c09e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:37 GMT
age: 13648
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cd887044e91d7ed0f1a8d7119ff7dd0
ae8aa4ce6ddaccba771fe65446926b60fc5628da
bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:41 GMT
age: 13644
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe38fd9-0497-4ec8-8f57-1ba100e73fcc.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe38fd9-0497-4ec8-8f57-1ba100e73fcc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f80a9a9b55da31c98663e157dde74a19
26b8dd82140c0db021048e11bff65a391dc6b444
680c39e4ea1d784db9831958942a64f3e83618dc443c8bcaa34223d85bb5b926
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe38fd9-0497-4ec8-8f57-1ba100e73fcc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6859
x-amzn-requestid: 4a1b13ad-9455-401d-a914-c1ada2191977
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYTHRroAMFR8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-4e5d630b23cdeb2e4b6d75d1;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: D24B6xoLZ2nu1NdlMU5TgJSc-DfzD6vrMzgU3s6tAiAsUuzBb_t89Q==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 08:23:04 GMT
age: 62161
etag: "26b8dd82140c0db021048e11bff65a391dc6b444"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4267
Expires: Sun, 27 Nov 2022 02:50:12 GMT
Date: Sun, 27 Nov 2022 01:39:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4267
Expires: Sun, 27 Nov 2022 02:50:12 GMT
Date: Sun, 27 Nov 2022 01:39:05 GMT
Connection: keep-alive
ringsidereport.com/wp-includes/css/dashicons.min.css?ver=8369fdac4380dab2881318a471ec71f2
209.126.127.121200 OK 35 kB URL HTTP/1.1 ringsidereport.com/wp-includes/css/dashicons.min.css?ver=8369fdac4380dab2881318a471ec71f2
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (58981)
Hash c973b886574ba31e25ceb99c36bbb1ec
9b1fb9d9858f1717d1020e8a3922d5f830c5a437
ae86ba1bfa225c68262b1a8f1a2f4abc5791629f266dd700b8bc4552cf8d6749
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dashicons.min.css?ver=8369fdac4380dab2881318a471ec71f2 HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: text/css
Last-Modified: Mon, 10 Jan 2022 03:05:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61dba270-e688"
X-Powered-By: PleskLin
Content-Encoding: br
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa78e81d9-dbc4-4911-9711-219f64026531.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa78e81d9-dbc4-4911-9711-219f64026531.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5e586c141835f4ac8819c55dcb811b4d
a23fd98701ac35cd8740d1f7a832118c770e20c8
4296f391f755a649897a2211f9072c69a0510e43a313674908bb0a771b12650e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa78e81d9-dbc4-4911-9711-219f64026531.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10944
x-amzn-requestid: ed714e4a-0f80-4b2d-ae82-b28d617fe927
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b42xTGpSoAMF9Vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6379d1a1-1235a4ad16a6bfee50615fbb;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 07:05:05 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: UzVSiMniBPN9LTEIutLmWn7BZX7d5RWIxtH0H-RpLfIGqdIBTovGMg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 28fdf6e146f70e7372911f118404fb20.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 22:36:11 GMT
age: 10974
etag: "a23fd98701ac35cd8740d1f7a832118c770e20c8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 01:39:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 01:39:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e922b25acaba2d7f8921ebe973a4b261
5dd4c237c84a652cbcf3db163529f3788ceafc46
a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 01:39:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ringsidereport.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1606067673
209.126.127.121200 OK 328 B URL HTTP/1.1 ringsidereport.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1606067673
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1951)
Hash dceca126639184c57f43bc039aaf93f4
1170d73733d9e36529c49a1580e387ee55e9244c
224a37732c0e80b22d1156c3ce613d14c3a51b1c905d47a4748c6688859f5293
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1606067673 HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: text/css
Last-Modified: Sun, 22 Nov 2020 17:54:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"5fbaa5d9-7a0"
X-Powered-By: PleskLin
Content-Encoding: br
ringsidereport.com/wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.7.8
209.126.127.121200 OK 5.2 kB URL HTTP/1.1 ringsidereport.com/wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.7.8
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (40956)
Hash 0d176dfe9116842e463eeab1f699ff83
6cadaaa9a7ece6df7b451ee590d12915c320a051
3ae6fe73e4dc62fec9a448fd0b1386836256582dc111c7637db14c701206d5de
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.7.8 HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: text/css
Last-Modified: Sat, 12 Nov 2022 18:04:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"636fe01c-9ffd"
X-Powered-By: PleskLin
Content-Encoding: br
ringsidereport.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
209.126.127.121200 OK 239 B URL HTTP/1.1 ringsidereport.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
Hash 21fec527969cbcfec759744ce51f94c0
827130fb99b0005a5206028abfe82e93610184f2
fe2a280a5ffe9f5d3b1bf125035d478e46bae689a2f0cde07d48bef1ba7c74b1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70 HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: text/css
Content-Length: 239
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Accel-Version: 0.01
Last-Modified: Mon, 26 Jul 2021 16:05:00 GMT
ETag: "176-5c808ea50a300-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
ringsidereport.com/wp-content/themes/madd-magazine/js/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
209.126.127.121200 OK 6.6 kB URL HTTP/1.1 ringsidereport.com/wp-content/themes/madd-magazine/js/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (30837), with CRLF line terminators
Hash f0f725f400726901067ebda02f0ae266
04507e75f033bf5e3505a39484165797bad50759
304fab78820d70046636d7c5845c0ab53a5c12bc348106053e84a28fc711ad23
GET /wp-content/themes/madd-magazine/js/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: text/css
Last-Modified: Sat, 26 Feb 2022 05:17:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6219b806-791c"
X-Powered-By: PleskLin
Content-Encoding: br
ringsidereport.com/wp-content/themes/madd-magazine/js/lib/swiper/css/swiper.min.css?ver=4.1.0
209.126.127.121200 OK 2.7 kB URL HTTP/1.1 ringsidereport.com/wp-content/themes/madd-magazine/js/lib/swiper/css/swiper.min.css?ver=4.1.0
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (19174), with CRLF line terminators
Hash cad83ac968e719153ba75d33cfc27467
ede4b50f217f432af0ec5abcb4f268da115e1dfa
327571bbced992a09e181a94200909a904699e7dbcec2b9e49e6c217156962af
GET /wp-content/themes/madd-magazine/js/lib/swiper/css/swiper.min.css?ver=4.1.0 HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: text/css
Last-Modified: Sat, 26 Feb 2022 05:17:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6219b806-4bfa"
X-Powered-By: PleskLin
Content-Encoding: br
ringsidereport.com/wp-content/themes/madd-magazine/style.css?ver=8369fdac4380dab2881318a471ec71f2
209.126.127.121200 OK 6.4 kB URL HTTP/1.1 ringsidereport.com/wp-content/themes/madd-magazine/style.css?ver=8369fdac4380dab2881318a471ec71f2
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (469)
Hash 9c7ef4615f4e65051835bb048edf8caf
c26ccdd41105c1081a4c2a6aee97c9e4632c59a2
e348effdca02cc39af8f8fdd85865e54807b5939dc6b16c9f31b9537ea0fe43f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/madd-magazine/style.css?ver=8369fdac4380dab2881318a471ec71f2 HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: text/css
Last-Modified: Sat, 19 Mar 2022 00:50:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"623528f1-6d40"
X-Powered-By: PleskLin
Content-Encoding: br
ringsidereport.com/wp-content/plugins/recent-posts-widget-with-thumbnails/public.css?ver=7.1.1
209.126.127.121200 OK 421 B URL HTTP/1.1 ringsidereport.com/wp-content/plugins/recent-posts-widget-with-thumbnails/public.css?ver=7.1.1
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (404)
Hash e615cb8e87915d50b0b09bc87c99ac0a
a7925d7e400276b8be6e595b8595c50ebd70bcc1
6d44cda2c847a9932f6660d0f9385b269229e690ed97a46ccdab6ff156ab8664
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/recent-posts-widget-with-thumbnails/public.css?ver=7.1.1 HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: text/css
Last-Modified: Sat, 26 Feb 2022 21:58:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"621aa299-43a"
X-Powered-By: PleskLin
Content-Encoding: br
ringsidereport.com/wp-content/plugins/login-with-ajax/templates/login-with-ajax.min.css?ver=4.1
209.126.127.121200 OK 3.9 kB URL HTTP/1.1 ringsidereport.com/wp-content/plugins/login-with-ajax/templates/login-with-ajax.min.css?ver=4.1
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (24701), with no line terminators
Hash 5f6ffed1268fd57eeac3fd7c4e7451f4
82f3ecf7d8575fe64320f324dbdfc9308aecb4d4
4abbfa1333a6969fe99b35963c6a20e843541cbc133ece24e8b0335efe531486
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/login-with-ajax/templates/login-with-ajax.min.css?ver=4.1 HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: text/css
Last-Modified: Thu, 02 Jun 2022 16:03:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6298df40-607d"
X-Powered-By: PleskLin
Content-Encoding: br
ringsidereport.com/wp-content/plugins/simple-google-recaptcha/sgr.js?ver=1665178020
209.126.127.121200 OK 420 B URL HTTP/1.1 ringsidereport.com/wp-content/plugins/simple-google-recaptcha/sgr.js?ver=1665178020
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
Hash 5289ca5d5bcf8bf7f2d6ec19d6290c29
55a18d9ef676f926a18bd7303101d015d80ef44e
9361e8e24bb7e29e5e1d1ad79055481bcffe914634b4cc86e953da36f549f532
GET /wp-content/plugins/simple-google-recaptcha/sgr.js?ver=1665178020 HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: application/javascript
Last-Modified: Fri, 07 Oct 2022 21:27:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"634099a4-53c"
X-Powered-By: PleskLin
Content-Encoding: br
ringsidereport.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.10.1
209.126.127.121200 OK 3.0 kB URL HTTP/1.1 ringsidereport.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.10.1
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1571)
Hash 12e5b0849ff5a42f6feb4d861cbfefc1
5597b876b27b31c492391e2677e1d64bf61f0a66
59451e3965f5c66ee49fa4e4a51790fd1d8592423e7875f2e46ed2d2b035b866
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.10.1 HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: application/javascript
Last-Modified: Wed, 09 Nov 2022 17:07:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"636bde62-2e3b"
X-Powered-By: PleskLin
Content-Encoding: br
ringsidereport.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
209.126.127.121200 OK 4.0 kB URL HTTP/1.1 ringsidereport.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (11126)
Hash add44040f586702dc1c451ab92296499
d9c7ba287ba026b837e2452763be965ab0020534
33e3f641cfc7cc64ac828fb2109d67649610740d78e4f4380d6bf551327e354b
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: application/javascript
Last-Modified: Mon, 10 Jan 2022 03:05:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61dba270-2bd8"
X-Powered-By: PleskLin
Content-Encoding: br
ringsidereport.com/wp-content/themes/madd-magazine/js/scripts.js?ver=1.0.0
209.126.127.121200 OK 568 B URL HTTP/1.1 ringsidereport.com/wp-content/themes/madd-magazine/js/scripts.js?ver=1.0.0
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash 4eff2d238e31b87ae13a66b427520829
7231b340de5d548cdef23e60d3fc00c8e79e9e98
97414ce07f16d47df9074062c4772f260e6f59dfc4499d9f198f403024f759e9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/madd-magazine/js/scripts.js?ver=1.0.0 HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: application/javascript
Last-Modified: Sat, 26 Feb 2022 05:17:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6219b806-5b2"
X-Powered-By: PleskLin
Content-Encoding: br
ringsidereport.com/wp-content/plugins/login-with-ajax/templates/login-with-ajax.min.js?ver=4.1
209.126.127.121200 OK 1.8 kB URL HTTP/1.1 ringsidereport.com/wp-content/plugins/login-with-ajax/templates/login-with-ajax.min.js?ver=4.1
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (6832), with no line terminators
Hash 5ee54cf3a83947cdcbb296c4864629c9
d532e5a013f248fbd402f8c518b6ed9f2513cb74
d08cb54e275360b8f5a1aad06ce5872ff360a587007d3f601ae2bf0fb94bb632
GET /wp-content/plugins/login-with-ajax/templates/login-with-ajax.min.js?ver=4.1 HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: application/javascript
Last-Modified: Thu, 02 Jun 2022 16:03:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6298df40-1ab0"
X-Powered-By: PleskLin
Content-Encoding: br
ringsidereport.com/wp-content/plugins/dynamic-headers/AC_RunActiveContent.js
209.126.127.121200 OK 2.2 kB URL HTTP/1.1 ringsidereport.com/wp-content/plugins/dynamic-headers/AC_RunActiveContent.js
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
Hash f065fd78e4901dfb3c52abe9ffb340c6
22006e6933bdb5cb1bf1c638432aef3b4ec61fc2
2680fead03a2c10c915286bf3d5561df446c08e363f7b7c378b389462d28487c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/dynamic-headers/AC_RunActiveContent.js HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: application/javascript
Last-Modified: Thu, 08 Mar 2012 07:40:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"4f586268-1f5d"
X-Powered-By: PleskLin
Content-Encoding: br
ringsidereport.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
209.126.127.121200 OK 30 kB URL HTTP/1.1 ringsidereport.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65447)
Hash ae1cf83d2201e59d763385978787e317
f6831a4276e88307b4811242b9747a588cf64395
21c1ed40fd9217135bccc08236bad3bc97daa27e7fddaf16f576ea041b78f613
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: application/javascript
Last-Modified: Sat, 12 Nov 2022 18:05:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"636fe05b-15e54"
X-Powered-By: PleskLin
Content-Encoding: br
ringsidereport.com/wp-content/plugins/custom-twitter-feeds/js/ctf-scripts.min.js?ver=2.0.3
209.126.127.121200 OK 5.5 kB URL HTTP/1.1 ringsidereport.com/wp-content/plugins/custom-twitter-feeds/js/ctf-scripts.min.js?ver=2.0.3
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (16139)
Hash 047c476d5d5b81794a4b228acf3ddfa8
61ebce4e9c7164e879221c29d744b9e939858a9b
136609d0528bd77942f8178e3f9765382b3dbeac917588b3297dfaf3b9e5dda4
GET /wp-content/plugins/custom-twitter-feeds/js/ctf-scripts.min.js?ver=2.0.3 HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: application/javascript
Last-Modified: Fri, 07 Oct 2022 21:26:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"634099a2-3f0c"
X-Powered-By: PleskLin
Content-Encoding: br
ringsidereport.com/wp-content/themes/madd-magazine/js/lib/swiper/js/swiper.js?ver=4.1.0
209.126.127.121200 OK 41 kB URL HTTP/1.1 ringsidereport.com/wp-content/themes/madd-magazine/js/lib/swiper/js/swiper.js?ver=4.1.0
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash cd7c7d51b118644851155b8ddf5c2b80
2dc86dea9fc036bf8c17458b9a58510066c48aa8
2a94dad0e764e5aa23e172d5cc32cf20bc730d587e4787929bb7c0abb0f504ab
GET /wp-content/themes/madd-magazine/js/lib/swiper/js/swiper.js?ver=4.1.0 HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: application/javascript
Last-Modified: Sat, 26 Feb 2022 05:17:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6219b806-3aa30"
X-Powered-By: PleskLin
Content-Encoding: br
ringsidereport.com/wp-content/plugins/wp-polls/polls-js.js?ver=2.77.0
209.126.127.121200 OK 573 B URL HTTP/1.1 ringsidereport.com/wp-content/plugins/wp-polls/polls-js.js?ver=2.77.0
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (3242), with no line terminators
Hash 698f590ca1511f07c288581c38e06ea7
469507e21b15081859eda0a411b7d8449c5b5cf4
32f8135340946d4d7216bc7b436cd566fe4480da9f80345ef2e63f19f522cef5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-polls/polls-js.js?ver=2.77.0 HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: application/javascript
Last-Modified: Fri, 07 Oct 2022 21:27:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"634099af-caa"
X-Powered-By: PleskLin
Content-Encoding: br
ringsidereport.com/wp-content/plugins/wpforms-lite/assets/lib/mailcheck.min.js?ver=1.1.2
209.126.127.121200 OK 1.6 kB URL HTTP/1.1 ringsidereport.com/wp-content/plugins/wpforms-lite/assets/lib/mailcheck.min.js?ver=1.1.2
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type C source, ASCII text, with very long lines (4014), with no line terminators
Hash 38972024d1bddefe91ac8ff65582386d
8f6e5af8d5a3e65074de8b9a6a41826fa4f856d6
fa9fca1dbb090087af025fc0c5aefede4c3ce53ec6d4fea69f9a1cdd88386f08
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpforms-lite/assets/lib/mailcheck.min.js?ver=1.1.2 HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: application/javascript
Last-Modified: Sat, 12 Nov 2022 18:04:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"636fe01c-fae"
X-Powered-By: PleskLin
Content-Encoding: br
ringsidereport.com/wp-content/plugins/wpforms-lite/assets/lib/punycode.min.js?ver=1.0.0
209.126.127.121200 OK 834 B URL HTTP/1.1 ringsidereport.com/wp-content/plugins/wpforms-lite/assets/lib/punycode.min.js?ver=1.0.0
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1713), with no line terminators
Hash d1415c8d5536d8b7c8b42b05cf068497
0bacccedadf43c4c981c78f21395a83bf177ca28
53c925546d3d8c08ad62ffdd84fe60ef1f6f86f4f0d38d9f4e904d8e3d7c20ac
GET /wp-content/plugins/wpforms-lite/assets/lib/punycode.min.js?ver=1.0.0 HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: application/javascript
Last-Modified: Sat, 12 Nov 2022 18:04:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"636fe01c-6b1"
X-Powered-By: PleskLin
Content-Encoding: br
ringsidereport.com/wp-content/plugins/wpforms-lite/assets/js/utils.min.js?ver=1.7.8
209.126.127.121200 OK 150 B URL HTTP/1.1 ringsidereport.com/wp-content/plugins/wpforms-lite/assets/js/utils.min.js?ver=1.7.8
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with no line terminators
Hash 14e97c0bd8b30f6184d7b9b0de3b62dc
052e2d09afda94db181e7b410ef3c49567350896
cf50cfaa42eabf7e33d6b7214e8965573e33b17b60420352789410639c9c80aa
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpforms-lite/assets/js/utils.min.js?ver=1.7.8 HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: application/javascript
Content-Length: 150
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
X-Accel-Version: 0.01
Last-Modified: Sat, 12 Nov 2022 18:04:12 GMT
ETag: "ae-5ed49d56b9b6c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
ringsidereport.com/wp-content/plugins/wpforms-lite/assets/js/wpforms.min.js?ver=1.7.8
209.126.127.121200 OK 9.3 kB URL HTTP/1.1 ringsidereport.com/wp-content/plugins/wpforms-lite/assets/js/wpforms.min.js?ver=1.7.8
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (32390), with no line terminators
Hash f509bc6f18d9f9db16fc06deb8ba80db
10d229794250b7ad4fdba03568a9d0b51435cd56
c7c1f806a605f52db38e85db1076e29a825c8b1da226efbf6b9a893c2548b16d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpforms-lite/assets/js/wpforms.min.js?ver=1.7.8 HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: application/javascript
Last-Modified: Sat, 12 Nov 2022 18:04:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"636fe01c-7e86"
X-Powered-By: PleskLin
Content-Encoding: br
ringsidereport.com/wp-includes/js/wp-emoji-release.min.js?ver=8369fdac4380dab2881318a471ec71f2
209.126.127.121200 OK 4.6 kB URL HTTP/1.1 ringsidereport.com/wp-includes/js/wp-emoji-release.min.js?ver=8369fdac4380dab2881318a471ec71f2
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (15660)
Hash 8b9c2e795218dd617714ce4ab2a266dc
2137dac9c2d7a5b90ef29454c93b9b6493bb4ff9
f8bdbfb1858865801345baa306dd8009b7e15b4929cc7d4e2d3bd1ad6cf6f19b
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=8369fdac4380dab2881318a471ec71f2 HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: application/javascript
Last-Modified: Thu, 02 Jun 2022 16:04:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6298df8f-48b9"
X-Powered-By: PleskLin
Content-Encoding: br
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 01:39:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 01:39:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ringsidereport.com/wp-content/uploads/2022/07/200px-BenFinkle-ShermanBergman-300x199.jpeg
209.126.127.121200 OK 12 kB URL HTTP/1.1 ringsidereport.com/wp-content/uploads/2022/07/200px-BenFinkle-ShermanBergman-300x199.jpeg
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "File source: http://boxrec.com/media/index.php/File:BenFinkle-ShermanBergman.jpeg", Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 300x199, components 1\012- data
Hash 4f9d89b63d02edc5594c100e28386c0e
4a61e8937e20e63f9e926f39d6b99e071581ff9c
d02991b8784eac9f98c03a382468ddeb2222edf404c7ddd80815517720616d38
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/07/200px-BenFinkle-ShermanBergman-300x199.jpeg HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: image/jpeg
Content-Length: 11724
Last-Modified: Thu, 21 Jul 2022 19:36:47 GMT
Connection: keep-alive
ETag: "62d9aacf-2dcc"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 01:39:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
216.58.207.195200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 17908, version 1.0\012- data
Hash e46b4e2e3b47cc232937ebf72b4c537e
2675bc06ee643b8c935370325a327efb74746e6a
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
GET /s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ringsidereport.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 21:29:12 GMT
expires: Fri, 24 Nov 2023 21:29:12 GMT
cache-control: public, max-age=31536000
age: 187793
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 01:39:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ringsidereport.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 281097
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ringsidereport.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 283516
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 01:39:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.w.org/images/core/emoji/14.0.0/svg/1f94a.svg
192.0.77.48200 OK 895 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f94a.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (895), with no line terminators
Hash 0bba59679c1a2c8325542fa484725c1a
5e6de39af9c38f7b4aeb5f575ff6f7a18c104757
26741fb631c36748670bc307594c3fcfcad743c914834217b200e3955828b57d
GET /images/core/emoji/14.0.0/svg/1f94a.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 01:39:05 GMT
content-type: image/svg+xml
content-length: 895
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
ringsidereport.com/imagez/RSR-Support-Our-Troops.jpg
209.126.127.121200 OK 55 kB URL HTTP/1.1 ringsidereport.com/imagez/RSR-Support-Our-Troops.jpg
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=13, height=431, bps=170, PhotometricIntepretation=RGB, orientation=upper-left, width=431], progressive, precision 8, 250x250, components 3\012- data
Hash 17f35aee43b462fe4b9894bb32a5372b
30454293da7285cd226d2dc653bbf0fb1703b996
85db8ed0a55af5bd33a4455bece374e31269c2d4ae8090121be7b5573c5edfc6
GET /imagez/RSR-Support-Our-Troops.jpg HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: image/jpeg
Content-Length: 55336
Last-Modified: Mon, 19 Sep 2016 17:39:37 GMT
Connection: keep-alive
ETag: "57e022d9-d828"
X-Powered-By: PleskLin
Accept-Ranges: bytes
s.w.org/images/core/emoji/14.0.0/svg/1f4a9.svg
192.0.77.48200 OK 1.2 kB URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f4a9.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1194), with no line terminators
Hash 8359db312f7319a4b0b23415e5fd1392
06b9ffa158174a39074decd055a32c4ace9fbc21
e729acce7a8174bec95ad834a7b0bedce757881f000134ee6aceb8b10e4a685b
GET /images/core/emoji/14.0.0/svg/1f4a9.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 01:39:05 GMT
content-type: image/svg+xml
content-length: 1194
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f447.svg
192.0.77.48200 OK 558 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f447.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (558), with no line terminators
Hash 985bb2d2398be71e1b68bc7e2103c993
b80d789cda8d53693bee8a83bb8a921a3978895e
ea5cb5c192a3478fe2766d2401fa6bd46a6fe23b9bfc2034d0a54c9fd3088a39
GET /images/core/emoji/14.0.0/svg/1f447.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 01:39:05 GMT
content-type: image/svg+xml
content-length: 558
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
ringsidereport.com/wp-content/uploads/2022/05/Boxing-Ring-150x150.jpg
209.126.127.121200 OK 9.1 kB URL HTTP/1.1 ringsidereport.com/wp-content/uploads/2022/05/Boxing-Ring-150x150.jpg
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 150x150, components 3\012- data
Hash e9e3e7024cd66c1dc804a6c7e2f47005
694bcb9e512b1fdc03fa45ba8420aaa2682e331d
0bf9585d766f27cf28ad89172f3d1908e4431525ef20650ae7976fecaac9e938
GET /wp-content/uploads/2022/05/Boxing-Ring-150x150.jpg HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: image/jpeg
Content-Length: 9136
Last-Modified: Thu, 05 May 2022 05:30:33 GMT
Connection: keep-alive
ETag: "627360f9-23b0"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ringsidereport.com/wp-content/themes/madd-magazine/js/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
209.126.127.121200 OK 77 kB URL HTTP/1.1 ringsidereport.com/wp-content/themes/madd-magazine/js/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/madd-magazine/js/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ringsidereport.com/wp-content/themes/madd-magazine/js/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: font/woff2
Content-Length: 77160
Last-Modified: Sat, 26 Feb 2022 05:17:58 GMT
Connection: keep-alive
ETag: "6219b806-12d68"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ringsidereport.com/wp-content/uploads/2022/02/RSR-AD-2022-2.jpg
209.126.127.121200 OK 18 kB URL HTTP/1.1 ringsidereport.com/wp-content/uploads/2022/02/RSR-AD-2022-2.jpg
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, progressive, precision 8, 728x90, components 3\012- data
Hash 7d0e0a4b0b9e41023c7d0c677ac494fe
b48d5ab01097f31f3edff45aaa854718681ffc3b
a8bef91a687acff01c453fa8c90b67278a296bf444ee1bf38ef155fa86941236
GET /wp-content/uploads/2022/02/RSR-AD-2022-2.jpg HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: image/jpeg
Content-Length: 18458
Last-Modified: Sun, 27 Feb 2022 05:31:04 GMT
Connection: keep-alive
ETag: "621b0c98-481a"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ringsidereport.com/wp-content/uploads/2022/11/MV5BMjA4MzQ1NWEtZjQzMi00YWVmLWFjZGItMmYzNzFkMWQ4ODRiL2ltYWdlXkEyXkFqcGdeQXVyNTM3MDMyMDQ@._V1_-150x150.jpg
209.126.127.121200 OK 7.7 kB URL HTTP/1.1 ringsidereport.com/wp-content/uploads/2022/11/MV5BMjA4MzQ1NWEtZjQzMi00YWVmLWFjZGItMmYzNzFkMWQ4ODRiL2ltYWdlXkEyXkFqcGdeQXVyNTM3MDMyMDQ@._V1_-150x150.jpg
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 150x150, components 3\012- data
Hash c8dade97f35c4af08f6d6962984216e2
73f3c98f696846feab1f135912e66b0351429ffa
d9ed2be217f063e1e31a85854097eac51ddf91b591042e902221a7af46e0faab
GET /wp-content/uploads/2022/11/MV5BMjA4MzQ1NWEtZjQzMi00YWVmLWFjZGItMmYzNzFkMWQ4ODRiL2ltYWdlXkEyXkFqcGdeQXVyNTM3MDMyMDQ@._V1_-150x150.jpg HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: image/jpeg
Content-Length: 7689
Last-Modified: Sat, 26 Nov 2022 02:08:24 GMT
Connection: keep-alive
ETag: "63817518-1e09"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ringsidereport.com/wp-content/uploads/2022/11/7298908634_e328c2132c_b-150x150.jpg
209.126.127.121200 OK 11 kB URL HTTP/1.1 ringsidereport.com/wp-content/uploads/2022/11/7298908634_e328c2132c_b-150x150.jpg
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2, orientation=upper-left], baseline, precision 8, 150x150, components 3\012- data
Hash 33dfb6029fbd65a581600666857830a8
7673c727a541a671254178caa526d28282b9d863
23328c0d12b959f690016fb1b3269390c8b67dd85c70d3f3f697d045a98b8ee2
GET /wp-content/uploads/2022/11/7298908634_e328c2132c_b-150x150.jpg HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: image/jpeg
Content-Length: 10638
Last-Modified: Sat, 26 Nov 2022 02:21:02 GMT
Connection: keep-alive
ETag: "6381780e-298e"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ringsidereport.com/?wordfence_lh=1&hid=6B381BF60EF958402460BC384C989718&r=0.19696325948975324
209.126.127.121200 OK 0 B URL HTTP/1.1 ringsidereport.com/?wordfence_lh=1&hid=6B381BF60EF958402460BC384C989718&r=0.19696325948975324
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?wordfence_lh=1&hid=6B381BF60EF958402460BC384C989718&r=0.19696325948975324 HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:06 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 0
Connection: keep-alive
Link: <https://ringsidereport.com/index.php?rest_route=/>; rel="https://api.w.org/"
X-Robots-Tag: noindex
Strict-Transport-Security: max-age=31536000
X-Powered-By: PHP/7.4.33, PleskLin
ringsidereport.com/wp-content/uploads/2022/10/RSRNUBAK.jpg
209.126.127.121200 OK 372 kB URL HTTP/1.1 ringsidereport.com/wp-content/uploads/2022/10/RSRNUBAK.jpg
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, progressive, precision 8, 1920x1200, components 3\012- data
Size 372 kB (371696 bytes)
Hash 44678226b2966348e0f1b51d46caf4e7
877d1d748646020fc5941533eaccbb6b0eda070b
483dce1a8efd9f48bf1542d6553314638cece2096fccdd6cbad7cc0441c8f2f0
GET /wp-content/uploads/2022/10/RSRNUBAK.jpg HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: image/jpeg
Content-Length: 371696
Last-Modified: Sat, 08 Oct 2022 16:32:05 GMT
Connection: keep-alive
ETag: "6341a605-5abf0"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ringsidereport.com/wp-content/uploads/2022/11/Mental-as-Anything-150x150.jpg
209.126.127.121200 OK 7.0 kB URL HTTP/1.1 ringsidereport.com/wp-content/uploads/2022/11/Mental-as-Anything-150x150.jpg
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 150x150, components 3\012- data
Hash da63c7bee72ebe9b84cdb78a1d18da66
353ae106596caae9cce293147f94af47945a9088
472b7db502e93a78350dc8b79f8d0fe7065beef606acafd95ba3aabe6ac1c880
GET /wp-content/uploads/2022/11/Mental-as-Anything-150x150.jpg HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:06 GMT
Content-Type: image/jpeg
Content-Length: 7023
Last-Modified: Sat, 26 Nov 2022 02:14:32 GMT
Connection: keep-alive
ETag: "63817688-1b6f"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ringsidereport.com/wp-content/uploads/2022/10/BNDEB.jpg
209.126.127.121200 OK 33 kB URL HTTP/1.1 ringsidereport.com/wp-content/uploads/2022/10/BNDEB.jpg
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, progressive, precision 8, 480x360, components 3\012- data
Hash e2e150fd075c2c512e696c30b6449b32
1d7930bf8f46f240969258897d495ee6ae15f09a
4cf3364b6b91ac46c3a08ca97315e787a2ec953e7ebbde300492251f811c142b
GET /wp-content/uploads/2022/10/BNDEB.jpg HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:06 GMT
Content-Type: image/jpeg
Content-Length: 33260
Last-Modified: Sat, 08 Oct 2022 03:19:43 GMT
Connection: keep-alive
ETag: "6340ec4f-81ec"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ringsidereport.com/imagez/grimwalker.jpg
209.126.127.121200 OK 24 kB URL HTTP/1.1 ringsidereport.com/imagez/grimwalker.jpg
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JPEG image data, progressive, precision 8, 250x250, components 3\012- data
Hash 60892f7d37b6f9427fa02a97e1a8079d
877af6bff20bc5748d72d121466cc38d2380521e
5d90b3665aa98188d5a20b58ce81c35ef68a89caf62adb4e5217c334d69a9c72
GET /imagez/grimwalker.jpg HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:06 GMT
Content-Type: image/jpeg
Content-Length: 24064
Last-Modified: Mon, 06 Dec 2021 03:12:42 GMT
Connection: keep-alive
ETag: "61ad7faa-5e00"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ringsidereport.com/wp-content/uploads/2022/03/RSRLOGO31322.gif
209.126.127.121200 OK 2.7 MB URL HTTP/1.1 ringsidereport.com/wp-content/uploads/2022/03/RSRLOGO31322.gif
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type GIF image data, version 89a, 279 x 170\012- data
Size 2.7 MB (2650134 bytes)
Hash aa661fc8957dde7630f27422c00246fa
af551b272e02ba06c1ea1ec14dde98ebd4b1aebe
3a8cf482b11414d3a2d71a6f1f91b3fe79eec3b2883f1014e5b387279df71adf
GET /wp-content/uploads/2022/03/RSRLOGO31322.gif HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:05 GMT
Content-Type: image/gif
Content-Length: 2650134
Last-Modified: Sun, 13 Mar 2022 21:20:39 GMT
Connection: keep-alive
ETag: "622e6027-287016"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ringsidereport.com/wp-content/uploads/2019/03/rsr-book-ad.gif
209.126.127.121200 OK 2.2 MB URL HTTP/1.1 ringsidereport.com/wp-content/uploads/2019/03/rsr-book-ad.gif
IP 209.126.127.121:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type GIF image data, version 89a, 250 x 207\012- data
Size 2.2 MB (2242593 bytes)
Hash e32910225881c8e285f9ce449e292120
06ed409a0ef3a7af53cdfe3d7f589a6d172cd7db
2222c134fe84abbed2e822e0c7b99d59f36d3e826d192288a652271ad6e29cb7
GET /wp-content/uploads/2019/03/rsr-book-ad.gif HTTP/1.1
Host: ringsidereport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/?p=113812
Cookie: pvc_visits[0]=1669599543b113812
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 01:39:06 GMT
Content-Type: image/gif
Content-Length: 2242593
Last-Modified: Thu, 07 Mar 2019 01:30:52 GMT
Connection: keep-alive
ETag: "5c80744c-223821"
X-Powered-By: PleskLin
Accept-Ranges: bytes
s.w.org/images/core/emoji/14.0.0/svg/24c2.svg
192.0.77.48200 OK 1.3 kB URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/24c2.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (688), with no line terminators
Hash bf8520ac3104a26e3a647bc06c6dc720
679a0b887da76ea274c65230d4645fe1e215051e
3b3fb3b3916a3cdaa1186b18f18c612ffeca55792f8d2dca353a7ae3d7c5dabe
GET /images/core/emoji/14.0.0/svg/24c2.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 01:39:05 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 01:39:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 01:39:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pbs.twimg.com/profile_images/1397668339732946945/c1Z_ikfa_normal.jpg
151.101.84.159200 OK 1.9 kB URL HTTP/2 pbs.twimg.com/profile_images/1397668339732946945/c1Z_ikfa_normal.jpg
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data
Hash c5a88620c7f9aca6cb7dd1575e7ef425
c53d37bc415b56ff5e495512bb509c8da8d10a79
59336c0318d6496d245c4f7c77664e4ad204d9784430e98effd1179c7c143694
GET /profile_images/1397668339732946945/c1Z_ikfa_normal.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Wed, 26 May 2021 21:35:54 GMT
x-transaction-id: 43151958ed8e18b5
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Sun, 27 Nov 2022 01:39:06 GMT
x-cache: HIT, HIT
x-tw-cdn: FT
x-served-by: cache-lhr7374-LHR, cache-bma1677-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1883
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 27 Nov 2022 00:41:08 GMT
expires: Sun, 27 Nov 2022 02:41:08 GMT
cache-control: public, max-age=7200
age: 3478
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 8e74a9169b28a0ae2bbc18c447a83d14
200ad78f3254fb46cb4949b0d05905851927cbf8
b3b7a115a18b25b9f37fad4afc4e3c756aae9f6cb51cb0f799822f0095664d40
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 01:39:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
platform.twitter.com/widgets.js
192.229.233.25200 OK 29 kB URL HTTP/1.1 platform.twitter.com/widgets.js
IP 192.229.233.25:0
File type Unicode text, UTF-8 text, with very long lines (33915)
Hash 7899fffaf0046efb7f9be2495d9dc928
d4c60d88e8deea577a50f9d20e1b6b3a20cba2cf
07d50450f22df0588cc1b67f5a124cb91d99a032a229586eb7dc490cce9f7f30
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 1187
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Sun, 27 Nov 2022 01:39:06 GMT
Etag: "6633f9603c759c40d9b200995454f17c+gzip"
Last-Modified: Wed, 02 Nov 2022 19:43:37 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F713)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
x-amzn-internal-status: 304
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 29221
pbs.twimg.com/profile_images/1591126597779718151/r_ZuhXx0_normal.jpg
151.101.84.159200 OK 2.2 kB URL HTTP/2 pbs.twimg.com/profile_images/1591126597779718151/r_ZuhXx0_normal.jpg
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data
Hash 3dedc75a6e13987f7ba6386876225143
ca998cc3edd12935f5164d1bee3ffb97e097292b
ba03ad8b1594209004216eef8731cf7d6246f253e2eac1336154338cd0426ee3
GET /profile_images/1591126597779718151/r_ZuhXx0_normal.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Fri, 11 Nov 2022 17:49:57 GMT
x-transaction-id: eb2387c13049ff3e
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Sun, 27 Nov 2022 01:39:06 GMT
x-cache: HIT, HIT
x-tw-cdn: FT
x-served-by: cache-lhr7347-LHR, cache-bma1677-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 2187
X-Firefox-Spdy: h2
pbs.twimg.com/profile_images/1591243974265618432/uT72Njzc_normal.jpg
151.101.84.159200 OK 2.3 kB URL HTTP/2 pbs.twimg.com/profile_images/1591243974265618432/uT72Njzc_normal.jpg
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data
Hash dba35644d256eee2aa532010800f4408
8eb815ed5f35bdc50095b51c6821fdf92ca393ae
f6eb3359d6217ff2d3c0e20b5f0f0a21680e7aac008d99a5958cacfd79379e80
GET /profile_images/1591243974265618432/uT72Njzc_normal.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Sat, 12 Nov 2022 01:36:22 GMT
x-transaction-id: ab296bd2327eacc6
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Sun, 27 Nov 2022 01:39:06 GMT
x-cache: HIT, HIT
x-tw-cdn: FT
x-served-by: cache-lhr7340-LHR, cache-bma1677-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 2263
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ringsidereport.com
Connection: keep-alive
Referer: https://ringsidereport.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 21:26:04 GMT
expires: Sun, 26 Nov 2023 21:26:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 15182
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1545664804358300
216.58.207.194200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1545664804358300
IP 216.58.207.194:0
File type ASCII text, with very long lines (4885)
Hash d2bdbdc9786c84a593fd419c3c975395
d052501800226d5bc0a47414e1eb0900cc883d1f
f25e970195faba979392a29f001ba18772248a6665667bb3dd0d3abbb6d7a916
GET /pagead/js/adsbygoogle.js?client=ca-pub-1545664804358300 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ringsidereport.com
Connection: keep-alive
Referer: https://ringsidereport.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 27 Nov 2022 01:39:06 GMT
expires: Sun, 27 Nov 2022 01:39:06 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 12267162736010569413
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49472
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 01:39:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fringsidereport.com
192.229.233.25200 OK 105 kB URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fringsidereport.com
IP 192.229.233.25:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56168)
Size 105 kB (105445 bytes)
Hash 2b4968b185495eddda0d85b2351ebb71
c665785ca0f4039f8c71d94631cd50a879d866b5
eb8af089d8082a58a6e90fedc23007f17a9e89ddbc6a29b6e535e4847ba94160
GET /widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fringsidereport.com HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2085493
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 27 Nov 2022 01:39:06 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105445
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
142.250.74.130200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221110/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Sat, 26 Nov 2022 18:45:12 GMT
expires: Sat, 10 Dec 2022 18:45:12 GMT
cache-control: public, max-age=1209600
age: 24834
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 8e74a9169b28a0ae2bbc18c447a83d14
200ad78f3254fb46cb4949b0d05905851927cbf8
b3b7a115a18b25b9f37fad4afc4e3c756aae9f6cb51cb0f799822f0095664d40
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 01:39:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-68792455-1&cid=479668860.1669513147&jid=1883576546&gjid=360354856&_gid=885213875.1669513147&_u=YEBAAUAAAAAAACAAI~&z=1478329517
142.251.1.157200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-68792455-1&cid=479668860.1669513147&jid=1883576546&gjid=360354856&_gid=885213875.1669513147&_u=YEBAAUAAAAAAACAAI~&z=1478329517
IP 142.251.1.157:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-68792455-1&cid=479668860.1669513147&jid=1883576546&gjid=360354856&_gid=885213875.1669513147&_u=YEBAAUAAAAAAACAAI~&z=1478329517 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://ringsidereport.com
Connection: keep-alive
Referer: https://ringsidereport.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://ringsidereport.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 27 Nov 2022 01:39:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 3e533a83bbf21bb87fad240736b76404
227a0bab463bffffe4f42340dd9fd69d04e9d9ff
a9d92e70f13212b9df7c847552b8e2fc4bd056946d4a3c15596d5f8b6301e828
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3323
Cache-Control: max-age=102161
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 01:39:07 GMT
Etag: "63819ed1-13a"
Expires: Mon, 28 Nov 2022 06:01:48 GMT
Last-Modified: Sat, 26 Nov 2022 05:06:25 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 314
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 69b4c95baca69139e9e4f7e5ffa6bace
a33af721a9defcb815716234aafdb69de7169455
9f752625bea112bc5402067fd695ba893590e6de9844de640a663e4e8fdc1475
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 01:39:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e922b25acaba2d7f8921ebe973a4b261
5dd4c237c84a652cbcf3db163529f3788ceafc46
a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 01:39:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f3424fd0abb5ab18be62cd209cb3d3dc
dbb2a21b12e92c8837c4346b6d052454bb6dffd6
e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 01:39:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=ringsidereport.com&callback=_gfp_s_&client=ca-pub-1545664804358300&gpid_exp=1
172.217.21.162200 OK 258 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=ringsidereport.com&callback=_gfp_s_&client=ca-pub-1545664804358300&gpid_exp=1
IP 172.217.21.162:0
File type ASCII text, with very long lines (403), with no line terminators
Hash 79d6768e2dc8f477ee327ca5c6a9c9b2
bce16bafd0487012840631a3cd539d4437a230f3
9e52a323e047739cff00016d8849681af77f4b16764a948e858c3e3fbdf598f2
GET /gampad/cookie.js?domain=ringsidereport.com&callback=_gfp_s_&client=ca-pub-1545664804358300&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 27 Nov 2022 01:39:07 GMT
server: cafe
cache-control: private
content-length: 258
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=ringsidereport.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=ringsidereport.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=ringsidereport.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 27 Nov 2022 01:39:07 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=ringsidereport.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=ringsidereport.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=ringsidereport.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 27 Nov 2022 01:39:07 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 69b4c95baca69139e9e4f7e5ffa6bace
a33af721a9defcb815716234aafdb69de7169455
9f752625bea112bc5402067fd695ba893590e6de9844de640a663e4e8fdc1475
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 01:39:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f3424fd0abb5ab18be62cd209cb3d3dc
dbb2a21b12e92c8837c4346b6d052454bb6dffd6
e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 01:39:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
syndication.twitter.com/settings?session_id=dcbfa31e457fa473aebde9b0172bd757dc61cf10
104.244.42.136200 OK 374 B URL HTTP/2 syndication.twitter.com/settings?session_id=dcbfa31e457fa473aebde9b0172bd757dc61cf10
IP 104.244.42.136:0
File type JSON data\012- , ASCII text, with very long lines (913), with no line terminators
Hash 925c2a7587f39436ea29513221652474
695b7f2f3d99f407bcdfd0b372db0e28193cc60c
62e36e14e5c219119cb51c3cdf43a2005512a1bd6ebf2d68d0c610a2e6e3ef0f
GET /settings?session_id=dcbfa31e457fa473aebde9b0172bd757dc61cf10 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 01:39:06 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Sun, 27 Nov 2022 01:39:07 GMT
content-length: 374
content-encoding: gzip
x-transaction-id: 761d6063e2accabe
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 111
x-connection-hash: 031dd95d75a53e2f96da4fc67d794b956aa6119dee70fa9e62a7106d0875276f
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 12:31:58 GMT
expires: Sun, 26 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 47229
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js
192.229.233.25200 OK 2.4 kB URL HTTP/1.1 platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js
IP 192.229.233.25:0
File type ASCII text, with very long lines (7017), with no line terminators
Hash 83616664e4155f8af0efb0576f8920cf
1277b0f4f935bec3ada0f87c45395bb6d9b2efbc
bb19d85932c5e8a952b6fc28c1df42aed6d6920f79ee3f2217d2484294d575d3
GET /js/button.d2f864f87f544dc0c11d7d712a191c1f.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2085493
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sun, 27 Nov 2022 01:39:07 GMT
Etag: "7bb2d17ac20be3bd6ec1079356afecd9+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:52 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F713)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2362
platform.twitter.com/widgets/follow_button.644279d1635fd969e87af94a98bd232b.en.html
192.229.233.25200 OK 15 kB URL HTTP/1.1 platform.twitter.com/widgets/follow_button.644279d1635fd969e87af94a98bd232b.en.html
IP 192.229.233.25:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (26401)
Hash d948d4fc0d4c654efa6d8aa8edf5da80
4225074a1b2becaac3ad491a3a6aa74122d60a60
41e3c960d86e31c1917d7802d1d1e3b50fed57c694c40940ccf3b7f5bae5334a
GET /widgets/follow_button.644279d1635fd969e87af94a98bd232b.en.html HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2085493
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 27 Nov 2022 01:39:07 GMT
Etag: "acebd71e9c8affdc2fcc7f35e773093d+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:53 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F713)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 15129
platform.twitter.com/widgets/tweet_button.644279d1635fd969e87af94a98bd232b.en.html
192.229.233.25200 OK 14 kB URL HTTP/1.1 platform.twitter.com/widgets/tweet_button.644279d1635fd969e87af94a98bd232b.en.html
IP 192.229.233.25:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32033)
Hash cd8176e04a5a760140a9de9ffe9d8a17
f3b4514c9df71da30eadd2d87fd6131e5c3bf7e3
601089b9e7dcd29e255c391dff1c3da64dd80bb72ee047561592d86dbbc4c472
GET /widgets/tweet_button.644279d1635fd969e87af94a98bd232b.en.html HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2085492
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 27 Nov 2022 01:39:07 GMT
Etag: "126ffb93f08e989b18a6e1fc082c9e33+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:56 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F713)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13753
syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fringsidereport.com%2F%3Fp%3D113812%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22BadBradRSR%22%2C%22widget_creator_screen_name%22%3A%22BadBradRSR%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669513147447%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=dcbfa31e457fa473aebde9b0172bd757dc61cf10
104.244.42.136200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fringsidereport.com%2F%3Fp%3D113812%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22BadBradRSR%22%2C%22widget_creator_screen_name%22%3A%22BadBradRSR%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669513147447%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=dcbfa31e457fa473aebde9b0172bd757dc61cf10
IP 104.244.42.136:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fringsidereport.com%2F%3Fp%3D113812%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22BadBradRSR%22%2C%22widget_creator_screen_name%22%3A%22BadBradRSR%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669513147447%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=dcbfa31e457fa473aebde9b0172bd757dc61cf10 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 01:39:07 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Sun, 27 Nov 2022 01:39:07 GMT
content-length: 43
x-transaction-id: e4a573b0d0451140
strict-transport-security: max-age=631138519
x-response-time: 111
x-connection-hash: 031dd95d75a53e2f96da4fc67d794b956aa6119dee70fa9e62a7106d0875276f
X-Firefox-Spdy: h2
syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fringsidereport.com%2F%3Fp%3D113812%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22BadBradRSR%22%2C%22widget_creator_screen_name%22%3A%22BadBradRSR%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669513147446%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=dcbfa31e457fa473aebde9b0172bd757dc61cf10
104.244.42.136200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fringsidereport.com%2F%3Fp%3D113812%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22BadBradRSR%22%2C%22widget_creator_screen_name%22%3A%22BadBradRSR%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669513147446%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=dcbfa31e457fa473aebde9b0172bd757dc61cf10
IP 104.244.42.136:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fringsidereport.com%2F%3Fp%3D113812%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22BadBradRSR%22%2C%22widget_creator_screen_name%22%3A%22BadBradRSR%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669513147446%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=dcbfa31e457fa473aebde9b0172bd757dc61cf10 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 01:39:07 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Sun, 27 Nov 2022 01:39:07 GMT
content-length: 43
x-transaction-id: d391e6d2a0f42c16
strict-transport-security: max-age=631138519
x-response-time: 116
x-connection-hash: 031dd95d75a53e2f96da4fc67d794b956aa6119dee70fa9e62a7106d0875276f
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 816d70da869514eb692b661a8226d9c1
a89905476481099656b3461acd454ad11ad5584d
cd03b16cdd0d63deb1336dec06481a119a46359358605c8faca8955f90939a34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 01:39:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sun, 27 Nov 2022 01:39:08 GMT
expires: Sun, 27 Nov 2022 01:39:08 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 20:10:36 GMT
expires: Wed, 22 Nov 2023 20:10:36 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 365312
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f525.svg
192.0.77.48200 OK 0 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f525.svg
IP 192.0.77.48:0
GET /images/core/emoji/14.0.0/svg/1f525.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 01:39:05 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Oswald:400,700|Roboto:400,700
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Oswald:400,700|Roboto:400,700
IP 142.250.74.10:0
GET /css?family=Oswald:400,700|Roboto:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 27 Nov 2022 01:39:05 GMT
date: Sun, 27 Nov 2022 01:39:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
216.58.207.194200 OK 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 216.58.207.194:0
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ringsidereport.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 27 Nov 2022 01:39:06 GMT
expires: Sun, 27 Nov 2022 01:39:06 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 9983964766040836980
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49497
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2