Overview

URL c.adup.app/34362
IP68.183.246.137
ASNDIGITALOCEAN-ASN
Location India
Report completed2022-10-04 06:30:18 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-04 2 c.adup.app/34362 Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (22)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-04 02:06:24 UTC 93.184.220.29
mnemonic passive DNS cdn.ludigames.com (8) 314102 2019-04-08 01:59:18 UTC 2022-10-01 20:57:20 UTC 104.110.8.184
mnemonic passive DNS ocsp.pki.goog (11) 175 2017-06-14 07:23:31 UTC 2022-10-03 07:14:52 UTC 142.250.74.3
mnemonic passive DNS fonts.googleapis.com (4) 8877 2013-06-10 20:14:26 UTC 2022-10-04 02:04:45 UTC 142.250.74.10
mnemonic passive DNS fonts.gstatic.com (2) 0 2014-08-29 13:43:22 UTC 2022-10-03 23:48:04 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-04 04:18:32 UTC 34.120.237.76
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-03 08:07:24 UTC 143.204.55.110
mnemonic passive DNS media06-gl-ssl-gzip.gameloft.com (2) 997586 2022-09-22 18:34:01 UTC 2022-09-24 11:35:49 UTC 54.230.111.44
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-10-04 05:10:46 UTC 142.250.74.174
mnemonic passive DNS www.google.no (1) 25607 2016-04-05 19:50:59 UTC 2022-10-03 09:28:40 UTC 142.250.74.3
mnemonic passive DNS securepubads.g.doubleclick.net (1) 190 2013-05-31 04:19:39 UTC 2022-10-04 05:14:54 UTC 216.58.207.194
mnemonic passive DNS r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-10-03 07:33:36 UTC 23.36.77.32
mnemonic passive DNS crt.gameloft.com (1) 0 2021-10-25 14:04:27 UTC 2022-09-25 13:57:08 UTC 15.197.158.185 Domain (gameloft.com) ranked at: 23919
mnemonic passive DNS ocsp.entrust.net (3) 1208 2013-07-24 12:09:14 UTC 2022-10-03 07:12:04 UTC 104.110.10.32
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-03 09:28:24 UTC 35.164.146.235
mnemonic passive DNS stats.g.doubleclick.net (1) 96 2013-06-02 22:47:44 UTC 2022-10-04 05:06:06 UTC 74.125.131.156
mnemonic passive DNS c.amazon-adsystem.com (3) 300 2013-12-19 15:10:01 UTC 2022-10-03 09:30:37 UTC 143.204.46.73
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-04 00:45:50 UTC 143.204.55.115
mnemonic passive DNS c.adup.app (1) 140529 2019-02-11 19:22:16 UTC 2022-10-03 16:53:31 UTC 68.183.246.137
mnemonic passive DNS ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.165
mnemonic passive DNS play.ludigames.com (6) 279947 2017-01-31 10:46:38 UTC 2022-10-04 04:14:53 UTC 208.71.186.40
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-03 09:28:24 UTC 34.117.237.239


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 68.183.246.137

Date UQ / IDS / BL URL IP
2022-11-19 06:58:05 +0000
0 - 0 - 1 c.adup.app/34953 68.183.246.137
2022-11-18 12:55:49 +0000
0 - 0 - 1 c.adup.app/34953 68.183.246.137
2022-11-01 08:09:22 +0000
0 - 0 - 3 c.adup.app/34645 68.183.246.137
2022-10-26 09:01:41 +0000
0 - 0 - 1 c.adup.app/34443 68.183.246.137
2022-10-26 05:44:17 +0000
0 - 0 - 1 c.adup.app/34582 68.183.246.137

Last 5 reports on ASN: DIGITALOCEAN-ASN

Date UQ / IDS / BL URL IP
2022-11-28 08:52:27 +0000
0 - 0 - 1 securely.us/ 159.89.252.54
2022-11-28 08:49:04 +0000
0 - 0 - 23 southshorecigarclub.com/ 157.245.210.164
2022-11-28 08:43:28 +0000
0 - 0 - 9 landarchstudios.com/wp-content/uploads/ALFA_D (...) 198.199.121.159
2022-11-28 08:37:29 +0000
0 - 0 - 1 minecraft-seed.net/ 64.225.91.73
2022-11-28 08:09:34 +0000
0 - 0 - 4 scammerrus.cc/ 64.225.91.73

Last 5 reports on domain: adup.app

Date UQ / IDS / BL URL IP
2022-11-19 06:58:05 +0000
0 - 0 - 1 c.adup.app/34953 68.183.246.137
2022-11-18 12:55:49 +0000
0 - 0 - 1 c.adup.app/34953 68.183.246.137
2022-11-01 08:09:22 +0000
0 - 0 - 3 c.adup.app/34645 68.183.246.137
2022-10-26 09:01:41 +0000
0 - 0 - 1 c.adup.app/34443 68.183.246.137
2022-10-26 05:44:17 +0000
0 - 0 - 1 c.adup.app/34582 68.183.246.137

Last 1 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-09-22 18:34:10 +0000
0 - 0 - 1 c.adup.app/34125 68.183.246.137


JavaScript

Executed Scripts (21)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 111, repeated: 1) - SHA256: d64431b837b301672855bc91495658ec541d0277707c81cee82af45f1d538d57

                                        < script type = "text/javascript"
token operator ">//ads.pubmatic.com/AdServer/js/pwt/159998/2959/pwt.js" > < /script>
                                    


HTTP Transactions (63)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 05:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yGRs5YlYs2yeFcv0cM9vz8sQD5l8Pj32un0nv33X9-ZkrJ5q_zP7ZQ==
Age: 2583


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8328
Expires: Tue, 04 Oct 2022 08:48:56 GMT
Date: Tue, 04 Oct 2022 06:30:08 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VC1blZdLW7p4cmaMXuddDPaEpUgs3y5kIirXcTFT6nfxqeXQoOl4yw==
age: 3701
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 04 Oct 2022 06:30:08 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /34362 HTTP/1.1 
Host: c.adup.app
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         68.183.246.137
HTTP/1.1 200 OK
content-type: text/html; charset=utf-8
                                        
x-powered-by: Express
surrogate-control: no-store
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
content-length: 4140
etag: W/"102c-x4S37qFYB1ReFg1elQXAvlnvuvo"
vary: Accept-Encoding
date: Tue, 04 Oct 2022 06:30:08 GMT


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (303), with CRLF line terminators
Size:   4140
Md5:    1d1f94fbf5eef5247906210ffa36183b
Sha1:   c784b7eea15807545e160d5e9505c0be59efbafa
Sha256: f90a302b2c2dd9a8e79ff51049d4d79bcf7458a5afb13c5d595d9449e505c28d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 06:30:08 GMT
Server: ECS (dcb/7FA3)
X-Cache: Miss from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: e_tGBykXyyybkTy3sVy8juIH-Kb0eov2ojRMXhXe63NCO-0_9LICyg==

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 04 Oct 2022 06:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 04 Oct 2022 07:12:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6-d-ro0Eoi7_iqUFU7Y6Q37rBrzxUsnqRAikYewpWk84yCyUMKqYNw==
Age: 35


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /?pang=true&adid=435699&opref=xsparrow&click_id=22J04120008A0343620310083QLD0&pub_id=34362 HTTP/1.1 
Host: crt.gameloft.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c.adup.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         15.197.158.185
HTTP/2 302 Found
content-type: text/vnd.wap.wml;charset=UTF-8
                                        
date: Tue, 04 Oct 2022 06:30:08 GMT
content-length: 1015
location: https://play.ludigames.com/preload/?utm_source=crt&utm_medium=web&utm_campaign=CRT01&pang=true&opref=xsparrow&click_id=22J04120008A0343620310083QLD0&pub_id=34362&sv=127gik0dwtskh85nzbuc9wx55&tm=1664865008&m=922b8e34ec0e51d92e3dff41e91ae50b&country=160&from=ADID-435699&fromcrt=1&crt_param=pang
server: Apache/2.4.54 (Debian)
x-powered-by: PHP/7.4.30
set-cookie: gltrck_crt=SFlMM0diTWltUEZUeGZhUjNBai8rMU9LNG52SGp2TU4wNHlPT0FTVXRCWFJsb091cWlhYzRHcWxVZHpwRHIxWTo6xobQN3sYIZ6HpGgbEIrUmg%3D%3D; expires=Tue, 04-Oct-2022 08:30:08 GMT; Max-Age=7200; path=/ gltrck_cloud_crt=cWhoV1o5OUtmUEVnNGFMcnhKYkJmMEVJaGZua0RudjEzWnUxOUpDVStOWHFVcVRHcTBFeDFsZ29NejBXR0dteWo1TU95UHZoY3ppcjlwRzc3OThVdEkwMW1IeGdmakl3RGdhaUFHR2ZxQlVUYjZsaGtDcDhyRlhBUmZhVTZlWmprMGZ3aTQwaXZWMnpXd1ZCZnY5UjZ3PT06OiREFHjjQOSGnmOGlGo18C8%3D; expires=Tue, 04-Oct-2022 08:30:08 GMT; Max-Age=7200; path=/
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1015), with no line terminators
Size:   1015
Md5:    aff543bdb48088fa080e40a3ec09627d
Sha1:   0aa83da6af9be13d7f49dea7590a7ada79c806e0
Sha256: f8d4bca5f509c66f2de336c8d90eea8012713830f290a2774bfb523d3151af50
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 780
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 06:30:08 GMT
Last-Modified: Tue, 04 Oct 2022 06:17:08 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.entrust.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.110.10.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
ETag: "2DFFDB86944E21B8A35582134435286344C35AA9ED66018994FE710044970A56"
Last-Modified: Tue, 04 Oct 2022 01:00:00 UTC
Content-Length: 1586
Cache-Control: public, no-transform, must-revalidate, max-age=3520
Expires: Tue, 04 Oct 2022 07:28:49 GMT
Date: Tue, 04 Oct 2022 06:30:09 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1586
Md5:    03bc928947f9ce567b7d6503ff9273ce
Sha1:   753761086e39e2f44562e25633580c0734dc905f
Sha256: 2dffdb86944e21b8a35582134435286344c35aa9ed66018994fe710044970a56
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZInGb80FdKWAjzYBHUlQpg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.164.146.235
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: b0giL8c/NiHkmzpf2Cu7jwJiofI=

                                        
                                            GET /preload/?utm_source=crt&utm_medium=web&utm_campaign=CRT01&pang=true&opref=xsparrow&click_id=22J04120008A0343620310083QLD0&pub_id=34362&sv=127gik0dwtskh85nzbuc9wx55&tm=1664865008&m=922b8e34ec0e51d92e3dff41e91ae50b&country=160&from=ADID-435699&fromcrt=1&crt_param=pang HTTP/1.1 
Host: play.ludigames.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://c.adup.app/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         208.71.186.40
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Tue, 04 Oct 2022 06:30:09 GMT
Content-Length: 1660
Connection: keep-alive
Last-Modified: Tue, 30 Aug 2022 07:10:46 GMT
ETag: "d89-5e77014456980-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (432), with CRLF line terminators
Size:   1660
Md5:    555e97d51bae76b407d92065c5dd7e66
Sha1:   8eb7ded1bd378f521bcc22396ddb4249444acbd8
Sha256: a0ef0cec90dac0a4dea82a15b9c0c3324e82c944d9a376b73bc8e0723d7bbe4e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.entrust.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.110.10.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
ETag: "66B49D4429F9DAE28ECFB56BCC744618A9A7E2E9E3D91C3301ECBD7387A3C83E"
Last-Modified: Mon, 03 Oct 2022 19:00:00 UTC
Content-Length: 1586
Cache-Control: public, no-transform, must-revalidate, max-age=3368
Expires: Tue, 04 Oct 2022 07:26:17 GMT
Date: Tue, 04 Oct 2022 06:30:09 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1586
Md5:    8793cb249042a498919ef23f9a0e0ea6
Sha1:   56510b282591e15b4584c1a0a25912131316fc38
Sha256: 66b49d4429f9dae28ecfb56bcc744618a9a7e2e9e3d91c3301ecbd7387a3c83e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.entrust.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.110.10.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
ETag: "66B49D4429F9DAE28ECFB56BCC744618A9A7E2E9E3D91C3301ECBD7387A3C83E"
Last-Modified: Mon, 03 Oct 2022 19:00:00 UTC
Content-Length: 1586
Cache-Control: public, no-transform, must-revalidate, max-age=3384
Expires: Tue, 04 Oct 2022 07:26:33 GMT
Date: Tue, 04 Oct 2022 06:30:09 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1586
Md5:    8793cb249042a498919ef23f9a0e0ea6
Sha1:   56510b282591e15b4584c1a0a25912131316fc38
Sha256: 66b49d4429f9dae28ecfb56bcc744618a9a7e2e9e3d91c3301ecbd7387a3c83e
                                        
                                            GET /ludigames/root_220413/css/style.css?v=1 HTTP/1.1 
Host: media06-gl-ssl-gzip.gameloft.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.ludigames.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.44
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 21356
server: nginx
last-modified: Wed, 13 Apr 2022 10:32:24 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: range
accept-ranges: bytes
date: Mon, 03 Oct 2022 08:34:34 GMT
cache-control: max-age=86400, public
expires: Tue, 04 Oct 2022 08:34:34 GMT
etag: "15609-5dc86b16d1e00-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2CSRWLGN2xvjNGXO4w_F1fEj3kLBLrfP2HSxDk2h5-dPQNyflr2dqA==
age: 78935
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5477)
Size:   21356
Md5:    6f48a4b8ed30b2b9d57f78b2ec3c3503
Sha1:   dfd5ef910f3a04f63bb3382ce0a0da9ebb2fe0a5
Sha256: 394ed16935aa3a4fc88bd302a040226e85dcd0a226c518b1e335a5351bfa0816
                                        
                                            GET /ludigames/adlite_220830/dist/index.css HTTP/1.1 
Host: cdn.ludigames.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.ludigames.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         104.110.8.184
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
content-length: 2155
last-modified: Tue, 30 Aug 2022 07:07:15 GMT
etag: "1cd9-5e77007b1cec0-gzip"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: range
accept-ranges: bytes
cache-control: public, max-age=2984
expires: Tue, 04 Oct 2022 07:19:53 GMT
date: Tue, 04 Oct 2022 06:30:09 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7385), with no line terminators
Size:   2155
Md5:    c8b45f6b3dc0944f344d4a28bd7ea971
Sha1:   6045e9906fd1ef5043e5b3336ff33af820439acc
Sha256: 08256047c49c79e3a774ca7a67327453da296df7735ad497411c5d8d16e8c3d9
                                        
                                            GET /ludigames/adlite_220830/dist/vendors.03ef265e80b8d5ec1cad.js HTTP/1.1 
Host: cdn.ludigames.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.ludigames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         104.110.8.184
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
content-length: 30838
last-modified: Tue, 30 Aug 2022 07:07:17 GMT
etag: "15748-5e77007d05340-gzip"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: range
accept-ranges: bytes
cache-control: public, max-age=5818
expires: Tue, 04 Oct 2022 08:07:07 GMT
date: Tue, 04 Oct 2022 06:30:09 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (34986), with LF, NEL line terminators
Size:   30838
Md5:    21fc15b9dbede3294d92752fea5175de
Sha1:   8385bd3e2b855b6f393622bebb2c5bb4cb5b0400
Sha256: 37cf2fd5f91e6ea73fac18450a3bf047947a0c7459e63ca39bf30b615ec647cf
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 06:30:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ludigames/root_220413/js/main.js?v=210730-2 HTTP/1.1 
Host: media06-gl-ssl-gzip.gameloft.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.ludigames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.44
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 18609
server: nginx
last-modified: Wed, 13 Apr 2022 10:36:45 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: range
accept-ranges: bytes
date: Tue, 04 Oct 2022 06:30:09 GMT
cache-control: max-age=86400, public
expires: Thu, 06 Oct 2022 04:59:14 GMT
etag: "17776-5dc86c0fba940-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9QhJBcc5zy1yTS67Notrn4ijeKoKHExMEgHVlVrYz4Ifb6p0yO5uGQ==
age: 5455
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   18609
Md5:    b5a634cb27d5e5417a01dad5d6505f54
Sha1:   5351c91d128622c302c8a1a934c5eff1e86dacf1
Sha256: c94b983ed8ca933c84da72f8adbd401fdd7be998f56d4fc2457b31a5b8ed1916
                                        
                                            GET /css2?family=Roboto&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.ludigames.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 06:30:09 GMT
date: Tue, 04 Oct 2022 06:30:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 06:30:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 06:30:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /preload/animation.gif HTTP/1.1 
Host: play.ludigames.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.ludigames.com/preload/?utm_source=crt&utm_medium=web&utm_campaign=CRT01&pang=true&opref=xsparrow&click_id=22J04120008A0343620310083QLD0&pub_id=34362&sv=127gik0dwtskh85nzbuc9wx55&tm=1664865008&m=922b8e34ec0e51d92e3dff41e91ae50b&country=160&from=ADID-435699&fromcrt=1&crt_param=pang
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         208.71.186.40
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Tue, 04 Oct 2022 06:30:09 GMT
Content-Length: 8918
Connection: keep-alive
Last-Modified: Tue, 09 Nov 2021 09:17:51 GMT
ETag: "22d6-5d05795696dc0"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public


--- Additional Info ---
Magic:  GIF image data, version 89a, 288 x 288\012- data
Size:   8918
Md5:    24dbd456dedc3db33c054973ff1aca56
Sha1:   843c88e4b3c3d60771e2340d6f33414fdf1ccece
Sha256: e38f565a7a57091689ab3f521b4291df4f7b8021cca9dab95073f905c4fbd5b5
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://play.ludigames.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 471361
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /css2?family=Roboto:wght@400;700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.ludigames.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 06:30:09 GMT
date: Tue, 04 Oct 2022 06:30:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   60080
Md5:    f64519c9fc201a0369ded84cebd9fb1e
Sha1:   0dabf0a8d6021ca0233c2df4b0e48c03066d8eeb
Sha256: 1860ccde69abd78e220bf0fef5ef02610632379a3c088d7f073dfda77856eeba
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 06:30:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 06:30:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: play.ludigames.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.ludigames.com/preload/?utm_source=crt&utm_medium=web&utm_campaign=CRT01&pang=true&opref=xsparrow&click_id=22J04120008A0343620310083QLD0&pub_id=34362&sv=127gik0dwtskh85nzbuc9wx55&tm=1664865008&m=922b8e34ec0e51d92e3dff41e91ae50b&country=160&from=ADID-435699&fromcrt=1&crt_param=pang
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         208.71.186.40
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
                                        
Server: nginx
Date: Tue, 04 Oct 2022 06:30:09 GMT
Content-Length: 4286
Connection: keep-alive
Last-Modified: Mon, 22 Mar 2021 07:06:12 GMT
ETag: "10be-5be1ab3694100"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Size:   4286
Md5:    b3c56a8e551fa25d1b22dc644002537e
Sha1:   759c5e237985e3fb111faa257f042965f0ebbf0f
Sha256: 1955dbdc76f50d7f303732937ab1d9791958650fb5a53cf3889f57e26fee5265
                                        
                                            GET /gtm/optimize.js?id=GTM-NTFFQWZ HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.ludigames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 04 Oct 2022 06:30:09 GMT
expires: Tue, 04 Oct 2022 06:30:09 GMT
cache-control: private, max-age=900
last-modified: Tue, 04 Oct 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41701
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2039)
Size:   41701
Md5:    5097147cdcd7850254379320bcdf11f3
Sha1:   f94747f496714fccac892a51e9314a33dd44421c
Sha256: f05a046360eafd2e3c49a19a16a6daf893462d4f92637bd114ac448ec7c0b5b0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 06:30:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-49606359-38&cid=694397743.1664865010&jid=1190581996&gjid=1497692274&_gid=1811379081.1664865010&_u=YADAAEAAQAAAACAAo~&z=138513850 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://play.ludigames.com
Connection: keep-alive
Referer: https://play.ludigames.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         74.125.131.156
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://play.ludigames.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 04 Oct 2022 06:30:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    48c0473b7821185d937e685216e2168b
Sha1:   3743e47f8a429a5e87b86cb582d78940733d9d2e
Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 06:30:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 06:30:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 06:30:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-49606359-38&cid=694397743.1664865010&jid=1190581996&_u=YADAAEAAQAAAACAAo~&z=80295959 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.ludigames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 06:30:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /css2?family=Roboto:wght@400;500;700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media06-gl-ssl-gzip.gameloft.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 06:30:09 GMT
date: Tue, 04 Oct 2022 06:30:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 06:30:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 06:30:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7404
Expires: Tue, 04 Oct 2022 08:33:34 GMT
Date: Tue, 04 Oct 2022 06:30:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7404
Expires: Tue, 04 Oct 2022 08:33:34 GMT
Date: Tue, 04 Oct 2022 06:30:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7404
Expires: Tue, 04 Oct 2022 08:33:34 GMT
Date: Tue, 04 Oct 2022 06:30:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7404
Expires: Tue, 04 Oct 2022 08:33:34 GMT
Date: Tue, 04 Oct 2022 06:30:10 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11955
x-amzn-requestid: ce6bbe93-95b0-4b6e-a8bc-012796485e67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zcqb9FUtoAMF0WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b577f-59dc0a18523f900a059aa5df;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: tJwzKfs7HnQ7dVcINwnlzxTChXiEi4JPj8jrS8p5KhurRx_o3ZVOZQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:10:59 GMT
etag: "e2ea2ef6805e391c497e62e101e76a0bdecfce64"
age: 29951
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11955
Md5:    54b3ef7aa50273b78b59c24511b0c1f9
Sha1:   e2ea2ef6805e391c497e62e101e76a0bdecfce64
Sha256: 296e8954022d5160137b3e02ab5085a15cee7c23cd6d4ca61b36880706062457
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:53 GMT
age: 6437
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4fcdf5f2-fb82-429f-a6f0-8f79d8aa9106.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9455
x-amzn-requestid: c7e1aa21-0afd-4329-a886-ca52e1a30c7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqJXHLUIAMFU1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5708-1905710834041431314b11be;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:41:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: D-2NszpZ31D2YAbZRcPdqN3zZ2ScANt6bokfSbANgnsXBoTF2d__AQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:08:09 GMT
age: 30121
etag: "cf021352d993967e78552b275424ff139e4ef66c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9455
Md5:    50556325e5a38a5dd7802b1391815bcb
Sha1:   cf021352d993967e78552b275424ff139e4ef66c
Sha256: 96fd2e848a45d071e334a8d08c8b89215f80f01f947af6da2efaee72dd16914c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92f8209d-8dc3-45f5-bfb8-151edb23e30c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4996
x-amzn-requestid: 2f13b6ea-4426-4b3f-81be-5d8ca0278ce7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcrokFkroAMF0XA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5969-421b4993676a68df2b43ad65;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:51:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0s9K75q7TzjbFBJ3vviHLcItPRb6CP2URJRYs2k9JmppyWHKvzv5hg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:10:59 GMT
age: 29951
etag: "16f2fe758de4ebf7d654cb9669c73f030eb1fdef"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4996
Md5:    126f1f4538e5e4228a4f36d3b02e9d62
Sha1:   16f2fe758de4ebf7d654cb9669c73f030eb1fdef
Sha256: 594210beaabbc35a37d5d648836277f950e46b2d4c2eab2abde2d33beafdff37
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p5nOqBojKO6S-c_DxIu8B3p-NK0pzRHkz0DOPeyv7PQt9h0x1jdtoQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:55:54 GMT
age: 30856
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9917
Md5:    d8c08f8066cc732de8befd6ccd629a95
Sha1:   22aab05208a01ae5def4d63dc145085630f57bcb
Sha256: f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962fb2a2-ad40-48cf-87a7-de082c564a5e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8534
x-amzn-requestid: 8ae51cd3-697b-47ed-8493-8f83e2bc7469
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHuHlXoAMFucg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-165d72034440cf810d42f3bd;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LPt8LUVoKhXjfz-jZHLmnWD15tQgSLRaxl-Bsl0UU83G7wm3jj7_mg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:37:24 GMT
age: 28366
etag: "2b9f6828a38da81b40dcad033572e48b4c5896db"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8534
Md5:    f2287c489794dab0e9ba923a2057988f
Sha1:   2b9f6828a38da81b40dcad033572e48b4c5896db
Sha256: e853fa2acf2425d14cb9746e8bbd45c8765598d2bb630859086b4668182dbf6c
                                        
                                            GET /css2?family=Quicksand:wght@400;500;700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media06-gl-ssl-gzip.gameloft.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 06:30:09 GMT
date: Tue, 04 Oct 2022 06:30:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   457
Md5:    8885610809cc7e6309ad9838720fcd35
Sha1:   8141eb9c2c85630bc076d53956e4fb3a9fd35fdc
Sha256: 5ab0266cc19c4534fceb9780f4d177d56422fab54491f0baf5ec3ec06b2ad951
                                        
                                            GET /adlite/?utm_source=crt&utm_medium=web&utm_campaign=CRT01&pang=true&opref=xsparrow&click_id=22J04120008A0343620310083QLD0&pub_id=34362&sv=127gik0dwtskh85nzbuc9wx55&tm=1664865008&m=922b8e34ec0e51d92e3dff41e91ae50b&country=160&from=ADID-435699&fromcrt=1&crt_param=pang HTTP/1.1 
Host: play.ludigames.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.ludigames.com/preload/?utm_source=crt&utm_medium=web&utm_campaign=CRT01&pang=true&opref=xsparrow&click_id=22J04120008A0343620310083QLD0&pub_id=34362&sv=127gik0dwtskh85nzbuc9wx55&tm=1664865008&m=922b8e34ec0e51d92e3dff41e91ae50b&country=160&from=ADID-435699&fromcrt=1&crt_param=pang
Cookie: _ga_8PQSSCTXQ2=GS1.1.1664865009.1.0.1664865009.0.0.0; _ga=GA1.2.694397743.1664865010; _gid=GA1.2.1811379081.1664865010; _gat_UA-49606359-38=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

                                         
                                         208.71.186.40
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Tue, 04 Oct 2022 06:30:16 GMT
Content-Length: 3997
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
X-XSS-Protection: 1
X-Frame-Options: ALLOW-FROM black.co.za
Set-Cookie: GameloftShop=ut1eb6012k8orbtj052dbn08bvr5i4og; path=/; domain=.gameloft.com gltrck_sess_nu13214=13214; expires=Wed, 04-Oct-2023 06:30:15 GMT; Max-Age=31536000; path=/ gltrck_sess_op127gik0dwtskh85nzbuc9wx55=13214; expires=Tue, 04-Oct-2022 07:30:15 GMT; Max-Age=3600; path=/ gltrck_uuid=trkccded267-5ca5-4373-4ab3-7b36a3b2ca24; expires=Wed, 04-Oct-2023 06:30:15 GMT; Max-Age=31536000; path=/ gltrck_sess=127gik0dwtskh85nzbuc9wx55%2C78cf35994ddaf73ee4a3cab79c6832ba; expires=Tue, 04-Oct-2022 07:30:15 GMT; Max-Age=3600; path=/ gltrck_sess_ex127gik0dwtskh85nzbuc9wx55=1664865015; expires=Tue, 04-Oct-2022 07:30:15 GMT; Max-Age=3600; path=/ wsid=6b278a1a9ac0046f0642a614be18c561f707d793; expires=Wed, 04-Oct-2023 06:30:15 GMT; Max-Age=31536000; path=/; domain=.gameloft.com
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (411), with CRLF, LF line terminators
Size:   3997
Md5:    58abd39f2bb41dff5302cc401c82629e
Sha1:   9ca26a0b331ba6fdc020ca14877e3182f8b9c5a8
Sha256: b376db506a1f022cef874e94416f9bd361845f96997d86ac25b93894e3438e07
                                        
                                            GET /ludigames/adlite_220830/dist/index.e184e756bbfb9f1d3c03.js HTTP/1.1 
Host: cdn.ludigames.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.ludigames.com/
Cookie: _ga_8PQSSCTXQ2=GS1.1.1664865009.1.0.1664865015.0.0.0; _ga=GA1.2.694397743.1664865010; _gid=GA1.2.1811379081.1664865010; _gat_UA-49606359-38=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.110.8.184
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
content-length: 10419
last-modified: Tue, 30 Aug 2022 07:07:16 GMT
etag: "8c8f-5e77007c11100-gzip"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: range
accept-ranges: bytes
cache-control: public, max-age=25634
expires: Tue, 04 Oct 2022 13:37:30 GMT
date: Tue, 04 Oct 2022 06:30:16 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (35983), with no line terminators
Size:   10419
Md5:    b25f8816050787d7ffe4801de5573ff1
Sha1:   0cf35e6527b9433efca88939252eeff711d35047
Sha256: 2efaed0b979437e3d32a1f0bc2e2b3611ae33cbd97c0043f8f9980da308756b5
                                        
                                            GET /ludigames/adlite_220830/prebid4.17.0.js HTTP/1.1 
Host: cdn.ludigames.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.ludigames.com/
Cookie: _ga_8PQSSCTXQ2=GS1.1.1664865009.1.0.1664865015.0.0.0; _ga=GA1.2.694397743.1664865010; _gid=GA1.2.1811379081.1664865010; _gat_UA-49606359-38=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.110.8.184
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
content-length: 81934
last-modified: Tue, 30 Aug 2022 07:07:28 GMT
etag: "3f643-5e77008782c00-gzip"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: range
accept-ranges: bytes
cache-control: public, max-age=5804
expires: Tue, 04 Oct 2022 08:07:00 GMT
date: Tue, 04 Oct 2022 06:30:16 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65491)
Size:   81934
Md5:    287aba717515929dc298d04786ddea80
Sha1:   eb3b8ed95e161aa6885dbcf04bbc5f0f41e376ed
Sha256: 2d290ebfd84f999142bf77f85736245c3e0ec2146c1141d7c5c0d0ec463e4b51
                                        
                                            GET /ludigames/adlite_220830/dist/f802e72f452f70d2ba0d.svg HTTP/1.1 
Host: cdn.ludigames.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.ludigames.com/ludigames/adlite_220830/dist/index.css
Cookie: _ga_8PQSSCTXQ2=GS1.1.1664865009.1.0.1664865015.0.0.0; _ga=GA1.2.694397743.1664865010; _gid=GA1.2.1811379081.1664865010; _gat_UA-49606359-38=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.110.8.184
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
content-length: 21366
last-modified: Tue, 30 Aug 2022 07:07:15 GMT
etag: "5376-5e77007b1cec0"
accept-ranges: bytes
access-control-allow-origin: https://m.gameloft.com
access-control-allow-headers: range
cache-control: max-age=5556
expires: Tue, 04 Oct 2022 08:02:52 GMT
date: Tue, 04 Oct 2022 06:30:16 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (20989)
Size:   21366
Md5:    987aa1ceea349c38346c47a2a8d716e1
Sha1:   9867f4aa8535c30b8a618b2d0806c6e960ce72bf
Sha256: 59429b0aa36c92c63c063c445d29025054c31c842abba9b37ab482a695f88060
                                        
                                            GET /ludigames/adlite_220830/dist/0eec3fe8e27a81902cd4.svg HTTP/1.1 
Host: cdn.ludigames.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.ludigames.com/ludigames/adlite_220830/dist/index.css
Cookie: _ga_8PQSSCTXQ2=GS1.1.1664865009.1.0.1664865015.0.0.0; _ga=GA1.2.694397743.1664865010; _gid=GA1.2.1811379081.1664865010; _gat_UA-49606359-38=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.110.8.184
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
content-length: 796
last-modified: Tue, 30 Aug 2022 07:07:10 GMT
etag: "31c-5e77007658380"
accept-ranges: bytes
access-control-allow-origin: https://m.gameloft.com
access-control-allow-headers: range
cache-control: max-age=5549
expires: Tue, 04 Oct 2022 08:02:45 GMT
date: Tue, 04 Oct 2022 06:30:16 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (692)
Size:   796
Md5:    a6ae2916be840498163966d4300ef1e1
Sha1:   ebd28b3211ffba5077804a33462b8ae3266c2d32
Sha256: ddda80c5a6223dd6177076f67f22505079e9cd7151c4cf251d359014f36c4fbd
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://play.ludigames.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 471368
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /ludigames/adlite_220830/images/dummy.png HTTP/1.1 
Host: cdn.ludigames.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.ludigames.com/
Cookie: _ga_8PQSSCTXQ2=GS1.1.1664865009.1.0.1664865015.0.0.0; _ga=GA1.2.694397743.1664865010; _gid=GA1.2.1811379081.1664865010; _gat_UA-49606359-38=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.110.8.184
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
content-length: 143
last-modified: Tue, 30 Aug 2022 07:07:19 GMT
etag: "8f-5e77007eed7c0"
access-control-allow-origin: *
access-control-allow-headers: range
accept-ranges: bytes
cache-control: public, max-age=14673
expires: Tue, 04 Oct 2022 10:34:49 GMT
date: Tue, 04 Oct 2022 06:30:16 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced\012- data
Size:   143
Md5:    c93f56aab6f03ab2bcc4fa6f68b1e68e
Sha1:   3b83960f87c8c6b0b68716f18991d906b0aca229
Sha256: db3d0072f3bbb09533e155bcd3269ab85e393c61e7e9e82c40f12f623c778081
                                        
                                            GET /adlite/images/dummy.png HTTP/1.1 
Host: play.ludigames.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.ludigames.com/adlite/?utm_source=crt&utm_medium=web&utm_campaign=CRT01&pang=true&opref=xsparrow&click_id=22J04120008A0343620310083QLD0&pub_id=34362&sv=127gik0dwtskh85nzbuc9wx55&tm=1664865008&m=922b8e34ec0e51d92e3dff41e91ae50b&country=160&from=ADID-435699&fromcrt=1&crt_param=pang
Cookie: _ga_8PQSSCTXQ2=GS1.1.1664865009.1.0.1664865015.0.0.0; _ga=GA1.2.694397743.1664865010; _gid=GA1.2.1811379081.1664865010; _gat_UA-49606359-38=1; gltrck_sess_nu13214=13214; gltrck_sess_op127gik0dwtskh85nzbuc9wx55=13214; gltrck_uuid=trkccded267-5ca5-4373-4ab3-7b36a3b2ca24; gltrck_sess=127gik0dwtskh85nzbuc9wx55%2C78cf35994ddaf73ee4a3cab79c6832ba; gltrck_sess_ex127gik0dwtskh85nzbuc9wx55=1664865015
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         208.71.186.40
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 04 Oct 2022 06:30:16 GMT
Content-Length: 143
Connection: keep-alive
Last-Modified: Thu, 07 Oct 2021 04:38:44 GMT
ETag: "8f-5cdbbd6731d00"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced\012- data
Size:   143
Md5:    c93f56aab6f03ab2bcc4fa6f68b1e68e
Sha1:   3b83960f87c8c6b0b68716f18991d906b0aca229
Sha256: db3d0072f3bbb09533e155bcd3269ab85e393c61e7e9e82c40f12f623c778081
                                        
                                            GET /adlite/api/products.php?cat=all HTTP/1.1 
Host: play.ludigames.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.ludigames.com/adlite/?utm_source=crt&utm_medium=web&utm_campaign=CRT01&pang=true&opref=xsparrow&click_id=22J04120008A0343620310083QLD0&pub_id=34362&sv=127gik0dwtskh85nzbuc9wx55&tm=1664865008&m=922b8e34ec0e51d92e3dff41e91ae50b&country=160&from=ADID-435699&fromcrt=1&crt_param=pang
Connection: keep-alive
Cookie: _ga_8PQSSCTXQ2=GS1.1.1664865009.1.0.1664865015.0.0.0; _ga=GA1.2.694397743.1664865010; _gid=GA1.2.1811379081.1664865010; _gat_UA-49606359-38=1; gltrck_sess_nu13214=13214; gltrck_sess_op127gik0dwtskh85nzbuc9wx55=13214; gltrck_uuid=trkccded267-5ca5-4373-4ab3-7b36a3b2ca24; gltrck_sess=127gik0dwtskh85nzbuc9wx55%2C78cf35994ddaf73ee4a3cab79c6832ba; gltrck_sess_ex127gik0dwtskh85nzbuc9wx55=1664865015
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         208.71.186.40
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Tue, 04 Oct 2022 06:30:16 GMT
Content-Length: 7771
Connection: keep-alive
Cache-Control: s-maxage=1800
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (65534), with CRLF line terminators
Size:   7771
Md5:    17a9ec807143a34db50ed940872c0f30
Sha1:   d6bb1a5cd14cb29b7a69b5baacba48b4a627aead
Sha256: 5d6d5e50e75152ebf936a6dfab1623812e3b6a780dc36f1430c43e6114dc173b
                                        
                                            GET /ludigames/adlite_220830/favicon.ico HTTP/1.1 
Host: cdn.ludigames.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.ludigames.com/
Cookie: _ga_8PQSSCTXQ2=GS1.1.1664865009.1.0.1664865015.0.0.0; _ga=GA1.2.694397743.1664865010; _gid=GA1.2.1811379081.1664865010; _gat_UA-49606359-38=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.110.8.184
HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
                                        
server: nginx
content-length: 4286
last-modified: Tue, 30 Aug 2022 07:07:28 GMT
etag: "10be-5e77008782c00"
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-headers: range
cache-control: public, max-age=6013
expires: Tue, 04 Oct 2022 08:10:29 GMT
date: Tue, 04 Oct 2022 06:30:16 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Size:   4286
Md5:    b3c56a8e551fa25d1b22dc644002537e
Sha1:   759c5e237985e3fb111faa257f042965f0ebbf0f
Sha256: 1955dbdc76f50d7f303732937ab1d9791958650fb5a53cf3889f57e26fee5265
                                        
                                            GET /tag/js/gpt.js HTTP/1.1 
Host: securepubads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.ludigames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.194
HTTP/2 200 OK
content-type: text/javascript
                                        
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27704
date: Tue, 04 Oct 2022 06:30:16 GMT
expires: Tue, 04 Oct 2022 06:30:16 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1353 / 813 of 1000 / last-modified: 1664834791"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (45165)
Size:   27704
Md5:    9a2367cdf561bb9a02506157ced99991
Sha1:   41ecf46cbb8a590c01b658e4e33aa4c1d15072d9
Sha256: 05df23d1c83bb82f8d71adcd1099b43e2339b2d2ffc6e181878a3641282369bd
                                        
                                            GET /cdn/prod/config?src=600&u=https%3A%2F%2Fplay.ludigames.com&pubid=301e06e9-d3c2-474e-9878-ea8f67bdc38b HTTP/1.1 
Host: c.amazon-adsystem.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://play.ludigames.com
Connection: keep-alive
Referer: https://play.ludigames.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.46.73
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
                                        
content-length: 248
access-control-allow-origin: https://play.ludigames.com
access-control-allow-credentials: true
cache-control: max-age=21550, s-maxage=21600
date: Tue, 04 Oct 2022 04:30:27 GMT
server: Server
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: v91byFZ3Udd8t0B-JeRTjJsuAx1K4IJ-DRAND13r-Jy61Vgd1F23pQ==
age: 7188
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   248
Md5:    3004e1ee3b8e3b0d18ebd19b4a54cd3a
Sha1:   613d1261a6e0e26f88b3f8d7c8c9dcfeb1377964
Sha256: 7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058
                                        
                                            GET /aax2/apstag.js HTTP/1.1 
Host: c.amazon-adsystem.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://play.ludigames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.46.73
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 04 Oct 2022 06:24:20 GMT
last-modified: Fri, 30 Sep 2022 18:36:21 GMT
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
server: AmazonS3
content-encoding: gzip
etag: W/"0b4d277527066dd35dd7c0288cb596b4"
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront), 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P1, OSL50-C1
x-amz-cf-id: 882Tgzim9G72SpsIVN3EQiBmtgQDEIbaz9e-8ktp7p306eItlHLdKQ==
age: 356
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65458)
Size:   174368
Md5:    1d5aae335e8c1a26b11942fca5c1e00b
Sha1:   4f06c0c2bf3e9eebf1be5d8ee100fd69c5c71385
Sha256: fd17bb05d3cd56e71d48d2e8d4781fd4734a84fc36ef1f846914f0ae1300a4ac
                                        
                                            GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1 
Host: c.amazon-adsystem.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://play.ludigames.com
Connection: keep-alive
Referer: https://play.ludigames.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.46.73
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 04 Oct 2022 02:53:49 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 19 Sep 2022 09:37:07 GMT
etag: W/"a4d296427fc806b21335359e398c025c"
cache-control: public, max-age=86400
x-amz-version-id: I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OF-2FfOARr3TyCTZ5sFYyFkuIKvfOxrGXtDuyfP160NklqEzwUNdIg==
age: 12988
X-Firefox-Spdy: h2


--- Additional Info ---