Overview

URL pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
IP192.185.16.63
ASNUNIFIEDLAYER-AS-1
Location United States
Report completed2022-09-28 02:10:54 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-28 2 pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_ (...) Phishing
2022-09-28 2 pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_ (...) Phishing
2022-09-28 2 pmeceu.com/wp-content/plugins/learnpress-gradebook/assets/css/gradebook.css (...) Phishing
2022-09-28 2 pmeceu.com/wp-content/plugins/learnpress-wishlist/assets/css/wishlist.css?v (...) Phishing
2022-09-28 2 pmeceu.com/wp-content/plugins/learnpress-certificates/assets/css/admin.cert (...) Phishing
2022-09-28 2 pmeceu.com/wp-content/plugins/learnpress-certificates/assets/css/certificat (...) Phishing
2022-09-28 2 pmeceu.com/wp-content/plugins/learnpress-gradebook/assets/js/table-js.js?ve (...) Phishing
2022-09-28 2 pmeceu.com/wp-content/plugins/learnpress/assets/js/frontend/course.js?ver=3 (...) Phishing
2022-09-28 2 pmeceu.com/wp-content/themes/astra/assets/js/minified/style.min.js?ver=2.1.3 Phishing
2022-09-28 2 pmeceu.com/wp-content/plugins/learnpress-gradebook/assets/js/gradebook.js?v (...) Phishing
2022-09-28 2 pmeceu.com/wp-content/plugins/learnpress-certificates/assets/js/download.js (...) Phishing
2022-09-28 2 pmeceu.com/wp-content/plugins/learnpress/assets/css/learnpress.css?ver=3.2.7.2 Phishing
2022-09-28 2 pmeceu.com/wp-includes/js/underscore.min.js?ver=1.8.3 Phishing
2022-09-28 2 pmeceu.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.10 Phishing
2022-09-28 2 pmeceu.com/wp-content/plugins/learnpress/assets/js/utils.min.js?ver=3.2.7.2 Phishing
2022-09-28 2 pmeceu.com/wp-content/plugins/learnpress/assets/js/global.min.js?ver=3.2.7.2 Phishing
2022-09-28 2 pmeceu.com/wp-content/plugins/learnpress/assets/css/bundle.min.css?ver=3.2.7.2 Phishing
2022-09-28 2 pmeceu.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp Phishing
2022-09-28 2 pmeceu.com/wp-content/themes/astra/assets/fonts/astra.woff Phishing
2022-09-28 2 pmeceu.com/wp-content/plugins/learnpress/assets/js/vendor/plugins.all.min.j (...) Phishing
2022-09-28 2 pmeceu.com/wp-content/plugins/learnpress-certificates/assets/js/fabric.js?v (...) Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (15)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-27 04:52:25 UTC 23.36.76.226
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-27 04:52:33 UTC 34.117.237.239
mnemonic passive DNS widget-v4.tidiochat.com (4) 17456 2018-06-14 06:38:01 UTC 2022-09-27 07:26:03 UTC 104.26.9.139
mnemonic passive DNS fonts.gstatic.com (4) 0 2014-08-29 13:43:22 UTC 2022-09-27 04:53:14 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-27 13:22:33 UTC 34.120.237.76
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-27 23:53:35 UTC 143.204.55.36
mnemonic passive DNS pmeceu.com (35) 0 2020-06-02 16:20:25 UTC 2022-09-28 02:09:14 UTC 192.185.16.63 Unknown ranking
mnemonic passive DNS ocsp.sectigo.com (1) 487 2018-12-17 11:31:55 UTC 2022-09-27 20:01:39 UTC 104.18.32.68
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-27 21:28:46 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-27 05:14:54 UTC 34.213.140.56
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-27 05:14:54 UTC 143.204.55.49
mnemonic passive DNS ocsp.pki.goog (5) 175 2017-06-14 07:23:31 UTC 2022-09-27 04:53:14 UTC 142.250.74.35
mnemonic passive DNS ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.88
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-09-27 22:17:28 UTC 142.250.74.10
mnemonic passive DNS code.tidio.co (1) 15677 2014-11-27 09:26:14 UTC 2022-09-27 07:26:03 UTC 104.26.8.183


Recent reports on same IP/ASN/Domain/Screenshot

Last 2 reports on IP: 192.185.16.63

Date UQ / IDS / BL URL IP
2022-09-28 02:10:54 +0000
0 - 0 - 21 pmeceu.com/wp-content/uploads/2022/07/8211759 (...) 192.185.16.63
2022-09-27 15:44:52 +0000
0 - 0 - 20 pmeceu.com/wp-content/uploads/2022/07/autocad (...) 192.185.16.63

Last 5 reports on ASN: UNIFIEDLAYER-AS-1

Date UQ / IDS / BL URL IP
2022-11-28 21:21:37 +0000
0 - 0 - 1 nuxn3.paradoxholdingsllc.com/aHR0cHM6Ly9icmFu (...) 69.49.229.176
2022-11-28 21:15:55 +0000
0 - 0 - 30 ducodxb.com/ 162.240.11.190
2022-11-28 21:15:45 +0000
0 - 0 - 2 callabbd.ntechbd.com/ 192.185.226.149
2022-11-28 21:15:43 +0000
0 - 0 - 19 pre-cargolaunch.co.uk/ 162.241.69.245
2022-11-28 21:02:24 +0000
0 - 0 - 2 istonline.org.in/images/parallax/linklde.zip 162.144.37.42

Last 2 reports on domain: pmeceu.com

Date UQ / IDS / BL URL IP
2022-09-28 02:10:54 +0000
0 - 0 - 21 pmeceu.com/wp-content/uploads/2022/07/8211759 (...) 192.185.16.63
2022-09-27 15:44:52 +0000
0 - 0 - 20 pmeceu.com/wp-content/uploads/2022/07/autocad (...) 192.185.16.63

Last 1 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-09-27 15:44:52 +0000
0 - 0 - 20 pmeceu.com/wp-content/uploads/2022/07/autocad (...) 192.185.16.63


JavaScript

Executed Scripts (27)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (70)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6804
Expires: Wed, 28 Sep 2022 04:04:06 GMT
Date: Wed, 28 Sep 2022 02:10:42 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 01:15:37 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SnD2tHG3ZLDSNC0rXDM_FevJgZBA3NDxmFmszKFiTd9OIIrOoiLRvg==
Age: 3305


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VXmoc_1VmPjZ0jjIwSPeexmHLvSyn8pw3-T-n4-bK1qD6Z1KFmqv1A==
age: 60389
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 28 Sep 2022 02:10:42 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         192.185.16.63
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 28 Sep 2022 02:10:42 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Set-Cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=a49c7dd15aa0574c4dbdb6426d8b8cf4%7C%7C1664503842%7C%7Ce1d3f257a78ec48c3bb034ab7a1fdc53; expires=Fri, 30-Sep-2022 02:10:42 GMT; Max-Age=172800; path=/ wordpress_lp_guest=61e85436e442778dbd84dbd8fb34e12f; expires=Wed, 28-Sep-2022 03:10:42 GMT; Max-Age=3600; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Content-Length: 0
Keep-Alive: timeout=5, max=75


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 01:10:47 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 28 Sep 2022 01:12:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: G3-BR-F9lB7Tf3mtaodbPFpK2LSpEPHY5zttRscpMzVocrXPObd2hA==
Age: 3597


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 02:10:43 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 08:23:08 GMT
Expires: Sun, 02 Oct 2022 08:23:07 GMT
Etag: "b922b30ec8d047d11aef0d82eb35d3ae5100301f"
Cache-Control: max-age=367343,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7518f1bd2957b4ff-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3734
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 02:10:43 GMT
Etag: "6332af16-1d7"
Last-Modified: Wed, 28 Sep 2022 01:08:29 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         192.185.16.63
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://pmeceu.com/wp-json/>; rel="https://api.w.org/"
set-cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=5bdc0017c6c753e380d14684712a6a85%7C%7C1664503843%7C%7Ccce34c4edff532baa1687fb7db54052a; expires=Fri, 30-Sep-2022 02:10:43 GMT; Max-Age=172800; path=/ wordpress_lp_guest=0113de1f9dba4f8d2d766a03a1b3236d; expires=Wed, 28-Sep-2022 03:10:43 GMT; Max-Age=3600; path=/
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 8659
date: Wed, 28 Sep 2022 02:10:43 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11261), with CRLF, LF line terminators
Size:   8659
Md5:    391e5e90c683cb2c44210dd9c4f77737
Sha1:   b739f37a13015269989aecf8a66cb4fc66ce050c
Sha256: 5f23315c8e3a5fab0e294b1c78ab15c59295a09386980dfea5ed61e79cdd4705

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PYnsJOZSan6BGlQMqLxqYw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.213.140.56
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GmZvABjWBrWDrfbMOIn9pHHREmk=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 02:10:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 02:10:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-includes/css/editor.min.css?ver=5.5.10 HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
Cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=5bdc0017c6c753e380d14684712a6a85%7C%7C1664503843%7C%7Ccce34c4edff532baa1687fb7db54052a; wordpress_lp_guest=0113de1f9dba4f8d2d766a03a1b3236d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.185.16.63
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Mon, 31 Aug 2020 15:21:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 8497
date: Wed, 28 Sep 2022 02:10:44 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (27136)
Size:   8497
Md5:    89fe121ddcb6af51f4df19418edad440
Sha1:   9f6ef002c2374e7b100301c156402efb11d47b5d
Sha256: 11f9d0fd79a7203e2191537a326254d3603afcdea1fa9017ff6eca48f6e66428
                                        
                                            GET /wp-content/plugins/learnpress-gradebook/assets/css/gradebook.css?ver=5.5.10 HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
Cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=5bdc0017c6c753e380d14684712a6a85%7C%7C1664503843%7C%7Ccce34c4edff532baa1687fb7db54052a; wordpress_lp_guest=0113de1f9dba4f8d2d766a03a1b3236d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.185.16.63
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Wed, 11 Dec 2019 20:06:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 794
date: Wed, 28 Sep 2022 02:10:44 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   794
Md5:    4ff8022b23fbc4dd2a5a0b3a99589bc0
Sha1:   4e331a90ae971158fac99a6ee2d6430132069b72
Sha256: af451704485ccf5fdaa6716c94bff9add092be3995d78698f961dc7b7ed17668

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/learnpress-wishlist/assets/css/wishlist.css?ver=5.5.10 HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
Cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=5bdc0017c6c753e380d14684712a6a85%7C%7C1664503843%7C%7Ccce34c4edff532baa1687fb7db54052a; wordpress_lp_guest=0113de1f9dba4f8d2d766a03a1b3236d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.185.16.63
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Mon, 16 Dec 2019 03:04:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 331
date: Wed, 28 Sep 2022 02:10:44 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   331
Md5:    8bdfc9787d7b9b935e14f86f7c41646f
Sha1:   9b4a226e81777f592265b04cd35d4e01936fe2f8
Sha256: df83264871fd70a4bbdf8d9d263a7e7d8e9778075243a9d464125964c61acf30

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/learnpress-certificates/assets/css/admin.certificates.css?ver=5.5.10 HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
Cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=5bdc0017c6c753e380d14684712a6a85%7C%7C1664503843%7C%7Ccce34c4edff532baa1687fb7db54052a; wordpress_lp_guest=0113de1f9dba4f8d2d766a03a1b3236d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.185.16.63
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Mon, 06 Jan 2020 12:08:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 2990
date: Wed, 28 Sep 2022 02:10:44 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2990
Md5:    2e951b80755fe11c9f7275486da86b4f
Sha1:   0c5a2c74f23be8c36547fda39874daa0de2ec293
Sha256: 4eca7ecf5f27c4dfd1d7f7a1c647acb4401dde794c5ab6566d076cd301bfc049

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=5.5.10 HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
Cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=5bdc0017c6c753e380d14684712a6a85%7C%7C1664503843%7C%7Ccce34c4edff532baa1687fb7db54052a; wordpress_lp_guest=0113de1f9dba4f8d2d766a03a1b3236d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.185.16.63
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Wed, 02 Sep 2020 07:23:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 10450
date: Wed, 28 Sep 2022 02:10:44 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (27100)
Size:   10450
Md5:    b650e5ddf81930091a075380ccc8c5b1
Sha1:   0ab1a085f80e5dea10ac546ce874e50bbf356adc
Sha256: 82ec65bdf3e49407d0cfbeb82aba8c5af94296015ff9ef5ddcebd4fa2d4b40cc
                                        
                                            GET /wp-content/plugins/learnpress-certificates/assets/css/certificates.css?ver=5.5.10 HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
Cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=5bdc0017c6c753e380d14684712a6a85%7C%7C1664503843%7C%7Ccce34c4edff532baa1687fb7db54052a; wordpress_lp_guest=0113de1f9dba4f8d2d766a03a1b3236d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.185.16.63
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Mon, 06 Jan 2020 12:08:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 1005
date: Wed, 28 Sep 2022 02:10:44 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1005
Md5:    e9b21d90f059dea4bcc73fbb55eff94a
Sha1:   da2db988ae698f52f41bbac89bd66d20af5afc18
Sha256: bd614b24f585fc1268154d622421724d4037618f459df85e338e1551975ccfb5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/astra/assets/css/minified/menu-animation.min.css?ver=2.1.3 HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
Cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=5bdc0017c6c753e380d14684712a6a85%7C%7C1664503843%7C%7Ccce34c4edff532baa1687fb7db54052a; wordpress_lp_guest=0113de1f9dba4f8d2d766a03a1b3236d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.185.16.63
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Sun, 01 Dec 2019 04:45:16 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 468
date: Wed, 28 Sep 2022 02:10:44 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3412), with no line terminators
Size:   468
Md5:    f88a6a529851c8ed1ffe2bd83219e490
Sha1:   597ff167b702900ee4473e31e390808b8de95664
Sha256: ae20c6ea52a0534fdda58a7ae13839ac66194434406e00a3bb5f4538f9909886
                                        
                                            GET /wp-content/plugins/learnpress-frontend-editor/assets/css/integration.css?ver=5.5.10 HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
Cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=5bdc0017c6c753e380d14684712a6a85%7C%7C1664503843%7C%7Ccce34c4edff532baa1687fb7db54052a; wordpress_lp_guest=0113de1f9dba4f8d2d766a03a1b3236d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.185.16.63
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 05 Mar 2020 01:31:36 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 1369
date: Wed, 28 Sep 2022 02:10:44 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1369
Md5:    2f992f46d217739986c7200a539ac499
Sha1:   c76bd4600b21c69ea09fa012313dfe5a0a92c05e
Sha256: f355a31adc0d95cccc1ecbda002a0e49fdfd5b25da5432d28921ca9b86da4130
                                        
                                            GET /wp-content/plugins/learnpress-gradebook/assets/js/table-js.js?ver=5.5.10 HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
Cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=5bdc0017c6c753e380d14684712a6a85%7C%7C1664503843%7C%7Ccce34c4edff532baa1687fb7db54052a; wordpress_lp_guest=0113de1f9dba4f8d2d766a03a1b3236d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.185.16.63
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 11 Dec 2019 20:06:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 700
date: Wed, 28 Sep 2022 02:10:44 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   700
Md5:    80cb32c79bbd6294e7300b59b333b7f5
Sha1:   40dbc484e3597c7cf0c80208273bf45e343f16fb
Sha256: 9d2accd29fc52153d0fc7827a19733235fef6e563b18da107dcb92a1c41d316e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/learnpress-certificates/assets/js/certificates.js?r=1664331043.844&ver=5.5.10 HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
Cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=5bdc0017c6c753e380d14684712a6a85%7C%7C1664503843%7C%7Ccce34c4edff532baa1687fb7db54052a; wordpress_lp_guest=0113de1f9dba4f8d2d766a03a1b3236d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.185.16.63
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 06 Jan 2020 12:08:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 3613
date: Wed, 28 Sep 2022 02:10:44 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   3613
Md5:    f2066dc3259bd1b5240bb3b6cd7ebbae
Sha1:   a8f52949d8c7f171efebbd0d5a3b9a35f1deda42
Sha256: 7b379ce667f5e2ea9ca1b68c1d38fd6b67f25bc5aa3222aa13464d59652b79ad
                                        
                                            GET /wp-includes/js/utils.min.js?ver=5.5.10 HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
Cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=5bdc0017c6c753e380d14684712a6a85%7C%7C1664503843%7C%7Ccce34c4edff532baa1687fb7db54052a; wordpress_lp_guest=0113de1f9dba4f8d2d766a03a1b3236d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.185.16.63
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 06:34:32 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 844
date: Wed, 28 Sep 2022 02:10:44 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1829)
Size:   844
Md5:    e858cb439525f0e4e12d006728a54812
Sha1:   e5ce095782b73e89206ed1b9a4b43e8541bfe818
Sha256: 900457d88e322986339f0ffcc477b59f613b87bc41f83dbea9d32e03a981b257
                                        
                                            GET /wp-content/plugins/learnpress/assets/js/frontend/become-teacher.js?ver=3.2.7.2 HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
Cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=5bdc0017c6c753e380d14684712a6a85%7C%7C1664503843%7C%7Ccce34c4edff532baa1687fb7db54052a; wordpress_lp_guest=0113de1f9dba4f8d2d766a03a1b3236d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.185.16.63
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sun, 31 May 2020 03:06:05 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 976
date: Wed, 28 Sep 2022 02:10:44 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   976
Md5:    7d2e92b07831ff815747798c3319834c
Sha1:   6c1456cb7e5838d172fe1532ba90320b7bbd8e57
Sha256: e05716948beb00405678d92e36060ad8ffbe2e8a4ffca5638f1b8ffe83911dae
                                        
                                            GET /wp-content/plugins/learnpress/assets/js/frontend/course.js?ver=3.2.7.2 HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
Cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=5bdc0017c6c753e380d14684712a6a85%7C%7C1664503843%7C%7Ccce34c4edff532baa1687fb7db54052a; wordpress_lp_guest=0113de1f9dba4f8d2d766a03a1b3236d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.185.16.63
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sun, 31 May 2020 03:06:05 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 5093
date: Wed, 28 Sep 2022 02:10:44 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   5093
Md5:    50719e0443a176f0f852c033ead1d71b
Sha1:   8ecc6e5807844b420ca4f7966984eb344c368e7b
Sha256: d601e30f487dbcb92ada37f3f59fad759587fd800cf4007c866dcdae6074dae8

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/2019/12/LogoMakr_9Amb5L-300x81.png HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
Cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=5bdc0017c6c753e380d14684712a6a85%7C%7C1664503843%7C%7Ccce34c4edff532baa1687fb7db54052a; wordpress_lp_guest=0113de1f9dba4f8d2d766a03a1b3236d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.185.16.63
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Fri, 26 Nov 2021 02:07:28 GMT
accept-ranges: bytes
content-length: 8325
x-endurance-cache-level: 0
x-nginx-cache: WordPress
date: Wed, 28 Sep 2022 02:10:44 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 300 x 81, 8-bit/color RGBA, non-interlaced\012- data
Size:   8325
Md5:    0def44350b28e3f2145154a734c639f4
Sha1:   57c89659867445384825d2ff978000ffb17763da
Sha256: db7081cb284a341325c7d221128d9c558f1f10d6083ba5f425b6b6465df70bac
                                        
                                            GET /wp-content/plugins/learnpress-wishlist/assets/js/wishlist.js?ver=5.5.10 HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
Cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=5bdc0017c6c753e380d14684712a6a85%7C%7C1664503843%7C%7Ccce34c4edff532baa1687fb7db54052a; wordpress_lp_guest=0113de1f9dba4f8d2d766a03a1b3236d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.185.16.63
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 16 Dec 2019 03:04:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 696
date: Wed, 28 Sep 2022 02:10:44 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   696
Md5:    678746fbfbe7df7bc0871d02859f798d
Sha1:   29b52c0860c93143d32b784da120e50f215ebbc9
Sha256: fc8c23980f64f04063b99f384627e6eeb08fe4e4d17c13efa2f13468400ed25f
                                        
                                            GET /wp-content/themes/astra/assets/js/minified/style.min.js?ver=2.1.3 HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
Cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=5bdc0017c6c753e380d14684712a6a85%7C%7C1664503843%7C%7Ccce34c4edff532baa1687fb7db54052a; wordpress_lp_guest=0113de1f9dba4f8d2d766a03a1b3236d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.185.16.63
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sun, 01 Dec 2019 04:45:16 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 3514
date: Wed, 28 Sep 2022 02:10:44 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10312), with no line terminators
Size:   3514
Md5:    2abdbe8036e834bcbb01f3a16961113c
Sha1:   1082fd0ff4308b5159d9df68a440cb4f59497fab
Sha256: ca8ef1122f7c89bda35b8005ea56b4511fd86cc3e1a1311baba631081bfdb8ee

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/learnpress-gradebook/assets/js/gradebook.js?ver=5.5.10 HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
Cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=5bdc0017c6c753e380d14684712a6a85%7C%7C1664503843%7C%7Ccce34c4edff532baa1687fb7db54052a; wordpress_lp_guest=0113de1f9dba4f8d2d766a03a1b3236d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.185.16.63
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 11 Dec 2019 20:06:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 205
date: Wed, 28 Sep 2022 02:10:44 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   205
Md5:    f8afd18a510f923a90e0b7885a6cbfdb
Sha1:   d4268b828790f0f66aa484975bb7d9e0f7e0eabb
Sha256: 53c21c21b7a5e5d0a00a7b3b402c4453e41e1b9aa2a69c554691e525cef29533

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/learnpress-certificates/assets/js/download.js?ver=5.5.10 HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
Cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=5bdc0017c6c753e380d14684712a6a85%7C%7C1664503843%7C%7Ccce34c4edff532baa1687fb7db54052a; wordpress_lp_guest=0113de1f9dba4f8d2d766a03a1b3236d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.185.16.63
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 06 Jan 2020 12:08:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 2826
date: Wed, 28 Sep 2022 02:10:44 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2826
Md5:    cd8738f73ab4cfc3a26d4cca2e1d4670
Sha1:   ba25422e84cf327cecd4ded6ac133ff4b165dd78
Sha256: 03d27122d790f04b47b5351afa45e2ed0aaad76e7e2b451c8975bf0f9f60628d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/learnpress/assets/css/learnpress.css?ver=3.2.7.2 HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
Cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=5bdc0017c6c753e380d14684712a6a85%7C%7C1664503843%7C%7Ccce34c4edff532baa1687fb7db54052a; wordpress_lp_guest=0113de1f9dba4f8d2d766a03a1b3236d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.185.16.63
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Sun, 31 May 2020 03:06:05 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 15032
date: Wed, 28 Sep 2022 02:10:44 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   15032
Md5:    7eccf567d6fd7c44a14e30c0013835c4
Sha1:   89e077e71f351529d3e8839b6c7148de42e62246
Sha256: 6e811e8c0f94532bcd56c03420580d5d482f4c3f33e1a884c357d35f7015b404

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/underscore.min.js?ver=1.8.3 HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
Cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=5bdc0017c6c753e380d14684712a6a85%7C%7C1664503843%7C%7Ccce34c4edff532baa1687fb7db54052a; wordpress_lp_guest=0113de1f9dba4f8d2d766a03a1b3236d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.185.16.63
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 06:34:32 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 6378
date: Wed, 28 Sep 2022 02:10:44 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (16010)
Size:   6378
Md5:    96bea734708712077251c5329641f1c6
Sha1:   5a37dc74b5532c8905fd02a17771199e78d1d880
Sha256: a1e8bb45168c7805dd39f1e2fdecda8f10e30132f9d935841c063281be341e4a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/wp-embed.min.js?ver=5.5.10 HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
Cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=5bdc0017c6c753e380d14684712a6a85%7C%7C1664503843%7C%7Ccce34c4edff532baa1687fb7db54052a; wordpress_lp_guest=0113de1f9dba4f8d2d766a03a1b3236d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.185.16.63
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 06:34:32 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 777
date: Wed, 28 Sep 2022 02:10:44 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1391)
Size:   777
Md5:    06ece4d01ee88297957c9f4cdcaa4df5
Sha1:   2b3321654a8ead1e1493eac9b5f1fdfb65e2037f
Sha256: 0b17eb6ab02e69f50ac52ca157375bd69853ae4f4796eb48a35eb4a12fc7af8b
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=5.5.10 HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
Cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=5bdc0017c6c753e380d14684712a6a85%7C%7C1664503843%7C%7Ccce34c4edff532baa1687fb7db54052a; wordpress_lp_guest=0113de1f9dba4f8d2d766a03a1b3236d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.185.16.63
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 15 Apr 2021 06:34:32 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 4942
date: Wed, 28 Sep 2022 02:10:44 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11272)
Size:   4942
Md5:    d357bf65a33b527651ede445f3cc2fb7
Sha1:   0b1af6c31af2583294d25a5269b73c9eceb24851
Sha256: 86f79b7820407cf77a47da5f70b2406efdd9521e1c2c664641f22b6d9a9fd0d4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/learnpress/assets/js/utils.min.js?ver=3.2.7.2 HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
Cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=5bdc0017c6c753e380d14684712a6a85%7C%7C1664503843%7C%7Ccce34c4edff532baa1687fb7db54052a; wordpress_lp_guest=0113de1f9dba4f8d2d766a03a1b3236d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.185.16.63
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sun, 31 May 2020 03:06:05 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 8975
date: Wed, 28 Sep 2022 02:10:44 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (22613), with no line terminators
Size:   8975
Md5:    15ee2cc903a02785f65fe8cca524e64c
Sha1:   48a54ccfe729378954e880b860d119c44067bf56
Sha256: 04ca7afb7959eb071ead477626b7abe5139ec922052c1825242315b48fc4f458

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/learnpress/assets/js/global.min.js?ver=3.2.7.2 HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
Cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=5bdc0017c6c753e380d14684712a6a85%7C%7C1664503843%7C%7Ccce34c4edff532baa1687fb7db54052a; wordpress_lp_guest=0113de1f9dba4f8d2d766a03a1b3236d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.185.16.63
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sun, 31 May 2020 03:06:05 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 454
date: Wed, 28 Sep 2022 02:10:44 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (934), with no line terminators
Size:   454
Md5:    189277dd541ddb03a1367fdb655e1e71
Sha1:   035352f433ee7f104b8cd970b3c8e8a0e15c45b4
Sha256: 1af7ac4cba1207813427114a2dd2a124c7f76ad55bea603b1881f126a213b539

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/learnpress/assets/css/bundle.min.css?ver=3.2.7.2 HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
Cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=5bdc0017c6c753e380d14684712a6a85%7C%7C1664503843%7C%7Ccce34c4edff532baa1687fb7db54052a; wordpress_lp_guest=0113de1f9dba4f8d2d766a03a1b3236d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.185.16.63
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Sun, 31 May 2020 03:06:05 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 9517
date: Wed, 28 Sep 2022 02:10:44 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (30477)
Size:   9517
Md5:    0f94c8006e9c8944796d420f6c21b6a5
Sha1:   912febeaf0c87a5f40c2ce147f561bc5a8d24a03
Sha256: b71134f3ff44f318b1155a3b8115fa3566dc5df54e5af846bca0e7f453f384d6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 02:10:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 02:10:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pmeceu.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 21:03:13 GMT
expires: Tue, 26 Sep 2023 21:03:13 GMT
cache-control: public, max-age=31536000
age: 104851
last-modified: Mon, 09 May 2022 18:27:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 12860, version 1.0\012- data
Size:   12860
Md5:    ab21c24efd75543e16e34807ebc6cdec
Sha1:   eb2562f9729079333fbcbbe94868695669dd3301
Sha256: 88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
                                        
                                            GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
Cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=5bdc0017c6c753e380d14684712a6a85%7C%7C1664503843%7C%7Ccce34c4edff532baa1687fb7db54052a; wordpress_lp_guest=0113de1f9dba4f8d2d766a03a1b3236d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.185.16.63
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sun, 01 Dec 2019 04:27:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
date: Wed, 28 Sep 2022 02:10:44 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   43238
Md5:    75ae410ac88782b41b404bd895b2bd87
Sha1:   b4758f6aaffddc473adcd68f661aab0d7847abca
Sha256: 5b485c32e33b794c7329c811619e39c9d8810f3d45b3dadb276b5ab11ed747a3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pmeceu.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12684
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 21:03:15 GMT
expires: Tue, 26 Sep 2023 21:03:15 GMT
cache-control: public, max-age=31536000
age: 104849
last-modified: Mon, 09 May 2022 18:28:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 12684, version 1.0\012- data
Size:   12684
Md5:    0c235386bcf6af06f67e6c89fd19e434
Sha1:   10720574d4609322023984a761f32f9518c07bc4
Sha256: c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
                                        
                                            GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pmeceu.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12848
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 16:43:29 GMT
expires: Fri, 22 Sep 2023 16:43:29 GMT
cache-control: public, max-age=31536000
age: 466035
last-modified: Mon, 11 Jul 2022 18:56:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 12848, version 1.0\012- data
Size:   12848
Md5:    f0b3206d02a2f684530117ce1d7e8ce0
Sha1:   f3708b707b65e241b0f1c819d5f7bf7da8412653
Sha256: f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 02:10:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/astra/assets/fonts/astra.woff HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
Cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=5bdc0017c6c753e380d14684712a6a85%7C%7C1664503843%7C%7Ccce34c4edff532baa1687fb7db54052a; wordpress_lp_guest=0113de1f9dba4f8d2d766a03a1b3236d
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.185.16.63
HTTP/2 200 OK
content-type: font/woff
                                        
last-modified: Sun, 01 Dec 2019 04:45:16 GMT
accept-ranges: bytes
content-length: 3304
x-endurance-cache-level: 0
x-nginx-cache: WordPress
date: Wed, 28 Sep 2022 02:10:44 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 3304, version 1.0\012- data
Size:   3304
Md5:    bfe0ed8503c926d68f58ed0408dfe0d0
Sha1:   0346d02d96ff7d2a0278bc10f4dfdf365c80eac3
Sha256: ec7ef7aa5fd1e019f1c26193e95e46d481d4983673936a9dda086705ada6e3d5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5071
Expires: Wed, 28 Sep 2022 03:35:16 GMT
Date: Wed, 28 Sep 2022 02:10:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5071
Expires: Wed, 28 Sep 2022 03:35:16 GMT
Date: Wed, 28 Sep 2022 02:10:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5071
Expires: Wed, 28 Sep 2022 03:35:16 GMT
Date: Wed, 28 Sep 2022 02:10:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5071
Expires: Wed, 28 Sep 2022 03:35:16 GMT
Date: Wed, 28 Sep 2022 02:10:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5071
Expires: Wed, 28 Sep 2022 03:35:16 GMT
Date: Wed, 28 Sep 2022 02:10:45 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7455
x-amzn-requestid: e99c9f33-b72a-4070-80cf-06fb4a87d1df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZG4S6EcAoAMFX1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6332a0df-04122b4a345dbc3f3918af98;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 07:06:07 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: yW-bGn5vYTa6Z28ELKYgYpy98wQEbYJIl5yxd1qLxz1YjVYKxMH2Wg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 07:31:02 GMT
age: 67183
etag: "b383135e2ebc23fe80eb0d594b198cb8c89327a5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7455
Md5:    ea3890e460356d6ecc3ba4e405ac2e9e
Sha1:   b383135e2ebc23fe80eb0d594b198cb8c89327a5
Sha256: 8fcff053ce6e5750136bf876bad5b2916935f13ea039912d977928b086f0a48b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb17f4e8-cf01-41dc-8d4d-247daf3e0160.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 14018
x-amzn-requestid: fb0f02e7-1ce0-4861-9446-13d60df06f24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3xSEhCIAMFWkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cd4-79f482493d204a1208fad00f;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZAov4fpWAjIBhHfeYEwu39wJTG58HnW7ebekpIoNSgA7PLIs5b7sSg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:09:19 GMT
age: 14486
etag: "78b1a603c4f7f2d6fbad15d7a4cd1397554339e9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14018
Md5:    d039db0b842a4cbbaefdaab98bc6722b
Sha1:   78b1a603c4f7f2d6fbad15d7a4cd1397554339e9
Sha256: 65a3c7b0515cfd2a723f3bc3147cb98f3dd75ce1ecfce915c7c8e9ba5ae0bf2d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 14464
x-amzn-requestid: 6627e07e-034b-432e-ab9e-afe035fa0b9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e9HgIoAMFxUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-7f34c3f6454379724a7ac413;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: J27vcANRhkMUuGwTZjXkO0EF0-UjN-MODVQRKgsc7hJI2S-UPF8Ctw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:40:53 GMT
age: 16192
etag: "bc214d60be395d4cf753216ff8f9691c33d25e75"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14464
Md5:    aa5cad224dbddd71881bd07255beb4da
Sha1:   bc214d60be395d4cf753216ff8f9691c33d25e75
Sha256: 82935e52aa59929a448d17a5a2d58fda86bb5c25bf6628a05bd904f82517dada
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9733
x-amzn-requestid: fff8214b-48f7-4b45-bd91-69ea4db871d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCAWhG9HIAMFloQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330adc3-1cffa63711378c525e49e11d;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 19:36:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Vak91l2UKRnX0Go62y1yPwJ8E-Af7XBurmQATw5MSZXBqhUJrIgOCQ==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 04:55:01 GMT
age: 76544
etag: "2142075b27d0d355c51231ab06fea46e25eb9c59"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9733
Md5:    f3e1fd3401c5e635a8dbeec5f78b721d
Sha1:   2142075b27d0d355c51231ab06fea46e25eb9c59
Sha256: 2e17a43985b624e6b6592d402c36dd45b915cd6e1ac84e187c18c46420eb9a1d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11314
x-amzn-requestid: 9f410158-cd1a-45a9-9e86-4005b25577e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e4Hw7oAMFpAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-70683c681f22a3b6103fcb4a;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: l9IinQYCcQV_iymSArIEnOWgbmLlmVqz94402zcsmga5Bp3Sty7QRg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:40:49 GMT
age: 16196
etag: "8ad289a77705358ab660b6123e9d90de991b6c13"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11314
Md5:    ee83d08d024d127fad5918e1ffacb78b
Sha1:   8ad289a77705358ab660b6123e9d90de991b6c13
Sha256: aaab3590ef3777ce8b7a9a34f18866fa20ecaa554cbcdcdb3f1fa3c34c88ceb4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12016
x-amzn-requestid: ec1b3715-5d0f-4045-aa5b-b70a55c81d72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EtyIAMFdZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-201dd1ef1426a09965c68dab;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: y3DefdcXJyoDHpJXwz460gfWcv2JUboOFExNQmTFgy30B4mn54Xvuw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:44:30 GMT
age: 15975
etag: "a54803cca7d3c509c195f65961e1110c8ec56f55"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12016
Md5:    4b794c6812cb546de0295e087ebe66a7
Sha1:   a54803cca7d3c509c195f65961e1110c8ec56f55
Sha256: 6a207f75eb3951f3dea5252bc8d185cd604d3d657f15b838774e8087e91f37f5
                                        
                                            GET /wp-content/uploads/2019/12/cropped-LogoMakr_9Amb5L-32x32.png HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
Cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=5bdc0017c6c753e380d14684712a6a85%7C%7C1664503843%7C%7Ccce34c4edff532baa1687fb7db54052a; wordpress_lp_guest=0113de1f9dba4f8d2d766a03a1b3236d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.185.16.63
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sun, 01 Dec 2019 17:53:32 GMT
accept-ranges: bytes
content-length: 898
x-endurance-cache-level: 0
x-nginx-cache: WordPress
date: Wed, 28 Sep 2022 02:10:45 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   898
Md5:    2a6e055b1e9fa8aa5ac29d50938b8512
Sha1:   7ea547c947b45b3fed6b38cf28ce319accb477e7
Sha256: 57d51df498ccccbb1f1686f1f0eac15bcd1347f5220c512b790b064865f91e68
                                        
                                            GET /wp-content/uploads/2019/12/cropped-LogoMakr_9Amb5L-192x192.png HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
Cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=5bdc0017c6c753e380d14684712a6a85%7C%7C1664503843%7C%7Ccce34c4edff532baa1687fb7db54052a; wordpress_lp_guest=0113de1f9dba4f8d2d766a03a1b3236d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.185.16.63
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sun, 01 Dec 2019 17:53:32 GMT
accept-ranges: bytes
content-length: 11207
x-endurance-cache-level: 0
x-nginx-cache: WordPress
date: Wed, 28 Sep 2022 02:10:45 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   11207
Md5:    fcc7d886ececb9b156efc0aa6ca77124
Sha1:   148239921a2bc730e116c01e330c2c952fdeacb0
Sha256: 3fea3482e123e4e4db0b0ebdf6b872855c963284fd308a82d31a16b2f99d44b0
                                        
                                            GET //tururu.mp3 HTTP/1.1 
Host: widget-v4.tidiochat.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.26.9.139
HTTP/2 206 Partial Content
content-type: audio/mpeg
                                        
date: Wed, 28 Sep 2022 02:10:45 GMT
content-length: 7224
last-modified: Thu, 15 Sep 2022 11:25:20 GMT
etag: "63230ba0-1c38"
expires: Wed, 12 Oct 2022 01:22:34 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 2891
content-range: bytes 0-7223/7224
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CGoaiOFKjyJxZ44w0LA1Qw7BphNJl%2BWtdStu9PV5CpPxLZwYZOjUL2sNm%2FixOJ3k2Wm6l1LXLJCEvdFcn4OZj2JmfXGuKgkQ4Gnw7WkjTCnX0mQkjMSTgEKKlxMFriNo71lzOyX4mxy4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7518f1c84fd9b517-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MPEG ADTS, layer III, v1, 64 kbps, 44.1 kHz, Monaural\012- data
Size:   7224
Md5:    5061b4d134a7b4d5d744f9a127b757a8
Sha1:   c5e240ac60d3914cb3836ba6652105c67720b845
Sha256: 12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.88
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 02:10:45 GMT
Last-Modified: Wed, 28 Sep 2022 00:21:32 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sjC29XvJchfUGSmBL3xpELq33Y5rwgdHh4Lgxod85Lh1waUCCBg4ew==
Age: 6553

                                        
                                            GET //1_114_0/static/js/widget.64874ea49214d2736b46.js HTTP/1.1 
Host: widget-v4.tidiochat.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.26.9.139
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 28 Sep 2022 02:10:45 GMT
last-modified: Thu, 15 Sep 2022 11:25:23 GMT
vary: Accept-Encoding
etag: W/"63230ba3-826dd"
cache-control: max-age=691200
cf-cache-status: HIT
age: 1432
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5gcK7H9TI81RVtybt548ZbCoPlJPM5o%2F8sgEMk6uJRafaYEKJRH17fz8F0sRPgT02hM6C4TR0xJOF7Rqpz2koXYE0S6YF%2BiSzkW2zdRpvulqyq1PSjCdyzcqYN7%2FjpwIDQctSYhqTrHB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7518f1c84fdcb517-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   165026
Md5:    55b91e0bafc909652b56f51dd643a3a0
Sha1:   b09d2001ff42522c720478c35325c73d0f7d995d
Sha256: 3542dbb47e02b8a70d2e3d282507f61c1d801be9e3f5a61b94c4881a389a3bb8
                                        
                                            GET /s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pmeceu.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27428
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 04:28:39 GMT
expires: Sun, 24 Sep 2023 04:28:39 GMT
cache-control: public, max-age=31536000
age: 337327
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 27428, version 1.0\012- data
Size:   27428
Md5:    e6d08c334958c128b793b570a7dce066
Sha1:   081111500e97a7663ff936f847e050fee6b8be2b
Sha256: 8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
                                        
                                            GET /css?family=Noto+Sans%3A400%2C700%7CMontserrat%3A700%2C&display=fallback&ver=2.1.3 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmeceu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 02:10:44 GMT
date: Wed, 28 Sep 2022 02:10:44 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-includes/css/dashicons.min.css?ver=5.5.10 HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
Cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=5bdc0017c6c753e380d14684712a6a85%7C%7C1664503843%7C%7Ccce34c4edff532baa1687fb7db54052a; wordpress_lp_guest=0113de1f9dba4f8d2d766a03a1b3236d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.185.16.63
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 15 Apr 2021 06:34:32 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
date: Wed, 28 Sep 2022 02:10:44 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/themes/astra/assets/css/minified/style.min.css?ver=2.1.3 HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
Cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=5bdc0017c6c753e380d14684712a6a85%7C%7C1664503843%7C%7Ccce34c4edff532baa1687fb7db54052a; wordpress_lp_guest=0113de1f9dba4f8d2d766a03a1b3236d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.185.16.63
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Sun, 01 Dec 2019 04:45:16 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
date: Wed, 28 Sep 2022 02:10:44 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/plugins/learnpress/assets/js/vendor/plugins.all.min.js?ver=3.2.7.2 HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
Cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=5bdc0017c6c753e380d14684712a6a85%7C%7C1664503843%7C%7Ccce34c4edff532baa1687fb7db54052a; wordpress_lp_guest=0113de1f9dba4f8d2d766a03a1b3236d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.185.16.63
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sun, 31 May 2020 03:06:05 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
date: Wed, 28 Sep 2022 02:10:44 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /vbq9xwlahlaxinnjiw3i1du352ljzm3t.js HTTP/1.1 
Host: code.tidio.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmeceu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.26.8.183
HTTP/2 302 Found
content-type: text/html
                                        
date: Wed, 28 Sep 2022 02:10:45 GMT
location: https://widget-v4.tidiochat.com/1_114_0/static/js/render.64874ea49214d2736b46.js
cache-control: private, no-cache, no-store, must-revalidate
widget-cache-status: HIT
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FwOnFkHRhraIfgrL3KuhV9OLTSgjBR5XqWH2JD0uZ3sWnlv%2BH%2BZgihXendPKQG2l03U%2F61iL97Hjof8Z1N3mB%2F7tdcUQ7NMlCwpQ62u2qPBXAYu2VfuPF3I%2FjPBJ%2FRU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7518f1c77e52fac8-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/plugins/learnpress-certificates/assets/js/fabric.js?ver=5.5.10 HTTP/1.1 
Host: pmeceu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pmeceu.com/wp-content/uploads/2022/07/82117599137094_gt_e2250_flash_loader_754_csc_v04_liteepub_hot.pdf
Cookie: wp_learn_press_session_bf1593c9797c79d1c9138489e82766af=5bdc0017c6c753e380d14684712a6a85%7C%7C1664503843%7C%7Ccce34c4edff532baa1687fb7db54052a; wordpress_lp_guest=0113de1f9dba4f8d2d766a03a1b3236d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.185.16.63
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 06 Jan 2020 12:08:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
date: Wed, 28 Sep 2022 02:10:44 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /1_114_0/static/js/render.64874ea49214d2736b46.js HTTP/1.1 
Host: widget-v4.tidiochat.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pmeceu.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.26.9.139
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 28 Sep 2022 02:10:45 GMT
last-modified: Thu, 15 Sep 2022 11:25:23 GMT
vary: Accept-Encoding
etag: W/"63230ba3-4311"
cache-control: max-age=691200
cf-cache-status: HIT
age: 1522
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ez3b8CTgj%2BCOi%2BovkElRBUfMbVXcIIbUyIPjtoi9j4QqJjhXT5m24dOlVk%2FSfYb8tjqDhMYwY3DLsgziE%2FKg4sChUUhrioRbRJ3C65NrBg0ixiNMCld4IOjdpUGi6faxOqDAJuEyBXKc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7518f1c7ffbab517-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /1_114_0/static/js/chunk-WidgetIframe-64874ea49214d2736b46.js HTTP/1.1 
Host: widget-v4.tidiochat.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.26.9.139
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 28 Sep 2022 02:10:45 GMT
last-modified: Thu, 15 Sep 2022 11:25:23 GMT
vary: Accept-Encoding
etag: W/"63230ba3-5575e"
cache-control: max-age=691200
cf-cache-status: HIT
age: 1417
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0wD6z%2BPJ65lSUe9pOl4MX7hG3LnzD48ZrRxVHvAEePiE7XmOwetA6FOI2tH3r1%2F1cFLivivZlAC9hp1lrazi3yfzU7enHH%2BsgpBp%2FvbLmR4DlAqYmn8MR54jE9Z04sGHwNU%2FAax%2Ff9Fm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7518f1c82fd1b517-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---