Overview

URL theconjuring3englishsub.wordpress.com/2022/09/13/liverpool-goalkeeper-loris-karius-has-been-announced-as-a-new-signing-for-newcastle-united/
IP192.0.78.13
ASNAUTOMATTIC
Location United States
Report completed2022-09-13 15:29:48 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (21)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS public-api.wordpress.com (3) 6465 2012-07-08 04:15:07 UTC 2022-09-13 06:04:06 UTC 192.0.78.23
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-13 04:56:58 UTC 95.101.11.115
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-13 04:58:37 UTC 34.117.237.239
mnemonic passive DNS ocsp.pki.goog (4) 175 2017-06-14 07:23:31 UTC 2022-09-13 04:56:27 UTC 142.250.74.3
mnemonic passive DNS fonts.gstatic.com (3) 0 2014-08-29 13:43:22 UTC 2022-09-13 04:56:51 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS 0.gravatar.com (3) 6977 2012-05-21 07:08:47 UTC 2022-09-13 05:00:41 UTC 192.0.73.2
mnemonic passive DNS 1.gravatar.com (1) 7167 2012-05-21 07:08:48 UTC 2022-09-13 06:04:06 UTC 192.0.73.2
mnemonic passive DNS stats.wp.com (1) 2711 2017-01-30 05:06:59 UTC 2022-09-13 04:57:43 UTC 192.0.76.3
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-13 05:25:58 UTC 143.204.55.35
mnemonic passive DNS fonts.googleapis.com (1) 8877 2014-07-21 13:19:55 UTC 2022-09-13 12:21:59 UTC 142.250.74.10
mnemonic passive DNS s.yimg.com (1) 375 2012-05-20 22:45:00 UTC 2022-09-13 11:27:13 UTC 188.125.94.206
mnemonic passive DNS widgets.wp.com (3) 10182 2013-06-12 08:26:21 UTC 2022-09-13 06:04:06 UTC 192.0.77.32
mnemonic passive DNS s.pubmine.com (1) 9518 2015-01-02 18:51:31 UTC 2022-09-13 06:28:16 UTC 176.34.151.72
mnemonic passive DNS theconjuring3englishsub.wordpress.com (3) 0 2022-07-13 03:32:43 UTC 2022-09-11 16:03:46 UTC 192.0.78.12 Domain (wordpress.com) ranked at: 1450
mnemonic passive DNS s0.wp.com (19) 6184 2017-01-30 05:08:18 UTC 2022-09-13 06:04:06 UTC 192.0.77.32
mnemonic passive DNS pixel.wp.com (2) 2545 2017-01-30 05:31:40 UTC 2022-09-13 05:41:08 UTC 192.0.76.3
mnemonic passive DNS ocsp.sectigo.com (1) 487 2018-12-17 11:31:55 UTC 2022-09-13 12:47:16 UTC 104.18.32.68
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-13 10:12:26 UTC 143.204.55.27
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-13 12:08:30 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-13 05:09:29 UTC 52.41.252.32
mnemonic passive DNS img-getpocket.cdn.mozilla.net (4) 1631 2017-09-01 03:40:57 UTC 2022-09-13 12:32:54 UTC 34.120.237.76


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 192.0.78.13

Date UQ / IDS / BL URL IP
2022-12-01 07:20:44 +0000
0 - 0 - 0 besports12.wordpress.com/2022/12/01/poland-go (...) 192.0.78.13
2022-11-30 14:05:54 +0000
0 - 0 - 0 besports12.wordpress.com/2022/11/30/takuma-as (...) 192.0.78.13
2022-11-25 14:44:55 +0000
0 - 0 - 0 besports12.wordpress.com/2022/11/25/ecuador-c (...) 192.0.78.13
2022-11-08 15:28:15 +0000
0 - 0 - 0 theconjuring3koreansub.wordpress.com/2022/11/ (...) 192.0.78.13
2022-10-31 14:46:45 +0000
0 - 0 - 0 theconjuring3englishsub.wordpress.com/2022/10 (...) 192.0.78.13

Last 5 reports on ASN: AUTOMATTIC

Date UQ / IDS / BL URL IP
2022-12-07 17:03:16 +0000
0 - 0 - 2 192.0.66.152 192.0.66.152
2022-12-07 16:02:05 +0000
0 - 0 - 0 besports12.wordpress.com/2022/12/07/gabriel-j (...) 192.0.78.12
2022-12-06 13:39:48 +0000
0 - 0 - 1 correenwilliams.com/my-favorite-things/ 192.0.78.136
2022-12-06 03:07:24 +0000
0 - 0 - 2 danielleclamare.com/ 192.0.78.24
2022-12-06 01:14:17 +0000
0 - 0 - 0 theredbaitercom.files.wordpress.com 192.0.72.23

Last 5 reports on domain: wordpress.com

Date UQ / IDS / BL URL IP
2022-12-07 16:02:05 +0000
0 - 0 - 0 besports12.wordpress.com/2022/12/07/gabriel-j (...) 192.0.78.12
2022-12-06 01:14:17 +0000
0 - 0 - 0 theredbaitercom.files.wordpress.com 192.0.72.23
2022-12-01 07:20:44 +0000
0 - 0 - 0 besports12.wordpress.com/2022/12/01/poland-go (...) 192.0.78.13
2022-11-30 14:05:54 +0000
0 - 0 - 0 besports12.wordpress.com/2022/11/30/takuma-as (...) 192.0.78.13
2022-11-25 14:44:55 +0000
0 - 0 - 0 besports12.wordpress.com/2022/11/25/ecuador-c (...) 192.0.78.13

No other reports with similar screenshot



JavaScript

Executed Scripts (41)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (62)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5412
Expires: Tue, 13 Sep 2022 16:59:49 GMT
Date: Tue, 13 Sep 2022 15:29:37 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 13 Sep 2022 15:08:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XqCBpZMa0aolCX5oaxSL6sGGQvdt3joU8YvH6pIgF_JxRiBAroyjjA==
Age: 1251


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    99b7d23c1748d0526782b9ff9ea45f09
Sha1:   eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
Sha256: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FUwZdZawMqx-_CGBoAXvqswNOOY3EAzV0gKd53Y_Cc0R2KuMQOyOkg==
age: 39263
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:37 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /i/logo/wpcom-gray-white.png HTTP/1.1 
Host: s0.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconjuring3englishsub.wordpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.0.77.32
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:38 GMT
content-length: 8203
last-modified: Thu, 29 Nov 2018 13:53:22 GMT
etag: "5bffef52-200b"
expires: Thu, 10 Nov 2022 15:10:54 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 500 x 500, 8-bit colormap, non-interlaced\012- data
Size:   8203
Md5:    5f7b74563bafaff6e4ca77bb82d511c5
Sha1:   ebcb367071a682d64a2e6471d553ad1fc1f90cd6
Sha256: c0e93b5ebf107af77d9e7d101d186b3b93e9d5ad4fbb6a74e2dea60173cc04f8
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 13 Sep 2022 15:29:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css?family=PT+Sans%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconjuring3englishsub.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Sep 2022 15:29:38 GMT
date: Tue, 13 Sep 2022 15:29:38 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1068
Md5:    ed9444cf1ff0e792ed97de44aa682347
Sha1:   ae63e6913ac1dcb4e8e75011c6f0c3bc4be4d61a
Sha256: d5af6407b596a3d3f94c7fa3137423aa740ee493c2797cf47d764edb4abc7e3f
                                        
                                            GET /_static/??-eJxti8sKgCAQAH8oW6KXHaJvMTE1Vldapd+PDh2iTsPADJxJaIrZxAyhiITF+siQiLPYUPkD2KnDR/uw1swV/F9M2isUSJbe8pmyM8EwuA4s0qrwDpYwN0PfymmUstsvZXo34g==?cssminify=yes HTTP/1.1 
Host: s0.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://theconjuring3englishsub.wordpress.com
Connection: keep-alive
Referer: https://theconjuring3englishsub.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         192.0.77.32
HTTP/2 200 OK
content-type: text/css;charset=utf-8
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:38 GMT
vary: Accept-Encoding
last-modified: Mon, 30 May 2022 08:04:56 GMT
etag: W/"62947aa8-700a"
content-encoding: br
expires: Tue, 30 May 2023 08:05:02 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (28682), with no line terminators
Size:   10697
Md5:    e4eb5bc6201e307b85fd255d2bd9ec0a
Sha1:   9b0a11185841559197615b49535223ae25c7b7a7
Sha256: 31dc8be4e2600606a47516c9b053e9b6289783cef9ef0dd4316b45536795178f
                                        
                                            GET /g.gif?blog=193996195&v=wpcom&tz=3&user_id=0&post=529&subd=theconjuring3englishsub&host=theconjuring3englishsub.wordpress.com&ref=&rand=0.9087488712328928 HTTP/1.1 
Host: pixel.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconjuring3englishsub.wordpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.0.76.3
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:38 GMT
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 6 x 5\012- data
Size:   50
Md5:    e4d673a55c5656f19ef81563fb10884c
Sha1:   1f2d8ed221d39329251ad3a6ff1edb20b7219443
Sha256: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
                                        
                                            GET /g.gif?crypt=UE40eW5QN0p8M2Y%2FRE0%2FbU8yQkx3RTR3RmZTSndoTltKYUtEYz9mTHN3MlJ2cWh3ZmwzZGYubUxraS83bFJ8by9SUXlTXWIrWEkxPVlZYWtqaTNNcFR0b3pROFtEU0NzaVdrVTQ4Q1V2MWJVVDRCOGxZLkdhSC1man40dGFrJWV0UFdFUiZLQ1stVFhlT2p4Z1B8LTVNT3Rtb0pKNCxhRmFlaGVOOUJuJjItfi1FRzQ0b2VDakQyXXBUclpDZEdZP3VtOVk5WjZ8LHJNY3FtLTZDXW5YVy5Wc0V4LEhqeW8vQk5%2Bbi9SUkJLRjlEOGJ2VWQtY0tfJlEwLlUrb1REWDZhfH4%3D&v=wpcom-no-pv&rand=0.9367139978585984 HTTP/1.1 
Host: pixel.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconjuring3englishsub.wordpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.0.76.3
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:38 GMT
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 6 x 5\012- data
Size:   50
Md5:    e4d673a55c5656f19ef81563fb10884c
Sha1:   1f2d8ed221d39329251ad3a6ff1edb20b7219443
Sha256: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
                                        
                                            GET /wp-content/mu-plugins/highlander-comments/images/button-back.gif HTTP/1.1 
Host: s0.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.wp.com/wp-content/mu-plugins/highlander-comments/style.css?m=1662027824h&cssminify=yes
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.0.77.32
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:38 GMT
content-length: 1232
last-modified: Thu, 29 Nov 2018 13:53:37 GMT
etag: "5bffef61-4d0"
expires: Thu, 10 Nov 2022 15:10:54 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 2 x 26\012- data
Size:   1232
Md5:    41570c42d47e846f51422b154ebe8cc8
Sha1:   eed821bb5bf98caf32c563a56a1ebf145f7aca74
Sha256: 0dab369eac5fd3a06420395d02d292bc3e3ab0bf62add857c72804fd9f4edd35
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 13 Sep 2022 15:03:22 GMT
Expires: Tue, 13 Sep 2022 15:13:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: QdoO3VoEU0H4MYqPB5ilioZLMKgmNzxYSYCBO5eJ4L1qbyd-v6Cpdw==
Age: 1576


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 13 Sep 2022 15:29:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 13 Sep 2022 15:29:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 13 Sep 2022 15:29:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://theconjuring3englishsub.wordpress.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47048
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:27:54 GMT
expires: Thu, 07 Sep 2023 19:27:54 GMT
cache-control: public, max-age=31536000
age: 504104
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 47048, version 1.0\012- data
Size:   47048
Md5:    87a1556b696ae2cb1a726bd8c4584a2f
Sha1:   1be0f6f39e0cf316f9827f945eeeaef8294cc37b
Sha256: 141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
                                        
                                            GET /s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://theconjuring3englishsub.wordpress.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:39:25 GMT
expires: Thu, 07 Sep 2023 19:39:25 GMT
cache-control: public, max-age=31536000
age: 503413
last-modified: Wed, 27 Apr 2022 16:55:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 29928, version 1.0\012- data
Size:   29928
Md5:    609bea65e2bf8ee9b728a85a8f1b282c
Sha1:   a0d2fbcf012e6554fb8cb182994ec8eb744ab65d
Sha256: 1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1
                                        
                                            GET /s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://theconjuring3englishsub.wordpress.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 45300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:27:53 GMT
expires: Thu, 07 Sep 2023 19:27:53 GMT
cache-control: public, max-age=31536000
age: 504105
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 45300, version 1.0\012- data
Size:   45300
Md5:    5fe660c3a23b871807b0e1d3ee973d23
Sha1:   62a9dd423b30b6ee3ab3dd40d573545d579af10a
Sha256: e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
                                        
                                            GET /dist/css/hovercard.min.css?ver=202237z HTTP/1.1 
Host: 0.gravatar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconjuring3englishsub.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.0.73.2
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:38 GMT
last-modified: Wed, 11 Nov 2020 15:57:10 GMT
etag: W/"5fac09d6-1e86"
content-encoding: br
expires: Tue, 20 Sep 2022 15:29:38 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7814), with no line terminators
Size:   2250
Md5:    29cbf005616a6ccbcca11743034b7a10
Sha1:   4b5578ef654a7d15b00606f7abe9cb7b0f5f9cb2
Sha256: 9aa4f246c2a299ad493393eda684ae20abbf18bdb78d0dd1d4ae0279674295ec
                                        
                                            GET /avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=identicon&forcedefault=y&r=G HTTP/1.1 
Host: 1.gravatar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconjuring3englishsub.wordpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.0.73.2
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:38 GMT
content-length: 1658
last-modified: Sat, 01 Mar 2008 02:44:06 GMT
link: <https://www.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=identicon&forcedefault=y&r=G>; rel="canonical"
access-control-allow-origin: *
expires: Tue, 13 Sep 2022 15:34:38 GMT
cache-control: max-age=300
x-nc: HIT arn 3
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 25 x 25, 8-bit/color RGBA, non-interlaced\012- data
Size:   1658
Md5:    ffbb5adf99a3917e9d2396cd05e49530
Sha1:   c21a9efffb217cb87d770631edb12895a464c032
Sha256: f9425e0125b81c60d1ed89e9d1618e9ce16d19cc1661f156b9627ff10c056a8d
                                        
                                            GET /i/webclip.png HTTP/1.1 
Host: s0.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconjuring3englishsub.wordpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.0.77.32
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:38 GMT
content-length: 10046
last-modified: Thu, 29 Nov 2018 13:53:25 GMT
etag: "5bffef55-273e"
expires: Thu, 10 Nov 2022 15:10:57 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Size:   10046
Md5:    f9797465cedb90bc270112c571bbe7bb
Sha1:   67850f31ca703df3cdc5ca017cdaa139f1effd2c
Sha256: 9f6d1439ca686bcc3ad821a74d7d9583b389ad74077e3cf34d5da6f79152fffe
                                        
                                            GET /ny/api/res/1.2/u_ih7VWCZR8pqz7SVNTHMg--/YXBwaWQ9aGlnaGxhbmRlcjt3PTk2MDtoPTU0MDtjZj13ZWJw/https://s.yimg.com/uu/api/res/1.2/7CL0ha1obbVrIdKLsnNZWQ--~B/aD00NzY7dz04NDY7YXBwaWQ9eXRhY2h5b24-/https://media.zenfs.com/pt/lance__99/b1e35e30ef752b4d9859208869035e3d HTTP/1.1 
Host: s.yimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconjuring3englishsub.wordpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         188.125.94.206
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 28470
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-control: public, max-age=2592000
cache-tag: 187356186193551468607006709059746188326,376879075253813390267624920364371959899,ae7a14591aaf8d474cdb3f92111c923e
content-disposition: inline; filename="b1e35e30ef752b4d9859208869035e3d.webp"
edge-cache-tag: 187356186193551468607006709059746188326,376879075253813390267624920364371959899,ae7a14591aaf8d474cdb3f92111c923e
etag: "e50391469c712b77125b0bd83bdae8ac"
last-modified: Mon, 12 Sep 2022 18:52:53 GMT
server: ATS
status: 200 OK
timing-allow-origin: *
x-request-id: 3711c27df54433cdf4d7ef3af1dd924f
accept-ranges: bytes
date: Mon, 12 Sep 2022 18:58:14 GMT
x-served-by: cache-iad-kjyo7100055-IAD
x-cache: HIT
x-cache-hits: 1
x-timer: S1663009094.367239,VS0,VE2
age: 73884
strict-transport-security: max-age=15552000
referrer-policy: no-referrer-when-downgrade
x-frame-options: SAMEORIGIN
cld_cache: HIT
cld_hits: 1
cld_id: 3711c27df54433cdf4d7ef3af1dd924f
cld_by: cache-iad-kjyo7100055-IAD
cld_latency: 2
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 846x476, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   28470
Md5:    e50391469c712b77125b0bd83bdae8ac
Sha1:   e3b2a814a3a98187365757f16e03b8e2b5217a2c
Sha256: e4a3d2b40e6e4d0dd1236fbd1720e0953cee0759cacddf202f54c700b2f3451a
                                        
                                            GET /likes/index.html?ver=20220105 HTTP/1.1 
Host: widgets.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconjuring3englishsub.wordpress.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.0.77.32
HTTP/2 200 OK
content-type: text/html
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:38 GMT
content-length: 126
last-modified: Sat, 23 Dec 2017 00:24:47 GMT
etag: "5a3da24f-7e"
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   126
Md5:    62beca8ce9279bdc33570151e223a0dc
Sha1:   13a322b7a3523410a90afdd58832b89ce7b62902
Sha256: 6c79541d416470cf6276c0fe3e41528c51c823d125a45a1678355897fe9f3dc3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5084
Cache-Control: 'max-age=158059'
Date: Tue, 13 Sep 2022 15:29:39 GMT
Last-Modified: Tue, 13 Sep 2022 14:04:55 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 13 Sep 2022 15:29:39 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 13 Sep 2022 13:18:34 GMT
Expires: Tue, 20 Sep 2022 13:18:33 GMT
Etag: "1ec7fc3da2bfa4605bac65d62d740dbb435ca224"
Cache-Control: max-age=596333,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a1eb6b0ab5b4e8-OSL

                                        
                                            GET /conf?pp.pt=1&pp.ht=0&pp.tn=hever&pp.amp=false&pp.siteid=8982&pp.blogid=193996195&pp.consent=0&pp.uloggedin=0&pp.flag=2&rid=6844104460108&ref=https%3A%2F%2Ftheconjuring3englishsub.wordpress.com%2F2022%2F09%2F13%2Fliverpool-goalkeeper-loris-karius-has-been-announced-as-a-new-signing-for-newcastle-united%2F&vp=1280x939&cb=callback__l80cnot4_1 HTTP/1.1 
Host: s.pubmine.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconjuring3englishsub.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         176.34.151.72
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Server: nginx
Date: Tue, 13 Sep 2022 15:29:39 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wLxaIrGsU6J8IjPiivbpCQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.41.252.32
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UB4FLJHjXHCjVIQVfiK375dQuf8=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7303
Expires: Tue, 13 Sep 2022 17:31:23 GMT
Date: Tue, 13 Sep 2022 15:29:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7303
Expires: Tue, 13 Sep 2022 17:31:23 GMT
Date: Tue, 13 Sep 2022 15:29:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7303
Expires: Tue, 13 Sep 2022 17:31:23 GMT
Date: Tue, 13 Sep 2022 15:29:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7303
Expires: Tue, 13 Sep 2022 17:31:23 GMT
Date: Tue, 13 Sep 2022 15:29:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7303
Expires: Tue, 13 Sep 2022 17:31:23 GMT
Date: Tue, 13 Sep 2022 15:29:40 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10849
x-amzn-requestid: 722d8d75-0911-4b59-af65-2b408bc09d80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXbx6E9-oAMFT8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa672-74ea9343619d4a1865e34818;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:36:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4rpwcrZLDlgcwBtH7wpoHMOb8hhFbKbZSQpjWqUqbt_Sl4ud3dm9Vg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:42:18 GMT
age: 64042
etag: "2ab2ee20e720b78be6deb55f967ac0d8b7dad048"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10849
Md5:    838f709437b2dfbede4ee15307afe217
Sha1:   2ab2ee20e720b78be6deb55f967ac0d8b7dad048
Sha256: a3b47ce595b475f2aab6f7378888d15ba3e98453d6c8a3d88946efc5d65eedba
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9945
x-amzn-requestid: a347749f-a63a-4533-a274-7151b9f235ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXcX8HAKoAMF5EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa765-56cff18515b2a5b3397231df;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:40:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lZ3FmD1gM8YBgZNt97kuYSol1kj0GQqRjyLT_7715VtH9GR1WpMDxA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:42:20 GMT
age: 64040
etag: "744fee4a0baa22ba3aa352d60620a916972b47dd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9945
Md5:    c9ab2ec10c79b91d15edb1d1e3dc763c
Sha1:   744fee4a0baa22ba3aa352d60620a916972b47dd
Sha256: f7bb66f5bb572d73f936fc74823f51ede1f2c4e309a939b39d9529ff8f757fbe
                                        
                                            GET /wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1610363240h HTTP/1.1 
Host: s0.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://theconjuring3englishsub.wordpress.com
Connection: keep-alive
Referer: https://theconjuring3englishsub.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.0.77.32
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:38 GMT
vary: Accept-Encoding
etag: W/"5ffc31a9-465"
content-encoding: br
expires: Wed, 23 Nov 2022 13:57:43 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (365)
Size:   8195
Md5:    b6cc61ff512503badafc6b01fcf0a89a
Sha1:   0f7342835a1487339a75dcdd52b0072620b4970b
Sha256: c638eaeb2ab6388073d150a74502a8d7b33b800128c1743829b84dadebd542f6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8764
x-amzn-requestid: 48f44e2c-3d91-46cf-8701-3c5028e0a86d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE-gLG4_oAMFn-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63184467-46abfc77601bd90f39a2c840;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:12:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tE5GZDktiELwfFRC_IEAqoat6cN7vb_TA17d-zRO6saTLEGRqB94Pw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 22:01:47 GMT
age: 62873
etag: "28d47359e70789115b2954b6c94711bb783b3c8c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8764
Md5:    9d97e56f75165efcc71ae54952ded405
Sha1:   28d47359e70789115b2954b6c94711bb783b3c8c
Sha256: 564eac2ae99724e5f43aa1ae0afe4dec03697f888f51774e70e1b9c273c2d9d6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9466
x-amzn-requestid: ba3f7eac-61c9-4b5f-ae8a-b372906a25ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOTeoHMKoAMFr5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bff90-1e70e2c444242a2d46387986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:08:00 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: -SwaUjMInlOaGpH6yK1W1a57QCQMgY-l43RdUfKVtZA1zJzMrLzC6g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 04:49:30 GMT
age: 38410
etag: "05ec2076b32398d60ee77fab8c14345bc7dfe647"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9466
Md5:    6174529fff57758e958da5432344962f
Sha1:   05ec2076b32398d60ee77fab8c14345bc7dfe647
Sha256: 65284a76355864efa944dff5033575013c6d74a019a7b731e0236603f2f656a7
                                        
                                            GET /2022/09/13/liverpool-goalkeeper-loris-karius-has-been-announced-as-a-new-signing-for-newcastle-united/?relatedposts=1 HTTP/1.1 
Host: theconjuring3englishsub.wordpress.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-requested-with: XMLHttpRequest
Connection: keep-alive
Referer: https://theconjuring3englishsub.wordpress.com/2022/09/13/liverpool-goalkeeper-loris-karius-has-been-announced-as-a-new-signing-for-newcastle-united/
Cookie: __utma=11735858.960179978.1654051761.1654283748.1654515678.4; __utmz=11735858.1654051761.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); _pubcid=a88f885c-7f87-4c85-9c1b-8257bb586379
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.0.78.12
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:38 GMT
vary: Accept-Encoding
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
host-header: WordPress.com
x-pingback: https://theconjuring3englishsub.wordpress.com/xmlrpc.php
x-content-type-options: nosniff
content-encoding: br
x-ac: 1.arn _dca
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (3304), with no line terminators
Size:   11207
Md5:    6c648795f237890683dcd401e3f51ceb
Sha1:   6037a88ef670925c6a7b622e0f2b27c234c9703e
Sha256: 66d4e591b3924682cdbba864077a3d5398b413554978f9578f9973daa429a8ae
                                        
                                            GET /wp-content/themes/pub/hever/style.css?m=1660026644h&cssminify=yes HTTP/1.1 
Host: s0.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://theconjuring3englishsub.wordpress.com
Connection: keep-alive
Referer: https://theconjuring3englishsub.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         192.0.77.32
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:38 GMT
vary: Accept-Encoding
etag: W/"62f20094-1d834"
content-encoding: br
expires: Wed, 09 Aug 2023 06:37:15 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /dist/css/services.min.css?ver=202237z HTTP/1.1 
Host: 0.gravatar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconjuring3englishsub.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.0.73.2
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:38 GMT
last-modified: Thu, 22 Mar 2018 09:46:04 GMT
etag: W/"5ab37b5c-a54"
content-encoding: br
expires: Tue, 20 Sep 2022 15:29:38 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /w.js?63 HTTP/1.1 
Host: stats.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconjuring3englishsub.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.0.76.3
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:38 GMT
vary: Accept-Encoding
etag: W/"61376814-2a40"
content-encoding: br
expires: Thu, 10 Nov 2022 15:20:41 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /i/favicon.ico HTTP/1.1 
Host: s0.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconjuring3englishsub.wordpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.0.77.32
HTTP/2 200 OK
content-type: image/x-icon
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:38 GMT
last-modified: Thu, 29 Nov 2018 13:53:22 GMT
vary: Accept-Encoding
etag: W/"5bffef52-1536"
expires: Thu, 10 Nov 2022 15:10:56 GMT
cache-control: max-age=31536000
content-encoding: br
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/mu-plugins/actionbar/actionbar.css?v=20210915 HTTP/1.1 
Host: s0.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconjuring3englishsub.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.0.77.32
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:39 GMT
vary: Accept-Encoding
etag: W/"61439ab3-4620"
content-encoding: br
expires: Thu, 10 Nov 2022 15:10:53 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /2022/09/13/liverpool-goalkeeper-loris-karius-has-been-announced-as-a-new-signing-for-newcastle-united/ HTTP/1.1 
Host: theconjuring3englishsub.wordpress.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __utma=11735858.960179978.1654051761.1654283748.1654515678.4; __utmz=11735858.1654051761.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); _pubcid=a88f885c-7f87-4c85-9c1b-8257bb586379
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         192.0.78.12
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:38 GMT
vary: Accept-Encoding, Cookie
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
host-header: WordPress.com
x-pingback: https://theconjuring3englishsub.wordpress.com/xmlrpc.php
link: <https://wp.me/pd7ZgT-8x>; rel=shortlink
content-encoding: br
x-ac: 1.arn _dca
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /_static/??/wp-content/mu-plugins/comment-likes/css/comment-likes.css,/i/noticons/noticons.css?m=1436783281j&cssminify=yes HTTP/1.1 
Host: s0.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://theconjuring3englishsub.wordpress.com
Connection: keep-alive
Referer: https://theconjuring3englishsub.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         192.0.77.32
HTTP/2 200 OK
content-type: text/css;charset=utf-8
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:38 GMT
vary: Accept-Encoding
last-modified: Tue, 04 Dec 2018 12:10:16 GMT
etag: W/"5c066ea8-9278"
content-encoding: br
expires: Thu, 10 Nov 2022 15:10:55 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-admin/rest-proxy/ HTTP/1.1 
Host: public-api.wordpress.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgets.wp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         192.0.78.23
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:38 GMT
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
set-cookie: wp_api=%20; expires=Mon, 13-Sep-2021 15:29:38 GMT; Max-Age=0; path=/wp-admin/rest-proxy/; domain=public-api.wordpress.com; secure; SameSite=None wp_api_sec=%20; expires=Mon, 13-Sep-2021 15:29:38 GMT; Max-Age=0; path=/; domain=public-api.wordpress.com; secure; HttpOnly; SameSite=None
content-encoding: br
x-ac: 2.arn _dca
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /wp-admin/admin-ajax.php HTTP/1.1 
Host: theconjuring3englishsub.wordpress.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://theconjuring3englishsub.wordpress.com/2022/09/13/liverpool-goalkeeper-loris-karius-has-been-announced-as-a-new-signing-for-newcastle-united/
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Origin: https://theconjuring3englishsub.wordpress.com
Content-Length: 44
Connection: keep-alive
Cookie: __utma=11735858.960179978.1654051761.1654283748.1654515678.4; __utmz=11735858.1654051761.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); _pubcid=a88f885c-7f87-4c85-9c1b-8257bb586379; ccpa_applies=false; usprivacy=1---
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.0.78.12
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:39 GMT
vary: Accept-Encoding
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
host-header: WordPress.com
access-control-allow-origin: https://theconjuring3englishsub.wordpress.com
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
content-encoding: br
x-ac: 1.arn _dca
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?m=1652185836h&ver=6.0.2 HTTP/1.1 
Host: s0.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconjuring3englishsub.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.0.77.32
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:38 GMT
vary: Accept-Encoding
etag: W/"627a5af9-48b9"
content-encoding: br
expires: Thu, 31 Aug 2023 12:49:08 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /_static/??/wp-content/js/textarea-autosize.min.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1662027824j HTTP/1.1 
Host: s0.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://theconjuring3englishsub.wordpress.com
Connection: keep-alive
Referer: https://theconjuring3englishsub.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.0.77.32
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:38 GMT
vary: Accept-Encoding
last-modified: Thu, 01 Sep 2022 10:24:15 GMT
etag: W/"6310884f-a44e"
content-encoding: br
expires: Fri, 01 Sep 2023 10:24:27 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /_static/??-eJytUstOwzAQ/CE2bqrSckF8ix8r43YdW7t2q/w9ToCStlA4cLE03pnR7EOdMtg0FByKihUyVR8GUadsUwSJgXC8Qp0VeVALmaHkz8Ko+YAlDB6MZtWolz/3xafETjtRnpLRdMNd5GMkXdBBTlKu0D0ZhQOK2mPJ2h5gRjf0T66vDRpk3yqM6thvulW3VqYGclPs2cCw5lFJGQn/w6i8YvwyCoOl6qbAbYrogkZq5amjBcikR2Qg9NqOXQzD7/JWW+IL0c/h56SL4ekx1QKeg/tz/1cWrKezkF/kNn3I1l3/1PUgIWZCYDy2Ibog5cyA740W+58W0P5j1rdTuCN7v39jMqMItDeGGmFe1nw/L/G5327Xq83mcbfbvwGm/D6j?cssminify=yes HTTP/1.1 
Host: s0.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://theconjuring3englishsub.wordpress.com
Connection: keep-alive
Referer: https://theconjuring3englishsub.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         192.0.77.32
HTTP/2 200 OK
content-type: text/css;charset=utf-8
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:38 GMT
vary: Accept-Encoding
last-modified: Thu, 01 Sep 2022 15:03:18 GMT
etag: W/"6310c9b6-42d18"
content-encoding: br
expires: Fri, 01 Sep 2023 15:16:24 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /likes/master.html?ver=20220105 HTTP/1.1 
Host: widgets.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconjuring3englishsub.wordpress.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.0.77.32
HTTP/2 200 OK
content-type: text/html
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:38 GMT
last-modified: Wed, 05 Jan 2022 13:04:34 GMT
vary: Accept-Encoding
etag: W/"61d59762-ae1"
content-encoding: br
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/js/rlt-proxy.js?m=20211122 HTTP/1.1 
Host: s0.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgets.wp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         192.0.77.32
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:38 GMT
vary: Accept-Encoding
etag: W/"619d635a-1c9d"
content-encoding: br
expires: Wed, 23 Nov 2022 21:55:44 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /_static/??/wp-content/js/postmessage.js,/wp-content/js/tannin/compat.min.js,/wp-content/js/wpcom-proxy-request.js,/wp-content/js/likes-rest-nojquery.js?m=20220105 HTTP/1.1 
Host: s0.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgets.wp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         192.0.77.32
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:38 GMT
vary: Accept-Encoding
last-modified: Wed, 05 Jan 2022 12:39:57 GMT
etag: W/"61d5919d-142fa"
content-encoding: br
expires: Thu, 05 Jan 2023 13:04:48 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /_static/??-eJx9j11OxDAMhC9EYroFRB8QR0FuY1q3+cNJCnt7AhXLUqQ+2ZrMN57Ae1RD8Jl8hjmBoZUHih96Tjdw9eSKiraM7BNYXijBW6FCE3pjSQ7MQ3CuSmqD5p2wB3+p3oZhSXDSzaNuVGIXLSmhVZ/AcMpb0maqUeOU+3DpzH6wxfw9JxTtWTv2+5N5IletsfSwojB+QVHYoZyVx5VHzBz+UVc/RFNTVY8CDlMmqZvKgrXYEbRwcpRVq2/hpfa9CK/ybTYHbAyp+iyyQJpqZT/+zAo9u6fm4b5r2667a+dPL86wYw== HTTP/1.1 
Host: s0.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://theconjuring3englishsub.wordpress.com
Connection: keep-alive
Referer: https://theconjuring3englishsub.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.0.77.32
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:38 GMT
vary: Accept-Encoding
last-modified: Mon, 01 Aug 2022 07:45:57 GMT
etag: W/"62e784b5-1804a"
content-encoding: br
expires: Tue, 01 Aug 2023 07:54:57 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /_static/??/wp-content/js/mobile-useragent-info.js,/wp-content/mu-plugins/related-posts/related-posts.js,/wp-content/js/rlt-proxy.js?m=1637704497j HTTP/1.1 
Host: s0.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://theconjuring3englishsub.wordpress.com
Connection: keep-alive
Referer: https://theconjuring3englishsub.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         192.0.77.32
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:38 GMT
vary: Accept-Encoding
last-modified: Tue, 23 Nov 2021 21:55:38 GMT
etag: W/"619d635a-7343"
content-encoding: br
expires: Tue, 29 Aug 2023 05:56:38 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/gprofiles.js?ver=202237z HTTP/1.1 
Host: 0.gravatar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconjuring3englishsub.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.0.73.2
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:38 GMT
last-modified: Fri, 25 Feb 2022 16:03:16 GMT
etag: W/"6218fdc4-5df8"
content-encoding: br
expires: Tue, 20 Sep 2022 15:29:38 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /_static/??-eJx9i9EKwjAMAH/ImCmjb+K3dCV2lbQpTbqxv3fii6L4dgd3uFYIUoyKoc2USbH2CWdaqKHaxnQMqgf8nS2+JY+phFcKaw2Sv4bcoXKPqShGEmAJ3pKUD4Eb+9T+rY0mlrhjxL160+d0zZeTc8Nwdm4c7w+M8069?cssminify=yes HTTP/1.1 
Host: s0.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://theconjuring3englishsub.wordpress.com
Connection: keep-alive
Referer: https://theconjuring3englishsub.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         192.0.77.32
HTTP/2 200 OK
content-type: text/css;charset=utf-8
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:38 GMT
vary: Accept-Encoding
last-modified: Tue, 09 Aug 2022 06:37:08 GMT
etag: W/"62f20094-17d53"
content-encoding: br
expires: Wed, 09 Aug 2023 06:37:15 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /likes/style.css HTTP/1.1 
Host: widgets.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgets.wp.com/likes/index.html?ver=20220105
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.0.77.32
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:38 GMT
vary: Accept-Encoding
etag: W/"5bfee306-12d7"
content-encoding: br
expires: Thu, 10 Nov 2022 15:10:53 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /rest/v1/batch?http_envelope=1&urls[]=/me&urls[]=/sites/193996195/posts/529/likes&urls[]=/sites/193996195/posts/529/reblogs/mine HTTP/1.1 
Host: public-api.wordpress.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://public-api.wordpress.com/wp-admin/rest-proxy/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.0.78.23
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:39 GMT
vary: Accept-Encoding
host-header: WordPress.com
x-hacker: Oh, Awesome: Opossum
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: br
x-ac: 2.arn _dca
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /rest/v1/sites/193996195/posts/529/likes?http_envelope=1 HTTP/1.1 
Host: public-api.wordpress.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://public-api.wordpress.com/wp-admin/rest-proxy/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.0.78.23
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:39 GMT
vary: Accept-Encoding
host-header: WordPress.com
x-hacker: Oh, Awesome: Opossum
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: br
x-ac: 2.arn _dca
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/mu-plugins/highlander-comments/style.css?m=1662027824h&cssminify=yes HTTP/1.1 
Host: s0.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://theconjuring3englishsub.wordpress.com
Connection: keep-alive
Referer: https://theconjuring3englishsub.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.0.77.32
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:38 GMT
vary: Accept-Encoding
etag: W/"63108846-4399"
content-encoding: br
expires: Fri, 01 Sep 2023 10:24:27 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/mu-plugins/actionbar/actionbar.js?v=20220329 HTTP/1.1 
Host: s0.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconjuring3englishsub.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.0.77.32
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 13 Sep 2022 15:29:39 GMT
vary: Accept-Encoding
etag: W/"624b18ad-346d"
content-encoding: br
expires: Tue, 04 Apr 2023 16:11:33 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2


--- Additional Info ---