firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 06:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rFrKOve-TWu6VAyLx78tbGnWIz4aa-wRCpnSycopkcHazrvYYkXJTQ==
Age: 1392
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10454
Expires: Tue, 27 Sep 2022 09:32:56 GMT
Date: Tue, 27 Sep 2022 06:38:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1017811d25642601e984edc1676d118d
c177c4f7a897584bf91347fa4990c83d6bfd0321
f35bb3a8c877dd8d3c5920f3c917722f12b157aff398e2ec30fab51fa6caa2ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F35BB3A8C877DD8D3C5920F3C917722F12B157AFF398E2EC30FAB51FA6CAA2EF"
Last-Modified: Mon, 26 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2831
Expires: Tue, 27 Sep 2022 07:25:53 GMT
Date: Tue, 27 Sep 2022 06:38:42 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: HCiclDdOw+S2gAt0N+iLmMNQMb2kN13NM1f4U8FS9DtV/Jmg1tiaftpIHJcCDpuVQhnz/ezc6Zw/3CjJ860APg==
x-amz-request-id: 3XVQMWEQ9623QCJY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 27 Sep 2022 05:46:42 GMT
age: 3120
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 06:38:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 06:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 27 Sep 2022 06:52:02 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0Xc4kVyW2Qc1WcPeYx-oS5Twi0u-7Uj_NmW7ylJBk85CXONh6NOQ6A==
Age: 1676
moddroid.co/games/sports/wrestling-empire/
104.18.21.115301 Moved Permanently 156 B URL HTTP/1.1 moddroid.co/games/sports/wrestling-empire/
IP 104.18.21.115:0
File type HTML document, ASCII text, with no line terminators
Hash b53c7d0a8292e4443495e747132b6bba
c1f446489f70bdb137e79822500337561da69edb
7a1884e6ecbbfaabfc8d5cdbdef16237dcaad6c3627afd16a62cc9da6d7f2674
GET /games/sports/wrestling-empire/ HTTP/1.1
Host: moddroid.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 27 Sep 2022 06:38:42 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://moddroid.co/games/sports/wrestling-empire/
Vary: Accept, Accept-Encoding
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75123ce8c97e0b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5995
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 06:38:43 GMT
Last-Modified: Tue, 27 Sep 2022 04:58:48 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
moddroid.co/games/sports/wrestling-empire/
104.18.20.115200 OK 21 kB URL HTTP/2 moddroid.co/games/sports/wrestling-empire/
IP 104.18.20.115:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2100)
Hash 4354be9377f66568d93ada7ed0178453
98293f818c119809260e48d6cc7c4b159c40cc84
83a6079f02d22ff452f0e4a2874fddc4343ee1b9543ea0fd2c5a04dba84ee6e1
GET /games/sports/wrestling-empire/ HTTP/1.1
Host: moddroid.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 27 Sep 2022 06:38:43 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75123cee3b05b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.36.24.174101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.36.24.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YZbhPVt6roSTvkadXjcWjg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: E4TkeblHK9Q4W/icXvL8qVJdBcU=
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3fc6a654359f961eeae5fc423d34b410
9064e67a5bced18c0f3e1cb8acde4cc560155102
1b6654e57535f7186d3796018415591fe3c7cdf4902f637fe5af6d19dea24c23
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4742
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 06:38:43 GMT
Last-Modified: Tue, 27 Sep 2022 05:19:41 GMT
Server: ECS (amb/6B7A)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3fc6a654359f961eeae5fc423d34b410
9064e67a5bced18c0f3e1cb8acde4cc560155102
1b6654e57535f7186d3796018415591fe3c7cdf4902f637fe5af6d19dea24c23
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4742
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 06:38:43 GMT
Last-Modified: Tue, 27 Sep 2022 05:19:41 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3fc6a654359f961eeae5fc423d34b410
9064e67a5bced18c0f3e1cb8acde4cc560155102
1b6654e57535f7186d3796018415591fe3c7cdf4902f637fe5af6d19dea24c23
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4742
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 06:38:43 GMT
Last-Modified: Tue, 27 Sep 2022 05:19:41 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3fc6a654359f961eeae5fc423d34b410
9064e67a5bced18c0f3e1cb8acde4cc560155102
1b6654e57535f7186d3796018415591fe3c7cdf4902f637fe5af6d19dea24c23
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4742
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 06:38:43 GMT
Last-Modified: Tue, 27 Sep 2022 05:19:41 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 02e7ca77cdf670eac28f74ecdd889c00
e349d3adcb563c715d8b45e19cffb6d2cbe66400
e99283e65124fed5961a75308b5be1c18fe2919e2563e8d4ebef74ed16e6a462
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E99283E65124FED5961A75308B5BE1C18FE2919E2563E8D4EBEF74ED16E6A462"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16096
Expires: Tue, 27 Sep 2022 11:06:59 GMT
Date: Tue, 27 Sep 2022 06:38:43 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 06:38:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9c9c2e528c8e94f09f41adc4d8c5c769
a7d692fb660288f8d7c72e09a0fe8801ed134263
8dbf72b04c83bf19c7d86406145dd7efa12509eea08d4b67ae6f4858e97f0ad6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8DBF72B04C83BF19C7D86406145DD7EFA12509EEA08D4B67AE6F4858E97F0AD6"
Last-Modified: Mon, 26 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8000
Expires: Tue, 27 Sep 2022 08:52:03 GMT
Date: Tue, 27 Sep 2022 06:38:43 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=G-72DT1JGQ0Z
142.250.74.72200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-72DT1JGQ0Z
IP 142.250.74.72:0
File type ASCII text, with very long lines (20189)
Hash 78cba1eb5cfaa1e3674e00e9e1128de1
047f0c98909865df494de8f3117f111fd6881211
7bc2182adf85e14ba67aff3256f667111f9be0974c32b21332e8db9030ffdb94
GET /gtag/js?id=G-72DT1JGQ0Z HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moddroid.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 06:38:43 GMT
expires: Tue, 27 Sep 2022 06:38:43 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76268
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 06:38:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 30d2a12e9e13f54bca1e1d5db0a76ec4
99c9566ef278e1cbb989075673cbe39dae06b751
7fb088226cf226ae758a50382c5406ebb97190ddc3634df70331df45188db8b7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7FB088226CF226AE758A50382C5406EBB97190DDC3634DF70331DF45188DB8B7"
Last-Modified: Mon, 26 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10669
Expires: Tue, 27 Sep 2022 09:36:32 GMT
Date: Tue, 27 Sep 2022 06:38:43 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 10 kB IP 93.184.220.29:0
Hash b7ac24baf990be239155fddff682ec0f
971adc41df2ed7b5b0f22d646723b26939f1c9b2
6b199878d132acef5bea6a9ed1c499fbd5df460f997069a32d279f1f255f4355
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 06:38:43 GMT
Server: ECS (amb/6B88)
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 138b9a34ec51f76a29cf479e0d6ff4dc
88495dc0145120548f4d53034967449d2bf75271
73e457c1cec0108506f945e649a29dffc1896ce94606349063fc81210dc21983
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "73E457C1CEC0108506F945E649A29DFFC1896CE94606349063FC81210DC21983"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18908
Expires: Tue, 27 Sep 2022 11:53:51 GMT
Date: Tue, 27 Sep 2022 06:38:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d3d61368334713b37fa228bd0c1130e7
757d3132b7c5c5adc9967cb9776a510c753724ae
5b2fb08e99846728464603d39f7d719b21be1415d8251550b0a865fd312b5346
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5B2FB08E99846728464603D39F7D719B21BE1415D8251550B0A865FD312B5346"
Last-Modified: Mon, 26 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4356
Expires: Tue, 27 Sep 2022 07:51:19 GMT
Date: Tue, 27 Sep 2022 06:38:43 GMT
Connection: keep-alive
ej.showishsinus.com/r9H1cTBGF0vL/51749
172.255.6.140200 OK 25 B URL HTTP/1.1 ej.showishsinus.com/r9H1cTBGF0vL/51749
IP 172.255.6.140:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /r9H1cTBGF0vL/51749 HTTP/1.1
Host: ej.showishsinus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moddroid.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 06:38:43 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://moddroid.co
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Wed, 28-Sep-2022 06:38:43 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Wed, 28-Sep-2022 06:38:43 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
hb.towerycacara.com/taHBeGeWGMfxFL/51740
172.255.6.150200 OK 25 B URL HTTP/1.1 hb.towerycacara.com/taHBeGeWGMfxFL/51740
IP 172.255.6.150:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /taHBeGeWGMfxFL/51740 HTTP/1.1
Host: hb.towerycacara.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moddroid.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 06:38:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://moddroid.co
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Wed, 28-Sep-2022 06:38:43 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Wed, 28-Sep-2022 06:38:43 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
propu.sh/zone?pub=0&zone_id=5234444&is_mobile=false&domain=moddroid.co&var=&ymid=&var_3=
139.45.197.250200 OK 705 B URL HTTP/2 propu.sh/zone?pub=0&zone_id=5234444&is_mobile=false&domain=moddroid.co&var=&ymid=&var_3=
IP 139.45.197.250:0
File type JSON data\012- , ASCII text, with very long lines (704)
Hash 5366b3c8099dea174fe272a945817bd2
f020790b96b48d2a5fbc9e344a3fb5b4a4caa486
2208e4571f9dffa8707e97a95bbc1cc322aa8c463da1991647d502285eb6d704
GET /zone?pub=0&zone_id=5234444&is_mobile=false&domain=moddroid.co&var=&ymid=&var_3= HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://moddroid.co/
Origin: https://moddroid.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 06:38:43 GMT
content-type: application/json; charset=utf-8
content-length: 705
x-trace-id: a2c281985ea583f103bbd2e00b0c7651
access-control-allow-origin: https://moddroid.co
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
propu.sh/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
OPTIONS /custom HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://moddroid.co/
Origin: https://moddroid.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 06:38:44 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://moddroid.co
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
propu.sh/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Phishing
POST /custom HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://moddroid.co/
Content-Type: application/json
Origin: https://moddroid.co
Content-Length: 389
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 06:38:44 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 8a598aa83e0a0f3831539fb85ee6f909
access-control-allow-origin: https://moddroid.co
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 0869109d63ef5270595fb34384023a90
f2ec69fdaca2a0327cd3599ac05d0051df3dee41
c4a67afda7094519228049f837e2e0c1674148bd2e564ae2dccc3458bbdb9ed4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 06:38:44 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 06:25:19 GMT
Expires: Mon, 03 Oct 2022 06:25:18 GMT
Etag: "f2ec69fdaca2a0327cd3599ac05d0051df3dee41"
Cache-Control: max-age=516993,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75123cf5ff1e0af6-OSL
propu.sh/ntfc.php?p=5234444
139.45.197.250200 OK 6.0 kB URL HTTP/2 propu.sh/ntfc.php?p=5234444
IP 139.45.197.250:0
Hash 381b3cc0c569902170e57c0e4245e023
cc2758f057da20baa3ff47b9cac69aeda5bdb70c
1a1c58b7162a1eb392082a311e931bc80e4919ed40754b4bc75658f033f52ce4
GET /ntfc.php?p=5234444 HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moddroid.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 06:38:43 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 07:25:49 GMT
etag: W/"63296afd-38a8"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-72DT1JGQ0Z>m=2oe9l0&_p=1652481206&cid=624215730.1664260722&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664260721&sct=1&seg=0&dl=https%3A%2F%2Fmoddroid.co%2Fgames%2Fsports%2Fwrestling-empire%2F&dt=Wrestling%20Empire%20v1.5.0%20MOD%20APK%20(1.5.0%20%2F%20Mod%3A%20Unlocked%2C%20no%20ads)%20Download&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-72DT1JGQ0Z>m=2oe9l0&_p=1652481206&cid=624215730.1664260722&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664260721&sct=1&seg=0&dl=https%3A%2F%2Fmoddroid.co%2Fgames%2Fsports%2Fwrestling-empire%2F&dt=Wrestling%20Empire%20v1.5.0%20MOD%20APK%20(1.5.0%20%2F%20Mod%3A%20Unlocked%2C%20no%20ads)%20Download&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-72DT1JGQ0Z>m=2oe9l0&_p=1652481206&cid=624215730.1664260722&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664260721&sct=1&seg=0&dl=https%3A%2F%2Fmoddroid.co%2Fgames%2Fsports%2Fwrestling-empire%2F&dt=Wrestling%20Empire%20v1.5.0%20MOD%20APK%20(1.5.0%20%2F%20Mod%3A%20Unlocked%2C%20no%20ads)%20Download&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://moddroid.co
Connection: keep-alive
Referer: https://moddroid.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://moddroid.co
date: Tue, 27 Sep 2022 06:38:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3fc6a654359f961eeae5fc423d34b410
9064e67a5bced18c0f3e1cb8acde4cc560155102
1b6654e57535f7186d3796018415591fe3c7cdf4902f637fe5af6d19dea24c23
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4743
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 06:38:44 GMT
Last-Modified: Tue, 27 Sep 2022 05:19:41 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
cdn.ezjojoy.com/packages/com.MDickie.WrestlingEmpire/icon_cef3e6.png
104.18.16.131200 OK 45 kB URL HTTP/2 cdn.ezjojoy.com/packages/com.MDickie.WrestlingEmpire/icon_cef3e6.png
IP 104.18.16.131:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5fc6d7f667e017af123f34f91b44d656
631e8783379f27b5b7ab6faef73e888bb01a5841
1ae1352b6ca1e7512ee66b73d8be3c35c3a1f1b0ab27e5c80083aba82c870f33
GET /packages/com.MDickie.WrestlingEmpire/icon_cef3e6.png HTTP/1.1
Host: cdn.ezjojoy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moddroid.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 06:38:44 GMT
content-type: image/webp
content-length: 44864
access-control-allow-origin: *
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=55449
content-disposition: inline; filename="icon_cef3e6.webp"
etag: "61e006da-d899"
last-modified: Thu, 13 Jan 2022 11:02:50 GMT
vary: Accept
x-77-cache: MISS
x-77-nzt: AcO1rgWM/yCh
x-77-nzt-ray: GBwb3G6kGgg
x-77-pop: frankfurtDE
x-cache: MISS
cf-cache-status: HIT
expires: Tue, 27 Sep 2022 10:38:44 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 75123cf20e7bb506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 008bb0f15929580c49beb48408615d01
a28e34ab71eea646efaf0a505a3bd07671bd6012
f612ef9519f2b8baad9918a77a873fb28c691518df1504fb32a47af79b8f7e18
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 06:38:44 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 00:52:20 GMT
Expires: Mon, 03 Oct 2022 00:52:19 GMT
Etag: "a28e34ab71eea646efaf0a505a3bd07671bd6012"
Cache-Control: max-age=497014,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75123cf62961b511-OSL
goomaphy.com/500/5331011?excludes=&oaid=7dfbdd87547e49348c98956ccd0b92e9&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fmoddroid.co%2Fgames%2Fsports%2Fwrestling-empire%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 0 B URL HTTP/2 goomaphy.com/500/5331011?excludes=&oaid=7dfbdd87547e49348c98956ccd0b92e9&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fmoddroid.co%2Fgames%2Fsports%2Fwrestling-empire%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5331011?excludes=&oaid=7dfbdd87547e49348c98956ccd0b92e9&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fmoddroid.co%2Fgames%2Fsports%2Fwrestling-empire%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://moddroid.co/
Origin: https://moddroid.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 06:38:44 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://moddroid.co
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn.ezjojoy.com/moddroid-uploads/2021/08/wrestling-empire-5.jpg
104.18.16.131200 OK 73 kB URL HTTP/2 cdn.ezjojoy.com/moddroid-uploads/2021/08/wrestling-empire-5.jpg
IP 104.18.16.131:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1000x562, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6ec1cf65dae53be22b3f175f84f6933b
3defffacd02f91d93388e9597d360fc23405ee00
fb835c67475b87f8c9a1db93862e9925a493a8c3aec14c5c4e1205e4a278fc8f
GET /moddroid-uploads/2021/08/wrestling-empire-5.jpg HTTP/1.1
Host: cdn.ezjojoy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moddroid.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 06:38:44 GMT
content-type: image/webp
content-length: 73046
access-control-allow-origin: *
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=126361
content-disposition: inline; filename="wrestling-empire-5.webp"
etag: "617a022c-1ed99"
last-modified: Thu, 28 Oct 2021 01:51:40 GMT
vary: Accept
x-77-cache: MISS
x-77-nzt: AcO1ry/Gmz2h
x-77-nzt-ray: HnV96xcsis8
x-77-pop: frankfurtDE
x-cache: MISS
cf-cache-status: HIT
expires: Tue, 27 Sep 2022 10:38:44 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 75123cf1ee3db506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5640
Expires: Tue, 27 Sep 2022 08:12:44 GMT
Date: Tue, 27 Sep 2022 06:38:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5640
Expires: Tue, 27 Sep 2022 08:12:44 GMT
Date: Tue, 27 Sep 2022 06:38:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5640
Expires: Tue, 27 Sep 2022 08:12:44 GMT
Date: Tue, 27 Sep 2022 06:38:44 GMT
Connection: keep-alive
ocsp.trust-provider.cn/
47.246.44.205200 OK 283 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash c9128e61a2414b76f0744a61d6611a5b
5d2d0c71e4577b64327d35f56fee9f7781c54383
d33005a8d95bafe2200809ca53995cf12e1d432b2b7ef6b6fce59e7b6e3cf40f
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Tue, 27 Sep 2022 06:38:44 GMT
last-modified: Sun, 25 Sep 2022 21:55:03 GMT
expires: Sun, 02 Oct 2022 21:55:02 GMT
etag: "5d2d0c71e4577b64327d35f56fee9f7781c54383"
cache-control: max-age=598321,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb2
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 1631
accept-ranges: bytes
cf-ray: 75123cf879d89bfe-FRA
via: cache12.l2de2[12,0], cache1.se1[33,0], cache7.se1[35,0]
timing-allow-origin: *, *
eagleid: 2ff62c9b16642607245153963e, 2ff62c9b16642607245153963e
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe94c315c-bcc5-4538-9c7b-7c0a9f2dccbc.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe94c315c-bcc5-4538-9c7b-7c0a9f2dccbc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2267eb0a20554688393db616344441ee
49546314082f2e4f4c4c2686cc0ca281ae6bae47
4e37955fb99beb25ceb9deb7c4398914af4192c2e3614e5d68cdafa8c85b256e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe94c315c-bcc5-4538-9c7b-7c0a9f2dccbc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7146
x-amzn-requestid: 0470759c-7b3e-4e73-a4fa-15f9f3919834
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZASNOGKzIAMFfaw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ffd87-7856f7180fa1045a6092b335;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 07:04:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Kxa2h6hEjuAgCj3z9G2K1FzuWUMA3c5-9LM8KpjqmdP9Zm8RPoSxGg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 07:31:34 GMT
age: 83230
etag: "49546314082f2e4f4c4c2686cc0ca281ae6bae47"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.trust-provider.cn/
47.246.44.205200 OK 283 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash c9128e61a2414b76f0744a61d6611a5b
5d2d0c71e4577b64327d35f56fee9f7781c54383
d33005a8d95bafe2200809ca53995cf12e1d432b2b7ef6b6fce59e7b6e3cf40f
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Tue, 27 Sep 2022 06:38:44 GMT
last-modified: Sun, 25 Sep 2022 21:55:03 GMT
expires: Sun, 02 Oct 2022 21:55:02 GMT
etag: "5d2d0c71e4577b64327d35f56fee9f7781c54383"
cache-control: max-age=593040,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb5
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
accept-ranges: bytes
cf-ray: 75123cf8782f8ff2-FRA
via: cache4.l2de2[29,0], cache1.se1[51,0], cache4.se1[54,0]
timing-allow-origin: *, *
eagleid: 2ff62c9816642607245181260e, 2ff62c9816642607245181260e
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe39ddaa9-a775-40b9-af3a-870507ff4d52.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe39ddaa9-a775-40b9-af3a-870507ff4d52.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e56f576ce4c320252cd028a38a1e4bde
8fbe2856a3e05ae7c45f4e35944d2835d47e4284
dc5783e5d50e89d2b9c72dea55751a64157dbc9ec9be85383a6df10b5ec1a602
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe39ddaa9-a775-40b9-af3a-870507ff4d52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5142
x-amzn-requestid: 5b86b092-ff60-476c-855a-d32d5f10f115
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yvz1CGInoAMF0Vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63296686-79e9a4cb75289e1b0785d4fc;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:06:46 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7k1682yCSjI5mtQhFZ8S1eSMo2qYEd7HF2T58X3cbCV2112QE46zXQ==
via: 1.1 2a44ef7b9d28e74c78ffadeedcbb887c.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:33 GMT
age: 31751
etag: "8fbe2856a3e05ae7c45f4e35944d2835d47e4284"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash deb8d1e3b6d7fbc8c8ba478269621676
84f5a4c8b38acde814bc790e5b514347718d5bb9
ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bs6HOUmHOoYKDuzBoVHhcr8d4HP4bBmwUF3EtOmwKXo7ozhfaIYEvw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:39:07 GMT
age: 32377
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 46e31aa06b8e86a9a5f9ba1cc3feca08
75df3341e30281fcbf78c7074980356fdf0be8e2
d1fd4f81b7e0f43de960f0ee024d9e87bcb395f032a4ab0360e3829d1ec8a42b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5319
x-amzn-requestid: 74191b02-ebea-48bd-8522-f05bf8080f31
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlOKFtsIAMFyGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bf4-1f2daa9d7906bf9812e10953;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:39:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Y0gjPs-l9_JD9F-LSH_i1uL2Nz0UcWCG-9PmDmRH8cN_cNAeSchJTA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:39:00 GMT
etag: "75df3341e30281fcbf78c7074980356fdf0be8e2"
content-type: image/jpeg
age: 32384
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.254200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.254:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://moddroid.co/
Content-Type: text/plain;charset=UTF-8
Origin: https://moddroid.co
Content-Length: 1537
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Tue, 27 Sep 2022 06:39:03 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://moddroid.co
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14218a43c5e5bbce546735a780c8ccce
61676358cdbb2373bc644e66f8a84fbc8cc5daf6
905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8JXEBo_L_xKuKdeoOXEJ6FO7ZVsZVQzUmQFe7fYcxaHRQNEq1HWp6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:37:50 GMT
age: 18054
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35b718e0-3d37-4447-a38f-12fa37aeae57.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35b718e0-3d37-4447-a38f-12fa37aeae57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e88b78ede0e4583585d6bb805fb39470
edff303440c5972381295b4b2602bd3f77f6702a
ce55a1ff5c71ec43884b74a08cd32ef75cb0632a91f3fe8b150f5ead499375a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35b718e0-3d37-4447-a38f-12fa37aeae57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6487
x-amzn-requestid: f292e8c1-3e79-4f59-a3aa-6863330835d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4VioHHQIAMFlmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ccfaa-65955b7d7998a0dc6eded103;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:12:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Wx3JPGA6ZeR_7v1MXPDgc2T3RQ2mm48Q9Cb9kydTN9O1OUHlXO4NxQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 23:03:14 GMT
age: 27330
etag: "edff303440c5972381295b4b2602bd3f77f6702a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.ezjojoy.com/moddroid-uploads/2021/08/wrestling-empire-6.jpg
104.18.16.131200 OK 141 kB URL HTTP/2 cdn.ezjojoy.com/moddroid-uploads/2021/08/wrestling-empire-6.jpg
IP 104.18.16.131:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1000x562, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 141 kB (141088 bytes)
Hash e2f037154eed62b8f82fd5ca3a076302
00cfea7ccbea244ecc1538dec20d9cfba62104d5
0aa10b454a9dae44c797ab41dfb8df130926dc0926acb1786a9f20c19b452238
GET /moddroid-uploads/2021/08/wrestling-empire-6.jpg HTTP/1.1
Host: cdn.ezjojoy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moddroid.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 06:38:44 GMT
content-type: image/webp
content-length: 141088
access-control-allow-origin: *
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=190286
content-disposition: inline; filename="wrestling-empire-6.webp"
etag: "617a0229-2e74e"
last-modified: Thu, 28 Oct 2021 01:51:37 GMT
vary: Accept
x-77-cache: MISS
x-77-nzt: AVm7ooeOQsah
x-77-nzt-ray: fAU4No+kim0
x-77-pop: singapore2SG
x-cache: MISS
cf-cache-status: HIT
expires: Tue, 27 Sep 2022 10:38:44 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 75123cf20e85b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.ezjojoy.com/moddroid-uploads/2021/08/wrestling-empire-2.jpg
104.18.16.131200 OK 125 kB URL HTTP/2 cdn.ezjojoy.com/moddroid-uploads/2021/08/wrestling-empire-2.jpg
IP 104.18.16.131:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1000x488, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 125 kB (124950 bytes)
Hash f274cde46d37d9f02e706c5bb38683cb
83cae4c106f8286c0c86ff817935fea92d4a5ce9
3bc393fcd9d5ae546f071880254d9edcf0a15a4de7aadfa4b27daae08307eafd
GET /moddroid-uploads/2021/08/wrestling-empire-2.jpg HTTP/1.1
Host: cdn.ezjojoy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moddroid.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 06:38:44 GMT
content-type: image/webp
content-length: 124950
access-control-allow-origin: *
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=170924
content-disposition: inline; filename="wrestling-empire-2.webp"
etag: "617a022e-29bac"
last-modified: Thu, 28 Oct 2021 01:51:42 GMT
vary: Accept
x-77-cache: MISS
x-77-nzt: AZySIRkYZ1ah
x-77-nzt-ray: tHLO1NYNAfg
x-77-pop: frankfurtDE
x-cache: MISS
cf-cache-status: HIT
expires: Tue, 27 Sep 2022 10:38:44 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 75123cf1ce1ab506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
offerimage.com/www/images/e5ec67af38820c683e04797f4de9da95.jpeg
172.67.22.216200 OK 13 kB URL HTTP/2 offerimage.com/www/images/e5ec67af38820c683e04797f4de9da95.jpeg
IP 172.67.22.216:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash e5ec67af38820c683e04797f4de9da95
1a61d992133da1715eb1d96388a298c3086481c8
1ac0d717115cff1a0217a5ae5acf95d1dbbf2050277a71a39bf3280d004159d6
GET /www/images/e5ec67af38820c683e04797f4de9da95.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moddroid.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 06:38:44 GMT
content-type: image/jpeg
content-length: 13440
cache-control: max-age=86400
cf-bgj: h2pri
etag: "63161787-3480"
expires: Wed, 28 Sep 2022 03:56:23 GMT
last-modified: Mon, 05 Sep 2022 15:36:39 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 9741
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75123cf9788a1bfe-OSL
X-Firefox-Spdy: h2
cdn.ezjojoy.com/moddroid-uploads/2021/08/wrestling-empire-3.jpg
104.18.16.131200 OK 132 kB URL HTTP/2 cdn.ezjojoy.com/moddroid-uploads/2021/08/wrestling-empire-3.jpg
IP 104.18.16.131:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1000x562, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 132 kB (132272 bytes)
Hash ed255e329b1c6e55781b92623ae1af1c
1ba64dd4fb9d4dba4f90d1fd62e8a7321904cb45
3875a3de7867c9affa08d5adacaf36f5bd84e519f5c4108b4b71095ee617fc37
GET /moddroid-uploads/2021/08/wrestling-empire-3.jpg HTTP/1.1
Host: cdn.ezjojoy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moddroid.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 06:38:44 GMT
content-type: image/webp
content-length: 132272
access-control-allow-origin: *
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=186281
content-disposition: inline; filename="wrestling-empire-3.webp"
etag: "617a022e-2d7a9"
last-modified: Thu, 28 Oct 2021 01:51:42 GMT
vary: Accept
x-77-cache: MISS
x-77-nzt: AVm7rRWfc2ah
x-77-nzt-ray: g43CYUz0kHM
x-77-pop: miamiUSFL
x-cache: MISS
cf-cache-status: HIT
expires: Tue, 27 Sep 2022 10:38:44 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 75123cf30fd0b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
etpweb.happymod.io/event/report/web
43.134.152.57200 OK 14 B URL HTTP/2 etpweb.happymod.io/event/report/web
IP 43.134.152.57:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type JSON data\012- , ASCII text, with no line terminators
Hash 886be12a79c0b1bd90e23851bce11841
233d6221d8c9f4971eb1c8a9e76d8d21b0e99bb8
d76b81313242d55a46cabc4b8da69f512aa3a94a9be70924be9a0b1bfc96f52e
POST /event/report/web HTTP/1.1
Host: etpweb.happymod.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 807
Origin: https://moddroid.co
Connection: keep-alive
Referer: https://moddroid.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 06:38:44 GMT
content-type: application/json; charset=utf-8
content-length: 14
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With, AccessKey,Timestamp
access-control-allow-methods: POST, GET
access-control-allow-origin: https://moddroid.co
access-control-expose-headers: Timestamp
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 06:38:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
216.239.38.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.38.178:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moddroid.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Tue, 27 Sep 2022 04:41:09 GMT
expires: Tue, 27 Sep 2022 06:41:09 GMT
cache-control: public, max-age=7200
age: 7055
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 06:38:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
securepubads.g.doubleclick.net/tag/js/gpt.js
216.58.207.194200 OK 28 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP 216.58.207.194:0
File type ASCII text, with very long lines (45162)
Hash f8a9a6d355bba691791794637caee0a6
d24b0924dea821a81451ecb919e256dc9a4683ec
39664fe7635dcaf38bef3654ac5a2a5331c3881920361900d5a1f381d226aabe
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moddroid.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27766
date: Tue, 27 Sep 2022 06:38:44 GMT
expires: Tue, 27 Sep 2022 06:38:44 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1346 / 702 of 1000 / last-modified: 1664230064"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/pagead/ppub_config?ippd=moddroid.co%2Fgames%2Fsports%2Fwrestling-empire%2F
216.58.207.194200 OK 139 B URL HTTP/2 securepubads.g.doubleclick.net/pagead/ppub_config?ippd=moddroid.co%2Fgames%2Fsports%2Fwrestling-empire%2F
IP 216.58.207.194:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 84e4319587764059ae6419b2b60cd3b7
41c040912be0b19fc6b78208d3a44f45f3facc77
b085cf769620a0f6500129c379dd2d65f3e72d9990d82eae2ab8c9ed5cd745c1
GET /pagead/ppub_config?ippd=moddroid.co%2Fgames%2Fsports%2Fwrestling-empire%2F HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://moddroid.co/
Origin: https://moddroid.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
date: Tue, 27 Sep 2022 06:38:44 GMT
expires: Tue, 27 Sep 2022 06:38:44 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 139
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 27-Sep-2022 06:53:44 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 14496301d001b99fbec366ac958cea86
3600fe35291927dcde69002db6994e09ea53e71d
058467cd214b8e4eb143c1305cf06dd98e34a0f8285a7ce8e0ac67d845e3496b
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 06:38:45 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Sat, 01 Oct 2022 03:55:04 GMT
ETag: "3600fe35291927dcde69002db6994e09ea53e71d"
Last-Modified: Tue, 27 Sep 2022 03:55:05 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2144
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75123cfb3efdb50f-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 06:38:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/metrika/tag.js
87.250.251.119200 OK 72 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.251.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (593)
Hash 7a68c8644032413981e4ba5bc0d66c4a
2d46ca8055e8577ae7138140e34a6e633434973c
e0573e9a9cbfc3f00a921fa64c50270f5941a1ebb253ab70af2cc0dac45cb0d5
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moddroid.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 72341
date: Tue, 27 Sep 2022 06:38:45 GMT
access-control-allow-origin: *
etag: "632d6d03-11a95"
expires: Tue, 27 Sep 2022 07:38:45 GMT
last-modified: Fri, 23 Sep 2022 11:23:31 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 19 kB IP 142.250.74.3:0
Hash 454052534b479e2ee579ab82a1dae260
b84dcb871d5e19c320bbb78b063c53d0e26af01f
c6ff120c34e33841b589990f6c1dc7f0b8c1c8f70b9a3195fe80143d460388f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 06:38:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4538701cf9bc34d908f50370beb922f4
df141b9c3ec626ecaba7c1899073a48b811c4113
61497b93eb237687a8fff5845a7a81aff2f2f53dc56f2d0818bfb98dd1256d6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 06:38:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=moddroid.co
216.58.207.226200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=moddroid.co
IP 216.58.207.226:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=moddroid.co HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moddroid.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 27 Sep 2022 06:38:45 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=moddroid.co
216.58.211.2200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=moddroid.co
IP 216.58.211.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=moddroid.co HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moddroid.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 27 Sep 2022 06:38:45 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
etpweb.happymod.io/event/report/web
43.134.152.57200 OK 14 B URL HTTP/2 etpweb.happymod.io/event/report/web
IP 43.134.152.57:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type JSON data\012- , ASCII text, with no line terminators
Hash 886be12a79c0b1bd90e23851bce11841
233d6221d8c9f4971eb1c8a9e76d8d21b0e99bb8
d76b81313242d55a46cabc4b8da69f512aa3a94a9be70924be9a0b1bfc96f52e
POST /event/report/web HTTP/1.1
Host: etpweb.happymod.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 857
Origin: https://moddroid.co
Connection: keep-alive
Referer: https://moddroid.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 06:38:45 GMT
content-type: application/json; charset=utf-8
content-length: 14
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With, AccessKey,Timestamp
access-control-allow-methods: POST, GET
access-control-allow-origin: https://moddroid.co
access-control-expose-headers: Timestamp
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 95f95fee6e94fb192e7c06459e3e3f8e
025638b85afcc833cd592c98cc941dd011d2526f
dbc8654990b37741f8e393d069054ae68d584c2496421892e814e7a8c45467fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 06:38:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4538701cf9bc34d908f50370beb922f4
df141b9c3ec626ecaba7c1899073a48b811c4113
61497b93eb237687a8fff5845a7a81aff2f2f53dc56f2d0818bfb98dd1256d6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 06:38:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/watch/86638922/1?wmode=7&page-url=https%3A%2F%2Fmoddroid.co%2Fgames%2Fsports%2Fwrestling-empire%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A1579%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1397955859634%3Ahid%3A977695601%3Az%3A0%3Ai%3A20220927063843%3Aet%3A1664260723%3Ac%3A1%3Arn%3A51981576%3Arqn%3A1%3Au%3A1664260723264522123%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C33%2C366%2C6%2C922%2C0%2C%2C353%2C2%2C%2C%2C%2C1738%3Ans%3A1664260719901%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664260723%3At%3AWrestling%20Empire%20v1.5.0%20MOD%20APK%20%281.5.0%20%2F%20Mod%3A%20Unlocked%2C%20no%20ads%29%20Download&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
87.250.251.119200 OK 400 B URL HTTP/2 mc.yandex.ru/watch/86638922/1?wmode=7&page-url=https%3A%2F%2Fmoddroid.co%2Fgames%2Fsports%2Fwrestling-empire%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A1579%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1397955859634%3Ahid%3A977695601%3Az%3A0%3Ai%3A20220927063843%3Aet%3A1664260723%3Ac%3A1%3Arn%3A51981576%3Arqn%3A1%3Au%3A1664260723264522123%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C33%2C366%2C6%2C922%2C0%2C%2C353%2C2%2C%2C%2C%2C1738%3Ans%3A1664260719901%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664260723%3At%3AWrestling%20Empire%20v1.5.0%20MOD%20APK%20%281.5.0%20%2F%20Mod%3A%20Unlocked%2C%20no%20ads%29%20Download&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
IP 87.250.251.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash bff9a259aeb8f61e88baa667d1b0afeb
89b5c2f1d9bb7313d82a97cdfb61adb2a6df5c54
183ec60519336c4d4a8c5158d9055fc02f938bb98ac6f055a2d07fe124985be9
GET /watch/86638922/1?wmode=7&page-url=https%3A%2F%2Fmoddroid.co%2Fgames%2Fsports%2Fwrestling-empire%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A1579%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1397955859634%3Ahid%3A977695601%3Az%3A0%3Ai%3A20220927063843%3Aet%3A1664260723%3Ac%3A1%3Arn%3A51981576%3Arqn%3A1%3Au%3A1664260723264522123%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C33%2C366%2C6%2C922%2C0%2C%2C353%2C2%2C%2C%2C%2C1738%3Ans%3A1664260719901%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664260723%3At%3AWrestling%20Empire%20v1.5.0%20MOD%20APK%20%281.5.0%20%2F%20Mod%3A%20Unlocked%2C%20no%20ads%29%20Download&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://moddroid.co
Referer: https://moddroid.co/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Tue, 27 Sep 2022 06:38:45 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://moddroid.co
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 27-Sep-2022 06:38:45 GMT
last-modified: Tue, 27-Sep-2022 06:38:45 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moddroid.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 27 Sep 2022 06:38:45 GMT
access-control-allow-origin: *
etag: "632d6d03-2b"
expires: Tue, 27 Sep 2022 07:38:45 GMT
accept-ranges: bytes
last-modified: Fri, 23 Sep 2022 11:23:31 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
252ad1e02edb578e115e9a92d4df21dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
142.250.74.65200 OK 3.1 kB URL HTTP/2 252ad1e02edb578e115e9a92d4df21dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
IP 142.250.74.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5835)
Hash 3fa5e95a358d660ddb3c45769ae1357f
5f6164fbaf8cfbccfd061b00ae48dedfc16bbcd9
d32f4b680031c0e11222eb17385aa9d3b11d2903b05bff34c3d4eb6292631137
GET /safeframe/1-0-38/html/container.html HTTP/1.1
Host: 252ad1e02edb578e115e9a92d4df21dd.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moddroid.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 27 Sep 2022 06:38:45 GMT
expires: Wed, 27 Sep 2023 06:38:45 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
propu.sh/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Phishing
POST /custom HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://moddroid.co/
Content-Type: application/json
Origin: https://moddroid.co
Content-Length: 756
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 06:38:45 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: d77fb11b9b8d8b087ac23b8800ab925f
access-control-allow-origin: https://moddroid.co
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092101&st=env
142.250.74.34200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092101&st=env
IP 142.250.74.34:0
File type JSON data\012- , ASCII text, with very long lines (14737), with no line terminators
Hash e968e48ee5912a69971e1340841c8a9d
1ba030475095962bc049863195a88ac25b0ecd3a
2f360de928c0586a1adecffb363c75e86fdec2ddfd91ff13347e6207b285a656
GET /getconfig/sodar?sv=200&tid=gpt&tv=2022092101&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://moddroid.co
Connection: keep-alive
Referer: https://moddroid.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 27 Sep 2022 06:38:45 GMT
server: cafe
cache-control: private
content-length: 11186
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 23d19b3f71f6460e3d033f2516cbb30e
0eba190af730382c4ac0a433424a4c7a8c796064
b52695792218b549e210c8ce75ef9fca11319ed2ee82447817460bb7e7e87ae1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 06:38:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moddroid.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Tue, 27 Sep 2022 06:38:45 GMT
expires: Tue, 27 Sep 2022 06:38:45 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mc.yandex.ru/watch/86638922?wmode=7&page-url=https%3A%2F%2Fmoddroid.co%2Fgames%2Fsports%2Fwrestling-empire%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A1579%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1397955859634%3Ahid%3A977695601%3Az%3A0%3Ai%3A20220927063843%3Aet%3A1664260723%3Ac%3A1%3Arn%3A51981576%3Arqn%3A1%3Au%3A1664260723264522123%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C33%2C366%2C6%2C922%2C0%2C%2C353%2C2%2C%2C%2C%2C1738%3Ans%3A1664260719901%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664260723%3At%3AWrestling%20Empire%20v1.5.0%20MOD%20APK%20(1.5.0%20%2F%20Mod%3A%20Unlocked%2C%20no%20ads)%20Download&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
87.250.251.119302 Found 27 kB URL HTTP/2 mc.yandex.ru/watch/86638922?wmode=7&page-url=https%3A%2F%2Fmoddroid.co%2Fgames%2Fsports%2Fwrestling-empire%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A1579%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1397955859634%3Ahid%3A977695601%3Az%3A0%3Ai%3A20220927063843%3Aet%3A1664260723%3Ac%3A1%3Arn%3A51981576%3Arqn%3A1%3Au%3A1664260723264522123%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C33%2C366%2C6%2C922%2C0%2C%2C353%2C2%2C%2C%2C%2C1738%3Ans%3A1664260719901%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664260723%3At%3AWrestling%20Empire%20v1.5.0%20MOD%20APK%20(1.5.0%20%2F%20Mod%3A%20Unlocked%2C%20no%20ads)%20Download&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 87.250.251.119:0
Hash 4f674f80cb34523ca3062684220990e3
8a0c9b593df95e049aa3293727214fdd24b91e59
5797691c0a52e2b4cb44cb78bf1031ca97812868ae9abd801d6b80c75bf2c129
GET /watch/86638922?wmode=7&page-url=https%3A%2F%2Fmoddroid.co%2Fgames%2Fsports%2Fwrestling-empire%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A1579%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1397955859634%3Ahid%3A977695601%3Az%3A0%3Ai%3A20220927063843%3Aet%3A1664260723%3Ac%3A1%3Arn%3A51981576%3Arqn%3A1%3Au%3A1664260723264522123%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C33%2C366%2C6%2C922%2C0%2C%2C353%2C2%2C%2C%2C%2C1738%3Ans%3A1664260719901%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664260723%3At%3AWrestling%20Empire%20v1.5.0%20MOD%20APK%20(1.5.0%20%2F%20Mod%3A%20Unlocked%2C%20no%20ads)%20Download&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://moddroid.co
Connection: keep-alive
Referer: https://moddroid.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/86638922/1?wmode=7&page-url=https%3A%2F%2Fmoddroid.co%2Fgames%2Fsports%2Fwrestling-empire%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A1579%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1397955859634%3Ahid%3A977695601%3Az%3A0%3Ai%3A20220927063843%3Aet%3A1664260723%3Ac%3A1%3Arn%3A51981576%3Arqn%3A1%3Au%3A1664260723264522123%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C33%2C366%2C6%2C922%2C0%2C%2C353%2C2%2C%2C%2C%2C1738%3Ans%3A1664260719901%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664260723%3At%3AWrestling%20Empire%20v1.5.0%20MOD%20APK%20%281.5.0%20%2F%20Mod%3A%20Unlocked%2C%20no%20ads%29%20Download&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Tue, 27 Sep 2022 06:38:45 GMT
access-control-allow-origin: https://moddroid.co
set-cookie: yandexuid=4070306191664260725; Expires=Wed, 27-Sep-2023 06:38:45 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=4070306191664260725; Expires=Wed, 27-Sep-2023 06:38:45 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=634099521664260725; Path=/; SameSite=None; Secure
i=x2HU2pd0t8ejwg8hM/dRG1mn8U8UOlFXmb9YhN6FtDdw5uCI5kZKB8HY3c9T2EdOTfzFqX3aCgIhECfGsDAyH5v9XSg=; Expires=Fri, 24-Sep-2032 06:38:43 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1695796725.yrts.1664260725#1695796725.yrtsi.1664260725; Expires=Wed, 27-Sep-2023 06:38:45 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 27-Sep-2022 06:38:45 GMT
last-modified: Tue, 27-Sep-2022 06:38:45 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moddroid.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 13:42:03 GMT
expires: Mon, 25 Sep 2023 13:42:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 147402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5b7b66f5886a12421c3f3970bbf49d5a
13a31565fb5b2f1e75d67ba1ce09dae339f1c0e8
3ed8ffa99cefdf81381912b426c0ab9091fb5888836665d9012435965f99feba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 06:38:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 1ba081ae15a603d0d9a0ba1456015936
235b729938c8aacdde25845811c39f869d488001
93cf6eccfb4339a4b5a41c167c87cbb7fcc57843035bb58c2728f5af51b7c2b9
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moddroid.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 27 Sep 2022 06:38:45 GMT
date: Tue, 27 Sep 2022 06:38:45 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-9BG6Vv6U7bgZyWrODcOvrg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/xbbe/pixel?d=CKjuaBCznHAY_JmC0wEwAQ&v=APEucNXH1IjW3QNhGNUiJzDFkLkbnGjHY8Y2WY76lokrwywTm0_ITMEaLMbifnAVxhf8hpw6ilRflbgGcsqoD1HBqKaTfcOmknerTviB3wh_2vAb7i2V1uDikopSPFIOMCh7iWNWa8M9hhX0iAbqSGO556_77-h0CuaB95ZIYtKHw6_gs3L7VMw
142.250.74.66200 OK 0 B URL HTTP/2 googleads.g.doubleclick.net/xbbe/pixel?d=CKjuaBCznHAY_JmC0wEwAQ&v=APEucNXH1IjW3QNhGNUiJzDFkLkbnGjHY8Y2WY76lokrwywTm0_ITMEaLMbifnAVxhf8hpw6ilRflbgGcsqoD1HBqKaTfcOmknerTviB3wh_2vAb7i2V1uDikopSPFIOMCh7iWNWa8M9hhX0iAbqSGO556_77-h0CuaB95ZIYtKHw6_gs3L7VMw
IP 142.250.74.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xbbe/pixel?d=CKjuaBCznHAY_JmC0wEwAQ&v=APEucNXH1IjW3QNhGNUiJzDFkLkbnGjHY8Y2WY76lokrwywTm0_ITMEaLMbifnAVxhf8hpw6ilRflbgGcsqoD1HBqKaTfcOmknerTviB3wh_2vAb7i2V1uDikopSPFIOMCh7iWNWa8M9hhX0iAbqSGO556_77-h0CuaB95ZIYtKHw6_gs3L7VMw HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://252ad1e02edb578e115e9a92d4df21dd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 27 Sep 2022 06:38:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 27-Sep-2022 06:53:45 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 27 Sep 2022 06:38:45 GMT
cache-control: private
X-Firefox-Spdy: h2
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
172.217.21.162200 OK 44 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 172.217.21.162:0
File type ASCII text, with very long lines (3498)
Hash f6b1f2456b44a6f219d0aed4e1a437e7
4c993a7a8f983d1b80b596b8aa65c6314bc8def7
05b89601f9c3a01b5c2efbe7a5cca69859e9c974e254501bb79d8d3a24c1267b
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://252ad1e02edb578e115e9a92d4df21dd.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 44528
date: Tue, 27 Sep 2022 06:38:45 GMT
expires: Tue, 27 Sep 2022 06:38:45 GMT
cache-control: private, max-age=3000
etag: "1664191987193040"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Amjux5MokWuSBna7T7lm0ECs36rQXivZ3qvyipb0IcJYdc4RL9C5DKFocEsAhiEEuCsvL4cu-D-0lr8_vo7vlv-a5Kg8MWvh4oZ2sGEtefttVMysBYgnkvcvIuPn1OApyINZLn67spQQGhtx6OOkqBWphrRDowLdAT8e2BKt_1ddCM3_NkHWiI-jpeDIulF6EMHpXj&cry=1&dbm_d=AKAmf-COQQ1IPobpbQ2J1NgLSIq7YxN4SgM9E5n3hY2LXtn6KG2bGIpMxAfOoyLi1jzPNzXe2zRihOyeAUYNJ1OdYvCdLhsq6gnp9zw5nro9_4jwAd3tKkSq_R7di3qWdrVP4dL9_9PD_6L9g1_uiOAtoJ01xEseXUSNjgWEeoIIiqCjnIG8ulWadwQPgUhXFUwv6DvfB7ahMSIBnn9jwwc_LqasmIFTeV29Unx43_mdwy2VUXsPE3titgb9Q9l8_d_vmmwg7brhdL-Tw-neipNIsO4mtFJmbvmQzcLG-NgUnJMM2EtyeSWYIjNrZVtIO6mn49sSaYDnjkKh6oBcJsM0cyQoEvA8e0dZIKqsWGz3_746H6N22mMEs16EUoKZzg6rtjhLpbtVY4gXaOtDldaEyIOo3qmai_4nC6L3KlVjD5OkSY3jx_ky2BmUr88cqUVcXrnUzM_GNR51d90fogZGT-wNcNq1IpzwKUp0PBytXYC_C6nCp6TZD0ptzcvKnC03KfX0G6WZGgCfyswPztQSBzWWesd3gd18HuZ7zQfw2fRGDFDyxMGdQtMrF6p4fnWqCh8wNvWeiNGjGHPKoakDsLoTotWUlOHiHUCxWMjtKqT5V4fCBn-Hzy39EyZBNON40F42KaPS7xLKhFg6re2BAoN5jEaq2PCIw0gGV-82DJOfsORQMpMJD8OsRSIc2jVy60VjtRdXplm4vdhAeUVg3u-hwomRs7J7I631LmjucH-kDEOxJddI3m7zmG7D3avofvJYJcf_HcSDE5z1EhZvuXKmpamt27KEZKRTSSo-gpl3wm2d-q9ktulcJeYy2vcAah3yS8Qg3gmr0qrmDlTt75C9kcEVRjeO1wvbOEX3nRWQ4o4YGyy0CgfoFSfAWg4r0WqT7EKLp7XGSmWiHT4kZlbT4N3nCsmnNclciBMvKKe5bdrhlBwNjdkpLtd8gs8DvbYmHUQ_T7zaQ_iXt8IvQYkpwXEBsNNsDE2-DBIB6zOUlc4cq867EL85VJwDhNlDaY5kzW4pyu6CEPdeBTCZERH72BJwmnHthc1J0D5frYBxYF1OQFtLTHXeXhlsQk8WOtatwSp8WSzz7LrPFNCM52csO0AtcdBy5aWwA6JO3y9iPU8p-W95CuZtUXWRf-U5_1F6GljNzClCz_BU0d5ZXtp5n0ZPsVlDoUV6iG2miiAo1W1o02C5RwTTMxuderb2rLVAXyUPiWp1UcHAI1qa7cZrvUIZnO-JTFuZNlyDD3zfGHXfXitEd6CbxQY7Wox7LGVEuIBF8_AB3oR_NoHLUt0plpV_8q7009Q5qHi_Y5yyCdNB2MRcahSRZevWY6w5WaW_Cv3EXLaaykkC4l3fVjBwXVbiwbCHmi7tCcHdPqJcdeJI5QnZeTu5xoM4rDOOzm70jn3GhESMe3a31xlwqSj43ZxgrKALezjvOcIyc2Vx3FH2TT-jHMTZwUM6XPcLF5X3nFaUbKq53fDIsNr9fwEg3OVu5IMEOqZT7tZHly3yZd18wwzxM_AGlwpl0s3VGdmpiedN_6OjnPpy8hv3PgntBxmOYvJvieymmA9vLptxEZfU788INXNcqz9ADU_U1qaYGKbGF1SBdq36wWd65j2OAp-aTI21YIrOqS4Pa4w8PTHN4DZtsO5t85yfPFN-5auXS5PHYdAgLyYidLEVShOMS1VldFbs1mUof2XcatGHA8wJrOP5uMLrNybfNiG3KlDah1P5utFu3eRbpgBdgKXVKb9hlpJaJWmIaGDFJX_3tgoiK-46l2qSgwz89E4mk5QKLLxi9LfrZVY4BfhGxW_sKCJLmeG8bA31HPiznvz5GZbaMvRv6tM4KuL6PNwTNDTZmA8dHRfERS2mycscUMCYl7UX845omp_olOl29uqW6jL4r8LF1cfbgbxSbvxWEAXUR9UwzHNqlia_BjxcBhtjWWjq9j662c7Um_rmB5ryKrFtfpCQqKAoWK7IoHLHXOquzLKF4SA64YpCL4nLPvojM6e2crr2jUbaG0bwubpXysTXuLqxOwWFlEfg50jPgZkSVnvRxrK7ppDvNFxtRE86w0TsLjJYlACyrH8K3Xnz15VJEgzlcXxPpsIcWj8o5234vkrCI-oEq6C5lyWCmjEsahRW2q6TBN0BZQp-iQ6-ea7jXoZe9J6FjBYHOVuu4ew8vgwF9JNKOQRtyBZRGWvgboVYnadiaG1olHBkI7PRmBGuMZOCi2EKliM3tF9GtKnYBQqdeI-TQ-8zLWVB6tCfmWzMrw33dMX9hu0NP2X-P4nW9Cum21Bli-4j9h2w2U-ManDk9C4_KdxLYgwUYQkNE8KHAt_qrGPXmsIg4gvXwDTar614icqhcteqCy_FyJqt7S_MaWz9lOnYTvcZjs_gDBet8kuPqEUBsB2ZAZDg-FJPQ8EhLnrXf325mFt3b6hfzwxfzULNJuRNEGwKLm66Wi-9ZJL2aSzDVOybJVng8Iau-Z9sQxKsmBtIb1s3rJf-gX3fBfvr7qsyxEiIVbPn-4j1ow4qSsnZAOfIbJJ2274wIwYw4zVDx_1HzoImJhMSzfKFOIqPTs6hHSiMjXptcF73eot1rPzQIZtj0mfLSOZfkqTAI_YFEohAAOZLZqkUM0fQdwYxkYu7dJjsKBgHDI8EInraNbXUXNVabU7NTvL1yM6B1ZNaTegV1ifIcOLot_6rggWD_2u2uC8LQSGU2cXRHOixxE6gYzNnnHktC3ko1rfFuIcruDUORrN38TLXKNBq_LT14e9nr45eeMYoM761RRZ6mSIRVLX85RdThg_IU31y8CQ1OkLCcVDbqH6S262we41-mLC0NVtVAaqDzrk24yBNXst9FxtjovqrDVLJBkVcj99oxNXmm_SCibGK8sjZcfbPfSK8I2PsQI89tbcUAbjILVOCvW2DsxnHakXxG6-f2IBaZSReIKQ5tfjQprz9iMEw-PqlvrCy9u59B9l2i3HU73-vW2XlQ17uvObQoLuAyLWnmCp1OlIHSJDS1X8qjFibBMm6HEGTJvEQQtsSuSsazkYwrmF_mmvGVDO58QAA5eNi4rQD8nU4ZuWb8ZFXQOLE2a-s6xITIgpIxGDG8d0QnNmqdauLACwW-cUQxkOmr6UxLbCBv6J9QM5HA7q7zJZCknNRVYRFXCkepJ7xqrGNAB-QOkhw2EVlPPDg6lG01DCM6u4DqVcW_rI-5Z9s9GJ7Kg_r1LdxqEUp_fANHrWW7CmmthqDBqjEgg-0XVW0XQ-79MbZMCHD_KOvEH3hjiMyaew2pEXnMvYdWzFLYH50MqegBadwA-oDh3BAqSmJt-X0VSgjQkBgJ7KPYbAYLFgadzmRie4LAW6cKxueuq7VtAjB0vX5EsXGpWVAxjci3Bcokz8zlqyKQjl9az4yMrNRlD_wbc_aRKtH3xIW-ReDe4FRV25N3dgAMpMZDFqtLn1FDAJ1UXVW12jORX7u&cid=CAASKORo3HIasg7ob1SoG1A88Tev-D3zlwDkL_jG_JnX4qZvdEv930fQQ_M&rfl=1%2Chttps%253A%252F%252Fmoddroid.co%252F%240
142.250.74.66200 OK 34 kB URL HTTP/2 googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Amjux5MokWuSBna7T7lm0ECs36rQXivZ3qvyipb0IcJYdc4RL9C5DKFocEsAhiEEuCsvL4cu-D-0lr8_vo7vlv-a5Kg8MWvh4oZ2sGEtefttVMysBYgnkvcvIuPn1OApyINZLn67spQQGhtx6OOkqBWphrRDowLdAT8e2BKt_1ddCM3_NkHWiI-jpeDIulF6EMHpXj&cry=1&dbm_d=AKAmf-COQQ1IPobpbQ2J1NgLSIq7YxN4SgM9E5n3hY2LXtn6KG2bGIpMxAfOoyLi1jzPNzXe2zRihOyeAUYNJ1OdYvCdLhsq6gnp9zw5nro9_4jwAd3tKkSq_R7di3qWdrVP4dL9_9PD_6L9g1_uiOAtoJ01xEseXUSNjgWEeoIIiqCjnIG8ulWadwQPgUhXFUwv6DvfB7ahMSIBnn9jwwc_LqasmIFTeV29Unx43_mdwy2VUXsPE3titgb9Q9l8_d_vmmwg7brhdL-Tw-neipNIsO4mtFJmbvmQzcLG-NgUnJMM2EtyeSWYIjNrZVtIO6mn49sSaYDnjkKh6oBcJsM0cyQoEvA8e0dZIKqsWGz3_746H6N22mMEs16EUoKZzg6rtjhLpbtVY4gXaOtDldaEyIOo3qmai_4nC6L3KlVjD5OkSY3jx_ky2BmUr88cqUVcXrnUzM_GNR51d90fogZGT-wNcNq1IpzwKUp0PBytXYC_C6nCp6TZD0ptzcvKnC03KfX0G6WZGgCfyswPztQSBzWWesd3gd18HuZ7zQfw2fRGDFDyxMGdQtMrF6p4fnWqCh8wNvWeiNGjGHPKoakDsLoTotWUlOHiHUCxWMjtKqT5V4fCBn-Hzy39EyZBNON40F42KaPS7xLKhFg6re2BAoN5jEaq2PCIw0gGV-82DJOfsORQMpMJD8OsRSIc2jVy60VjtRdXplm4vdhAeUVg3u-hwomRs7J7I631LmjucH-kDEOxJddI3m7zmG7D3avofvJYJcf_HcSDE5z1EhZvuXKmpamt27KEZKRTSSo-gpl3wm2d-q9ktulcJeYy2vcAah3yS8Qg3gmr0qrmDlTt75C9kcEVRjeO1wvbOEX3nRWQ4o4YGyy0CgfoFSfAWg4r0WqT7EKLp7XGSmWiHT4kZlbT4N3nCsmnNclciBMvKKe5bdrhlBwNjdkpLtd8gs8DvbYmHUQ_T7zaQ_iXt8IvQYkpwXEBsNNsDE2-DBIB6zOUlc4cq867EL85VJwDhNlDaY5kzW4pyu6CEPdeBTCZERH72BJwmnHthc1J0D5frYBxYF1OQFtLTHXeXhlsQk8WOtatwSp8WSzz7LrPFNCM52csO0AtcdBy5aWwA6JO3y9iPU8p-W95CuZtUXWRf-U5_1F6GljNzClCz_BU0d5ZXtp5n0ZPsVlDoUV6iG2miiAo1W1o02C5RwTTMxuderb2rLVAXyUPiWp1UcHAI1qa7cZrvUIZnO-JTFuZNlyDD3zfGHXfXitEd6CbxQY7Wox7LGVEuIBF8_AB3oR_NoHLUt0plpV_8q7009Q5qHi_Y5yyCdNB2MRcahSRZevWY6w5WaW_Cv3EXLaaykkC4l3fVjBwXVbiwbCHmi7tCcHdPqJcdeJI5QnZeTu5xoM4rDOOzm70jn3GhESMe3a31xlwqSj43ZxgrKALezjvOcIyc2Vx3FH2TT-jHMTZwUM6XPcLF5X3nFaUbKq53fDIsNr9fwEg3OVu5IMEOqZT7tZHly3yZd18wwzxM_AGlwpl0s3VGdmpiedN_6OjnPpy8hv3PgntBxmOYvJvieymmA9vLptxEZfU788INXNcqz9ADU_U1qaYGKbGF1SBdq36wWd65j2OAp-aTI21YIrOqS4Pa4w8PTHN4DZtsO5t85yfPFN-5auXS5PHYdAgLyYidLEVShOMS1VldFbs1mUof2XcatGHA8wJrOP5uMLrNybfNiG3KlDah1P5utFu3eRbpgBdgKXVKb9hlpJaJWmIaGDFJX_3tgoiK-46l2qSgwz89E4mk5QKLLxi9LfrZVY4BfhGxW_sKCJLmeG8bA31HPiznvz5GZbaMvRv6tM4KuL6PNwTNDTZmA8dHRfERS2mycscUMCYl7UX845omp_olOl29uqW6jL4r8LF1cfbgbxSbvxWEAXUR9UwzHNqlia_BjxcBhtjWWjq9j662c7Um_rmB5ryKrFtfpCQqKAoWK7IoHLHXOquzLKF4SA64YpCL4nLPvojM6e2crr2jUbaG0bwubpXysTXuLqxOwWFlEfg50jPgZkSVnvRxrK7ppDvNFxtRE86w0TsLjJYlACyrH8K3Xnz15VJEgzlcXxPpsIcWj8o5234vkrCI-oEq6C5lyWCmjEsahRW2q6TBN0BZQp-iQ6-ea7jXoZe9J6FjBYHOVuu4ew8vgwF9JNKOQRtyBZRGWvgboVYnadiaG1olHBkI7PRmBGuMZOCi2EKliM3tF9GtKnYBQqdeI-TQ-8zLWVB6tCfmWzMrw33dMX9hu0NP2X-P4nW9Cum21Bli-4j9h2w2U-ManDk9C4_KdxLYgwUYQkNE8KHAt_qrGPXmsIg4gvXwDTar614icqhcteqCy_FyJqt7S_MaWz9lOnYTvcZjs_gDBet8kuPqEUBsB2ZAZDg-FJPQ8EhLnrXf325mFt3b6hfzwxfzULNJuRNEGwKLm66Wi-9ZJL2aSzDVOybJVng8Iau-Z9sQxKsmBtIb1s3rJf-gX3fBfvr7qsyxEiIVbPn-4j1ow4qSsnZAOfIbJJ2274wIwYw4zVDx_1HzoImJhMSzfKFOIqPTs6hHSiMjXptcF73eot1rPzQIZtj0mfLSOZfkqTAI_YFEohAAOZLZqkUM0fQdwYxkYu7dJjsKBgHDI8EInraNbXUXNVabU7NTvL1yM6B1ZNaTegV1ifIcOLot_6rggWD_2u2uC8LQSGU2cXRHOixxE6gYzNnnHktC3ko1rfFuIcruDUORrN38TLXKNBq_LT14e9nr45eeMYoM761RRZ6mSIRVLX85RdThg_IU31y8CQ1OkLCcVDbqH6S262we41-mLC0NVtVAaqDzrk24yBNXst9FxtjovqrDVLJBkVcj99oxNXmm_SCibGK8sjZcfbPfSK8I2PsQI89tbcUAbjILVOCvW2DsxnHakXxG6-f2IBaZSReIKQ5tfjQprz9iMEw-PqlvrCy9u59B9l2i3HU73-vW2XlQ17uvObQoLuAyLWnmCp1OlIHSJDS1X8qjFibBMm6HEGTJvEQQtsSuSsazkYwrmF_mmvGVDO58QAA5eNi4rQD8nU4ZuWb8ZFXQOLE2a-s6xITIgpIxGDG8d0QnNmqdauLACwW-cUQxkOmr6UxLbCBv6J9QM5HA7q7zJZCknNRVYRFXCkepJ7xqrGNAB-QOkhw2EVlPPDg6lG01DCM6u4DqVcW_rI-5Z9s9GJ7Kg_r1LdxqEUp_fANHrWW7CmmthqDBqjEgg-0XVW0XQ-79MbZMCHD_KOvEH3hjiMyaew2pEXnMvYdWzFLYH50MqegBadwA-oDh3BAqSmJt-X0VSgjQkBgJ7KPYbAYLFgadzmRie4LAW6cKxueuq7VtAjB0vX5EsXGpWVAxjci3Bcokz8zlqyKQjl9az4yMrNRlD_wbc_aRKtH3xIW-ReDe4FRV25N3dgAMpMZDFqtLn1FDAJ1UXVW12jORX7u&cid=CAASKORo3HIasg7ob1SoG1A88Tev-D3zlwDkL_jG_JnX4qZvdEv930fQQ_M&rfl=1%2Chttps%253A%252F%252Fmoddroid.co%252F%240
IP 142.250.74.66:0
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash 92b51ea4885d01db3b475d171bb8f707
8130cd7d0b7fe6c74fdd253b6bf17e991797fb1c
af5e946f34513910fa8cc5c81c247962258d61316d32e920a16acb76233ba9d0
GET /dbm/ad?dbm_c=AKAmf-Amjux5MokWuSBna7T7lm0ECs36rQXivZ3qvyipb0IcJYdc4RL9C5DKFocEsAhiEEuCsvL4cu-D-0lr8_vo7vlv-a5Kg8MWvh4oZ2sGEtefttVMysBYgnkvcvIuPn1OApyINZLn67spQQGhtx6OOkqBWphrRDowLdAT8e2BKt_1ddCM3_NkHWiI-jpeDIulF6EMHpXj&cry=1&dbm_d=AKAmf-COQQ1IPobpbQ2J1NgLSIq7YxN4SgM9E5n3hY2LXtn6KG2bGIpMxAfOoyLi1jzPNzXe2zRihOyeAUYNJ1OdYvCdLhsq6gnp9zw5nro9_4jwAd3tKkSq_R7di3qWdrVP4dL9_9PD_6L9g1_uiOAtoJ01xEseXUSNjgWEeoIIiqCjnIG8ulWadwQPgUhXFUwv6DvfB7ahMSIBnn9jwwc_LqasmIFTeV29Unx43_mdwy2VUXsPE3titgb9Q9l8_d_vmmwg7brhdL-Tw-neipNIsO4mtFJmbvmQzcLG-NgUnJMM2EtyeSWYIjNrZVtIO6mn49sSaYDnjkKh6oBcJsM0cyQoEvA8e0dZIKqsWGz3_746H6N22mMEs16EUoKZzg6rtjhLpbtVY4gXaOtDldaEyIOo3qmai_4nC6L3KlVjD5OkSY3jx_ky2BmUr88cqUVcXrnUzM_GNR51d90fogZGT-wNcNq1IpzwKUp0PBytXYC_C6nCp6TZD0ptzcvKnC03KfX0G6WZGgCfyswPztQSBzWWesd3gd18HuZ7zQfw2fRGDFDyxMGdQtMrF6p4fnWqCh8wNvWeiNGjGHPKoakDsLoTotWUlOHiHUCxWMjtKqT5V4fCBn-Hzy39EyZBNON40F42KaPS7xLKhFg6re2BAoN5jEaq2PCIw0gGV-82DJOfsORQMpMJD8OsRSIc2jVy60VjtRdXplm4vdhAeUVg3u-hwomRs7J7I631LmjucH-kDEOxJddI3m7zmG7D3avofvJYJcf_HcSDE5z1EhZvuXKmpamt27KEZKRTSSo-gpl3wm2d-q9ktulcJeYy2vcAah3yS8Qg3gmr0qrmDlTt75C9kcEVRjeO1wvbOEX3nRWQ4o4YGyy0CgfoFSfAWg4r0WqT7EKLp7XGSmWiHT4kZlbT4N3nCsmnNclciBMvKKe5bdrhlBwNjdkpLtd8gs8DvbYmHUQ_T7zaQ_iXt8IvQYkpwXEBsNNsDE2-DBIB6zOUlc4cq867EL85VJwDhNlDaY5kzW4pyu6CEPdeBTCZERH72BJwmnHthc1J0D5frYBxYF1OQFtLTHXeXhlsQk8WOtatwSp8WSzz7LrPFNCM52csO0AtcdBy5aWwA6JO3y9iPU8p-W95CuZtUXWRf-U5_1F6GljNzClCz_BU0d5ZXtp5n0ZPsVlDoUV6iG2miiAo1W1o02C5RwTTMxuderb2rLVAXyUPiWp1UcHAI1qa7cZrvUIZnO-JTFuZNlyDD3zfGHXfXitEd6CbxQY7Wox7LGVEuIBF8_AB3oR_NoHLUt0plpV_8q7009Q5qHi_Y5yyCdNB2MRcahSRZevWY6w5WaW_Cv3EXLaaykkC4l3fVjBwXVbiwbCHmi7tCcHdPqJcdeJI5QnZeTu5xoM4rDOOzm70jn3GhESMe3a31xlwqSj43ZxgrKALezjvOcIyc2Vx3FH2TT-jHMTZwUM6XPcLF5X3nFaUbKq53fDIsNr9fwEg3OVu5IMEOqZT7tZHly3yZd18wwzxM_AGlwpl0s3VGdmpiedN_6OjnPpy8hv3PgntBxmOYvJvieymmA9vLptxEZfU788INXNcqz9ADU_U1qaYGKbGF1SBdq36wWd65j2OAp-aTI21YIrOqS4Pa4w8PTHN4DZtsO5t85yfPFN-5auXS5PHYdAgLyYidLEVShOMS1VldFbs1mUof2XcatGHA8wJrOP5uMLrNybfNiG3KlDah1P5utFu3eRbpgBdgKXVKb9hlpJaJWmIaGDFJX_3tgoiK-46l2qSgwz89E4mk5QKLLxi9LfrZVY4BfhGxW_sKCJLmeG8bA31HPiznvz5GZbaMvRv6tM4KuL6PNwTNDTZmA8dHRfERS2mycscUMCYl7UX845omp_olOl29uqW6jL4r8LF1cfbgbxSbvxWEAXUR9UwzHNqlia_BjxcBhtjWWjq9j662c7Um_rmB5ryKrFtfpCQqKAoWK7IoHLHXOquzLKF4SA64YpCL4nLPvojM6e2crr2jUbaG0bwubpXysTXuLqxOwWFlEfg50jPgZkSVnvRxrK7ppDvNFxtRE86w0TsLjJYlACyrH8K3Xnz15VJEgzlcXxPpsIcWj8o5234vkrCI-oEq6C5lyWCmjEsahRW2q6TBN0BZQp-iQ6-ea7jXoZe9J6FjBYHOVuu4ew8vgwF9JNKOQRtyBZRGWvgboVYnadiaG1olHBkI7PRmBGuMZOCi2EKliM3tF9GtKnYBQqdeI-TQ-8zLWVB6tCfmWzMrw33dMX9hu0NP2X-P4nW9Cum21Bli-4j9h2w2U-ManDk9C4_KdxLYgwUYQkNE8KHAt_qrGPXmsIg4gvXwDTar614icqhcteqCy_FyJqt7S_MaWz9lOnYTvcZjs_gDBet8kuPqEUBsB2ZAZDg-FJPQ8EhLnrXf325mFt3b6hfzwxfzULNJuRNEGwKLm66Wi-9ZJL2aSzDVOybJVng8Iau-Z9sQxKsmBtIb1s3rJf-gX3fBfvr7qsyxEiIVbPn-4j1ow4qSsnZAOfIbJJ2274wIwYw4zVDx_1HzoImJhMSzfKFOIqPTs6hHSiMjXptcF73eot1rPzQIZtj0mfLSOZfkqTAI_YFEohAAOZLZqkUM0fQdwYxkYu7dJjsKBgHDI8EInraNbXUXNVabU7NTvL1yM6B1ZNaTegV1ifIcOLot_6rggWD_2u2uC8LQSGU2cXRHOixxE6gYzNnnHktC3ko1rfFuIcruDUORrN38TLXKNBq_LT14e9nr45eeMYoM761RRZ6mSIRVLX85RdThg_IU31y8CQ1OkLCcVDbqH6S262we41-mLC0NVtVAaqDzrk24yBNXst9FxtjovqrDVLJBkVcj99oxNXmm_SCibGK8sjZcfbPfSK8I2PsQI89tbcUAbjILVOCvW2DsxnHakXxG6-f2IBaZSReIKQ5tfjQprz9iMEw-PqlvrCy9u59B9l2i3HU73-vW2XlQ17uvObQoLuAyLWnmCp1OlIHSJDS1X8qjFibBMm6HEGTJvEQQtsSuSsazkYwrmF_mmvGVDO58QAA5eNi4rQD8nU4ZuWb8ZFXQOLE2a-s6xITIgpIxGDG8d0QnNmqdauLACwW-cUQxkOmr6UxLbCBv6J9QM5HA7q7zJZCknNRVYRFXCkepJ7xqrGNAB-QOkhw2EVlPPDg6lG01DCM6u4DqVcW_rI-5Z9s9GJ7Kg_r1LdxqEUp_fANHrWW7CmmthqDBqjEgg-0XVW0XQ-79MbZMCHD_KOvEH3hjiMyaew2pEXnMvYdWzFLYH50MqegBadwA-oDh3BAqSmJt-X0VSgjQkBgJ7KPYbAYLFgadzmRie4LAW6cKxueuq7VtAjB0vX5EsXGpWVAxjci3Bcokz8zlqyKQjl9az4yMrNRlD_wbc_aRKtH3xIW-ReDe4FRV25N3dgAMpMZDFqtLn1FDAJ1UXVW12jORX7u&cid=CAASKORo3HIasg7ob1SoG1A88Tev-D3zlwDkL_jG_JnX4qZvdEv930fQQ_M&rfl=1%2Chttps%253A%252F%252Fmoddroid.co%252F%240 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://252ad1e02edb578e115e9a92d4df21dd.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 06:38:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 34065
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 27-Sep-2022 06:53:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ce9fa7c0f8c668afd33a2fa65bf285e5
0333c06c16ea38e346cee9aad19965aa9d2729b1
50b7e5b9d9833fbd2c737642a86c63217f3296fb4bce6c7a876e4cde3dcddbd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 06:38:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
216.58.211.6200 OK 60 kB URL HTTP/2 s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
IP 216.58.211.6:0
File type ASCII text, with very long lines (2322)
Hash 36b0ba015b3250f6bda9e89b898f4707
635c67d8b08f40705e87e9c81cb138aef9c2ecdb
c70af3ba570296102947920e68bfe252d08de33b0464a910dd8e5d3ac58410f3
GET /879366/html_inpage_rendering_lib_200_276.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://252ad1e02edb578e115e9a92d4df21dd.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://252ad1e02edb578e115e9a92d4df21dd.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 60311
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 10:30:23 GMT
expires: Tue, 27 Sep 2022 10:30:23 GMT
cache-control: public, max-age=86400
age: 72503
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 06:38:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ce9fa7c0f8c668afd33a2fa65bf285e5
0333c06c16ea38e346cee9aad19965aa9d2729b1
50b7e5b9d9833fbd2c737642a86c63217f3296fb4bce6c7a876e4cde3dcddbd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 06:38:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
142.250.74.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
IP 142.250.74.10:0
Hash 06cd697325896720d4fc606a0ea7b383
7dfe2d39900e024b35e0c1cf8596bd6cf69dc1d1
111aff37b8e4ff63775b5f0dd2b1acd719753dbb5ff974add06e35273b1356ee
GET /css2?family=Roboto:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://252ad1e02edb578e115e9a92d4df21dd.safeframe.googlesyndication.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 06:38:46 GMT
date: Tue, 27 Sep 2022 06:38:46 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ceb9452c51c6a08f727da91bf4cf695d
156be228075e356b4955fd8d2f4377b9e972129b
189422671cc327b9561bebd204c762388ab264867b25e1c775a06e67e637925c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 06:38:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ceb9452c51c6a08f727da91bf4cf695d
156be228075e356b4955fd8d2f4377b9e972129b
189422671cc327b9561bebd204c762388ab264867b25e1c775a06e67e637925c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 06:38:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ceb9452c51c6a08f727da91bf4cf695d
156be228075e356b4955fd8d2f4377b9e972129b
189422671cc327b9561bebd204c762388ab264867b25e1c775a06e67e637925c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 06:38:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstosSddHTW_krqM_GX652ibmBztdBXQ1a1ufgEir0fPtlNBV9mXNwjLjjKa9n1CzdRoOK5IJ8TyRPa-p2VlZR97DLVl_TkngttxFeFGTCBvFdoUN020XubezubtL8cO78me9V0I8DqEOPZizpdSSPbrlfawZ9qO0zexQd8t10u6HaG4lGvaCt44yIGmL4LWUeR05jYO8gaNWulEKkTlaYTBZOZf5L076AGNtMupHunVzWKNX_AYWnF7tdz8QiKfSgwujchD6G8J_MAHiaOnnghamZNSAMWCExW1DbTlZMiC-xulkHNxMMpFPKYtZuIFEGGEsw0_OnDG_HWC1LrclO05-6it48KsExoL8Y8FierphXX_Pg9XTttlMap8JyPXopTRcs38cRYuptA42kHJGtqom6wrNbCdEw1v-FyiGdOqF8DuHol0UPWBtXOJcODl8sRWhi366RyCcKpoq6letDgpcNbD1QIOdnPB2H9cTQL1r4b75Pyh9yRHV1Fz7Hm6SM_wDen_Rqaa58R7kCMvEAgMU7Zm07yalo6BeqZpNvOXgXyzLEyGO2NQYweJA76T6rrBmUmYlKI7HQzS5UN-E1_xAjcdks15b3lBi5igjZoLonp6oHnTwtTwtEei_gZwhx0pKXm_xGMK1fK8hNhRNEAQ_sU9f9f-kMiNIdNvSTBblzrU5AA5oSmeTbfw82MpAB6ikvNaZeDDT6fr2mrt_JyuR-Sku1ZgEpSJ79FenWDeXtv98jlxno2fv3Wb1J0Z3V61EOZb99OSbg-Mu0RbXcUAW9uLZ9W4a_TW8nS_W-KYS-XV-2dnGm2ualSlI1IdwY9CRPvKz7OXMGXlOxcgfl4ImA-bZt3ZE2j46zAfCD_WB3fBjdwZ5GadIVNwIKz_SxNCcmFr-oCzK6lxl4kZK2lycDuA7lzTh6cu6BPFPsicjivNL6wO22VkgJX2r3GKLIKNwcZT2Oh_jmqBPzs049bxnMVP6nWRnqOd8-9oz4JTBcqZF2Vf6lugj3t7STFUIybb2_-kGthv_Sowd3ppKjacJa_qHdO8n0zkHqo_vu6ZzHjy1H9FKmsRX1kh8Rqr2-EfU9offHUUxSmhreP83tb6jxAEmypXIB7p0tCssm9TrgUA3MY0Orvm3xzQpn3d6eUjJfoxkHXNKQAWPjtUNej67j-UG_OKFtoUwZSVm9d1182GjtzVH81JCA&sai=AMfl-YQ28vHaWTh8WuZahFWhGtG_-ieN2oOdd0wv3Etwxc12qbEfkNIGRVHjv7QeXd9GNMx52YeAvuWUf4gdCtVrZuhdvgb2PrT6Lrxa9dOhlhglJMtWYfYwbQfp9GpSYSAN3WVBCie4A1Rp8pwGZJQTlQvYhxDcckz6iYKzUYi3Fr1BemZJ-B_2T3AhpVA9hmpUoZkjdNiGJ4wpxIEoNejgYYqzCQRxgCTRlw&sig=Cg0ArKJSzJAxlV-ciMJ0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=226&cbvp=1&cstd=215&cisv=r20220922.29275&adurl=
142.250.74.130200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstosSddHTW_krqM_GX652ibmBztdBXQ1a1ufgEir0fPtlNBV9mXNwjLjjKa9n1CzdRoOK5IJ8TyRPa-p2VlZR97DLVl_TkngttxFeFGTCBvFdoUN020XubezubtL8cO78me9V0I8DqEOPZizpdSSPbrlfawZ9qO0zexQd8t10u6HaG4lGvaCt44yIGmL4LWUeR05jYO8gaNWulEKkTlaYTBZOZf5L076AGNtMupHunVzWKNX_AYWnF7tdz8QiKfSgwujchD6G8J_MAHiaOnnghamZNSAMWCExW1DbTlZMiC-xulkHNxMMpFPKYtZuIFEGGEsw0_OnDG_HWC1LrclO05-6it48KsExoL8Y8FierphXX_Pg9XTttlMap8JyPXopTRcs38cRYuptA42kHJGtqom6wrNbCdEw1v-FyiGdOqF8DuHol0UPWBtXOJcODl8sRWhi366RyCcKpoq6letDgpcNbD1QIOdnPB2H9cTQL1r4b75Pyh9yRHV1Fz7Hm6SM_wDen_Rqaa58R7kCMvEAgMU7Zm07yalo6BeqZpNvOXgXyzLEyGO2NQYweJA76T6rrBmUmYlKI7HQzS5UN-E1_xAjcdks15b3lBi5igjZoLonp6oHnTwtTwtEei_gZwhx0pKXm_xGMK1fK8hNhRNEAQ_sU9f9f-kMiNIdNvSTBblzrU5AA5oSmeTbfw82MpAB6ikvNaZeDDT6fr2mrt_JyuR-Sku1ZgEpSJ79FenWDeXtv98jlxno2fv3Wb1J0Z3V61EOZb99OSbg-Mu0RbXcUAW9uLZ9W4a_TW8nS_W-KYS-XV-2dnGm2ualSlI1IdwY9CRPvKz7OXMGXlOxcgfl4ImA-bZt3ZE2j46zAfCD_WB3fBjdwZ5GadIVNwIKz_SxNCcmFr-oCzK6lxl4kZK2lycDuA7lzTh6cu6BPFPsicjivNL6wO22VkgJX2r3GKLIKNwcZT2Oh_jmqBPzs049bxnMVP6nWRnqOd8-9oz4JTBcqZF2Vf6lugj3t7STFUIybb2_-kGthv_Sowd3ppKjacJa_qHdO8n0zkHqo_vu6ZzHjy1H9FKmsRX1kh8Rqr2-EfU9offHUUxSmhreP83tb6jxAEmypXIB7p0tCssm9TrgUA3MY0Orvm3xzQpn3d6eUjJfoxkHXNKQAWPjtUNej67j-UG_OKFtoUwZSVm9d1182GjtzVH81JCA&sai=AMfl-YQ28vHaWTh8WuZahFWhGtG_-ieN2oOdd0wv3Etwxc12qbEfkNIGRVHjv7QeXd9GNMx52YeAvuWUf4gdCtVrZuhdvgb2PrT6Lrxa9dOhlhglJMtWYfYwbQfp9GpSYSAN3WVBCie4A1Rp8pwGZJQTlQvYhxDcckz6iYKzUYi3Fr1BemZJ-B_2T3AhpVA9hmpUoZkjdNiGJ4wpxIEoNejgYYqzCQRxgCTRlw&sig=Cg0ArKJSzJAxlV-ciMJ0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=226&cbvp=1&cstd=215&cisv=r20220922.29275&adurl=
IP 142.250.74.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjstosSddHTW_krqM_GX652ibmBztdBXQ1a1ufgEir0fPtlNBV9mXNwjLjjKa9n1CzdRoOK5IJ8TyRPa-p2VlZR97DLVl_TkngttxFeFGTCBvFdoUN020XubezubtL8cO78me9V0I8DqEOPZizpdSSPbrlfawZ9qO0zexQd8t10u6HaG4lGvaCt44yIGmL4LWUeR05jYO8gaNWulEKkTlaYTBZOZf5L076AGNtMupHunVzWKNX_AYWnF7tdz8QiKfSgwujchD6G8J_MAHiaOnnghamZNSAMWCExW1DbTlZMiC-xulkHNxMMpFPKYtZuIFEGGEsw0_OnDG_HWC1LrclO05-6it48KsExoL8Y8FierphXX_Pg9XTttlMap8JyPXopTRcs38cRYuptA42kHJGtqom6wrNbCdEw1v-FyiGdOqF8DuHol0UPWBtXOJcODl8sRWhi366RyCcKpoq6letDgpcNbD1QIOdnPB2H9cTQL1r4b75Pyh9yRHV1Fz7Hm6SM_wDen_Rqaa58R7kCMvEAgMU7Zm07yalo6BeqZpNvOXgXyzLEyGO2NQYweJA76T6rrBmUmYlKI7HQzS5UN-E1_xAjcdks15b3lBi5igjZoLonp6oHnTwtTwtEei_gZwhx0pKXm_xGMK1fK8hNhRNEAQ_sU9f9f-kMiNIdNvSTBblzrU5AA5oSmeTbfw82MpAB6ikvNaZeDDT6fr2mrt_JyuR-Sku1ZgEpSJ79FenWDeXtv98jlxno2fv3Wb1J0Z3V61EOZb99OSbg-Mu0RbXcUAW9uLZ9W4a_TW8nS_W-KYS-XV-2dnGm2ualSlI1IdwY9CRPvKz7OXMGXlOxcgfl4ImA-bZt3ZE2j46zAfCD_WB3fBjdwZ5GadIVNwIKz_SxNCcmFr-oCzK6lxl4kZK2lycDuA7lzTh6cu6BPFPsicjivNL6wO22VkgJX2r3GKLIKNwcZT2Oh_jmqBPzs049bxnMVP6nWRnqOd8-9oz4JTBcqZF2Vf6lugj3t7STFUIybb2_-kGthv_Sowd3ppKjacJa_qHdO8n0zkHqo_vu6ZzHjy1H9FKmsRX1kh8Rqr2-EfU9offHUUxSmhreP83tb6jxAEmypXIB7p0tCssm9TrgUA3MY0Orvm3xzQpn3d6eUjJfoxkHXNKQAWPjtUNej67j-UG_OKFtoUwZSVm9d1182GjtzVH81JCA&sai=AMfl-YQ28vHaWTh8WuZahFWhGtG_-ieN2oOdd0wv3Etwxc12qbEfkNIGRVHjv7QeXd9GNMx52YeAvuWUf4gdCtVrZuhdvgb2PrT6Lrxa9dOhlhglJMtWYfYwbQfp9GpSYSAN3WVBCie4A1Rp8pwGZJQTlQvYhxDcckz6iYKzUYi3Fr1BemZJ-B_2T3AhpVA9hmpUoZkjdNiGJ4wpxIEoNejgYYqzCQRxgCTRlw&sig=Cg0ArKJSzJAxlV-ciMJ0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=226&cbvp=1&cstd=215&cisv=r20220922.29275&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://252ad1e02edb578e115e9a92d4df21dd.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Tue, 27 Sep 2022 06:38:46 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 27-Sep-2022 06:53:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 27 Sep 2022 06:38:46 GMT
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
216.58.211.1200 OK 62 kB URL HTTP/2 cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
IP 216.58.211.1:0
File type Unicode text, UTF-8 text, with very long lines (65008)
Hash bf366cc1f88f4d2cb9654365698fe3e5
3554f4f8528570d06195dc73d96fc8898ee08512
9626ccb6d3640578924aeb887a819b2476958e77f5e63fc2fde79b2d7dcf63cc
GET /rtv/012209072154000/amp4ads-v0.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moddroid.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 61518
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 16:55:17 GMT
expires: Mon, 25 Sep 2023 16:55:17 GMT
cache-control: public, max-age=31536000
etag: "b9e6b1d3ca7cc68d"
content-type: text/javascript; charset=UTF-8
age: 135809
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ceb9452c51c6a08f727da91bf4cf695d
156be228075e356b4955fd8d2f4377b9e972129b
189422671cc327b9561bebd204c762388ab264867b25e1c775a06e67e637925c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 06:38:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ceb9452c51c6a08f727da91bf4cf695d
156be228075e356b4955fd8d2f4377b9e972129b
189422671cc327b9561bebd204c762388ab264867b25e1c775a06e67e637925c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 06:38:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs
216.58.211.1200 OK 5.2 kB URL HTTP/2 cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs
IP 216.58.211.1:0
File type ASCII text, with very long lines (14666)
Hash e468bc1b3a06687142253099182b2d21
939089cf59e14fe6dcd5e753ea9eb54542df4943
fe82c415483ee4b5f5fc02b6a81c75c10512b65c311136d478719297f4ee714b
GET /rtv/012209072154000/v0/amp-ad-exit-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://moddroid.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 5208
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 13:32:39 GMT
expires: Mon, 25 Sep 2023 13:32:39 GMT
cache-control: public, max-age=31536000
etag: "dcaf3864e0ab6b08"
content-type: text/javascript; charset=UTF-8
age: 147967
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012209072154000/v0/amp-analytics-0.1.mjs
216.58.211.1200 OK 29 kB URL HTTP/2 cdn.ampproject.org/rtv/012209072154000/v0/amp-analytics-0.1.mjs
IP 216.58.211.1:0
File type ASCII text, with very long lines (65534)
Hash 683c857326f2cc41fbdc4ba630a5dd4e
2207d5c8899088720b9896a4f0ce827634984415
e964f72d34c48e45a1dd9aab8bfd24e24053eda6c36648e4f3b8565e98085fb5
GET /rtv/012209072154000/v0/amp-analytics-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://moddroid.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 28888
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 14:39:25 GMT
expires: Mon, 25 Sep 2023 14:39:25 GMT
cache-control: public, max-age=31536000
etag: "95b4b320f7966d1a"
content-type: text/javascript; charset=UTF-8
age: 143961
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012209072154000/v0/amp-fit-text-0.1.mjs
216.58.211.1200 OK 1.9 kB URL HTTP/2 cdn.ampproject.org/rtv/012209072154000/v0/amp-fit-text-0.1.mjs
IP 216.58.211.1:0
File type ASCII text, with very long lines (5021)
Hash 64105ac8f3dca672e20f9a7dd28f3d77
0de6bb98b01555550ab71e6faf9571cedbf07a6d
0eaa8bcd017f0557e4fc0f29704bd2168def09baf1114ea67599e2eb5a40cba3
GET /rtv/012209072154000/v0/amp-fit-text-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://moddroid.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 1908
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 19:13:21 GMT
expires: Mon, 25 Sep 2023 19:13:21 GMT
cache-control: public, max-age=31536000
etag: "5561dff7c028bd87"
content-type: text/javascript; charset=UTF-8
age: 127525
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012209072154000/v0/amp-form-0.1.mjs
216.58.211.1200 OK 13 kB URL HTTP/2 cdn.ampproject.org/rtv/012209072154000/v0/amp-form-0.1.mjs
IP 216.58.211.1:0
File type Unicode text, UTF-8 text, with very long lines (41068)
Hash fb71b18ff44f2393c0825ecef191f95f
ca095d2293e7752f0650cd9507d98a5a00f4b832
1516ec412dd12ec5b926bbc0cb607c6b19809f0617f485a156a15ff3a4804039
GET /rtv/012209072154000/v0/amp-form-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://moddroid.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 12958
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 12:25:48 GMT
expires: Mon, 25 Sep 2023 12:25:48 GMT
cache-control: public, max-age=31536000
etag: "00747b471d2f1a24"
content-type: text/javascript; charset=UTF-8
age: 151978
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ceb9452c51c6a08f727da91bf4cf695d
156be228075e356b4955fd8d2f4377b9e972129b
189422671cc327b9561bebd204c762388ab264867b25e1c775a06e67e637925c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 06:38:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/bodymovin/5.7.6/lottie.min.js
104.17.25.14200 OK 55 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/bodymovin/5.7.6/lottie.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (65109)
Hash 123db8daf887ebb15cae173792be85e7
038d62ffe71a08703cdcea5f204a17228d72deaf
c947d54cebd31ce624bcbc7a198b3caef0a3d314543cd8d7dd7d1c0e4630ecf8
GET /ajax/libs/bodymovin/5.7.6/lottie.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 06:38:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 54976
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6003a8bd-3ffb4"
last-modified: Sun, 17 Jan 2021 03:02:21 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 2898671
expires: Sun, 17 Sep 2023 06:38:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZwVHtbsfb7Kmgg9NF%2FFSBmKh0TtglYX72M85y%2BR%2BfQUido9sXyI3zSZYaYE%2BMCENobCclHMdZptfEVeAbrvq1QEoL1jbmDLS%2BLTpYpyzyLs%2B5qO0AP7ayGWhlGqrAnVX6sPz4t8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75123d067ae4b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
goomaphy.com/impression/pkXSna2glI3gYeeBXGK7x031Cfdvk079puTz6LfsY5NiKqRkBz4IX4oHzMNF8ZmjUnAKyOVCGd0PaAz9CkRh8utP9RCzePBCCeNajlBF1OfQjKuWMgyuAOk-eMbzII3WcCTDk96SiH7-jtSl1W15mCkz3OdTA2yiXN0itgVpNU0nUD5geLjV8gD3imZJW6_pQQdOpdjnjc127Vba1oiH4jXDj_iM87-OJCq2aOu8XP7g5OmwEwVpZZGmdnytxTxm5m8gpN63LjU6HOBfAa741D-3RVYTChvr0q5uWpqL2CTiw1pdFZrGMAKlzL61gVmGEYIwMlKX4goBSg44GP7xIOvh49MsIWARn8N-IbNHTl3pwdarMCjEiONFZkhmUXVJ8k-L2piawGsHFvtY0uQkw1Cj14dsWrC1Q0ZriHWipFeGLH5flf5idrAvWJHk-WiEmgWDkOPhWoQRrfrIdysYD649tgKYn-BzlKWuHp43nMyJkL0awCq0j-0_nYYQxbCGEY7yl01hSANtYmzYqSeDBv-dN9a2ZcyDyGm1jwK7blX8pTihYvodwM3zYF4jNF1wTBvmJqgs5SJc0BU_UHuRd39Mak4=?_z=5331011&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=8&pl=https%3A%2F%2Fmoddroid.co%2Fgames%2Fsports%2Fwrestling-empire%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 43 B URL HTTP/2 goomaphy.com/impression/pkXSna2glI3gYeeBXGK7x031Cfdvk079puTz6LfsY5NiKqRkBz4IX4oHzMNF8ZmjUnAKyOVCGd0PaAz9CkRh8utP9RCzePBCCeNajlBF1OfQjKuWMgyuAOk-eMbzII3WcCTDk96SiH7-jtSl1W15mCkz3OdTA2yiXN0itgVpNU0nUD5geLjV8gD3imZJW6_pQQdOpdjnjc127Vba1oiH4jXDj_iM87-OJCq2aOu8XP7g5OmwEwVpZZGmdnytxTxm5m8gpN63LjU6HOBfAa741D-3RVYTChvr0q5uWpqL2CTiw1pdFZrGMAKlzL61gVmGEYIwMlKX4goBSg44GP7xIOvh49MsIWARn8N-IbNHTl3pwdarMCjEiONFZkhmUXVJ8k-L2piawGsHFvtY0uQkw1Cj14dsWrC1Q0ZriHWipFeGLH5flf5idrAvWJHk-WiEmgWDkOPhWoQRrfrIdysYD649tgKYn-BzlKWuHp43nMyJkL0awCq0j-0_nYYQxbCGEY7yl01hSANtYmzYqSeDBv-dN9a2ZcyDyGm1jwK7blX8pTihYvodwM3zYF4jNF1wTBvmJqgs5SJc0BU_UHuRd39Mak4=?_z=5331011&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=8&pl=https%3A%2F%2Fmoddroid.co%2Fgames%2Fsports%2Fwrestling-empire%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer Verdict Alert quad9 Sinkholed
GET /impression/pkXSna2glI3gYeeBXGK7x031Cfdvk079puTz6LfsY5NiKqRkBz4IX4oHzMNF8ZmjUnAKyOVCGd0PaAz9CkRh8utP9RCzePBCCeNajlBF1OfQjKuWMgyuAOk-eMbzII3WcCTDk96SiH7-jtSl1W15mCkz3OdTA2yiXN0itgVpNU0nUD5geLjV8gD3imZJW6_pQQdOpdjnjc127Vba1oiH4jXDj_iM87-OJCq2aOu8XP7g5OmwEwVpZZGmdnytxTxm5m8gpN63LjU6HOBfAa741D-3RVYTChvr0q5uWpqL2CTiw1pdFZrGMAKlzL61gVmGEYIwMlKX4goBSg44GP7xIOvh49MsIWARn8N-IbNHTl3pwdarMCjEiONFZkhmUXVJ8k-L2piawGsHFvtY0uQkw1Cj14dsWrC1Q0ZriHWipFeGLH5flf5idrAvWJHk-WiEmgWDkOPhWoQRrfrIdysYD649tgKYn-BzlKWuHp43nMyJkL0awCq0j-0_nYYQxbCGEY7yl01hSANtYmzYqSeDBv-dN9a2ZcyDyGm1jwK7blX8pTihYvodwM3zYF4jNF1wTBvmJqgs5SJc0BU_UHuRd39Mak4=?_z=5331011&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=8&pl=https%3A%2F%2Fmoddroid.co%2Fgames%2Fsports%2Fwrestling-empire%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moddroid.co/
Cookie: OAID=7dfbdd87547e49348c98956ccd0b92e9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 06:38:48 GMT
content-type: image/gif
content-length: 43
x-trace-id: 3152d96f1a47e5ba6f1b79c6034274f5
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 06:38:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 06:38:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type gzip compressed data, max compression\012- data
Hash 3c74d4f5cfa54e017d9f7e8a2dc9044e
b5884c0de90de3eb1665625cfe24e3e3e4509aa1
c3d9b400c1dabc9958c0c59ed97077eb0eab3a527010b3c2ca452537231abff7
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://moddroid.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 471881
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://moddroid.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 471881
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 06:38:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
my.rtmark.net/gid.js?pub=0&userId=9283621d5e5b404aaf9e2bd4b84ce47e&zoneId=5234444&checkDuplicate=true&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=9283621d5e5b404aaf9e2bd4b84ce47e&zoneId=5234444&checkDuplicate=true&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash d253dd7a4a7d308fe93e19d03a8672d6
32236b7b31fc403f88aa9d8496581c8008a6d7b1
ac175b3040e79da45c82cd7d73d0731ce55f15a2a77848bbc6521fcb4e783724
GET /gid.js?pub=0&userId=9283621d5e5b404aaf9e2bd4b84ce47e&zoneId=5234444&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://moddroid.co/
Origin: https://moddroid.co
Connection: keep-alive
Cookie: ID=7dfbdd87547e49348c98956ccd0b92e9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 06:38:50 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://moddroid.co
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=7dfbdd87547e49348c98956ccd0b92e9; expires=Wed, 27 Sep 2023 06:38:50 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
propu.sh/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Phishing
POST /custom HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://moddroid.co/
Content-Type: application/json
Origin: https://moddroid.co
Content-Length: 397
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 06:38:50 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 71e0fce50d4d5e1921bb4b47c91de920
access-control-allow-origin: https://moddroid.co
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
goomaphy.com/400/5331011
139.45.197.239200 OK 0 B IP 139.45.197.239:0
Analyzer Verdict Alert quad9 Sinkholed
GET /400/5331011 HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moddroid.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 06:38:43 GMT
content-type: application/javascript
x-trace-id: c6e2e915b6a97496e8c169d0a4781c20
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=37f19435470c404cb7f32aa98962a553; expires=Wed, 27 Sep 2023 06:38:43 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
104.21.84.149200 OK 0 B IP 104.21.84.149:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moddroid.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 06:38:43 GMT
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2955
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cyCVbYZ1NDX0gIRhhxrL24tql4TbxqcCv5hPRZQyQJrjdjmbcBhQrlBpzFQtldOZrEguv%2F5E3Lwr1%2Fjm%2BhkDIsWxyba2jlWbBnH%2FZozLB4fbtRva8MUOptRtX%2Bb7UA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75123cf45f23b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
goomaphy.com/500/5331011?excludes=&oaid=7dfbdd87547e49348c98956ccd0b92e9&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fmoddroid.co%2Fgames%2Fsports%2Fwrestling-empire%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 0 B URL HTTP/2 goomaphy.com/500/5331011?excludes=&oaid=7dfbdd87547e49348c98956ccd0b92e9&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fmoddroid.co%2Fgames%2Fsports%2Fwrestling-empire%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5331011?excludes=&oaid=7dfbdd87547e49348c98956ccd0b92e9&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fmoddroid.co%2Fgames%2Fsports%2Fwrestling-empire%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://moddroid.co
Connection: keep-alive
Referer: https://moddroid.co/
Cookie: OAID=37f19435470c404cb7f32aa98962a553
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 06:38:44 GMT
content-type: application/javascript
x-trace-id: c50445c0207cba292a139cdecd36976a
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://moddroid.co
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=7dfbdd87547e49348c98956ccd0b92e9; expires=Wed, 27 Sep 2023 06:38:44 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
1558334541.rsc.cdn77.org/nfs/20220713/etp.min.js
185.76.9.24200 OK 0 B URL HTTP/2 1558334541.rsc.cdn77.org/nfs/20220713/etp.min.js
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /nfs/20220713/etp.min.js HTTP/1.1
Host: 1558334541.rsc.cdn77.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://moddroid.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 06:38:43 GMT
content-type: application/javascript
x-amz-id-2: hvdUbfxrrcARK+CUv9SPrhpgAamtVVfwyTZCcF/EzEFTF7PgJQ9OjzMeFsQIwReeSBMSWm0dlPY=
x-amz-request-id: P7PEKPR45FAYEK1N
last-modified: Wed, 13 Jul 2022 11:46:22 GMT
etag: W/"4a6d92884e34440513ee02b5dee9a0cb"
x-accel-expires: @1665030237
server: CDN77-Turbo
x-77-nzt: AblMCRTJL+X/FhQEAA
x-77-nzt-ray: RkarQ+6K7Sk
x-cache: HIT
x-age: 267286
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
propu.sh/pfe/current/universal.min.js?v=3.1.395
139.45.197.250200 OK 0 B URL HTTP/2 propu.sh/pfe/current/universal.min.js?v=3.1.395
IP 139.45.197.250:0
Analyzer Verdict Alert fortinet Phishing
GET /pfe/current/universal.min.js?v=3.1.395 HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://moddroid.co/
Origin: https://moddroid.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 06:38:43 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 07:25:49 GMT
etag: W/"63296afd-1fafa"
access-control-allow-origin: https://moddroid.co
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2