r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13431
Expires: Sun, 04 Dec 2022 14:54:50 GMT
Date: Sun, 04 Dec 2022 11:10:59 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 542
Cache-Control: max-age=170960
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:10:59 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 10:40:19 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5852
Expires: Sun, 04 Dec 2022 12:48:31 GMT
Date: Sun, 04 Dec 2022 11:10:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 10:20:05 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3054
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 3I4801bxtqHaDTmrwiPomRY7Jv/GElD5NiUdmmyh/H11YiMFoo8Au5Hq55fRg3q1pHYny7+AwG0=
x-amz-request-id: ZHXKBC41ZSG8E836
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 10:46:57 GMT
age: 1442
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:10:59 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
babylon.krd/
128.199.109.155301 Moved Permanently 162 B IP 128.199.109.155:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET / HTTP/1.1
Host: babylon.krd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 04 Dec 2022 11:10:59 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://babylon.krd/
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 11:08:58 GMT
cache-control: public,max-age=3600
age: 121
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 527
Cache-Control: max-age=165879
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:10:59 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:15:38 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e769019d67e1070c413742cfb48ee318
63be6ed767789af87938ff1cc45595623defdbe5
2ff8bd5850a26fe6c7975859b16c471795f5e8df77531766a96f15e523935532
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2FF8BD5850A26FE6C7975859B16C471795F5E8DF77531766A96F15E523935532"
Last-Modified: Sun, 04 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21564
Expires: Sun, 04 Dec 2022 17:10:23 GMT
Date: Sun, 04 Dec 2022 11:10:59 GMT
Connection: keep-alive
push.services.mozilla.com/
52.38.198.114101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.198.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rdyBbFVyT6On4R+EuIcrGA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4PfJu3sDGnZwLbpyPd3l3DHu9WM=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 90b644117a02d139f5251fb89349e0ba
8c4b70e474a725b4a290beab9b032baf07d40838
1da558a7c1c27d898ef026ae9cc5547d73288d2722bf1334a8325c38a82892dc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DA558A7C1C27D898EF026AE9CC5547D73288D2722BF1334A8325C38A82892DC"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6608
Expires: Sun, 04 Dec 2022 13:01:08 GMT
Date: Sun, 04 Dec 2022 11:11:00 GMT
Connection: keep-alive
news.weatherplllatform.com/counter.js?v=00.99
89.22.228.250200 OK 1.5 kB URL HTTP/1.1 news.weatherplllatform.com/counter.js?v=00.99
IP 89.22.228.250:0
File type ASCII text, with very long lines (4140), with no line terminators
Hash 8ecb46e68d7ee2b249a6f0bd4ecabc88
e0d5a9f07ca629f4c4ac7154095bd419826ed245
16f62d801d81aa35dcebf8da2b88904663904c38d6ae8830be4f5db1d66bd22f
Analyzer Verdict Alert fortinet Malware
GET /counter.js?v=00.99 HTTP/1.1
Host: news.weatherplllatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://babylon.krd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 11:11:00 GMT
Content-Type: application/javascript
Last-Modified: Fri, 25 Nov 2022 04:49:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"63804953-102c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cace6a87c117226e76c6a1cbc0029f8f
cd04a9e73ef329f4bb491e75ccc0ec70ec8ce59b
d1bfdfbf3ef653ea3390c19eec547211d10a5f3fb92062afe37c58dcdab3220b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D1BFDFBF3EF653EA3390C19EEC547211D10A5F3FB92062AFE37C58DCDAB3220B"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3841
Expires: Sun, 04 Dec 2022 12:15:02 GMT
Date: Sun, 04 Dec 2022 11:11:01 GMT
Connection: keep-alive
js.interestmoments.com/scripts/count.js
193.169.194.63200 OK 1.7 kB URL HTTP/1.1 js.interestmoments.com/scripts/count.js
IP 193.169.194.63:0
ASN #50321 FOP Reznichenko Sergey Mykolayovich
File type ASCII text, with very long lines (4587), with no line terminators
Hash 604404f904668bba5c2412748523a5b2
fb364d5fdabc9781a35d270f72502c3329bd7e43
cf4051550888255f110d596d59a1ecf8c5c961c32322d844604c6affc2f6f9fe
Analyzer Verdict Alert fortinet Malware
GET /scripts/count.js HTTP/1.1
Host: js.interestmoments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://babylon.krd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 11:11:01 GMT
Content-Type: application/javascript
Last-Modified: Fri, 25 Nov 2022 05:06:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63804d4a-11eb"
Expires: Wed, 14 Dec 2022 11:11:01 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11409
Expires: Sun, 04 Dec 2022 14:21:10 GMT
Date: Sun, 04 Dec 2022 11:11:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11409
Expires: Sun, 04 Dec 2022 14:21:10 GMT
Date: Sun, 04 Dec 2022 11:11:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11409
Expires: Sun, 04 Dec 2022 14:21:10 GMT
Date: Sun, 04 Dec 2022 11:11:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11409
Expires: Sun, 04 Dec 2022 14:21:10 GMT
Date: Sun, 04 Dec 2022 11:11:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11409
Expires: Sun, 04 Dec 2022 14:21:10 GMT
Date: Sun, 04 Dec 2022 11:11:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14dcca2a9c4792d835ee709bcd947402
1d702df3a64258628f4124eafd580695f2d350af
da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KHd4ajJWl-8TDH5HGbkuJXI4NL6I83IwSUBKzfq85cxpyRH_LGl6OA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 05:55:20 GMT
age: 18941
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JuY0xcLDiERwrVhq33d4PP64liDqFfk9bc9xX1H62o0tOwrt1ek7Pg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:42:39 GMT
age: 48502
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a6e7b32ac999cf3c899a234c621fa91a
fc5d4f3163ebb9faf85968cbb1d194e8e68418be
f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8989
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltl4Gk2oAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PFl7VUrzRkMFNnTiIw_cbGCyrEFn43eUSlZfT0nUhUmjjyXT7JfjMA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:01 GMT
age: 48060
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 48420
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2636f91bb8fa4d9bb7bef114c248a9ae
8637105f41058bc0d2b259d462b560881928adb6
3d93fd8fcf1af31d00ccbd453142dbea5f2b91d7f58373095943ed40a31ed1f7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10431
x-amzn-requestid: f79ab5e7-8c1b-4827-a531-aaa19c1d80aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsCGEwxIAMF34g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc073-6358d2950955884c470c0a89;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PQ7xh995cd1UVi3z42EVZGjQjHLLvtAP5BBC-xLEEGr4mEiXS6fC-w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:47:06 GMT
age: 48235
etag: "8637105f41058bc0d2b259d462b560881928adb6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vNP2rQwmWTntetjJyjonO8N_YOBqvQuZUm42BWX7c1GoX7jASOIpCg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:49:42 GMT
age: 48079
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 35cb5758976ba34e20ed33bd12dd9f06
e73d05e3ea7431886fd64122d2a7ac7efcf22431
b028520ee5d25287bcd9e1c6d8f63853ba157cc61073a72b2fba07468c9dc5e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B028520EE5D25287BCD9E1C6D8F63853BA157CC61073A72B2FBA07468C9DC5E9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12029
Expires: Sun, 04 Dec 2022 14:31:30 GMT
Date: Sun, 04 Dec 2022 11:11:01 GMT
Connection: keep-alive
long.interestmoments.com/go/away.php?id=9689546-75-934597645&pid=2324&lid=7933345&from=google
193.169.194.63302 Found 0 B URL HTTP/1.1 long.interestmoments.com/go/away.php?id=9689546-75-934597645&pid=2324&lid=7933345&from=google
IP 193.169.194.63:0
ASN #50321 FOP Reznichenko Sergey Mykolayovich
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/away.php?id=9689546-75-934597645&pid=2324&lid=7933345&from=google HTTP/1.1
Host: long.interestmoments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://babylon.krd/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 04 Dec 2022 11:11:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://long.interestmoments.com/go/away.php?id=987730385-23-683234&pid=7856&lid=07882367658&jid=67852&from=sIIInisterjack
Access-Control-Allow-Origin: *
long.interestmoments.com/go/away.php?id=987730385-23-683234&pid=7856&lid=07882367658&jid=67852&from=sIIInisterjack
193.169.194.63200 OK 440 B URL HTTP/1.1 long.interestmoments.com/go/away.php?id=987730385-23-683234&pid=7856&lid=07882367658&jid=67852&from=sIIInisterjack
IP 193.169.194.63:0
ASN #50321 FOP Reznichenko Sergey Mykolayovich
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash d282386a919dab7821ecb8af2c2be991
cb29f509dd65f520b4b8d72ee0c2b560a2c360b0
6403ec35140c92ba51786815e1505a33606ae5e76f33d13e5f64ed83ff5c2179
GET /go/away.php?id=987730385-23-683234&pid=7856&lid=07882367658&jid=67852&from=sIIInisterjack HTTP/1.1
Host: long.interestmoments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://babylon.krd/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 11:11:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash ceb69951aae97778583595994840c7ed
2c2debbcf1f626091568af8c27ee225860838129
cba39dea395ea4656f9f079978ae18e6141f2603a40b43959509a96827dc541d
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 04 Dec 2022 11:11:02 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 04 Dec 2022 00:02:16 GMT
Expires: Mon, 05 Dec 2022 00:02:16 GMT
ETag: "2c2debbcf1f626091568af8c27ee225860838129"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
track.wargaming-aff.com/click?pid=1287&offer_id=32&ref_id=hqbonsihqkxv0gm4si27&sub1=EZ46HGBJ6R
35.204.100.195302 Found 0 B URL HTTP/2 track.wargaming-aff.com/click?pid=1287&offer_id=32&ref_id=hqbonsihqkxv0gm4si27&sub1=EZ46HGBJ6R
IP 35.204.100.195:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=1287&offer_id=32&ref_id=hqbonsihqkxv0gm4si27&sub1=EZ46HGBJ6R HTTP/1.1
Host: track.wargaming-aff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sun, 04 Dec 2022 11:11:04 GMT
content-length: 0
location: https://trck.wargaming.net/552jemmi/?t=1&pub_id=1287&xid=638c80489353aa0001bd6a57&xid_param1=EZ46HGBJ6R&xid_param_2=
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=638c80489353aa0001bd6a57; expires=Mon, 04 Dec 2023 11:11:04 GMT; secure; SameSite=None
afoffers={"32":1670152264}; expires=Mon, 04 Dec 2023 11:11:04 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 28215a451067688f0994fec8d17ef4c9
0840c978eaee26e3b6cf350bbb7cef2c3c164bac
e715b62065f0d83eadd473701d53f134aa1b52c17ca9ab9ac8c962470b2237a3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5477
Cache-Control: max-age=86611
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:11:04 GMT
Etag: "638b1a36-1d7"
Expires: Mon, 05 Dec 2022 11:14:35 GMT
Last-Modified: Sat, 03 Dec 2022 09:43:18 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
trck.wargaming.net/552jemmi/?t=1&pub_id=1287&xid=638c80489353aa0001bd6a57&xid_param1=EZ46HGBJ6R&xid_param_2=
92.223.23.230301 Moved Permanently 22 B URL HTTP/1.1 trck.wargaming.net/552jemmi/?t=1&pub_id=1287&xid=638c80489353aa0001bd6a57&xid_param1=EZ46HGBJ6R&xid_param_2=
IP 92.223.23.230:0
ASN #199524 G-Core Labs S.A.
File type ASCII text, with no line terminators
Hash 0e0bf67572311f8a23814419ff24ee9a
78328dfc54708433cdfb3e7857e57f87ec443b08
c5f6c267ba4a2964fff5d304d4a1e79c371ce30d32eaf017b3bb40becccd58d2
GET /552jemmi/?t=1&pub_id=1287&xid=638c80489353aa0001bd6a57&xid_param1=EZ46HGBJ6R&xid_param_2= HTTP/1.1
Host: trck.wargaming.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: STIDREFERRAL=SIDnU20kuMbB9ApSoUMqQ0fMW86MQFaDZRV29M4CH-q2KQjXqU7gBJYWxfeUbGs_wkiJQQK7PM4IxfoPtddLgidadQhmH_b93CPMXBVoeUNoVOIoOsEq6xE9T2FdiQX-6_lY74-1Zty5oREDw; enctid=cosxlmb53lm3; teclient=1670146718292784233
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 04 Dec 2022 11:11:04 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 22
Connection: keep-alive
Location: https://promo.worldofwarships.eu/glows-44320/eu-no/?t=1&pub_id=1287&xid=638c80489353aa0001bd6a57&xid_param1=EZ46HGBJ6R&xid_param_2=&sid=SIDU14rw1qcwurRuQ5cXaL1aJM0JcdOD8GSm4wRyt7FpREQarJOW-ggmc3KoqJ1AwF5K-lU3y3ClMjEylEjWz2ECq_mSnRB2X78bsfqMeuBnfYpZ6_hvqnm3RX1mxuogsLTKhMDMpD_jzoRgw&enctid=coszke5dapxx&lpsn=WOWS+Marketing+LP+template+1+videobg+Bismarck&foris=1&teclient=1670146718292784233&utm_source=wlap&utm_medium=affiliate&utm_campaign=552jemmi&utm_content=1287
Set-Cookie: STIDREFERRAL=SIDU14rw1qcwurRuQ5cXaL1aJM0JcdOD8GSm4wRyt7FpREQarJOW-ggmc3KoqJ1AwF5K-lU3y3ClMjEylEjWz2ECq_mSnRB2X78bsfqMeuBnfYpZ6_hvqnm3RX1mxuogsLTKhMDMpD_jzoRgw; Domain=wargaming.net; Max-Age=2592000; Path=/; SameSite=None; Secure
enctid=coszke5dapxx; Domain=wargaming.net; Max-Age=2592000; Path=/; SameSite=None; Secure
teclient=1670146718292784233; Domain=wargaming.net; Max-Age=315360000; Path=/; SameSite=None; Secure
Cache-Control: no-cache
wows-landings-static.gcdn.co/glows-44320/src/images/wowsl_logo.png
92.223.97.97200 OK 10 kB URL HTTP/2 wows-landings-static.gcdn.co/glows-44320/src/images/wowsl_logo.png
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 749 x 299, 8-bit colormap, non-interlaced\012- data
Hash 4d9371a87a4f9a0d6a8792e0397aa303
1308b49f8614f0ab05e81698daf5bfc4a2498bf0
68ddcc9fad945493001c241d8de6fb9acdd436bc82bff503302dbffa64f4f5ed
GET /glows-44320/src/images/wowsl_logo.png HTTP/1.1
Host: wows-landings-static.gcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:11:04 GMT
content-type: image/png
content-length: 10514
last-modified: Mon, 05 Sep 2022 12:50:18 GMT
etag: "4d9371a87a4f9a0d6a8792e0397aa303"
x-amz-request-id: tx0000000000000004ebf02-00634fcd55-1b9e489e-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-02T14:51:51+00:00
x-id: sto5-up-gc14
accept-ranges: bytes
X-Firefox-Spdy: h2
wows-landings-static.gcdn.co/glows-44320/src/images/footer-logo.png
92.223.97.97200 OK 1.9 kB URL HTTP/2 wows-landings-static.gcdn.co/glows-44320/src/images/footer-logo.png
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 275 x 63, 8-bit colormap, non-interlaced\012- data
Hash 7ce94cd1324102c254e60ced58661dc3
b76e3b4e14cf98aa766788bc8cf4fbc97058fec0
fdd269a537d61d3fafbef167c6c7e22ae7707217427b506674f5f0d2f3caed48
GET /glows-44320/src/images/footer-logo.png HTTP/1.1
Host: wows-landings-static.gcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:11:04 GMT
content-type: image/png
content-length: 1939
last-modified: Mon, 05 Sep 2022 12:50:16 GMT
etag: "7ce94cd1324102c254e60ced58661dc3"
x-amz-request-id: tx0000000000000006ba333-00634fcd55-1b9bcafa-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-02T14:51:51+00:00
x-id: sto5-up-gc14
accept-ranges: bytes
X-Firefox-Spdy: h2
wows-landings-static.gcdn.co/glows-44320/src/images/bg_Bismarck.jpg
92.223.97.97200 OK 222 kB URL HTTP/2 wows-landings-static.gcdn.co/glows-44320/src/images/bg_Bismarck.jpg
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size 222 kB (222313 bytes)
Hash 177bc842cd3bd3962aaa68e91789bc2c
236420cc46bc9c18ea0b5b7655b91ac8b28a5244
5394fd7074550962369dfc22f26ae5a54d1897912579451b36796e1ce3f7abad
GET /glows-44320/src/images/bg_Bismarck.jpg HTTP/1.1
Host: wows-landings-static.gcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:11:04 GMT
content-type: image/jpeg
content-length: 222313
last-modified: Mon, 05 Sep 2022 12:50:16 GMT
etag: "177bc842cd3bd3962aaa68e91789bc2c"
x-amz-request-id: tx00000000000000049cb98-00634fcd55-1c7ab5d0-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-02T14:26:56+00:00
x-id: sto5-up-gc14
accept-ranges: bytes
X-Firefox-Spdy: h2
wows-landings-static.gcdn.co/global_static/age_ratings/v2/pegi_ext-violence.svg
92.223.97.97200 OK 18 kB URL HTTP/2 wows-landings-static.gcdn.co/global_static/age_ratings/v2/pegi_ext-violence.svg
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
Hash e98741f2734660f73f2369c0e44eb5e6
a87194548c2512b23b0fbc94b0707f0e26f18d8d
310eca0c37d709572b804c48fcb25dc5d3ffcda555f034de4158f6b97649054b
GET /global_static/age_ratings/v2/pegi_ext-violence.svg HTTP/1.1
Host: wows-landings-static.gcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:11:04 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Feb 2022 22:01:20 GMT
etag: W/"9a3e2c35d77bd8b96138310eeb6b7f7b"
x-amz-request-id: tx0000000000000007079bd-00635136d6-1c7ab5d0-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-03T16:24:28+00:00
x-id: sto5-up-gc14
content-encoding: gzip
X-Firefox-Spdy: h2
wows-landings-static.gcdn.co/glows-44320/src/fonts/robotocondensed-regular.woff
92.223.97.97200 OK 92 kB URL HTTP/2 wows-landings-static.gcdn.co/glows-44320/src/fonts/robotocondensed-regular.woff
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type Web Open Font Format, TrueType, length 92000, version 1.0\012- data
Hash 390bd5d824e087653e297bdd9b369153
98d3f9b6c56788ca8a31212c8edc71e476a97bec
b32cf642f870c95b900ad763b21c6278701e4a4de13ac6f28e2da2a891a1706b
GET /glows-44320/src/fonts/robotocondensed-regular.woff HTTP/1.1
Host: wows-landings-static.gcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Referer: https://wows-landings-static.gcdn.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:11:04 GMT
content-type: binary/octet-stream
content-length: 92000
last-modified: Mon, 05 Sep 2022 12:50:15 GMT
etag: "390bd5d824e087653e297bdd9b369153"
x-amz-request-id: tx000000000000000654ffd-00634fcd55-1c78286c-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-02T13:25:34+00:00
x-id: sto5-up-gc14
accept-ranges: bytes
X-Firefox-Spdy: h2
wows-landings-static.gcdn.co/glows-44320/src/fonts/robotocondensed-bold.woff
92.223.97.97200 OK 92 kB URL HTTP/2 wows-landings-static.gcdn.co/glows-44320/src/fonts/robotocondensed-bold.woff
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type Web Open Font Format, TrueType, length 92496, version 1.0\012- data
Hash fb69d9cc5aea733510b530ed221b75dc
86276b2f2dfb7b42dc1639730c0bec56aa709be4
3b063cd5ae1793c617df8450a6c4343f7493ad006a574d9c3e9f7e81be9578f8
GET /glows-44320/src/fonts/robotocondensed-bold.woff HTTP/1.1
Host: wows-landings-static.gcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Referer: https://wows-landings-static.gcdn.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:11:04 GMT
content-type: binary/octet-stream
content-length: 92496
last-modified: Mon, 05 Sep 2022 12:50:13 GMT
etag: "fb69d9cc5aea733510b530ed221b75dc"
x-amz-request-id: tx0000000000000006543ad-00634fcd55-1c6c35db-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-02T13:25:34+00:00
x-id: sto5-up-gc14
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 97c8535769bcda118e012fc9701f07b8
5a2ff0d75199dd550fe3970ecb84c16ee4f8ac70
b4cfb827f029ad07e1bb0988c5ae1108da93a25429972d67321c0e8bf43588a9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6151
Cache-Control: max-age=161452
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:11:04 GMT
Etag: "638c3bed-117"
Expires: Tue, 06 Dec 2022 08:01:56 GMT
Last-Modified: Sun, 04 Dec 2022 06:19:25 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 97c8535769bcda118e012fc9701f07b8
5a2ff0d75199dd550fe3970ecb84c16ee4f8ac70
b4cfb827f029ad07e1bb0988c5ae1108da93a25429972d67321c0e8bf43588a9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6151
Cache-Control: max-age=161452
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:11:04 GMT
Etag: "638c3bed-117"
Expires: Tue, 06 Dec 2022 08:01:56 GMT
Last-Modified: Sun, 04 Dec 2022 06:19:25 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
cdn.cookielaw.org/consent/68edbfbe-e009-4939-a55b-f4c65daa640b/OtAutoBlock.js
104.16.148.64200 OK 1.9 kB URL HTTP/2 cdn.cookielaw.org/consent/68edbfbe-e009-4939-a55b-f4c65daa640b/OtAutoBlock.js
IP 104.16.148.64:0
File type ASCII text, with very long lines (835)
Hash b00b992406de0267439d1368c0f3f2a3
82fca6bb4bb2c006415fdc311dad9681e73bda74
700beb542a377941732a2680ca40673c81c44667edbddf7b042190eb82a975ab
GET /consent/68edbfbe-e009-4939-a55b-f4c65daa640b/OtAutoBlock.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:11:04 GMT
content-type: application/x-javascript
content-length: 1931
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: sAuZJAbeAmdDnRNowPPyow==
last-modified: Fri, 25 Nov 2022 10:09:35 GMT
etag: 0x8DACECD27C13A68
x-ms-request-id: d93dc5c4-001e-00f7-5cb6-00fe0d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 3336
expires: Mon, 05 Dec 2022 11:11:04 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 774419673e6a0b69-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:11:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wows-landings-static.gcdn.co/glows-44320/src/videos/bismarckLP_05.webm
92.223.97.97206 Partial Content 1.1 MB URL HTTP/2 wows-landings-static.gcdn.co/glows-44320/src/videos/bismarckLP_05.webm
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type WebM\012- EBML file, creator webmB\20\012- data
Size 1.1 MB (1061022 bytes)
Hash 30f255709e9d3afa733a1ba016318492
eaa35eda336b9d90ec2f427b2c29f986db4720e0
1e8b9c55e1f8679225887958bce84b37bc997be2aba1e4706d07b53599bb7ce5
GET /glows-44320/src/videos/bismarckLP_05.webm HTTP/1.1
Host: wows-landings-static.gcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Sun, 04 Dec 2022 11:11:04 GMT
content-type: video/webm
content-length: 1061022
last-modified: Mon, 05 Sep 2022 12:50:36 GMT
etag: "30f255709e9d3afa733a1ba016318492"
x-amz-request-id: tx0000000000000006ba185-00634fcd55-1c7828d8-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-02T14:36:40+00:00
x-id: sto5-up-gc14
content-range: bytes 0-1061021/1061022
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/otSDKStub.js
104.16.148.64200 OK 7.2 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/otSDKStub.js
IP 104.16.148.64:0
File type ASCII text, with very long lines (21747)
Hash 6ca9058d9138dc07d9a378e6f20a8b7b
ff5f65ad24a8e2b3042cbb0136be7edb52215c1a
1561d36bd995a09ea69c243767e196dd2e76a2753b59b78ecbf999161904f86d
GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:11:04 GMT
content-type: application/javascript
content-length: 7151
content-encoding: gzip
content-md5: bKkFjZE43AfZo3jm8gqLew==
last-modified: Thu, 01 Dec 2022 17:06:29 GMT
etag: 0x8DAD3BE63D96CCA
x-ms-request-id: 62e7f211-c01e-010b-1be2-0586c7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 33689
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 774419675e810b69-OSL
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-58Z37MT
142.250.74.168200 OK 122 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-58Z37MT
IP 142.250.74.168:0
File type ASCII text, with very long lines (38867)
Size 122 kB (121572 bytes)
Hash 0b7e580a4b7b88d14ea5a73cd597af98
d34caf37b5e8e47ad836c24af3a0dfd609e80903
1d7bf6f88daf6c38a961b0e7e1549f3732646be8cf16e1bff6384e0d04d0e35a
GET /gtm.js?id=GTM-58Z37MT HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Dec 2022 11:11:04 GMT
expires: Sun, 04 Dec 2022 11:11:04 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 121572
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.cookielaw.org/consent/68edbfbe-e009-4939-a55b-f4c65daa640b/68edbfbe-e009-4939-a55b-f4c65daa640b.json
104.16.148.64200 OK 1.9 kB URL HTTP/2 cdn.cookielaw.org/consent/68edbfbe-e009-4939-a55b-f4c65daa640b/68edbfbe-e009-4939-a55b-f4c65daa640b.json
IP 104.16.148.64:0
File type JSON data\012- , ASCII text, with very long lines (5875), with no line terminators
Hash 23b49030e418c340a4d3b3c510f6558d
fd7f8e05f97e7bf21c83782409f6972b172121f1
0f1e442050ca65df6cbaa0371a5097b75cb8bd93d0a7df66dfb88c249ed86b71
GET /consent/68edbfbe-e009-4939-a55b-f4c65daa640b/68edbfbe-e009-4939-a55b-f4c65daa640b.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:11:04 GMT
content-type: application/x-javascript
content-length: 1898
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: I7SQMOQYw0Ck07PFEPZVjQ==
last-modified: Fri, 25 Nov 2022 10:09:39 GMT
etag: 0x8DACECD29F68FC0
x-ms-request-id: 22332b09-f01e-0147-73b6-0041d8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 2843
expires: Mon, 05 Dec 2022 11:11:04 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 774419681fa90b69-OSL
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/global_static/favicon/v2/apple-touch-icon-180x180.png
92.223.97.97200 OK 2.3 kB URL HTTP/2 promo-cdn.worldofwarships.com/global_static/favicon/v2/apple-touch-icon-180x180.png
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 687168d21b7e78dfb6175de97ae3d045
78081e22c1ea9e51a6cac8910d7ce01c319132e1
49f69cf7e37fda7051cd440048ecd5b2ab0973f106dc6e669959ee453b03e5d1
GET /global_static/favicon/v2/apple-touch-icon-180x180.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:11:04 GMT
content-type: image/png
content-length: 2326
last-modified: Mon, 05 Sep 2022 07:56:20 GMT
etag: "687168d21b7e78dfb6175de97ae3d045"
x-amz-request-id: tx0000000000000002a896d-00633fe0e6-1c4459fa-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-02T08:45:52+00:00
x-id: sto5-up-gc10
accept-ranges: bytes
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/global_static/favicon/v2/favicon-64x64.png
92.223.97.97200 OK 1.2 kB URL HTTP/2 promo-cdn.worldofwarships.com/global_static/favicon/v2/favicon-64x64.png
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash de30b29e8bbc72b7828734d5d781b9eb
9d5fb51148291180b45d9481b756eb7fc2d4a352
e47efd1c616db1a5564776f4be806183ee085c80d2d3722d3f8d5a06115e46ee
GET /global_static/favicon/v2/favicon-64x64.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:11:04 GMT
content-type: image/png
content-length: 1198
last-modified: Mon, 05 Sep 2022 07:56:21 GMT
etag: "de30b29e8bbc72b7828734d5d781b9eb"
x-amz-request-id: tx00000000000000080ac6e-00633fe0d1-1c4c0c09-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-02T08:23:27+00:00
x-id: sto5-up-gc12
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:11:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash a41bf6b29217a1e1191ca96f2bc75f61
acb6f834ceabced0acc9920627d152b7e07799f9
4b63fd037430b154edb6a86b3eea252844c8f2c6e9d58f0062ed59a53164c095
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 190
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:11:05 GMT
Last-Modified: Sun, 04 Dec 2022 11:07:55 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 278
cdn.cookielaw.org/scripttemplates/202211.1.0/otBannerSdk.js
104.16.148.64200 OK 94 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/202211.1.0/otBannerSdk.js
IP 104.16.148.64:0
File type ASCII text, with very long lines (65451)
Hash f6a491be9dc7f6ba1271f4faa9753179
e11e8e291ca6548f4933103088b8acd15af84191
6cf04708cbb25e9b7144e865deebd75bd4b2d42fa703299ba303a084d457b081
GET /scripttemplates/202211.1.0/otBannerSdk.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:11:05 GMT
content-type: application/javascript
content-length: 93485
content-encoding: gzip
content-md5: 9qSRvp3H9roScfT6qXUxeQ==
last-modified: Wed, 30 Nov 2022 07:37:09 GMT
etag: 0x8DAD2A5B0177E6D
x-ms-request-id: 7cacc22c-c01e-014f-273e-055aab000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 9187
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7744196989270b69-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:11:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/viewthroughconversion/1006839708/?random=1670152262846&cv=11&fst=1670152262846&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgbu0&gcs=G100&gcd=G100&u_w=1280&u_h=1024&label=H356CMb80IcDEJzPjOAD&hn=www.google.com&frm=0&url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-44320%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D638c80489353aa0001bd6a57%26xid_param1%3DEZ46HGBJ6R%26xid_param_2%3D%26sid%3DSIDU14rw1qcwurRuQ5cXaL1aJM0JcdOD8GSm4wRyt7FpREQarJOW-ggmc3KoqJ1AwF5K-lU3y3ClMjEylEjWz2ECq_mSnRB2X78bsfqMeuBnfYpZ6_hvqnm3RX1mxuogsLTKhMDMpD_jzoRgw%26enctid%3Dcoszke5dapxx%26lpsn%3DWOWS%2BMarketing%2BLP%2Btemplate%2B1%2Bvideobg%2BBismarck%26foris%3D1%26teclient%3D1670146718292784233%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D552jemmi%26utm_content%3D1287&tiba=World%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high&value=0&bttype=purchase&data=ads_data_redaction%3Dtrue&gcp=1&ct_cookie_present=1
142.250.74.162200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pagead/viewthroughconversion/1006839708/?random=1670152262846&cv=11&fst=1670152262846&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgbu0&gcs=G100&gcd=G100&u_w=1280&u_h=1024&label=H356CMb80IcDEJzPjOAD&hn=www.google.com&frm=0&url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-44320%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D638c80489353aa0001bd6a57%26xid_param1%3DEZ46HGBJ6R%26xid_param_2%3D%26sid%3DSIDU14rw1qcwurRuQ5cXaL1aJM0JcdOD8GSm4wRyt7FpREQarJOW-ggmc3KoqJ1AwF5K-lU3y3ClMjEylEjWz2ECq_mSnRB2X78bsfqMeuBnfYpZ6_hvqnm3RX1mxuogsLTKhMDMpD_jzoRgw%26enctid%3Dcoszke5dapxx%26lpsn%3DWOWS%2BMarketing%2BLP%2Btemplate%2B1%2Bvideobg%2BBismarck%26foris%3D1%26teclient%3D1670146718292784233%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D552jemmi%26utm_content%3D1287&tiba=World%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high&value=0&bttype=purchase&data=ads_data_redaction%3Dtrue&gcp=1&ct_cookie_present=1
IP 142.250.74.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/1006839708/?random=1670152262846&cv=11&fst=1670152262846&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgbu0&gcs=G100&gcd=G100&u_w=1280&u_h=1024&label=H356CMb80IcDEJzPjOAD&hn=www.google.com&frm=0&url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-44320%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D638c80489353aa0001bd6a57%26xid_param1%3DEZ46HGBJ6R%26xid_param_2%3D%26sid%3DSIDU14rw1qcwurRuQ5cXaL1aJM0JcdOD8GSm4wRyt7FpREQarJOW-ggmc3KoqJ1AwF5K-lU3y3ClMjEylEjWz2ECq_mSnRB2X78bsfqMeuBnfYpZ6_hvqnm3RX1mxuogsLTKhMDMpD_jzoRgw%26enctid%3Dcoszke5dapxx%26lpsn%3DWOWS%2BMarketing%2BLP%2Btemplate%2B1%2Bvideobg%2BBismarck%26foris%3D1%26teclient%3D1670146718292784233%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D552jemmi%26utm_content%3D1287&tiba=World%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high&value=0&bttype=purchase&data=ads_data_redaction%3Dtrue&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 11:11:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.cookielaw.org/consent/68edbfbe-e009-4939-a55b-f4c65daa640b/ad5c42f4-14cd-4309-be4a-e049aeb7b78d/en.json
104.16.148.64200 OK 12 kB URL HTTP/2 cdn.cookielaw.org/consent/68edbfbe-e009-4939-a55b-f4c65daa640b/ad5c42f4-14cd-4309-be4a-e049aeb7b78d/en.json
IP 104.16.148.64:0
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (48198), with no line terminators
Hash b423017d2eccc05cb5e3921d36eeb535
b989dd503a71fa6a448860a5d59c28bbceee910b
b8aab8ba299a063e0e5faacea59d7cc56da466c0fd3b91a8d03480184eaf7495
GET /consent/68edbfbe-e009-4939-a55b-f4c65daa640b/ad5c42f4-14cd-4309-be4a-e049aeb7b78d/en.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:11:05 GMT
content-type: application/x-javascript
content-length: 11485
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: tCMBfS7MwFy145IdNu61NQ==
last-modified: Fri, 25 Nov 2022 10:09:21 GMT
etag: 0x8DACECD1F1475FC
x-ms-request-id: ba3e27e9-f01e-00e9-15b6-0024e0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 2580
expires: Mon, 05 Dec 2022 11:11:05 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7744196a19a90b69-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 11:11:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.cookielaw.org/scripttemplates/202211.1.0/assets/otCenterRounded.json
104.16.148.64200 OK 2.6 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/202211.1.0/assets/otCenterRounded.json
IP 104.16.148.64:0
File type JSON data\012- , ASCII text, with very long lines (7753)
Hash 688f5aef949a8982bda0771893cc67d3
c50441dea985350ab305848e2d87d6286adfda3c
da30c398b0e6646c44fc5a53e44371004a33267d6cd07404775ab6380979b058
GET /scripttemplates/202211.1.0/assets/otCenterRounded.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:11:05 GMT
content-type: application/json
content-length: 2639
content-encoding: gzip
content-md5: aI9a75SaiYK9oHcYk8xn0w==
last-modified: Wed, 30 Nov 2022 07:37:01 GMT
etag: 0x8DAD2A5AB6C83EE
x-ms-request-id: 448de741-101e-008e-32c9-049747000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 2580
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7744196a49cb0b69-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/202211.1.0/assets/v2/otPcCenter.json
104.16.148.64200 OK 12 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/202211.1.0/assets/v2/otPcCenter.json
IP 104.16.148.64:0
File type JSON data\012- , ASCII text, with very long lines (50353)
Hash 0cd2fb0fd730954ef2159520d96f1934
d2656260dfdac230479c8e7dc44444e9d5c8faf2
b821093423791675ca31c2d688b528b329737cca90ef62bc44f5c5b39423c8f6
GET /scripttemplates/202211.1.0/assets/v2/otPcCenter.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:11:05 GMT
content-type: application/json
content-length: 12540
content-encoding: gzip
content-md5: DNL7D9cwlU7yFZUg2W8ZNA==
last-modified: Wed, 30 Nov 2022 07:37:02 GMT
etag: 0x8DAD2A5AC58BC53
x-ms-request-id: fbcd2477-d01e-00ba-40c9-0438ef000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 2580
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7744196a49cd0b69-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/logos/04fe1919-d767-41dc-abd4-f409a111f829/d0c760aa-d1b6-44a8-964c-9ae294f365f3/40885536-3b1f-4688-b7c1-39913d45a61e/wg_logo_secondversion_white1r.png
104.16.148.64200 OK 13 kB URL HTTP/2 cdn.cookielaw.org/logos/04fe1919-d767-41dc-abd4-f409a111f829/d0c760aa-d1b6-44a8-964c-9ae294f365f3/40885536-3b1f-4688-b7c1-39913d45a61e/wg_logo_secondversion_white1r.png
IP 104.16.148.64:0
File type PNG image data, 1000 x 320, 8-bit/color RGBA, non-interlaced\012- data
Hash c90475872d8975dcc4b5ed7db6cc5e28
1e5a413845f5d501c174ae4940e1329a2575067f
e79eb16948cca42e0f7884fad7637fa6ec69117a07dbc04cc8b3ea7ebeaef719
GET /logos/04fe1919-d767-41dc-abd4-f409a111f829/d0c760aa-d1b6-44a8-964c-9ae294f365f3/40885536-3b1f-4688-b7c1-39913d45a61e/wg_logo_secondversion_white1r.png HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:11:05 GMT
content-type: image/png
content-length: 13003
content-md5: yQR1hy2JddzEte19tsxeKA==
last-modified: Fri, 02 Oct 2020 14:20:55 GMT
etag: 0x8D866DE604098C2
x-ms-request-id: 80efabc0-001e-0056-516d-c43096000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 9413
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7744196a8a010b69-OSL
X-Firefox-Spdy: h2
ade.googlesyndication.com/ddm/activity/src=10697551;type=pagev0;cat=allvi0;ord=3295226422546;gtm=2wgbu0;gcs=G100;u1=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-44320%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D638c80489353aa0001bd6a57%26xid_param1%3DEZ46HGBJ6R%26xid_param_2%3D%26sid%3DSIDU14rw1qcwurRuQ5cXaL1aJM0JcdOD8GSm4wRyt7FpREQarJOW-ggmc3KoqJ1AwF5K-lU3y3ClMjEylEjWz2ECq_mSnRB2X78bsfqMeuBnfYpZ6_hvqnm3RX1mxuogsLTKhMDMpD_jzoRgw%26enctid%3Dcoszke5dapxx%26lpsn%3DWOWS%2BMarketing%2BLP%2Btemplate%2B1%2Bvideobg%2BBismarck%26foris%3D1%26teclient%3D1670146718292784233%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D552jemmi%26utm_content%3D1287;~oref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-44320%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D638c80489353aa0001bd6a57%26xid_param1%3DEZ46HGBJ6R%26xid_param_2%3D%26sid%3DSIDU14rw1qcwurRuQ5cXaL1aJM0JcdOD8GSm4wRyt7FpREQarJOW-ggmc3KoqJ1AwF5K-lU3y3ClMjEylEjWz2ECq_mSnRB2X78bsfqMeuBnfYpZ6_hvqnm3RX1mxuogsLTKhMDMpD_jzoRgw%26enctid%3Dcoszke5dapxx%26lpsn%3DWOWS%2BMarketing%2BLP%2Btemplate%2B1%2Bvideobg%2BBismarck%26foris%3D1%26teclient%3D1670146718292784233%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D552jemmi%26utm_content%3D1287?
142.250.74.66200 OK 42 B URL HTTP/2 ade.googlesyndication.com/ddm/activity/src=10697551;type=pagev0;cat=allvi0;ord=3295226422546;gtm=2wgbu0;gcs=G100;u1=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-44320%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D638c80489353aa0001bd6a57%26xid_param1%3DEZ46HGBJ6R%26xid_param_2%3D%26sid%3DSIDU14rw1qcwurRuQ5cXaL1aJM0JcdOD8GSm4wRyt7FpREQarJOW-ggmc3KoqJ1AwF5K-lU3y3ClMjEylEjWz2ECq_mSnRB2X78bsfqMeuBnfYpZ6_hvqnm3RX1mxuogsLTKhMDMpD_jzoRgw%26enctid%3Dcoszke5dapxx%26lpsn%3DWOWS%2BMarketing%2BLP%2Btemplate%2B1%2Bvideobg%2BBismarck%26foris%3D1%26teclient%3D1670146718292784233%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D552jemmi%26utm_content%3D1287;~oref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-44320%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D638c80489353aa0001bd6a57%26xid_param1%3DEZ46HGBJ6R%26xid_param_2%3D%26sid%3DSIDU14rw1qcwurRuQ5cXaL1aJM0JcdOD8GSm4wRyt7FpREQarJOW-ggmc3KoqJ1AwF5K-lU3y3ClMjEylEjWz2ECq_mSnRB2X78bsfqMeuBnfYpZ6_hvqnm3RX1mxuogsLTKhMDMpD_jzoRgw%26enctid%3Dcoszke5dapxx%26lpsn%3DWOWS%2BMarketing%2BLP%2Btemplate%2B1%2Bvideobg%2BBismarck%26foris%3D1%26teclient%3D1670146718292784233%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D552jemmi%26utm_content%3D1287?
IP 142.250.74.66:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ddm/activity/src=10697551;type=pagev0;cat=allvi0;ord=3295226422546;gtm=2wgbu0;gcs=G100;u1=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-44320%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D638c80489353aa0001bd6a57%26xid_param1%3DEZ46HGBJ6R%26xid_param_2%3D%26sid%3DSIDU14rw1qcwurRuQ5cXaL1aJM0JcdOD8GSm4wRyt7FpREQarJOW-ggmc3KoqJ1AwF5K-lU3y3ClMjEylEjWz2ECq_mSnRB2X78bsfqMeuBnfYpZ6_hvqnm3RX1mxuogsLTKhMDMpD_jzoRgw%26enctid%3Dcoszke5dapxx%26lpsn%3DWOWS%2BMarketing%2BLP%2Btemplate%2B1%2Bvideobg%2BBismarck%26foris%3D1%26teclient%3D1670146718292784233%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D552jemmi%26utm_content%3D1287;~oref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-44320%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D638c80489353aa0001bd6a57%26xid_param1%3DEZ46HGBJ6R%26xid_param_2%3D%26sid%3DSIDU14rw1qcwurRuQ5cXaL1aJM0JcdOD8GSm4wRyt7FpREQarJOW-ggmc3KoqJ1AwF5K-lU3y3ClMjEylEjWz2ECq_mSnRB2X78bsfqMeuBnfYpZ6_hvqnm3RX1mxuogsLTKhMDMpD_jzoRgw%26enctid%3Dcoszke5dapxx%26lpsn%3DWOWS%2BMarketing%2BLP%2Btemplate%2B1%2Bvideobg%2BBismarck%26foris%3D1%26teclient%3D1670146718292784233%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D552jemmi%26utm_content%3D1287? HTTP/1.1
Host: ade.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 11:11:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ef13a87-7179-4643-9f9e-199878f42764.png
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ef13a87-7179-4643-9f9e-199878f42764.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 69411fa7c0f94e7179c2cf84b716e427
188edc080e8a683c3fdc2968ee1e6aae114d75d2
713514c9afaa1953e3387aa1d1b6203fe6387e007f9fb5347558b77dd72425e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ef13a87-7179-4643-9f9e-199878f42764.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6344
x-amzn-requestid: 1c11b153-5494-4656-ad96-33bc541f93f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cgaEAGmooAMFwlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6389a3b3-1984a9194065807d36f29532;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 07:05:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: u-fwrNiMISyKCpTg9HJ8TBjWLnM_Zg2KK1xrbzDXstjKATuex_Porg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 14:50:20 GMT
age: 73248
etag: "188edc080e8a683c3fdc2968ee1e6aae114d75d2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.cookielaw.org/logos/static/ot_guard_logo.svg
104.16.148.64200 OK 0 B URL HTTP/2 cdn.cookielaw.org/logos/static/ot_guard_logo.svg
IP 104.16.148.64:0
GET /logos/static/ot_guard_logo.svg HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:11:05 GMT
content-type: image/svg+xml
content-md5: tXyZydHjxQshFMbbBT1/8A==
last-modified: Thu, 01 Dec 2022 17:06:38 GMT
x-ms-request-id: a50b5e5d-301e-0055-3e5b-063391000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 3290
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7744196a8a030b69-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
wows-landings-static.gcdn.co/glows-44320/src/libs/aos.css
92.223.97.97200 OK 0 B URL HTTP/2 wows-landings-static.gcdn.co/glows-44320/src/libs/aos.css
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
GET /glows-44320/src/libs/aos.css HTTP/1.1
Host: wows-landings-static.gcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:11:04 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 02 Nov 2022 18:05:07 GMT
etag: W/"a6f0a9b1aea9999df9ed749e34d9430c"
x-amz-request-id: tx0000000000000020f9b40-006364f3f8-1c7e5de3-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-02T14:51:51+00:00
x-id: sto5-up-gc14
content-encoding: gzip
X-Firefox-Spdy: h2
wows-landings-static.gcdn.co/glows-44320/src/styles/style.css
92.223.97.97200 OK 0 B URL HTTP/2 wows-landings-static.gcdn.co/glows-44320/src/styles/style.css
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
GET /glows-44320/src/styles/style.css HTTP/1.1
Host: wows-landings-static.gcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:11:04 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 02 Nov 2022 18:05:07 GMT
etag: W/"de2d4160a749abb5dd03e860179fcd2e"
x-amz-request-id: tx000000000000002b9fe51-006364f3f8-1c6c35db-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-02T14:51:51+00:00
x-id: sto5-up-gc14
content-encoding: gzip
X-Firefox-Spdy: h2
wows-landings-static.gcdn.co/glows-44320/src/libs/oneTrustBanner.js
92.223.97.97200 OK 0 B URL HTTP/2 wows-landings-static.gcdn.co/glows-44320/src/libs/oneTrustBanner.js
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
GET /glows-44320/src/libs/oneTrustBanner.js HTTP/1.1
Host: wows-landings-static.gcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:11:04 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 02 Nov 2022 18:05:07 GMT
etag: W/"7ec3b6015c5487eb301fa7c905ea3f70"
x-amz-request-id: tx000000000000001dec597-006364f3f8-1c86523b-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-02T14:51:51+00:00
x-id: sto5-up-gc14
content-encoding: gzip
X-Firefox-Spdy: h2
wows-landings-static.gcdn.co/glows-44320/src/libs/jquery.fullpage.min.css
92.223.97.97200 OK 0 B URL HTTP/2 wows-landings-static.gcdn.co/glows-44320/src/libs/jquery.fullpage.min.css
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
GET /glows-44320/src/libs/jquery.fullpage.min.css HTTP/1.1
Host: wows-landings-static.gcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:11:04 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 02 Nov 2022 18:05:07 GMT
etag: W/"5325456f69c244978fdc17e4a370d845"
x-amz-request-id: tx000000000000001de9604-006364f3f8-1c8fb11d-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-02T14:51:51+00:00
x-id: sto5-up-gc14
content-encoding: gzip
X-Firefox-Spdy: h2
wows-landings-static.gcdn.co/global_static/age_ratings/v2/pegi_rating.svg
92.223.97.97200 OK 0 B URL HTTP/2 wows-landings-static.gcdn.co/global_static/age_ratings/v2/pegi_rating.svg
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
GET /global_static/age_ratings/v2/pegi_rating.svg HTTP/1.1
Host: wows-landings-static.gcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:11:04 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Feb 2022 22:01:21 GMT
etag: W/"207ef7e145ba483b342b96f8c2fbf72a"
x-amz-request-id: tx0000000000000006ba334-00634fcd55-1b9bcafa-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-02T14:51:51+00:00
x-id: sto5-up-gc14
content-encoding: gzip
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-46086/src/images/logo-hor.svg
92.223.97.97200 OK 0 B URL HTTP/2 promo-cdn.worldofwarships.com/glows-46086/src/images/logo-hor.svg
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
GET /glows-46086/src/images/logo-hor.svg HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:11:04 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 08:29:14 GMT
etag: W/"f37677b980c03bd3f2537e0ab36aa703"
x-amz-request-id: tx0000000000000001140f7-006384716b-1d0ab366-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-02T08:30:25+00:00
x-id: sto5-up-gc15
content-encoding: gzip
X-Firefox-Spdy: h2
geolocation.onetrust.com/cookieconsentpub/v1/geo/location
104.18.26.85200 OK 0 B URL HTTP/2 geolocation.onetrust.com/cookieconsentpub/v1/geo/location
IP 104.18.26.85:0
GET /cookieconsentpub/v1/geo/location HTTP/1.1
Host: geolocation.onetrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:11:05 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 77441968fa4d1c12-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/202211.1.0/assets/otCommonStyles.css
104.16.148.64200 OK 0 B URL HTTP/2 cdn.cookielaw.org/scripttemplates/202211.1.0/assets/otCommonStyles.css
IP 104.16.148.64:0
GET /scripttemplates/202211.1.0/assets/otCommonStyles.css HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 11:11:05 GMT
content-type: text/css
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
last-modified: Wed, 30 Nov 2022 07:37:14 GMT
x-ms-request-id: 35f86005-301e-00d6-78c9-04933c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 2580
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7744196a49d00b69-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
babylon.krd/
128.199.109.155500 Internal Server Error 0 B IP 128.199.109.155:0
ASN #14061 DIGITALOCEAN-ASN
GET / HTTP/1.1
Host: babylon.krd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 500 Internal Server Error
server: nginx
date: Sun, 04 Dec 2022 11:11:00 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
X-Firefox-Spdy: h2
wows-landings-static.gcdn.co/glows-44320/src/libs/jquery.min.js
92.223.97.97200 OK 0 B URL HTTP/2 wows-landings-static.gcdn.co/glows-44320/src/libs/jquery.min.js
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
GET /glows-44320/src/libs/jquery.min.js HTTP/1.1
Host: wows-landings-static.gcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:11:04 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 02 Nov 2022 18:05:07 GMT
etag: W/"8c92b37b8bd194a02ac7fc497b72b27a"
x-amz-request-id: tx00000000000000182ea81-006364f3f8-1bbb63a8-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-02T14:51:51+00:00
x-id: sto5-up-gc14
content-encoding: gzip
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-46086/src/images/logo-main.svg
92.223.97.97200 OK 0 B URL HTTP/2 promo-cdn.worldofwarships.com/glows-46086/src/images/logo-main.svg
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
GET /glows-46086/src/images/logo-main.svg HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:11:04 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 08:29:14 GMT
etag: W/"3205035293624ac8f4502ce6c888db9e"
x-amz-request-id: tx0000000000000001140f8-006384716b-1d0ab366-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-02T08:30:25+00:00
x-id: sto5-up-gc11
content-encoding: gzip
X-Firefox-Spdy: h2
thirawogla.com/bm3iVx0.Pj3upevvb/m/V_JqZ-DG0v0/NqTJcEylMqjNApwjLVTsQA1wNJzGIgy/MbDOEu
88.85.94.246200 OK 0 B URL HTTP/2 thirawogla.com/bm3iVx0.Pj3upevvb/m/V_JqZ-DG0v0/NqTJcEylMqjNApwjLVTsQA1wNJzGIgy/MbDOEu
IP 88.85.94.246:0
Analyzer Verdict Alert fortinet Phishing
GET /bm3iVx0.Pj3upevvb/m/V_JqZ-DG0v0/NqTJcEylMqjNApwjLVTsQA1wNJzGIgy/MbDOEu HTTP/1.1
Host: thirawogla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://long.interestmoments.com/
Cookie: kadCCap=220335:1:1670069673; kadACap=451724:1:1669565807; kadRPixJ=bnVsbA==; kadUnP3=CAEQndWxnAYaDQjzwZkBEAEY38CvnAYaDQik+JUCEAEYqfusnAYaDQiatZYCEAEY3rqsnAYaDQiEyJMCEAEYhpevnAYaDQioiJcCEAMYg8+snAYaDQjowJcCEAIYlbesnAYaDQi8ypcCEAEYu82vnAYaDQjOjpgCEAEYoZmtnAYiCggDEAsYlbesnAYqDAjoiCgQARjeuqycBioMCKSTKBADGIPPrJwGKgwI85ooEAIYlbesnAYqDAiknCgQARi7za+cBioMCLKlKBABGKGZrZwGKgwIhKclEAEYhpevnAYqDAiMvRIQARjfwK+cBioMCLWBKBABGKn7rJwG
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:11:02 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-frame-options: DENY
referrer-policy: no-referrer
p3p: CP="CUR ADM OUR NOR STA NID"
last-modified: Sun, 04 Dec 2022 11:11:02 GMT
set-cookie: kadCCap=221398:1:1670061406;222513:1:1670073505;212269:1:1667199062;219652:1:1669330335;219484:1:1667715065;219047:1:1667194435;132751:1:1669884292;194136:1:1669413157;222582:1:1669973958;218693:1:1669515516;220790:1:1668460505;199455:1:1668245056;215297:1:1669786163;220335:1:1670069673;222775:1:1669981400;79610:1:1669272875; max-age=1701688262; path=/
kadACap=451724:1:1669565807;451139:1:1669898733;419301:1:1669646033;419323:1:1669947125;190964:1:1669272875;449523:1:1670064003;445788:1:1669918420;446531:1:1669270846;346327:1:1670111327;419321:1:1669463839;419295:1:1669929223;442019:1:1669930720;450649:1:1670060949;419293:1:1669526430;445506:1:1669286676;419297:1:1670146717;407100:1:1668246232;410252:1:1669943525;453831:1:1669942034;446714:1:1669965428;445735:1:1669286676;424441:1:1669620569;401659:1:1669888795;419291:1:1670105990;419299:1:1669735589;419303:1:1669864662;444748:1:1669841678;383700:1:1670071496;446013:1:1668228435; max-age=1701688262; path=/
kadCSCap=222513:1:1670073505;220335:1:1670069673; path=/
kadASCap=419291:1:1670105990;346327:1:1670111327;383700:1:1670071496;419297:1:1670146717; path=/
kadRPixJ=bnVsbA==; max-age=1701688262; path=/
kadUnP3=CAIQndWxnAYaDQik+JUCEAEYqfusnAYaDQioiJcCEAEYxoCynAYaDQi8ypcCEAEYu82vnAYaDQjOjpgCEAEYoZmtnAYaDQjzwZkBEAEY38CvnAYaDQiEyJMCEAEYhpevnAYiCggDEAEYxoCynAYqDAikkygQARjGgLKcBioMCKScKBABGLvNr5wGKgwIsqUoEAEYoZmtnAYqDAiMvRIQARjfwK+cBioMCISnJRABGIaXr5wGKgwItYEoEAEYqfusnAY=; max-age=1701688262; path=/
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
wows-landings-static.gcdn.co/glows-44320/src/libs/jquery.fullpage.js
92.223.97.97200 OK 0 B URL HTTP/2 wows-landings-static.gcdn.co/glows-44320/src/libs/jquery.fullpage.js
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
GET /glows-44320/src/libs/jquery.fullpage.js HTTP/1.1
Host: wows-landings-static.gcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:11:04 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 02 Nov 2022 18:05:07 GMT
etag: W/"3dda1cb6b7c3b1c0f3eb0c52633455bf"
x-amz-request-id: tx0000000000000016dd4d7-006364f3f8-1bbb63a2-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-02T14:51:51+00:00
x-id: sto5-up-gc14
content-encoding: gzip
X-Firefox-Spdy: h2
wows-landings-static.gcdn.co/glows-44320/src/images/logo-main.svg
92.223.97.97200 OK 0 B URL HTTP/2 wows-landings-static.gcdn.co/glows-44320/src/images/logo-main.svg
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
GET /glows-44320/src/images/logo-main.svg HTTP/1.1
Host: wows-landings-static.gcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:11:04 GMT
content-type: image/svg+xml
last-modified: Mon, 05 Sep 2022 12:50:17 GMT
etag: W/"3205035293624ac8f4502ce6c888db9e"
x-amz-request-id: tx0000000000000004ebbae-00634fcd55-1c6f0575-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-02T14:51:51+00:00
x-id: sto5-up-gc14
content-encoding: gzip
X-Firefox-Spdy: h2
wows-landings-static.gcdn.co/glows-44320/src/libs/aos.js
92.223.97.97200 OK 0 B URL HTTP/2 wows-landings-static.gcdn.co/glows-44320/src/libs/aos.js
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
GET /glows-44320/src/libs/aos.js HTTP/1.1
Host: wows-landings-static.gcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:11:04 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 02 Nov 2022 18:05:07 GMT
etag: W/"e3b9e99ad931c062d98830bc140e2eac"
x-amz-request-id: tx0000000000000022e8634-006364f3f8-1c888e0e-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-02T14:51:51+00:00
x-id: sto5-up-gc14
content-encoding: gzip
X-Firefox-Spdy: h2
wows-landings-static.gcdn.co/global_static/age_ratings/v2/pegi_ext-in-game-purchases.svg
92.223.97.97200 OK 0 B URL HTTP/2 wows-landings-static.gcdn.co/global_static/age_ratings/v2/pegi_ext-in-game-purchases.svg
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
GET /global_static/age_ratings/v2/pegi_ext-in-game-purchases.svg HTTP/1.1
Host: wows-landings-static.gcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:11:04 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Feb 2022 22:01:20 GMT
etag: W/"635ea99325f08d75fd8f09201f998f50"
x-amz-request-id: tx0000000000000004ebbb0-00634fcd55-1c6f0575-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-02T14:51:51+00:00
x-id: sto5-up-gc14
content-encoding: gzip
X-Firefox-Spdy: h2
promo.worldofwarships.eu/glows-44320/eu-no/?t=1&pub_id=1287&xid=638c80489353aa0001bd6a57&xid_param1=EZ46HGBJ6R&xid_param_2=&sid=SIDU14rw1qcwurRuQ5cXaL1aJM0JcdOD8GSm4wRyt7FpREQarJOW-ggmc3KoqJ1AwF5K-lU3y3ClMjEylEjWz2ECq_mSnRB2X78bsfqMeuBnfYpZ6_hvqnm3RX1mxuogsLTKhMDMpD_jzoRgw&enctid=coszke5dapxx&lpsn=WOWS+Marketing+LP+template+1+videobg+Bismarck&foris=1&teclient=1670146718292784233&utm_source=wlap&utm_medium=affiliate&utm_campaign=552jemmi&utm_content=1287
92.223.97.97200 OK 0 B URL HTTP/2 promo.worldofwarships.eu/glows-44320/eu-no/?t=1&pub_id=1287&xid=638c80489353aa0001bd6a57&xid_param1=EZ46HGBJ6R&xid_param_2=&sid=SIDU14rw1qcwurRuQ5cXaL1aJM0JcdOD8GSm4wRyt7FpREQarJOW-ggmc3KoqJ1AwF5K-lU3y3ClMjEylEjWz2ECq_mSnRB2X78bsfqMeuBnfYpZ6_hvqnm3RX1mxuogsLTKhMDMpD_jzoRgw&enctid=coszke5dapxx&lpsn=WOWS+Marketing+LP+template+1+videobg+Bismarck&foris=1&teclient=1670146718292784233&utm_source=wlap&utm_medium=affiliate&utm_campaign=552jemmi&utm_content=1287
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
GET /glows-44320/eu-no/?t=1&pub_id=1287&xid=638c80489353aa0001bd6a57&xid_param1=EZ46HGBJ6R&xid_param_2=&sid=SIDU14rw1qcwurRuQ5cXaL1aJM0JcdOD8GSm4wRyt7FpREQarJOW-ggmc3KoqJ1AwF5K-lU3y3ClMjEylEjWz2ECq_mSnRB2X78bsfqMeuBnfYpZ6_hvqnm3RX1mxuogsLTKhMDMpD_jzoRgw&enctid=coszke5dapxx&lpsn=WOWS+Marketing+LP+template+1+videobg+Bismarck&foris=1&teclient=1670146718292784233&utm_source=wlap&utm_medium=affiliate&utm_campaign=552jemmi&utm_content=1287 HTTP/1.1
Host: promo.worldofwarships.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _gcl_au=1.1.1929935907.1670146717; _ym_uid=1670146717161400970; _ym_d=1670146717; OptanonConsent=isGpcEnabled=0&datestamp=Sun+Dec+04+2022+09%3A38%3A41+GMT%2B0000+(Coordinated+Universal+Time)&version=202211.1.0&isIABGlobal=false&hosts=&consentId=9d9b529e-75d7-4a83-94bf-b39a3305bbb9&interactionCount=1&landingPath=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-30078%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D638c6a9e90228f00019cc35e%26xid_param1%3DE0HHEGBJ6R%26xid_param_2%3D%26sid%3DSIDnU20kuMbB9ApSoUMqQ0fMW86MQFaDZRV29M4CH-q2KQjXqU7gBJYWxfeUbGs_wkiJQQK7PM4IxfoPtddLgidadQhmH_b93CPMXBVoeUNoVOIoOsEq6xE9T2FdiQX-6_lY74-1Zty5oREDw%26enctid%3Dcosxlmb53lm3%26lpsn%3DWOWS+Marketing+LP+template+1+bgYamato%26foris%3D1%26teclient%3D1670146718292784233%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D1qinif2a%26utm_content%3D1287&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0; _ym_isad=2; _ts_yjad=1670146718743
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:11:04 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 25 Nov 2022 17:46:00 GMT
etag: W/"f7f8f680dc4d30f561f5c06706af6995"
x-amz-request-id: tx00000000000000022930f-006385f933-1c2e3401-ed1
cache: HIT
x-cached-since: 2022-12-03T18:33:11+00:00
x-id: sto5-up-gc12
content-encoding: gzip
X-Firefox-Spdy: h2
wows-landings-static.gcdn.co/glows-44320/src/scripts/script.js
92.223.97.97200 OK 0 B URL HTTP/2 wows-landings-static.gcdn.co/glows-44320/src/scripts/script.js
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
GET /glows-44320/src/scripts/script.js HTTP/1.1
Host: wows-landings-static.gcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 11:11:04 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 02 Nov 2022 18:05:07 GMT
etag: W/"3cb68d72abbc3f8b97d1514fb13f5b88"
x-amz-request-id: tx000000000000001dec596-006364f3f8-1c86523b-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-02T14:51:51+00:00
x-id: sto5-up-gc14
content-encoding: gzip
X-Firefox-Spdy: h2