r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4841
Expires: Fri, 09 Dec 2022 06:02:35 GMT
Date: Fri, 09 Dec 2022 04:41:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2333
Expires: Fri, 09 Dec 2022 05:20:47 GMT
Date: Fri, 09 Dec 2022 04:41:54 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 04:08:17 GMT
content-type: application/json
age: 2017
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
mp48update.com/
64.90.37.168301 Moved Permanently 231 B IP 64.90.37.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6c68ab73ca9c166bafebeda9e25b17bf
fc4a25989bec9f1a80f4c5bf07adf8921b84f7ab
642936c4818e77a6fe33082701eb83601119e1d8cbe5e42ae56e9b3cea446c86
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: mp48update.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 04:41:54 GMT
Server: Apache
Location: https://mp48update.com/
Content-Length: 231
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21393
Expires: Fri, 09 Dec 2022 10:38:27 GMT
Date: Fri, 09 Dec 2022 04:41:54 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: AeUUgTeLubcBQMQeuu1XG92JIHADM+4dEGiPysYD4l74uhuDxvpsh+I/nTjpNAcbmGwdg1RZTOQ=
x-amz-request-id: 1M73Z5SNWRZH7X6J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 03:48:10 GMT
age: 3224
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:41:54 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 04:07:59 GMT
age: 2035
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6569
Cache-Control: max-age=108866
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:41:55 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 10:56:21 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.164.183.116101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.183.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OlJB3rv2Dse+Q1kIY2u6zw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fJv6wJ+3sNxJVGCiCQKVgfPYOEE=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5928
Expires: Fri, 09 Dec 2022 06:20:44 GMT
Date: Fri, 09 Dec 2022 04:41:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5928
Expires: Fri, 09 Dec 2022 06:20:44 GMT
Date: Fri, 09 Dec 2022 04:41:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5928
Expires: Fri, 09 Dec 2022 06:20:44 GMT
Date: Fri, 09 Dec 2022 04:41:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06514ce96ae21cb01f526a5febdcbeb4
ebb97e5b97f394e8c67098f55581d5329ce819a2
4099a2fb6ddc4feaa30f357a180d64aeb7c9fc73f115fc762d5fe5c221d2e89e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5169
x-amzn-requestid: 277a1b04-4e19-4313-8aac-5f9ab9076305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEdkFGrIAMFvHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb456-5b21edd57297665012d536cc;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: swNGUcNy2i0w9UGe-EJhwslE01TzTC3rrDhLhVVxHyhWMGSC1uq0mA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 07:01:14 GMT
age: 78042
etag: "ebb97e5b97f394e8c67098f55581d5329ce819a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F884d1162-4377-487f-a056-b21117ef5001.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F884d1162-4377-487f-a056-b21117ef5001.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9cb76c68a8cd472600106cc118067868
6cee6b1828c709f68b995197ca943a5c393f86fb
009d9ba19043b03b5aceeb80b69bf249f19a0a225bdbfef7ab8691669cb64130
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F884d1162-4377-487f-a056-b21117ef5001.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8204
x-amzn-requestid: cf54b5f8-ede8-49d5-aa56-5d9de98e3ab8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjtKfEiToAMFSXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af576-6ddfe35c0b31074d6a07076f;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:06:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UfqFAlLedF6ZkfbGXhyYDcvu0porNJb6LPaeQ8p4dqWqsFD6iRgWLw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 15:50:07 GMT
age: 46309
etag: "6cee6b1828c709f68b995197ca943a5c393f86fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eb00a2a503a690cee3e4dd729b5bc9bd
cfb1e5bcab2148a777889680e6e36b9d7e8917ec
7e4583ae78ab597639f53669ac2d67d1ebd26be3278c2fc3fc95af934178c116
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7960
x-amzn-requestid: beadd240-39d0-407d-a890-6a095657cac3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEd8HC0oAMFUag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb459-44d4f63c62f58684782ef14a;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yL-FrFYh-3PuCZCpCHYg--ebTS7wMmMQ7IE2mgimDVsKWFEtKC2gVQ==
via: 1.1 74aa91fe819001bcedd882694f52b436.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 05:44:09 GMT
age: 82667
etag: "cfb1e5bcab2148a777889680e6e36b9d7e8917ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7b1b2f1-0b18-4097-a282-a7ddd9b33b97.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7b1b2f1-0b18-4097-a282-a7ddd9b33b97.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3cb7655c8fe89a83f0096c51684aa21c
4946fcab2a99d926c45abaecf8f97b6214dee0cd
60a3066f2dcc2f696413ecec56ef1d0c1a9392f6845fac5c4319b8b9e02074fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7b1b2f1-0b18-4097-a282-a7ddd9b33b97.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6637
x-amzn-requestid: dfcef102-5fc6-4a59-bb21-ff0532c9fdda
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlg4GtVIAMFdTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb605-0c2f58da0ae148fb4d698ecc;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jQs6m8oGHeWNYbOnPM34f-YW75VuH0yNWU-TzoDMOkYcwGa9BfqBhA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:51:22 GMT
age: 24634
etag: "4946fcab2a99d926c45abaecf8f97b6214dee0cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c8ed2c5-144c-4fce-bb57-7d9918c1ab31.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c8ed2c5-144c-4fce-bb57-7d9918c1ab31.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 44ed82780732ed682ee46b2df52b3ca2
0b3fe77e142178561b28c93b94b1aea2e1c395a5
383da5ca2927044c69ff1d10b630fe3439ca48f1845031ef1b6607fcd054c54b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c8ed2c5-144c-4fce-bb57-7d9918c1ab31.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4049
x-amzn-requestid: dbde9a26-7609-43b7-a9a5-6e4d2f559989
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpwRFHIooAMFVmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d60d3-5f5131b8315a458d18cdc70f;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0hIxbSpQqCv6Ud-7HmBaRxkFrdLYrV-Lr2u3nIzd8jPXpQ8E7ahp1g==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 11:18:08 GMT
age: 62628
etag: "0b3fe77e142178561b28c93b94b1aea2e1c395a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45e0c1638ad919bde19731f7987ab064
1e492807c665e6e6b24ec6ce19035fdfc6f23b92
f0d3738ec8406958470c8fd152a02a123d7654c30f974c1df5c4977a380c2d62
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10205
x-amzn-requestid: c5704c7a-60c4-402b-8018-5885a8dae971
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F9BIAMF3ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-3e9573d900714e3250f43e17;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mLTL7L808-OguYGrl3FUvwmFmPQjBPRj7PVfgEheFHWg4g4skoBvOg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 18:05:28 GMT
age: 38188
etag: "1e492807c665e6e6b24ec6ce19035fdfc6f23b92"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4e3dc85fd71bdb106039966a96cdd02b
53d3487232ddcac30b53c224c94e63571633e5af
d0a3a292876b50c590a3fa6c04d3471a6fb726c54f57e75c21f2e1bd45424ace
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:41:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4e3dc85fd71bdb106039966a96cdd02b
53d3487232ddcac30b53c224c94e63571633e5af
d0a3a292876b50c590a3fa6c04d3471a6fb726c54f57e75c21f2e1bd45424ace
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:41:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 795e67bdfadc3c890a663080413b56b7
fdefde3befb6aceac3c337c34c8d738f5091908c
8375b55cfc13989b0cf96293b7bead2ce5811a993b3445da1776ca7015c36985
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:41:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ae930664787e0d63f247eaf2cdf5f067
7fd675ecd0e30262eb2f3cf9f87d983e32ed779e
08c61813373b17ee51fec317648c02ab60f6fd69a71b8fe89beba0d589390cd4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08C61813373B17EE51FEC317648C02AB60F6FD69A71B8FE89BEBA0D589390CD4"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4184
Expires: Fri, 09 Dec 2022 05:51:41 GMT
Date: Fri, 09 Dec 2022 04:41:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ae930664787e0d63f247eaf2cdf5f067
7fd675ecd0e30262eb2f3cf9f87d983e32ed779e
08c61813373b17ee51fec317648c02ab60f6fd69a71b8fe89beba0d589390cd4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08C61813373B17EE51FEC317648C02AB60F6FD69A71B8FE89BEBA0D589390CD4"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4184
Expires: Fri, 09 Dec 2022 05:51:41 GMT
Date: Fri, 09 Dec 2022 04:41:57 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=G-VS9R69MEY9
172.217.21.168200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-VS9R69MEY9
IP 172.217.21.168:0
File type ASCII text, with very long lines (22462)
Hash 0c719f5f3bfdebdd9195896798e7649b
68fe48353e5445e10c80e2f71c837887ff5064e7
0d7fc87cc8321c12aacbf3e8a6e45db7bbf5a24b59e3cf29bd764fc807d1905e
GET /gtag/js?id=G-VS9R69MEY9 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Dec 2022 04:41:57 GMT
expires: Fri, 09 Dec 2022 04:41:57 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76901
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4e3dc85fd71bdb106039966a96cdd02b
53d3487232ddcac30b53c224c94e63571633e5af
d0a3a292876b50c590a3fa6c04d3471a6fb726c54f57e75c21f2e1bd45424ace
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:41:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 795e67bdfadc3c890a663080413b56b7
fdefde3befb6aceac3c337c34c8d738f5091908c
8375b55cfc13989b0cf96293b7bead2ce5811a993b3445da1776ca7015c36985
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:41:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
way.specialblueitems.com/src/main.js?v=1.0.1
159.69.234.10200 OK 3.1 kB URL HTTP/1.1 way.specialblueitems.com/src/main.js?v=1.0.1
IP 159.69.234.10:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (9732), with no line terminators
Hash ee4886936efcd6c7fe2c0f50c46eb551
3f77bc1685ae4f90bee11c721d55f33df2ff0200
ff312b49979047eaad5715d1519775ef8409b9a2d4c436888ab7d06221889561
GET /src/main.js?v=1.0.1 HTTP/1.1
Host: way.specialblueitems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 04:41:57 GMT
Content-Type: application/javascript
Last-Modified: Wed, 07 Dec 2022 11:43:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63907c4f-2604"
Expires: Mon, 19 Dec 2022 04:41:57 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
way.specialblueitems.com/src/main.js?v=3.0.3
159.69.234.10200 OK 3.1 kB URL HTTP/1.1 way.specialblueitems.com/src/main.js?v=3.0.3
IP 159.69.234.10:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (9732), with no line terminators
Hash ee4886936efcd6c7fe2c0f50c46eb551
3f77bc1685ae4f90bee11c721d55f33df2ff0200
ff312b49979047eaad5715d1519775ef8409b9a2d4c436888ab7d06221889561
GET /src/main.js?v=3.0.3 HTTP/1.1
Host: way.specialblueitems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 04:41:57 GMT
Content-Type: application/javascript
Last-Modified: Wed, 07 Dec 2022 11:43:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63907c4f-2604"
Expires: Mon, 19 Dec 2022 04:41:57 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
way.specialblueitems.com/src/main.js?v=4.0.4
159.69.234.10200 OK 3.1 kB URL HTTP/1.1 way.specialblueitems.com/src/main.js?v=4.0.4
IP 159.69.234.10:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (9732), with no line terminators
Hash ee4886936efcd6c7fe2c0f50c46eb551
3f77bc1685ae4f90bee11c721d55f33df2ff0200
ff312b49979047eaad5715d1519775ef8409b9a2d4c436888ab7d06221889561
GET /src/main.js?v=4.0.4 HTTP/1.1
Host: way.specialblueitems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 04:41:57 GMT
Content-Type: application/javascript
Last-Modified: Wed, 07 Dec 2022 11:43:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63907c4f-2604"
Expires: Mon, 19 Dec 2022 04:41:57 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
mp48update.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=6ea45b81e47c58269b68289d05535e19
64.90.37.168200 OK 5.0 kB URL HTTP/2 mp48update.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=6ea45b81e47c58269b68289d05535e19
IP 64.90.37.168:0
File type ASCII text, with very long lines (37612), with no line terminators
Hash 09f3683c5bbd61c1e85570655cf3ed85
31f9e644bb1eee1559648e0f391db8c54cf58281
241f85fe3c3e0a3bc34da8b971e3234c8134b09860b798590b03d0bf32c4faa1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=6ea45b81e47c58269b68289d05535e19 HTTP/1.1
Host: mp48update.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 18 Aug 2022 08:30:08 GMT
etag: "92ec-5e67fca0b0179-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:57 GMT
content-encoding: gzip
content-length: 5030
content-type: text/css
X-Firefox-Spdy: h2
mp48update.com/wp-content/plugins/live-news/public/assets/css/general.css?ver=2.10
64.90.37.168200 OK 1.1 kB URL HTTP/2 mp48update.com/wp-content/plugins/live-news/public/assets/css/general.css?ver=2.10
IP 64.90.37.168:0
File type ASCII text, with CRLF line terminators
Hash 817e322d3bfa20f121fbead2c6fd6351
1a52eb464dabe927779d164cc81cb76bf4eb36b6
00617bafc42112bc18719a55cb0c9d9a69f385dca26ced8286842e6838569b5d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/live-news/public/assets/css/general.css?ver=2.10 HTTP/1.1
Host: mp48update.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 18 Aug 2022 19:24:52 GMT
etag: "1555-5e688ef8ad5cd-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:57 GMT
content-encoding: gzip
content-length: 1064
content-type: text/css
X-Firefox-Spdy: h2
mp48update.com/wp-includes/css/classic-themes.min.css?ver=1
64.90.37.168200 OK 189 B URL HTTP/2 mp48update.com/wp-includes/css/classic-themes.min.css?ver=1
IP 64.90.37.168:0
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: mp48update.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Wed, 02 Nov 2022 06:10:46 GMT
etag: "d9-5ec76b390c223-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:57 GMT
content-encoding: gzip
content-length: 189
content-type: text/css
X-Firefox-Spdy: h2
mp48update.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
64.90.37.168200 OK 4.2 kB URL HTTP/2 mp48update.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 64.90.37.168:0
File type ASCII text, with very long lines (11126)
Hash a65d5500f76589b8c41c6d1e8895c456
fc9b5b82c4a5c6973efcbca5f6ca01a5eb252a59
9cb0e5695834af1b05fa4e3699dc7be10857e491c8c511edb63ed7f337083d1d
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: mp48update.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
etag: "2bd8-5b45debe27b80-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:57 GMT
content-encoding: gzip
content-length: 4204
content-type: application/javascript
X-Firefox-Spdy: h2
mp48update.com/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/td-multipurpose.css?ver=6ea45b81e47c58269b68289d05535e19
64.90.37.168200 OK 2.0 kB URL HTTP/2 mp48update.com/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/td-multipurpose.css?ver=6ea45b81e47c58269b68289d05535e19
IP 64.90.37.168:0
File type ASCII text, with CRLF line terminators
Hash b8ed937799c607f24be4fcfbb3537683
9a8daf8e69865df8ccfa6cefa645a58c568a7bf5
8e0ceb73f3e18abbfd035206756fe2d2ea9af639ab4376cc8c308f9997df1a2a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/td-composer/assets/fonts/td-multipurpose/td-multipurpose.css?ver=6ea45b81e47c58269b68289d05535e19 HTTP/1.1
Host: mp48update.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 18 Aug 2022 08:29:58 GMT
etag: "2ee1-5e67fc970677d-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:57 GMT
content-encoding: gzip
content-length: 2049
content-type: text/css
X-Firefox-Spdy: h2
mp48update.com/wp-content/plugins/live-news/public/assets/js/general.js?ver=2.10
64.90.37.168200 OK 3.4 kB URL HTTP/2 mp48update.com/wp-content/plugins/live-news/public/assets/js/general.js?ver=2.10
IP 64.90.37.168:0
File type ASCII text, with very long lines (492), with CRLF line terminators
Hash 3732fc98011e5412492a4e3c40a2c9a8
c213eceb1d9dc1d6b061c75145a4540662692d82
d9993d5eafc162642e1984030bec2aaf4e75ef023b9f56ba0e725e2ea0dff088
GET /wp-content/plugins/live-news/public/assets/js/general.js?ver=2.10 HTTP/1.1
Host: mp48update.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 18 Aug 2022 19:24:52 GMT
etag: "3952-5e688ef8b04ad-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:57 GMT
content-encoding: gzip
content-length: 3436
content-type: application/javascript
X-Firefox-Spdy: h2
mp48update.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
64.90.37.168200 OK 13 kB URL HTTP/2 mp48update.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 64.90.37.168:0
File type ASCII text, with very long lines (47826)
Hash 230215725aaa95357dab4851af106ffd
d928b57aa7af333dfdda0bc97922463065bf0c1b
fe8f0af1002ddb91bc8baa0f8d743802e9b9c7dd444dd89267e22ba6d08ece5a
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: mp48update.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Wed, 16 Nov 2022 07:53:33 GMT
etag: "172a9-5ed91c4eedbcb-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:57 GMT
content-encoding: gzip
content-length: 12972
content-type: text/css
X-Firefox-Spdy: h2
mp48update.com/wp-content/uploads/2022/08/MP48-UPDATE-logo-01-150x150.png
64.90.37.168200 OK 10 kB URL HTTP/2 mp48update.com/wp-content/uploads/2022/08/MP48-UPDATE-logo-01-150x150.png
IP 64.90.37.168:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 3a23696dc78942d47d32d17a96e195e6
ba9e977635e3d76a84ae3fe7fe31f4d8309f24e8
62ea4849809a86cbfe7d2869a24f3238bbcd9538eb514dc1245a75f360bdecfe
GET /wp-content/uploads/2022/08/MP48-UPDATE-logo-01-150x150.png HTTP/1.1
Host: mp48update.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,User-Agent,Accept-Encoding
last-modified: Thu, 18 Aug 2022 18:55:47 GMT
etag: "287c-5e6888786b3ce"
accept-ranges: bytes
content-length: 10364
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:57 GMT
content-type: image/png
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6b8313f9e33695225653527e2d423cd7
f93d3c7e748b85edc6f0209e73813f13e5bf2070
9fbcb6376f48faf9fab6fada8876197456bb8c5c1c0b5c34b25dcfe323e18354
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4038
Cache-Control: max-age=164687
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:41:57 GMT
Etag: "63928d1e-1d7"
Expires: Sun, 11 Dec 2022 02:26:44 GMT
Last-Modified: Fri, 09 Dec 2022 01:19:26 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3f31c94fea4806f786455159f392a17f
d347623c7a3ceccaf48ed4098a94b5fa49e084f8
c78d68a22a585dd5043e0a73cecd07ac31d13f103477b416fb696267e708d9ce
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 115
Cache-Control: max-age=146695
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:41:57 GMT
Etag: "6392562a-1d7"
Expires: Sat, 10 Dec 2022 21:26:52 GMT
Last-Modified: Thu, 08 Dec 2022 21:24:58 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
mp48update.com/wp-content/uploads/2022/08/MP48-UPDATE-logo-01.png
64.90.37.168200 OK 175 kB URL HTTP/2 mp48update.com/wp-content/uploads/2022/08/MP48-UPDATE-logo-01.png
IP 64.90.37.168:0
File type PNG image data, 2084 x 887, 8-bit/color RGBA, interlaced\012- data
Size 175 kB (174772 bytes)
Hash 69b79ba5419444e9612670280cb95012
d7cde30d7c4fcec6bb7a05a5b8f682fb4e90c178
6119eff9db7a011706fe4ad16409a12db110887b6e10fcfe8c11b3d04d78a6c3
GET /wp-content/uploads/2022/08/MP48-UPDATE-logo-01.png HTTP/1.1
Host: mp48update.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,User-Agent,Accept-Encoding
last-modified: Thu, 18 Aug 2022 18:55:46 GMT
etag: "2aab4-5e68887791772"
accept-ranges: bytes
content-length: 174772
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:57 GMT
content-type: image/png
X-Firefox-Spdy: h2
mp48update.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
64.90.37.168200 OK 5.1 kB URL HTTP/2 mp48update.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 64.90.37.168:0
File type ASCII text, with very long lines (15660)
Hash 3971154f76bf26e704b4910111d124ba
60dfcafe9593005b92cd0ce40f429b241ae3b287
549584b85b7433e767b71e774e5fcef37c40c19169e3979597b6ab7f8314b3c4
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: mp48update.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
etag: "48b9-5dc6eb878efc0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:57 GMT
content-encoding: gzip
content-length: 5085
content-type: application/javascript
X-Firefox-Spdy: h2
mp48update.com/wp-includes/js/underscore.min.js?ver=1.13.4
64.90.37.168200 OK 7.4 kB URL HTTP/2 mp48update.com/wp-includes/js/underscore.min.js?ver=1.13.4
IP 64.90.37.168:0
File type ASCII text, with very long lines (18798)
Hash de5e02c3b0c35bf28fcb47de34df506c
3fcec2793b336cc28c4ce821bb3d5deb6b1fdd5f
bcc14efa00c7330638dd6f8b1ff2deb7f2d1f95e8119b79dcc1e8b2ab48e52a8
GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: mp48update.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Wed, 02 Nov 2022 06:10:47 GMT
etag: "4991-5ec76b3a330de-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:57 GMT
content-encoding: gzip
content-length: 7391
content-type: application/javascript
X-Firefox-Spdy: h2
mp48update.com/wp-includes/js/comment-reply.min.js?ver=6.1.1
64.90.37.168200 OK 1.4 kB URL HTTP/2 mp48update.com/wp-includes/js/comment-reply.min.js?ver=6.1.1
IP 64.90.37.168:0
File type ASCII text, with very long lines (2946)
Hash 28214bc78b9edfcfbc9c7b651fb4f56c
fb0847abdb33dd943a2dcda4c4b905fb5cdd116c
11691bc1acc1f3a7ab8ef7c67fb720ca58fb72e52f510009f7b0cbc2589d45e0
GET /wp-includes/js/comment-reply.min.js?ver=6.1.1 HTTP/1.1
Host: mp48update.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
etag: "ba5-5dc2a2438e980-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:57 GMT
content-encoding: gzip
content-length: 1351
content-type: application/javascript
X-Firefox-Spdy: h2
mp48update.com/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=4173294bcf58591c4439ff8ccd792f1e
64.90.37.168200 OK 9.6 kB URL HTTP/2 mp48update.com/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=4173294bcf58591c4439ff8ccd792f1e
IP 64.90.37.168:0
File type ASCII text, with very long lines (1037)
Hash 33422379f70848351792792fa7494374
0dadfacfa1c1f1c170177b74cf9d9858e2432f3a
2ddbfd878a81dbc73e527304f764a4319eed9856bf1a263e871479402f874ce1
GET /wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=4173294bcf58591c4439ff8ccd792f1e HTTP/1.1
Host: mp48update.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 18 Aug 2022 08:30:17 GMT
etag: "a461-5e67fca94d299-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:57 GMT
content-encoding: gzip
content-length: 9565
content-type: application/javascript
X-Firefox-Spdy: h2
mp48update.com/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=4173294bcf58591c4439ff8ccd792f1e
64.90.37.168200 OK 2.0 kB URL HTTP/2 mp48update.com/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=4173294bcf58591c4439ff8ccd792f1e
IP 64.90.37.168:0
File type ASCII text, with very long lines (543)
Hash 5f176720c4e8f5ea71283392eee95494
7929bd41f34fbf4a55543ca8c52465ed1f538bb5
07b83c328ed5d172999cd7a9564bf5bf4ed50411828bef4b861a51829f0d1bbb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=4173294bcf58591c4439ff8ccd792f1e HTTP/1.1
Host: mp48update.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 18 Aug 2022 08:30:17 GMT
etag: "14a0-5e67fca94f1d9-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:57 GMT
content-encoding: gzip
content-length: 2015
content-type: application/javascript
X-Firefox-Spdy: h2
bit.ly/3bBYKfu
67.199.248.11301 Moved Permanently 167 B IP 67.199.248.11:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash befa6180dbaf7cf834441f6e4cd6a36d
6c11dbacb3c743d5a8b88eaae9a1aebb57610882
a0d67ef15647563ef0def0ce2570ae3db2d2d9000a9657e991f63fb0ce435379
GET /3bBYKfu HTTP/1.1
Host: bit.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 09 Dec 2022 04:41:57 GMT
content-type: text/html; charset=utf-8
content-length: 167
cache-control: private, max-age=90
location: https://piushtrivedi.neocities.org/hindi_astrology_google_gadget_Hindi4tech.html
set-cookie: _bit=mb94FV-875171194c1eab7a5e-00v; Domain=bit.ly; Expires=Wed, 07 Jun 2023 04:41:57 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:41:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:41:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:41:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 805a096454a2a267fd2661fc18c43087
2387a3bfb16b7f861103a697e98b4606301f1a33
28366eed760d5528ade9e9cafd870e0af373cf3d3e21d342f5a019f69a857b6c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=103714
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:41:57 GMT
Etag: "6391aeb7-118"
Expires: Sat, 10 Dec 2022 09:30:31 GMT
Last-Modified: Thu, 08 Dec 2022 09:30:31 GMT
Server: nginx
Content-Length: 280
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mp48update.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:56 GMT
expires: Thu, 07 Dec 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 119281
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mp48update.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:34:15 GMT
expires: Thu, 07 Dec 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 119262
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2
216.58.207.227200 OK 33 kB URL HTTP/2 fonts.gstatic.com/s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 32900, version 1.0\012- data
Hash fda3323314d895ae39de612559f6fad9
644dbb14f599920fdc8f8260b6e67bd1f8770e89
d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
GET /s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mp48update.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:41:39 GMT
expires: Thu, 07 Dec 2023 19:41:39 GMT
cache-control: public, max-age=31536000
age: 118818
last-modified: Wed, 27 Apr 2022 15:44:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mp48update.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:54 GMT
expires: Thu, 07 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 119283
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mp48update.com/
64.90.37.168200 OK 110 kB IP 64.90.37.168:0
Size 110 kB (110426 bytes)
Hash 19cd5db80d33fcb24fbb71676d39960e
1d94a8e05acc4ec01d30a13b6ba9906fad8dbd0b
a40a45b46f992b36e880c952a4421845d3c80ba9b614c94d3dbcd11bfb9ca093
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: mp48update.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:41:55 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
cache-control: max-age=600
expires: Fri, 09 Dec 2022 04:51:55 GMT
content-encoding: gzip
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:41:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
216.58.207.227200 OK 48 kB URL HTTP/2 fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 47728, version 1.0\012- data
Hash b1581ddd77372ceb06eb14adfd1bea07
1a3b0fc96fa73b808aa1f91f122a3c9bdcf93ee8
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
GET /s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mp48update.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47728
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 19:22:23 GMT
expires: Wed, 06 Dec 2023 19:22:23 GMT
cache-control: public, max-age=31536000
age: 206374
last-modified: Tue, 23 Aug 2022 17:55:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptserif/v17/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
216.58.207.227200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/ptserif/v17/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 29492, version 1.0\012- data
Hash 1ef64f017b272dc9baf01a7e6c1f2c30
3a2cc0c846c0c5af065eee0f45edde9c02ec596f
7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5
GET /s/ptserif/v17/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mp48update.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29492
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:39:36 GMT
expires: Thu, 07 Dec 2023 19:39:36 GMT
cache-control: public, max-age=31536000
age: 118942
last-modified: Wed, 27 Apr 2022 16:29:15 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3f31c94fea4806f786455159f392a17f
d347623c7a3ceccaf48ed4098a94b5fa49e084f8
c78d68a22a585dd5043e0a73cecd07ac31d13f103477b416fb696267e708d9ce
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 116
Cache-Control: max-age=146695
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:41:58 GMT
Etag: "6392562a-1d7"
Expires: Sat, 10 Dec 2022 21:26:53 GMT
Last-Modified: Thu, 08 Dec 2022 21:24:58 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mp48update.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:52:41 GMT
expires: Tue, 05 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 294557
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ae6d8fbe6a9f49ba40c6219dab3b9332
93145ea89975561b1a858737870d7f3d5ff5a247
b799126e6b173f7383788edb39276feed95964bfc0a3a710589e34bd0c5cda7b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B799126E6B173F7383788EDB39276FEED95964BFC0A3A710589E34BD0C5CDA7B"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9649
Expires: Fri, 09 Dec 2022 07:22:47 GMT
Date: Fri, 09 Dec 2022 04:41:58 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 805a096454a2a267fd2661fc18c43087
2387a3bfb16b7f861103a697e98b4606301f1a33
28366eed760d5528ade9e9cafd870e0af373cf3d3e21d342f5a019f69a857b6c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=103714
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:41:58 GMT
Etag: "6391aeb7-118"
Expires: Sat, 10 Dec 2022 09:30:32 GMT
Last-Modified: Thu, 08 Dec 2022 09:30:31 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 280
mp48update.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?20
64.90.37.168200 OK 29 kB URL HTTP/2 mp48update.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?20
IP 64.90.37.168:0
File type Web Open Font Format, TrueType, length 28732, version 0.0\012- data
Hash 2192d5f834e8b672a73d67cad66e79f6
ddf3eb377defc2ca0a2a09d3f41da2d006303e13
c70da34747fb31860fa118ff5d6736f81661838a0f50f077aa29d63ad7b00e4a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Newspaper/images/icons/newspaper.woff?20 HTTP/1.1
Host: mp48update.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mp48update.com/wp-content/themes/Newspaper/style.css?ver=11.5
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,User-Agent
last-modified: Thu, 18 Aug 2022 08:29:39 GMT
etag: "703c-5e67fc857b45e"
accept-ranges: bytes
content-length: 28732
cache-control: max-age=172800
expires: Sun, 11 Dec 2022 04:41:57 GMT
content-type: application/font-woff
X-Firefox-Spdy: h2
mp48update.com/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/td-multipurpose.ttf
64.90.37.168200 OK 130 kB URL HTTP/2 mp48update.com/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/td-multipurpose.ttf
IP 64.90.37.168:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Size 130 kB (129596 bytes)
Hash d298563afb36ab47c7ad74da6eb85ae7
a1b856e0f086653b9e602c9d619e5b4394caf0ec
95c06a3e6c28a512b08155b23f867f4699ce33d79ef8ef7a229ee6a33a6c83f6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/td-composer/assets/fonts/td-multipurpose/td-multipurpose.ttf HTTP/1.1
Host: mp48update.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/td-multipurpose.css?ver=6ea45b81e47c58269b68289d05535e19
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:41:58 GMT
server: Apache
vary: IS_SUBREQ,User-Agent
last-modified: Thu, 18 Aug 2022 08:29:58 GMT
etag: "1fa3c-5e67fc97103bd"
accept-ranges: bytes
content-length: 129596
cache-control: max-age=172800
expires: Sun, 11 Dec 2022 04:41:58 GMT
content-type: application/font-sfnt
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2f943b056f66bfee7e2bffd74467a139
9dbc5296ffb9e4f405d3eadfb9e5fe74f7a49fff
7f5bfb7d4dd9dfb0a73b8c29966c5c3b8459b9853e3e660244840bea1ef6d59d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7F5BFB7D4DD9DFB0A73B8C29966C5C3B8459B9853E3E660244840BEA1EF6D59D"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17194
Expires: Fri, 09 Dec 2022 09:28:32 GMT
Date: Fri, 09 Dec 2022 04:41:58 GMT
Connection: keep-alive
mp48update.com/wp-content/uploads/2022/08/MP48-UPDATE-logo-01-300x128.png
64.90.37.168200 OK 21 kB URL HTTP/2 mp48update.com/wp-content/uploads/2022/08/MP48-UPDATE-logo-01-300x128.png
IP 64.90.37.168:0
File type PNG image data, 300 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 7ddf58d918a5e3617465679078f7d322
d50f1813471a595d396f17b92a45bba99e132fb2
3d24db7a934b35b3bdddb349213b8a8dd58f0aac18ef3def3a6126b0a1f2098c
GET /wp-content/uploads/2022/08/MP48-UPDATE-logo-01-300x128.png HTTP/1.1
Host: mp48update.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:41:58 GMT
server: Apache
vary: IS_SUBREQ,User-Agent,Accept-Encoding
last-modified: Thu, 18 Aug 2022 18:55:49 GMT
etag: "514e-5e68887b0a222"
accept-ranges: bytes
content-length: 20814
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:58 GMT
content-type: image/png
X-Firefox-Spdy: h2
js.interestmoments.com/scripts/trim.js
193.169.194.63200 OK 2.2 kB URL HTTP/1.1 js.interestmoments.com/scripts/trim.js
IP 193.169.194.63:0
ASN #50321 FOP Reznichenko Sergey Mykolayovich
File type ASCII text, with very long lines (6444), with no line terminators
Hash 68f64aa377a0e32ed510fd286ffd5b48
d215b23cb14a3dbd5474bbdbe9290541c449359d
0facd0bcf777d8176a4bbc3e14172fdab4c11aae196591ee3ba8ffddee0ec042
Analyzer Verdict Alert fortinet Malware
GET /scripts/trim.js HTTP/1.1
Host: js.interestmoments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 04:41:58 GMT
Content-Type: application/javascript
Last-Modified: Wed, 07 Dec 2022 11:41:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63907bd9-192c"
Expires: Mon, 19 Dec 2022 04:41:58 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3eafda7c0938ddcab89d426ea9e911ba
de6b531037ecd5c7e8daad59599f50abfdaaf76e
c21c8ab33725a1163610b16eab04fdffbd6bd129d925cba62e4f25933319d734
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C21C8AB33725A1163610B16EAB04FDFFBD6BD129D925CBA62E4F25933319D734"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21550
Expires: Fri, 09 Dec 2022 10:41:08 GMT
Date: Fri, 09 Dec 2022 04:41:58 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 34da737f5d8fab7415ab2d552058d653
2e28de807960cde0030e68b4f468aaeecd1b533f
bbd3063026b41b4487911d85977a7dfe8e0f62f93a48cedad2ce2448f28e2cf0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 34da737f5d8fab7415ab2d552058d653
2e28de807960cde0030e68b4f468aaeecd1b533f
bbd3063026b41b4487911d85977a7dfe8e0f62f93a48cedad2ce2448f28e2cf0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 2.4 kB IP 142.250.74.131:0
Hash 5c11375258e8c506276d5a2b49c49853
16b35af3a88bf339b282ebfce1ce18b55ae696a3
012f7523e821dde1378fac9109e325a72b6f15af6b20f6d363057d5f304259ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 34da737f5d8fab7415ab2d552058d653
2e28de807960cde0030e68b4f468aaeecd1b533f
bbd3063026b41b4487911d85977a7dfe8e0f62f93a48cedad2ce2448f28e2cf0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mp48update.com/wp-content/plugins/live-news/public/assets/img/clock.png
64.90.37.168200 OK 31 kB URL HTTP/2 mp48update.com/wp-content/plugins/live-news/public/assets/img/clock.png
IP 64.90.37.168:0
Hash 4684d3ef4505cafb41bf387c3f557011
cb0afa276f9ca0f4476b3af208607225c83ccef1
7efc275d26ef99ddd1ec3c2a972e01bf1cf73df840a006d58e5b95fbc86ea8f8
GET /wp-content/plugins/live-news/public/assets/img/clock.png HTTP/1.1
Host: mp48update.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Cookie: _ga_VS9R69MEY9=GS1.1.1670560917.1.0.1670560917.0.0.0; _ga=GA1.1.1578828926.1670560918; trainmeassystt=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:41:58 GMT
server: Apache
vary: IS_SUBREQ,User-Agent,Accept-Encoding
last-modified: Thu, 18 Aug 2022 19:24:52 GMT
etag: "94-5e688ef8ae56d"
accept-ranges: bytes
content-length: 148
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:58 GMT
content-type: image/png
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4c016f47c9f5f4d879a4d01089fee585
6f9b5b2fe48c9769401ea5367d33cb51f57ea7e6
6f7dd84273e1ffb40ce8a97996038af95d949a2cfe6031feb866cb9d73fc54db
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6F7DD84273E1FFB40CE8A97996038AF95D949A2CFE6031FEB866CB9D73FC54DB"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13951
Expires: Fri, 09 Dec 2022 08:34:29 GMT
Date: Fri, 09 Dec 2022 04:41:58 GMT
Connection: keep-alive
long.interestmoments.com/go/brad-way.php?id=16477-22-569654345&pid=235&qid=473
193.169.194.63302 Found 0 B URL HTTP/1.1 long.interestmoments.com/go/brad-way.php?id=16477-22-569654345&pid=235&qid=473
IP 193.169.194.63:0
ASN #50321 FOP Reznichenko Sergey Mykolayovich
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/brad-way.php?id=16477-22-569654345&pid=235&qid=473 HTTP/1.1
Host: long.interestmoments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 09 Dec 2022 04:41:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://long.interestmoments.com/go/brad-way.php?id=568658-12-0956346&pid=3457&lid=05679333&jid=38834&from=astronomer
Access-Control-Allow-Origin: *
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bf8858fa52de668b0013cf9ce66d290c
9c319173ee6a48c6e717e9e8764008564aabe7ba
93df528ead5887cbbcf51f83c9e6ffa451861ae3145296ab3dfc269067080933
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-VS9R69MEY9>m=2oebu0&_p=573030463&cid=1578828926.1670560918&ul=en-us&sr=1280x1024&_s=1&sid=1670560917&sct=1&seg=0&dl=https%3A%2F%2Fmp48update.com%2F&dt=Hindi%20news%2C%20Hindi%20samachar%2C%20letest%20news%2C%20Breaking%20News%2C%20Top%20Hindi%20News%2C%20%E0%A4%B9%E0%A4%BF%E0%A4%82%E0%A4%A6%E0%A5%80%20%E0%A4%A8%E0%A5%8D%E0%A4%AF%E0%A5%82%E0%A5%9B%20-%20Mp48update&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-VS9R69MEY9>m=2oebu0&_p=573030463&cid=1578828926.1670560918&ul=en-us&sr=1280x1024&_s=1&sid=1670560917&sct=1&seg=0&dl=https%3A%2F%2Fmp48update.com%2F&dt=Hindi%20news%2C%20Hindi%20samachar%2C%20letest%20news%2C%20Breaking%20News%2C%20Top%20Hindi%20News%2C%20%E0%A4%B9%E0%A4%BF%E0%A4%82%E0%A4%A6%E0%A5%80%20%E0%A4%A8%E0%A5%8D%E0%A4%AF%E0%A5%82%E0%A5%9B%20-%20Mp48update&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-VS9R69MEY9>m=2oebu0&_p=573030463&cid=1578828926.1670560918&ul=en-us&sr=1280x1024&_s=1&sid=1670560917&sct=1&seg=0&dl=https%3A%2F%2Fmp48update.com%2F&dt=Hindi%20news%2C%20Hindi%20samachar%2C%20letest%20news%2C%20Breaking%20News%2C%20Top%20Hindi%20News%2C%20%E0%A4%B9%E0%A4%BF%E0%A4%82%E0%A4%A6%E0%A5%80%20%E0%A4%A8%E0%A5%8D%E0%A4%AF%E0%A5%82%E0%A5%9B%20-%20Mp48update&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mp48update.com
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://mp48update.com
date: Fri, 09 Dec 2022 04:41:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
long.interestmoments.com/go/brad-way.php?id=568658-12-0956346&pid=3457&lid=05679333&jid=38834&from=astronomer
193.169.194.63200 OK 438 B URL HTTP/1.1 long.interestmoments.com/go/brad-way.php?id=568658-12-0956346&pid=3457&lid=05679333&jid=38834&from=astronomer
IP 193.169.194.63:0
ASN #50321 FOP Reznichenko Sergey Mykolayovich
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 0525d77ebdf7de03d247fdcd914fc360
5ec7fc9668bf62b50ab46497eb3aa67a60c0496d
c548a1af5170a6a7a699b50b9e7bbd50e45d6f7f0f38639e70a80dfabd435781
GET /go/brad-way.php?id=568658-12-0956346&pid=3457&lid=05679333&jid=38834&from=astronomer HTTP/1.1
Host: long.interestmoments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mp48update.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 04:41:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bf8858fa52de668b0013cf9ce66d290c
9c319173ee6a48c6e717e9e8764008564aabe7ba
93df528ead5887cbbcf51f83c9e6ffa451861ae3145296ab3dfc269067080933
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash c04f51cc41113a5b6da0a567c833fe9d
40ea8909f2aac96032417bb8fb892e4146e3ba89
3608749bb21624365f699232f44c1cb4d316c97c39008d0514f70d5968b21a4b
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 09 Dec 2022 04:41:59 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 08 Dec 2022 21:59:17 GMT
Expires: Fri, 09 Dec 2022 21:59:17 GMT
ETag: "40ea8909f2aac96032417bb8fb892e4146e3ba89"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
track.wg-aff.com/click?pid=1287&offer_id=71&ref_id=i0tjaeieut6esito8bis&sub1=E0CDNGBJ6R
35.204.130.99302 Found 0 B URL HTTP/2 track.wg-aff.com/click?pid=1287&offer_id=71&ref_id=i0tjaeieut6esito8bis&sub1=E0CDNGBJ6R
IP 35.204.130.99:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=1287&offer_id=71&ref_id=i0tjaeieut6esito8bis&sub1=E0CDNGBJ6R HTTP/1.1
Host: track.wg-aff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 09 Dec 2022 04:41:59 GMT
content-length: 0
location: https://trck.wargaming.net/ujoxix0l/?t=1&pub_id=1287&xid=6392bc9709e8870001471b53&xid_param1=E0CDNGBJ6R&xid_param_2=
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=6392bc9709e8870001471b53; expires=Sat, 09 Dec 2023 04:41:59 GMT; secure; SameSite=None
afoffers={"71":1670560919}; expires=Sat, 09 Dec 2023 04:41:59 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 29ee0a76851abb56bc5a46a9bb0903b6
35fc7bbca8c74b10c88f08ea12a0dddbe5badffe
4022c7570f45a317c8f027ada807695a87b2dca9aa18b1c97669dc34cacf3a5f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2065
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:42:00 GMT
Last-Modified: Fri, 09 Dec 2022 04:07:35 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
trck.wargaming.net/ujoxix0l/?t=1&pub_id=1287&xid=6392bc9709e8870001471b53&xid_param1=E0CDNGBJ6R&xid_param_2=
92.223.23.230301 Moved Permanently 22 B URL HTTP/1.1 trck.wargaming.net/ujoxix0l/?t=1&pub_id=1287&xid=6392bc9709e8870001471b53&xid_param1=E0CDNGBJ6R&xid_param_2=
IP 92.223.23.230:0
ASN #199524 G-Core Labs S.A.
File type ASCII text, with no line terminators
Hash 0e0bf67572311f8a23814419ff24ee9a
78328dfc54708433cdfb3e7857e57f87ec443b08
c5f6c267ba4a2964fff5d304d4a1e79c371ce30d32eaf017b3bb40becccd58d2
GET /ujoxix0l/?t=1&pub_id=1287&xid=6392bc9709e8870001471b53&xid_param1=E0CDNGBJ6R&xid_param_2= HTTP/1.1
Host: trck.wargaming.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 09 Dec 2022 04:42:00 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 22
Connection: keep-alive
Location: https://promo.worldofwarships.eu/glows-46780/eu-no/?t=1&pub_id=1287&xid=6392bc9709e8870001471b53&xid_param1=E0CDNGBJ6R&xid_param_2=&sid=SIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA&enctid=cox0f7zg6w15&lpsn=WOWS+template1+new+animated+lp-v1&foris=1&teclient=1670560920082270349&utm_source=wlap&utm_medium=affiliate&utm_campaign=ujoxix0l&utm_content=1287
Set-Cookie: STIDREFERRAL=SIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA; Domain=wargaming.net; Max-Age=2592000; Path=/; SameSite=None; Secure
enctid=cox0f7zg6w15; Domain=wargaming.net; Max-Age=2592000; Path=/; SameSite=None; Secure
teclient=1670560920082270349; Domain=wargaming.net; Max-Age=315360000; Path=/; SameSite=None; Secure
Cache-Control: no-cache
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0e34e4ce17e04c34449bd2782895c818
4c1a701a6b02ec8166d6dc5a867b4c96b7788a62
8ce43f6728ed3e5ea6adfd519c2c4b0edfe36f7d2b64457f19eb691d467b833e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8CE43F6728ED3E5EA6ADFD519C2C4B0EDFE36F7D2B64457F19EB691D467B833E"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3032
Expires: Fri, 09 Dec 2022 05:32:32 GMT
Date: Fri, 09 Dec 2022 04:42:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0e34e4ce17e04c34449bd2782895c818
4c1a701a6b02ec8166d6dc5a867b4c96b7788a62
8ce43f6728ed3e5ea6adfd519c2c4b0edfe36f7d2b64457f19eb691d467b833e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8CE43F6728ED3E5EA6ADFD519C2C4B0EDFE36F7D2B64457F19EB691D467B833E"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3032
Expires: Fri, 09 Dec 2022 05:32:32 GMT
Date: Fri, 09 Dec 2022 04:42:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0e34e4ce17e04c34449bd2782895c818
4c1a701a6b02ec8166d6dc5a867b4c96b7788a62
8ce43f6728ed3e5ea6adfd519c2c4b0edfe36f7d2b64457f19eb691d467b833e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8CE43F6728ED3E5EA6ADFD519C2C4B0EDFE36F7D2B64457F19EB691D467B833E"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3032
Expires: Fri, 09 Dec 2022 05:32:32 GMT
Date: Fri, 09 Dec 2022 04:42:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0e34e4ce17e04c34449bd2782895c818
4c1a701a6b02ec8166d6dc5a867b4c96b7788a62
8ce43f6728ed3e5ea6adfd519c2c4b0edfe36f7d2b64457f19eb691d467b833e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8CE43F6728ED3E5EA6ADFD519C2C4B0EDFE36F7D2B64457F19EB691D467B833E"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3032
Expires: Fri, 09 Dec 2022 05:32:32 GMT
Date: Fri, 09 Dec 2022 04:42:00 GMT
Connection: keep-alive
promo-cdn.worldofwarships.com/glows-46780/src/images/wowsl_logo.png
92.223.97.97200 OK 10 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-46780/src/images/wowsl_logo.png
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 749 x 299, 8-bit colormap, non-interlaced\012- data
Hash 4d9371a87a4f9a0d6a8792e0397aa303
1308b49f8614f0ab05e81698daf5bfc4a2498bf0
68ddcc9fad945493001c241d8de6fb9acdd436bc82bff503302dbffa64f4f5ed
GET /glows-46780/src/images/wowsl_logo.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:42:00 GMT
content-type: image/png
content-length: 10514
last-modified: Thu, 17 Nov 2022 14:17:13 GMT
etag: "4d9371a87a4f9a0d6a8792e0397aa303"
x-amz-request-id: tx0000000000000004dd575-00637642a3-1ce07b18-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-07T14:26:41+00:00
x-id: sto5-up-gc13
accept-ranges: bytes
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-46780/src/images/footer-logo.png
92.223.97.97200 OK 1.9 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-46780/src/images/footer-logo.png
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 275 x 63, 8-bit colormap, non-interlaced\012- data
Hash 7ce94cd1324102c254e60ced58661dc3
b76e3b4e14cf98aa766788bc8cf4fbc97058fec0
fdd269a537d61d3fafbef167c6c7e22ae7707217427b506674f5f0d2f3caed48
GET /glows-46780/src/images/footer-logo.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:42:00 GMT
content-type: image/png
content-length: 1939
last-modified: Thu, 17 Nov 2022 14:17:13 GMT
etag: "7ce94cd1324102c254e60ced58661dc3"
x-amz-request-id: tx00000000000000072778a-00637642a3-1cdd7ef6-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-07T14:26:42+00:00
x-id: sto5-up-gc13
accept-ranges: bytes
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-46780/src/video/background.jpg
92.223.97.97200 OK 1.6 MB URL HTTP/2 promo-cdn.worldofwarships.com/glows-46780/src/video/background.jpg
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2, software=Adobe Photoshop 22.5 (20210825.orig.371 f9e5e2d) (Windows), datetime=2022:03:02 12:36:32], baseline, precision 8, 1920x1080, components 3\012- data
Size 1.6 MB (1600607 bytes)
Hash 7ca3ab71bce37ba721e6df5793aec7db
58d9843017d1de2e184947c3c245cd68993ed254
789b592e823e380c8c974b0dd2a5893b250ddb06d1e08f70ad3e19aca54b0cac
GET /glows-46780/src/video/background.jpg HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:42:00 GMT
content-type: image/jpeg
content-length: 1600607
last-modified: Thu, 17 Nov 2022 14:17:12 GMT
etag: "7ca3ab71bce37ba721e6df5793aec7db"
x-amz-request-id: tx0000000000000004dd560-00637642a2-1ce07b18-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-07T14:26:42+00:00
x-id: sto5-up-gc10
accept-ranges: bytes
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-46780/src/libs/jquery.fullpage.min.css
92.223.97.97200 OK 1.7 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-46780/src/libs/jquery.fullpage.min.css
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
Hash cffe90acf6062111a0c1ef91c16d4aaa
313cb0c39521094bb3d1b9f60cd2b8b62a202f31
d4e7f69207f203af0cb4018cf13c2c99a48e9a3f2fabf59dea991e1da7414732
GET /glows-46780/src/libs/jquery.fullpage.min.css HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:42:00 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 17 Nov 2022 14:17:12 GMT
etag: W/"5325456f69c244978fdc17e4a370d845"
x-amz-request-id: tx00000000000000075da31-00638f9090-1d272e0c-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-06T18:57:20+00:00
x-id: sto5-up-gc15
content-encoding: gzip
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-46780/src/styles/style.css
92.223.97.97200 OK 97 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-46780/src/styles/style.css
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
Hash 3fb70902154dedd6916905ad087f38d1
82064e2639852afb7c887a92a23a5556d193f292
e7ed016cda61bebb1ffe00b787e5c51d1ebaf0bcd225700357e3eb6b58750fe9
GET /glows-46780/src/styles/style.css HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:42:00 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 17 Nov 2022 14:17:12 GMT
etag: W/"1b60b9684b13c04d6b5a1d0f84017275"
x-amz-request-id: tx000000000000001693fc0-00638f9090-1c2e427d-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-06T18:57:20+00:00
x-id: sto5-up-gc15
content-encoding: gzip
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-46780/src/fonts/robotocondensed-bold.woff
92.223.97.97200 OK 92 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-46780/src/fonts/robotocondensed-bold.woff
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type Web Open Font Format, TrueType, length 92496, version 1.0\012- data
Hash fb69d9cc5aea733510b530ed221b75dc
86276b2f2dfb7b42dc1639730c0bec56aa709be4
3b063cd5ae1793c617df8450a6c4343f7493ad006a574d9c3e9f7e81be9578f8
GET /glows-46780/src/fonts/robotocondensed-bold.woff HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Referer: https://promo-cdn.worldofwarships.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:42:00 GMT
content-length: 92496
last-modified: Thu, 17 Nov 2022 14:17:12 GMT
etag: "fb69d9cc5aea733510b530ed221b75dc"
x-amz-request-id: tx000000000000000861a09-00637642a2-1cdc9228-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-07T14:26:41+00:00
x-id: sto5-up-gc10
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 3b9c4f611a272c9fe5e641d2cb8bca6d
ff9b2f48491342736db26188c63909f1f1a351cf
9fa7b8593a593840f527ca87cb6a6161aaeb36084d50e748f81c1b1dc19318de
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6193
Cache-Control: max-age=98439
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:42:00 GMT
Etag: "639181ee-116"
Expires: Sat, 10 Dec 2022 08:02:39 GMT
Last-Modified: Thu, 08 Dec 2022 06:19:26 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
promo-cdn.worldofwarships.com/glows-46780/src/libs/oneTrustBanner.js
92.223.97.97200 OK 7.1 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-46780/src/libs/oneTrustBanner.js
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type ASCII text, with very long lines (835)
Hash d5e4b1ca91206b7a8fd6d22b348ef4d4
6877a8819a3a0f77166ab46f8e0252a26e699c7f
1b30193583b6724a63de0af0a311a0682a9d48a67fb354387d28cef864c5ec47
GET /glows-46780/src/libs/oneTrustBanner.js HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:42:00 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 17 Nov 2022 14:17:12 GMT
etag: W/"7ec3b6015c5487eb301fa7c905ea3f70"
x-amz-request-id: tx000000000000003ed6aae-00637642a1-1c8e9cf0-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-07T14:26:07+00:00
x-id: sto5-up-gc14
content-encoding: gzip
X-Firefox-Spdy: h2
promo.worldofwarships.eu/glows-46780/eu-no/?t=1&pub_id=1287&xid=6392bc9709e8870001471b53&xid_param1=E0CDNGBJ6R&xid_param_2=&sid=SIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA&enctid=cox0f7zg6w15&lpsn=WOWS+template1+new+animated+lp-v1&foris=1&teclient=1670560920082270349&utm_source=wlap&utm_medium=affiliate&utm_campaign=ujoxix0l&utm_content=1287
92.223.97.97200 OK 14 kB URL HTTP/2 promo.worldofwarships.eu/glows-46780/eu-no/?t=1&pub_id=1287&xid=6392bc9709e8870001471b53&xid_param1=E0CDNGBJ6R&xid_param_2=&sid=SIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA&enctid=cox0f7zg6w15&lpsn=WOWS+template1+new+animated+lp-v1&foris=1&teclient=1670560920082270349&utm_source=wlap&utm_medium=affiliate&utm_campaign=ujoxix0l&utm_content=1287
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26078)
Hash 033f51e50cb36a064a82e0c82eb61eed
e4136e8d2113f89dc29891cc5e6aa2a52902e7db
efd8ab252179035fcaf60d5c514eef46437d7642be19d2e44f216128661055a8
GET /glows-46780/eu-no/?t=1&pub_id=1287&xid=6392bc9709e8870001471b53&xid_param1=E0CDNGBJ6R&xid_param_2=&sid=SIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA&enctid=cox0f7zg6w15&lpsn=WOWS+template1+new+animated+lp-v1&foris=1&teclient=1670560920082270349&utm_source=wlap&utm_medium=affiliate&utm_campaign=ujoxix0l&utm_content=1287 HTTP/1.1
Host: promo.worldofwarships.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:42:00 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 17 Nov 2022 14:17:12 GMT
etag: W/"61b4af1bae2756b26cc69495654416d7"
x-amz-request-id: tx00000000000000084a3d4-00637a8aeb-1ce8cb68-ed1
cache: HIT
x-cached-since: 2022-12-07T10:20:37+00:00
x-id: sto5-up-gc10
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 795e67bdfadc3c890a663080413b56b7
fdefde3befb6aceac3c337c34c8d738f5091908c
8375b55cfc13989b0cf96293b7bead2ce5811a993b3445da1776ca7015c36985
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:42:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
promo-cdn.worldofwarships.com/glows-46780/src/libs/aos.css
92.223.97.97200 OK 125 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-46780/src/libs/aos.css
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
Size 125 kB (124701 bytes)
Hash c1608b174e8c8c6d77a3f75833e91ba6
92907f7510d711097e8aa109c8d2b7f1d23fc5c0
230990df2de37c596aa71394ff64b510c98da3eaac660ae2926a02b2046dbd92
GET /glows-46780/src/libs/aos.css HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:42:00 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 17 Nov 2022 14:17:12 GMT
etag: W/"a6f0a9b1aea9999df9ed749e34d9430c"
x-amz-request-id: tx0000000000000017a56c0-00638f9090-1c2e4940-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-06T18:57:20+00:00
x-id: sto5-up-gc15
content-encoding: gzip
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/global_static/age_ratings/v2/pegi_ext-violence.svg
92.223.97.97200 OK 19 kB URL HTTP/2 promo-cdn.worldofwarships.com/global_static/age_ratings/v2/pegi_ext-violence.svg
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5875)
Hash 78722d4fded6af38f0e0c331d06fb5a3
4aa0fb1e1e69253a3c0a0562349f17779d1576bf
e7cf1df6cd87517fc303c6034cec3f305c50a78edb328d4befb7161db65456b4
GET /global_static/age_ratings/v2/pegi_ext-violence.svg HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:42:00 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Feb 2022 22:01:20 GMT
etag: W/"9a3e2c35d77bd8b96138310eeb6b7f7b"
x-amz-request-id: tx00000000000000080ab06-00633fe0c3-1c4c0c09-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-06T08:22:20+00:00
x-id: sto5-up-gc11
content-encoding: gzip
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/global_static/favicon/v2/apple-touch-icon-180x180.png
92.223.97.97200 OK 2.3 kB URL HTTP/2 promo-cdn.worldofwarships.com/global_static/favicon/v2/apple-touch-icon-180x180.png
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 687168d21b7e78dfb6175de97ae3d045
78081e22c1ea9e51a6cac8910d7ce01c319132e1
49f69cf7e37fda7051cd440048ecd5b2ab0973f106dc6e669959ee453b03e5d1
GET /global_static/favicon/v2/apple-touch-icon-180x180.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:42:00 GMT
content-type: image/png
content-length: 2326
last-modified: Mon, 05 Sep 2022 07:56:20 GMT
etag: "687168d21b7e78dfb6175de97ae3d045"
x-amz-request-id: tx0000000000000002a896d-00633fe0e6-1c4459fa-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-06T08:46:23+00:00
x-id: sto5-up-gc10
accept-ranges: bytes
X-Firefox-Spdy: h2
thirawogla.com/b.3gVG0fPw3fpLv/bymZVxJXZ_Dc0V0zNxThkzzWMqz/cl2ULDT/QN1_OeTwMazxNMzacn
88.85.94.246200 OK 1.2 kB URL HTTP/2 thirawogla.com/b.3gVG0fPw3fpLv/bymZVxJXZ_Dc0V0zNxThkzzWMqz/cl2ULDT/QN1_OeTwMazxNMzacn
IP 88.85.94.246:0
Hash de30b29e8bbc72b7828734d5d781b9eb
9d5fb51148291180b45d9481b756eb7fc2d4a352
e47efd1c616db1a5564776f4be806183ee085c80d2d3722d3f8d5a06115e46ee
GET /b.3gVG0fPw3fpLv/bymZVxJXZ_Dc0V0zNxThkzzWMqz/cl2ULDT/QN1_OeTwMazxNMzacn HTTP/1.1
Host: thirawogla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://long.interestmoments.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:41:59 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
last-modified: Fri, 09 Dec 2022 04:41:59 GMT
x-frame-options: DENY
referrer-policy: no-referrer
p3p: CP="CUR ADM OUR NOR STA NID"
set-cookie: kadCCap=199455:1:1668245056;222582:1:1669973958;79610:1:1669272875;221352:1:1670163762;132751:1:1669884292;219652:1:1669330335;222775:1:1670485741;212269:1:1667199062;219047:1:1667194435;220790:1:1668460505;218693:1:1669515516;220335:1:1670435916;223255:1:1670393482;222513:1:1670219541;218665:1:1670219511;215297:1:1669786163;221398:1:1670525489;219484:1:1667715065;194136:1:1669413157; max-age=1702096919; path=/
kadACap=458045:1:1670528140;446714:1:1669965428;346329:1:1670226206;451724:1:1669565807;445506:1:1669286676;419297:1:1670425925;346327:1:1670484781;446531:1:1669270846;419323:1:1669947125;407100:1:1668246232;445788:1:1669918420;451139:1:1669898733;190964:1:1669272875;419299:1:1669735589;450649:1:1670060949;445499:1:1670164226;419303:1:1670398063;442019:1:1670498208;419301:1:1670560919;383700:1:1670440962;410252:1:1670471005;449523:1:1670210030;419295:1:1670440857;446013:1:1668228435;419321:1:1670465503;272913:1:1670219562;419293:1:1669526430;424441:1:1670396486;444748:1:1669841678;445735:1:1669286676;419291:1:1670459724;401659:1:1670416416;458041:1:1670526590;453831:1:1670506915; max-age=1702096919; path=/
kadCSCap=222775:1:1670485741;221398:1:1670525489; path=/
kadASCap=346327:1:1670484781;458041:1:1670526590;458045:1:1670528140;419301:1:1670560919;453831:1:1670506915;442019:1:1670498208; path=/
kadRPixJ=bnVsbA==; max-age=1702096919; path=/
kadUnP3=CAEQl/nKnAYaDQjzwZkBEAEYrabGnAYaDQj2iP8BEAIY/uzInAYaDQiatZYCEAEY7a3GnAYaDQioiJcCEAEYi6nInAYaDQi4wZcCEAEYseTInAYaDQjgrZgCEAMYo9PHnAYiCggDEAoYrabGnAYqDAikkygQARiLqcicBioMCP+aKBABGLHkyJwGKgwIiqkoEAMYo9PHnAYqDAiMvRIQARitpsacBioMCLiOJRACGP7syJwGKgwI6IgoEAEY7a3GnAY=; max-age=1702096919; path=/
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e3b657ebd655fbfa5f10c01c775f2aa0
2478fd171e6791a10d83b2bad9de0165d268db7e
2d91737e61e5338bc24c7df4aa36b1c20d9f79fe8ea4bb4914fd2c15e99a7ee3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:42:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mp48update.com/wp-content/plugins/live-news/public/assets/js/momentjs/momentjs.js?ver=2.10
64.90.37.168200 OK 34 kB URL HTTP/2 mp48update.com/wp-content/plugins/live-news/public/assets/js/momentjs/momentjs.js?ver=2.10
IP 64.90.37.168:0
Hash 84488b4fcb6a035beaa054e3e858825e
857843578d8692d8067eddff5a6195c9746e6939
85d6af250038bdfbae563bc3a8c7ff04354c144a8afcab3d8c25e3e96adc8b18
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/live-news/public/assets/js/momentjs/momentjs.js?ver=2.10 HTTP/1.1
Host: mp48update.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 18 Aug 2022 19:24:52 GMT
etag: "210f6-5e688ef8b04ad-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:57 GMT
content-encoding: gzip
content-type: application/javascript
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a27aa0a392dc7ff380b810435996fc1f
a88adab0b9a4c163648de6d239ab13434eb77435
2bf743556aa76e32a5c711ba897e4f0d211b4b8386f97e56a0984e691ae7cade
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2BF743556AA76E32A5C711BA897E4F0D211B4B8386F97E56A0984E691AE7CADE"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5918
Expires: Fri, 09 Dec 2022 06:20:38 GMT
Date: Fri, 09 Dec 2022 04:42:00 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b5cba4e1962a1fe17c9021f3e418975a
01293d7e4084011451f7d17936ab2427504cdb1a
ecfe30d3abc32ca9f933303d75b2055642d3c7c8197af08fe2c314394699594b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:42:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d24e15e93677ed06f26535ac266c6047
17aa02c1d08e0381eaa87de26682b1125c04023b
1be6e71808c7721b25c06cf135befbca1086d49238323ea3fa1cad73c8770c0d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:42:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
promo-cdn.worldofwarships.com/glows-46780/src/libs/jquery.min.js
92.223.97.97200 OK 58 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-46780/src/libs/jquery.min.js
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
Hash bc0de04ec3c3f986d27ad882c9c32ae3
442ae6267608feef94cfd06b8c6f3f9628716ac6
665aad9ea09888c1d5d9573e5c347529f61b0d39e3de91611cd9ba7d41ce9586
GET /glows-46780/src/libs/jquery.min.js HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:42:00 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 17 Nov 2022 14:17:12 GMT
etag: W/"8c92b37b8bd194a02ac7fc497b72b27a"
x-amz-request-id: tx0000000000000008619ef-00637642a2-1cdc9228-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-07T14:26:07+00:00
x-id: sto5-up-gc13
content-encoding: gzip
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1006839708/?random=1670560919941&cv=11&fst=1670560919941&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgbu0&gcs=G111&gcd=G111&u_w=1280&u_h=1024&label=H356CMb80IcDEJzPjOAD&hn=www.google.com&frm=0&url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&tiba=World%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high&value=0&bttype=purchase&auid=1118582409.1670560920&data=ads_data_redaction%3Dtrue&gcp=1&ct_cookie_present=1
142.250.74.34200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1006839708/?random=1670560919941&cv=11&fst=1670560919941&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgbu0&gcs=G111&gcd=G111&u_w=1280&u_h=1024&label=H356CMb80IcDEJzPjOAD&hn=www.google.com&frm=0&url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&tiba=World%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high&value=0&bttype=purchase&auid=1118582409.1670560920&data=ads_data_redaction%3Dtrue&gcp=1&ct_cookie_present=1
IP 142.250.74.34:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/1006839708/?random=1670560919941&cv=11&fst=1670560919941&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgbu0&gcs=G111&gcd=G111&u_w=1280&u_h=1024&label=H356CMb80IcDEJzPjOAD&hn=www.google.com&frm=0&url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&tiba=World%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high&value=0&bttype=purchase&auid=1118582409.1670560920&data=ads_data_redaction%3Dtrue&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 04:42:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 09-Dec-2022 04:57:00 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1006839708/?random=1670560919936&cv=11&fst=1670560919936&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&tiba=World%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high&auid=1118582409.1670560920&rfmt=3&fmt=4
142.250.74.34200 OK 1.3 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1006839708/?random=1670560919936&cv=11&fst=1670560919936&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&tiba=World%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high&auid=1118582409.1670560920&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (3237), with no line terminators
Hash 9a397424825d26f9f815d007cb42a43d
70abb3ae1ea1a802551ff01bd40b6ced2a1b0613
1283e4fa297789d4c953f152fdecc9c4e9a23286a491719ebfabb31782cbfeeb
GET /pagead/viewthroughconversion/1006839708/?random=1670560919936&cv=11&fst=1670560919936&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&tiba=World%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high&auid=1118582409.1670560920&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 04:42:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1286
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 09-Dec-2022 04:57:00 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-46780/src/libs/jquery.fullpage.js
92.223.97.97200 OK 116 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-46780/src/libs/jquery.fullpage.js
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
Size 116 kB (115641 bytes)
Hash c388c410c816ce55d86ded88089552f3
671adeb56f83b2fe1898af3d3dca128e8d596f5f
e24d7b66d9af6a9bd608ed4b67747b623a12e1180d4a74336f66f1b917471d36
GET /glows-46780/src/libs/jquery.fullpage.js HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:42:00 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 17 Nov 2022 14:17:12 GMT
etag: W/"3dda1cb6b7c3b1c0f3eb0c52633455bf"
x-amz-request-id: tx0000000000000008619f4-00637642a2-1cdc9228-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-07T14:26:41+00:00
x-id: sto5-up-gc12
content-encoding: gzip
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-46780/src/images/logo-hor.svg
92.223.97.97200 OK 1.8 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-46780/src/images/logo-hor.svg
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (4456), with no line terminators
Hash f40e35959c5bb4c4b50f55a07b78014e
3e7d6380901b3cf4290eb08a0fc49f7b6db51f52
538373bc80a6e13c7adf0992b6dba329ac0d14e4bb90077e0d21e7b2115c2e42
GET /glows-46780/src/images/logo-hor.svg HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:42:00 GMT
content-type: image/svg+xml
last-modified: Thu, 17 Nov 2022 14:17:13 GMT
etag: W/"f37677b980c03bd3f2537e0ab36aa703"
x-amz-request-id: tx0000000000000005980ed-00637642a3-1cdf9313-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-07T14:26:42+00:00
x-id: sto5-up-gc10
content-encoding: gzip
X-Firefox-Spdy: h2
10697551.fls.doubleclick.net/activityi;src=10697551;type=pagev0;cat=allvi0;ord=532627560173;gtm=2wgbu0;gcs=G111;auiddc=1118582409.1670560920;u1=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287;~oref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287?
142.250.74.38200 OK 584 B URL HTTP/2 10697551.fls.doubleclick.net/activityi;src=10697551;type=pagev0;cat=allvi0;ord=532627560173;gtm=2wgbu0;gcs=G111;auiddc=1118582409.1670560920;u1=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287;~oref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287?
IP 142.250.74.38:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1485), with no line terminators
Hash 8435edfe2d732ecef53e6ee1cd74bcfd
3a6ad474614f9dfb252ee4c6d4a733e85d60cf08
7aaddc130e687f615a58adcb7029b88c45deb9a9f9e595376b2f7ce58d7ad809
GET /activityi;src=10697551;type=pagev0;cat=allvi0;ord=532627560173;gtm=2wgbu0;gcs=G111;auiddc=1118582409.1670560920;u1=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287;~oref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287? HTTP/1.1
Host: 10697551.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 04:42:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 584
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 09-Dec-2022 04:57:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a406a2b9d2e3888b2e58de01afd1effe
bacafbf4030c604e2b06318ff0ed58909020d162
19602962f8dccfe5b382f23f514e96681aeec410af5b1eb44b07604968847e98
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5744
Cache-Control: max-age=118496
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:42:00 GMT
Etag: "6391d208-117"
Expires: Sat, 10 Dec 2022 13:36:56 GMT
Last-Modified: Thu, 08 Dec 2022 12:01:12 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash f5eabe6a0ab4af70c46388096d85765b
bbc3adc839b79b4ac5ae4d776ad8b7787a443f14
8e7b540e51ee755a6caf286556bc56af81ac1fdd2fa361e1d908e9fbfddcf829
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:42:00 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "187EAA1C5BABE5C9F25911A34FC8F8537CD8EF53"
Expires: Fri, 09 Dec 2022 15:00:00 GMT
Last-Modified: Fri, 09 Dec 2022 03:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2199
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776b125bf87b0af6-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e3b657ebd655fbfa5f10c01c775f2aa0
2478fd171e6791a10d83b2bad9de0165d268db7e
2d91737e61e5338bc24c7df4aa36b1c20d9f79fe8ea4bb4914fd2c15e99a7ee3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:42:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d24e15e93677ed06f26535ac266c6047
17aa02c1d08e0381eaa87de26682b1125c04023b
1be6e71808c7721b25c06cf135befbca1086d49238323ea3fa1cad73c8770c0d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:42:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a0905812e8498e6c5c0a9b4b584b972f
039b784fd1e0152ec7f49a54ba027f0b2bd1e833
ee3531ef0f334dcd73a86b1e4365a020d5db69ff7b82bad136eaf1a8e9d3b47f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:42:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a0905812e8498e6c5c0a9b4b584b972f
039b784fd1e0152ec7f49a54ba027f0b2bd1e833
ee3531ef0f334dcd73a86b1e4365a020d5db69ff7b82bad136eaf1a8e9d3b47f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:42:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/ddm/fls/i/src=10697551;type=pagev0;cat=allvi0;ord=532627560173;gtm=2wgbu0;gcs=G111;auiddc=1118582409.1670560920;u1=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287;~oref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287
142.250.74.2200 OK 585 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=10697551;type=pagev0;cat=allvi0;ord=532627560173;gtm=2wgbu0;gcs=G111;auiddc=1118582409.1670560920;u1=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287;~oref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287
IP 142.250.74.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1484), with no line terminators
Hash d3e8bec21a1e54158dfc5fa8b72e1a8a
3ed9f28c219b9d0b841d881f831e96cdaef4b801
868193a0ce41e0bca4a78e19fa8c4dd16079d166c6779d0b7c21852782c9fc16
GET /ddm/fls/i/src=10697551;type=pagev0;cat=allvi0;ord=532627560173;gtm=2wgbu0;gcs=G111;auiddc=1118582409.1670560920;u1=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287;~oref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287 HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10697551.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 04:42:01 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 585
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 280288a03248ecc00d715b7fec17f905
f3f8e17375c93fdbb8dbb6789ccd9322f77cfb5c
2ede401d78089d36537129bf22c90e39b306e9c40f83835bbce82d2757bd3da0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2EDE401D78089D36537129BF22C90E39B306E9C40F83835BBCE82D2757BD3DA0"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3589
Expires: Fri, 09 Dec 2022 05:41:50 GMT
Date: Fri, 09 Dec 2022 04:42:01 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 32d90ff0cc366730c3633c1201b4c058
f4175292b607197a15085e14bf69df301dff6706
b4b2f80fbe9b02f3d54dc35a3738c31a4d7cb5a5e528fcbce50263d8c458231a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:42:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.cookielaw.org/scripttemplates/202211.1.0/otBannerSdk.js
104.16.148.64200 OK 94 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/202211.1.0/otBannerSdk.js
IP 104.16.148.64:0
File type ASCII text, with very long lines (65451)
Hash f6a491be9dc7f6ba1271f4faa9753179
e11e8e291ca6548f4933103088b8acd15af84191
6cf04708cbb25e9b7144e865deebd75bd4b2d42fa703299ba303a084d457b081
GET /scripttemplates/202211.1.0/otBannerSdk.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:42:01 GMT
content-type: application/javascript
content-length: 93485
content-encoding: gzip
content-md5: 9qSRvp3H9roScfT6qXUxeQ==
last-modified: Wed, 30 Nov 2022 07:37:09 GMT
etag: 0x8DAD2A5B0177E6D
x-ms-request-id: 7cacc22c-c01e-014f-273e-055aab000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 72239
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776b125d593db518-OSL
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 9b59579b4cb11a46694b742450f0729a
49ffc1a31a68563dc1fd48a1d3974e620842fae9
bc69fb8b623706ab20ecb5088413038e048bb3015cf3b290d61cae38e787bc96
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:42:01 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Tue, 13 Dec 2022 03:34:29 GMT
ETag: "49ffc1a31a68563dc1fd48a1d3974e620842fae9"
Last-Modified: Fri, 09 Dec 2022 03:34:30 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 492
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776b125d7df80b51-OSL
adservice.google.no/ddm/fls/i/src=10697551;type=pagev0;cat=allvi0;ord=532627560173;gtm=2wgbu0;gcs=G111;auiddc=1118582409.1670560920;u1=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287;~oref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287
142.250.74.130200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=10697551;type=pagev0;cat=allvi0;ord=532627560173;gtm=2wgbu0;gcs=G111;auiddc=1118582409.1670560920;u1=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287;~oref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=10697551;type=pagev0;cat=allvi0;ord=532627560173;gtm=2wgbu0;gcs=G111;auiddc=1118582409.1670560920;u1=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287;~oref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287 HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 04:42:01 GMT
expires: Fri, 09 Dec 2022 04:42:01 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.cookielaw.org/consent/68edbfbe-e009-4939-a55b-f4c65daa640b/ad5c42f4-14cd-4309-be4a-e049aeb7b78d/en.json
104.16.148.64200 OK 12 kB URL HTTP/2 cdn.cookielaw.org/consent/68edbfbe-e009-4939-a55b-f4c65daa640b/ad5c42f4-14cd-4309-be4a-e049aeb7b78d/en.json
IP 104.16.148.64:0
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (48198), with no line terminators
Hash b423017d2eccc05cb5e3921d36eeb535
b989dd503a71fa6a448860a5d59c28bbceee910b
b8aab8ba299a063e0e5faacea59d7cc56da466c0fd3b91a8d03480184eaf7495
GET /consent/68edbfbe-e009-4939-a55b-f4c65daa640b/ad5c42f4-14cd-4309-be4a-e049aeb7b78d/en.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:42:01 GMT
content-type: application/x-javascript
content-length: 11485
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: tCMBfS7MwFy145IdNu61NQ==
last-modified: Fri, 25 Nov 2022 10:09:21 GMT
etag: 0x8DACECD1F1475FC
x-ms-request-id: ba3e27e9-f01e-00e9-15b6-0024e0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 65585
expires: Sat, 10 Dec 2022 04:42:01 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776b125dd967b518-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 48487c86e61361cb1055f9ab315d3b4e
8bb6ce1c9bbd0315b9bf8173ba6d2c21f2c120ef
9899e720c3cf6f0b777190c161de072637351830d45236355ae08db668a98eba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:42:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/watch/14976586/1?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A866%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A3%3Adp%3A0%3Als%3A683677183937%3Ahid%3A228847429%3Az%3A0%3Ai%3A20221209044200%3Aet%3A1670560920%3Ac%3A1%3Arn%3A1031475197%3Arqn%3A1%3Au%3A1670560920163701553%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A67%2C21%2C8%2C0%2C517%2C0%2C%2C258%2C56%2C%2C%2C%2C880%3Aco%3A0%3Ans%3A1670560918757%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670560920%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29mc%28g-2%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
87.250.250.119200 OK 419 B URL HTTP/2 mc.yandex.ru/watch/14976586/1?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A866%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A3%3Adp%3A0%3Als%3A683677183937%3Ahid%3A228847429%3Az%3A0%3Ai%3A20221209044200%3Aet%3A1670560920%3Ac%3A1%3Arn%3A1031475197%3Arqn%3A1%3Au%3A1670560920163701553%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A67%2C21%2C8%2C0%2C517%2C0%2C%2C258%2C56%2C%2C%2C%2C880%3Aco%3A0%3Ans%3A1670560918757%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670560920%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29mc%28g-2%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash 10fd013b56170753ab76129bddd856c4
bcda6ee043fdb864b21a35eba0fa338b8f651158
dda922687e6cac47577adee73f0598f5b02ec1f9dd19820a61d6275f56b12609
GET /watch/14976586/1?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A866%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A3%3Adp%3A0%3Als%3A683677183937%3Ahid%3A228847429%3Az%3A0%3Ai%3A20221209044200%3Aet%3A1670560920%3Ac%3A1%3Arn%3A1031475197%3Arqn%3A1%3Au%3A1670560920163701553%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A67%2C21%2C8%2C0%2C517%2C0%2C%2C258%2C56%2C%2C%2C%2C880%3Aco%3A0%3Ans%3A1670560918757%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670560920%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29mc%28g-2%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Referer: https://promo.worldofwarships.eu/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 419
date: Fri, 09 Dec 2022 04:42:01 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://promo.worldofwarships.eu
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Dec-2022 04:42:01 GMT
last-modified: Fri, 09-Dec-2022 04:42:01 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/14976586?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A866%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A3%3Adp%3A0%3Als%3A683677183937%3Ahid%3A228847429%3Az%3A0%3Ai%3A20221209044200%3Aet%3A1670560920%3Ac%3A1%3Arn%3A1031475197%3Arqn%3A1%3Au%3A1670560920163701553%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A67%2C21%2C8%2C0%2C517%2C0%2C%2C258%2C56%2C%2C%2C%2C880%3Aco%3A0%3Ans%3A1670560918757%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670560920%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.250.119302 Found 419 B URL HTTP/2 mc.yandex.ru/watch/14976586?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A866%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A3%3Adp%3A0%3Als%3A683677183937%3Ahid%3A228847429%3Az%3A0%3Ai%3A20221209044200%3Aet%3A1670560920%3Ac%3A1%3Arn%3A1031475197%3Arqn%3A1%3Au%3A1670560920163701553%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A67%2C21%2C8%2C0%2C517%2C0%2C%2C258%2C56%2C%2C%2C%2C880%3Aco%3A0%3Ans%3A1670560918757%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670560920%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash 6950cdba09f0b1b75e88d31228622053
63982e5dc673496f4aa4a5655f649d700c57e266
cc5f9c0b5ec2a4d83aa0c865544df57642e56ec6ea671f50c53f6857c8c6b3c2
GET /watch/14976586?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A866%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A3%3Adp%3A0%3Als%3A683677183937%3Ahid%3A228847429%3Az%3A0%3Ai%3A20221209044200%3Aet%3A1670560920%3Ac%3A1%3Arn%3A1031475197%3Arqn%3A1%3Au%3A1670560920163701553%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A67%2C21%2C8%2C0%2C517%2C0%2C%2C258%2C56%2C%2C%2C%2C880%3Aco%3A0%3Ans%3A1670560918757%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670560920%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /watch/14976586/1?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A866%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A3%3Adp%3A0%3Als%3A683677183937%3Ahid%3A228847429%3Az%3A0%3Ai%3A20221209044200%3Aet%3A1670560920%3Ac%3A1%3Arn%3A1031475197%3Arqn%3A1%3Au%3A1670560920163701553%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A67%2C21%2C8%2C0%2C517%2C0%2C%2C258%2C56%2C%2C%2C%2C880%3Aco%3A0%3Ans%3A1670560918757%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670560920%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29mc%28g-2%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Fri, 09 Dec 2022 04:42:01 GMT
access-control-allow-origin: https://promo.worldofwarships.eu
set-cookie: yabs-sid=949382901670560921; Path=/; SameSite=None; Secure
i=74PB50hIKPWEZGAClhzYJxim1jfs676RoTMjMqFKAsE2JW/GiqkwyVj9sDF2KcbFUzA6T/C+eRnBohW93eqpCsitxpo=; Expires=Mon, 06-Dec-2032 04:42:00 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=4536366461670560921; Expires=Sat, 09-Dec-2023 04:42:01 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=4536366461670560921; Expires=Sat, 09-Dec-2023 04:42:01 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1702096921.yc.1670560921#1702096921.yrts.1670560921#1702096921.yrtsi.1670560921; Expires=Sat, 09-Dec-2023 04:42:01 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Dec-2022 04:42:01 GMT
last-modified: Fri, 09-Dec-2022 04:42:01 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/71343676/1?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A866%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A2%3Adp%3A0%3Als%3A324513253648%3Ahid%3A228847429%3Az%3A0%3Ai%3A20221209044200%3Aet%3A1670560920%3Ac%3A1%3Arn%3A439903513%3Arqn%3A1%3Au%3A1670560920163701553%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A67%2C21%2C8%2C0%2C517%2C0%2C%2C258%2C56%2C%2C%2C%2C880%3Aco%3A0%3Ans%3A1670560918757%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670560920%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
87.250.250.119200 OK 400 B URL HTTP/2 mc.yandex.ru/watch/71343676/1?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A866%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A2%3Adp%3A0%3Als%3A324513253648%3Ahid%3A228847429%3Az%3A0%3Ai%3A20221209044200%3Aet%3A1670560920%3Ac%3A1%3Arn%3A439903513%3Arqn%3A1%3Au%3A1670560920163701553%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A67%2C21%2C8%2C0%2C517%2C0%2C%2C258%2C56%2C%2C%2C%2C880%3Aco%3A0%3Ans%3A1670560918757%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670560920%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash 5e6e895c86d3918b9a006674c33992c0
4f1c7aa20c1bc4fba2ad19123e2d988f64000521
e9f7a2d46deff5cf93472c84b6058c543b598241e40e2c04c9aaca750035ba15
GET /watch/71343676/1?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A866%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A2%3Adp%3A0%3Als%3A324513253648%3Ahid%3A228847429%3Az%3A0%3Ai%3A20221209044200%3Aet%3A1670560920%3Ac%3A1%3Arn%3A439903513%3Arqn%3A1%3Au%3A1670560920163701553%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A67%2C21%2C8%2C0%2C517%2C0%2C%2C258%2C56%2C%2C%2C%2C880%3Aco%3A0%3Ans%3A1670560918757%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670560920%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Referer: https://promo.worldofwarships.eu/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Fri, 09 Dec 2022 04:42:01 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://promo.worldofwarships.eu
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Dec-2022 04:42:01 GMT
last-modified: Fri, 09-Dec-2022 04:42:01 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/202211.1.0/assets/otCenterRounded.json
104.16.148.64200 OK 2.6 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/202211.1.0/assets/otCenterRounded.json
IP 104.16.148.64:0
File type JSON data\012- , ASCII text, with very long lines (7753)
Hash 688f5aef949a8982bda0771893cc67d3
c50441dea985350ab305848e2d87d6286adfda3c
da30c398b0e6646c44fc5a53e44371004a33267d6cd07404775ab6380979b058
GET /scripttemplates/202211.1.0/assets/otCenterRounded.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:42:01 GMT
content-type: application/json
content-length: 2639
content-encoding: gzip
content-md5: aI9a75SaiYK9oHcYk8xn0w==
last-modified: Wed, 30 Nov 2022 07:37:01 GMT
etag: 0x8DAD2A5AB6C83EE
x-ms-request-id: 448de741-101e-008e-32c9-049747000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 65585
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776b125e79a4b518-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/202211.1.0/assets/v2/otPcCenter.json
104.16.148.64200 OK 12 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/202211.1.0/assets/v2/otPcCenter.json
IP 104.16.148.64:0
File type JSON data\012- , ASCII text, with very long lines (50353)
Hash 0cd2fb0fd730954ef2159520d96f1934
d2656260dfdac230479c8e7dc44444e9d5c8faf2
b821093423791675ca31c2d688b528b329737cca90ef62bc44f5c5b39423c8f6
GET /scripttemplates/202211.1.0/assets/v2/otPcCenter.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:42:01 GMT
content-type: application/json
content-length: 12540
content-encoding: gzip
content-md5: DNL7D9cwlU7yFZUg2W8ZNA==
last-modified: Wed, 30 Nov 2022 07:37:02 GMT
etag: 0x8DAD2A5AC58BC53
x-ms-request-id: fbcd2477-d01e-00ba-40c9-0438ef000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 65585
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776b125e79a5b518-OSL
X-Firefox-Spdy: h2
q.quora.com/_/ad/e4652778ed5c49c1b1a36d8c41a61ba9/pixel?j=1&u=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&tag=ViewContent&ts=1670560920055
100.25.7.120200 OK 43 B URL HTTP/1.1 q.quora.com/_/ad/e4652778ed5c49c1b1a36d8c41a61ba9/pixel?j=1&u=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&tag=ViewContent&ts=1670560920055
IP 100.25.7.120:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /_/ad/e4652778ed5c49c1b1a36d8c41a61ba9/pixel?j=1&u=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&tag=ViewContent&ts=1670560920055 HTTP/1.1
Host: q.quora.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Date: Fri, 09 Dec 2022 04:42:01 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,2299e7a8b05aa90a228b5cff98b801d3,10.0.0.34,34332,91.90.42.154,,84928785650,1,1670560921.307,0.001,,.,0,0,0.000,0.004,-,0,0,197,168,84,10,34729,,,,,,-,
Content-Length: 43
Connection: keep-alive
mc.yandex.ru/watch/45727869/1?page-url=goal%3A%2F%2Fpromo.worldofwarships.eu%2FWOWS_All-visitors_LP_set&page-ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&charset=utf-8&hittoken=1670560921_365ac58d6103230d7b045e32c89153c07c26c207260ac6500938809f43f52c92&browser-info=ar%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A1%3Adp%3A0%3Als%3A526617896282%3Ahid%3A228847429%3Az%3A0%3Ai%3A20221209044200%3Aet%3A1670560921%3Ac%3A1%3Arn%3A951004975%3Arqn%3A2%3Au%3A1670560920163701553%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Aeu%3A1%3Ans%3A1670560918757%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670560921%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29mc%28g-2%29clc%280-0-0%29rqnt%282%29aw%281%29ecs%281%29fip%281%29ti%282%29
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/45727869/1?page-url=goal%3A%2F%2Fpromo.worldofwarships.eu%2FWOWS_All-visitors_LP_set&page-ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&charset=utf-8&hittoken=1670560921_365ac58d6103230d7b045e32c89153c07c26c207260ac6500938809f43f52c92&browser-info=ar%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A1%3Adp%3A0%3Als%3A526617896282%3Ahid%3A228847429%3Az%3A0%3Ai%3A20221209044200%3Aet%3A1670560921%3Ac%3A1%3Arn%3A951004975%3Arqn%3A2%3Au%3A1670560920163701553%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Aeu%3A1%3Ans%3A1670560918757%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670560921%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29mc%28g-2%29clc%280-0-0%29rqnt%282%29aw%281%29ecs%281%29fip%281%29ti%282%29
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/45727869/1?page-url=goal%3A%2F%2Fpromo.worldofwarships.eu%2FWOWS_All-visitors_LP_set&page-ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&charset=utf-8&hittoken=1670560921_365ac58d6103230d7b045e32c89153c07c26c207260ac6500938809f43f52c92&browser-info=ar%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A1%3Adp%3A0%3Als%3A526617896282%3Ahid%3A228847429%3Az%3A0%3Ai%3A20221209044200%3Aet%3A1670560921%3Ac%3A1%3Arn%3A951004975%3Arqn%3A2%3Au%3A1670560920163701553%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Aeu%3A1%3Ans%3A1670560918757%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670560921%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29mc%28g-2%29clc%280-0-0%29rqnt%282%29aw%281%29ecs%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Referer: https://promo.worldofwarships.eu/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 09 Dec 2022 04:42:01 GMT
access-control-allow-origin: https://promo.worldofwarships.eu
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Dec-2022 04:42:01 GMT
last-modified: Fri, 09-Dec-2022 04:42:01 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/45727869?page-url=goal%3A%2F%2Fpromo.worldofwarships.eu%2FWOWS_All-visitors_LP_set&page-ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&charset=utf-8&hittoken=1670560921_365ac58d6103230d7b045e32c89153c07c26c207260ac6500938809f43f52c92&browser-info=ar%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A1%3Adp%3A0%3Als%3A526617896282%3Ahid%3A228847429%3Az%3A0%3Ai%3A20221209044200%3Aet%3A1670560921%3Ac%3A1%3Arn%3A951004975%3Arqn%3A2%3Au%3A1670560920163701553%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Aeu%3A1%3Ans%3A1670560918757%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670560921%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(2)aw(1)ecs(1)fip(1)ti(2)
87.250.250.119302 Found 43 B URL HTTP/2 mc.yandex.ru/watch/45727869?page-url=goal%3A%2F%2Fpromo.worldofwarships.eu%2FWOWS_All-visitors_LP_set&page-ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&charset=utf-8&hittoken=1670560921_365ac58d6103230d7b045e32c89153c07c26c207260ac6500938809f43f52c92&browser-info=ar%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A1%3Adp%3A0%3Als%3A526617896282%3Ahid%3A228847429%3Az%3A0%3Ai%3A20221209044200%3Aet%3A1670560921%3Ac%3A1%3Arn%3A951004975%3Arqn%3A2%3Au%3A1670560920163701553%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Aeu%3A1%3Ans%3A1670560918757%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670560921%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(2)aw(1)ecs(1)fip(1)ti(2)
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/45727869?page-url=goal%3A%2F%2Fpromo.worldofwarships.eu%2FWOWS_All-visitors_LP_set&page-ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&charset=utf-8&hittoken=1670560921_365ac58d6103230d7b045e32c89153c07c26c207260ac6500938809f43f52c92&browser-info=ar%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A1%3Adp%3A0%3Als%3A526617896282%3Ahid%3A228847429%3Az%3A0%3Ai%3A20221209044200%3Aet%3A1670560921%3Ac%3A1%3Arn%3A951004975%3Arqn%3A2%3Au%3A1670560920163701553%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Aeu%3A1%3Ans%3A1670560918757%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670560921%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(2)aw(1)ecs(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/45727869/1?page-url=goal%3A%2F%2Fpromo.worldofwarships.eu%2FWOWS_All-visitors_LP_set&page-ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&charset=utf-8&hittoken=1670560921_365ac58d6103230d7b045e32c89153c07c26c207260ac6500938809f43f52c92&browser-info=ar%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A1%3Adp%3A0%3Als%3A526617896282%3Ahid%3A228847429%3Az%3A0%3Ai%3A20221209044200%3Aet%3A1670560921%3Ac%3A1%3Arn%3A951004975%3Arqn%3A2%3Au%3A1670560920163701553%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Aeu%3A1%3Ans%3A1670560918757%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670560921%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29mc%28g-2%29clc%280-0-0%29rqnt%282%29aw%281%29ecs%281%29fip%281%29ti%282%29
date: Fri, 09 Dec 2022 04:42:01 GMT
access-control-allow-origin: https://promo.worldofwarships.eu
set-cookie: yabs-sid=460504701670560921; Path=/; SameSite=None; Secure
i=0Iw85hN6tyQq8bII5ulAphIfow13C70na7RVZoSILiML47V+8muz0270ndUT8S/BY5PxInkWVA0OiFlSOWgdQ+iidDs=; Expires=Mon, 06-Dec-2032 04:41:59 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=5812465091670560921; Expires=Sat, 09-Dec-2023 04:42:01 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=5812465091670560921; Expires=Sat, 09-Dec-2023 04:42:01 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1702096921.yc.1670560921#1702096921.yrts.1670560921#1702096921.yrtsi.1670560921; Expires=Sat, 09-Dec-2023 04:42:01 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Dec-2022 04:42:01 GMT
last-modified: Fri, 09-Dec-2022 04:42:01 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
cdn.cookielaw.org/logos/04fe1919-d767-41dc-abd4-f409a111f829/d0c760aa-d1b6-44a8-964c-9ae294f365f3/40885536-3b1f-4688-b7c1-39913d45a61e/wg_logo_secondversion_white1r.png
104.16.148.64200 OK 13 kB URL HTTP/2 cdn.cookielaw.org/logos/04fe1919-d767-41dc-abd4-f409a111f829/d0c760aa-d1b6-44a8-964c-9ae294f365f3/40885536-3b1f-4688-b7c1-39913d45a61e/wg_logo_secondversion_white1r.png
IP 104.16.148.64:0
File type PNG image data, 1000 x 320, 8-bit/color RGBA, non-interlaced\012- data
Hash c90475872d8975dcc4b5ed7db6cc5e28
1e5a413845f5d501c174ae4940e1329a2575067f
e79eb16948cca42e0f7884fad7637fa6ec69117a07dbc04cc8b3ea7ebeaef719
GET /logos/04fe1919-d767-41dc-abd4-f409a111f829/d0c760aa-d1b6-44a8-964c-9ae294f365f3/40885536-3b1f-4688-b7c1-39913d45a61e/wg_logo_secondversion_white1r.png HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:42:01 GMT
content-type: image/png
content-length: 13003
content-md5: yQR1hy2JddzEte19tsxeKA==
last-modified: Fri, 02 Oct 2020 14:20:55 GMT
etag: 0x8D866DE604098C2
x-ms-request-id: 80efabc0-001e-0056-516d-c43096000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 72344
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776b125f8a22b518-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/logos/static/powered_by_logo.svg
104.16.148.64200 OK 2.9 kB URL HTTP/2 cdn.cookielaw.org/logos/static/powered_by_logo.svg
IP 104.16.148.64:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6911), with no line terminators
Hash 5f5049e6d11d9a1230c79164a51deabf
2ae2ae33d9e0e6f573da9f6f17e52e8c6eb1d237
0700813e7022c90364a5c54d00c06089b898af9111f504ae5109a50d7728ffe8
GET /logos/static/powered_by_logo.svg HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:42:01 GMT
content-type: image/svg+xml
content-md5: nvsqHj63Mt+zbyhgtmGw4w==
last-modified: Wed, 07 Dec 2022 03:42:59 GMT
x-ms-request-id: 9735e146-001e-00de-30b0-0a884f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 72242
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776b125f8a23b518-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1006839708/?random=1670560919936&cv=11&fst=1670558400000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&tiba=World%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high&fmt=3&is_vtc=1&random=1520816413&rmt_tld=1&ipr=y
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1006839708/?random=1670560919936&cv=11&fst=1670558400000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&tiba=World%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high&fmt=3&is_vtc=1&random=1520816413&rmt_tld=1&ipr=y
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1006839708/?random=1670560919936&cv=11&fst=1670558400000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&tiba=World%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high&fmt=3&is_vtc=1&random=1520816413&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 04:42:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
87.250.250.119200 OK 74 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.250.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (598)
Hash fb08b4dcffe04b350ba8e7ab80a999a1
dae801d33784397b3ff8fec4b8e7682c4baecea9
62bc4d320a556ec3c63dca1ce47d9e55a2bc15c4eef472f15e5adfb5fd451ad6
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 73711
date: Fri, 09 Dec 2022 04:42:01 GMT
access-control-allow-origin: *
etag: "6391b12a-11fef"
expires: Fri, 09 Dec 2022 05:42:01 GMT
last-modified: Thu, 08 Dec 2022 12:40:58 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 09 Dec 2022 04:42:01 GMT
access-control-allow-origin: *
etag: "6391b12a-2b"
expires: Fri, 09 Dec 2022 05:42:01 GMT
accept-ranges: bytes
last-modified: Thu, 08 Dec 2022 12:40:58 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 32d90ff0cc366730c3633c1201b4c058
f4175292b607197a15085e14bf69df301dff6706
b4b2f80fbe9b02f3d54dc35a3738c31a4d7cb5a5e528fcbce50263d8c458231a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:42:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
alb.reddit.com/rp.gif?ts=1670560920063&id=t2_3dbm3hwf&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=49541190-819b-4a8c-8de0-b77803fc43db&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
151.101.129.140200 OK 42 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1670560920063&id=t2_3dbm3hwf&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=49541190-819b-4a8c-8de0-b77803fc43db&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
IP 151.101.129.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rp.gif?ts=1670560920063&id=t2_3dbm3hwf&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=49541190-819b-4a8c-8de0-b77803fc43db&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Fri, 09 Dec 2022 04:42:01 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
s.yimg.jp/images/listing/tool/cv/ytag.js
183.79.249.124200 OK 9.8 kB URL HTTP/2 s.yimg.jp/images/listing/tool/cv/ytag.js
IP 183.79.249.124:0
File type ASCII text, with very long lines (32042), with no line terminators
Hash 756de2120f79f1aa501b0e0b490dca58
4a4b8d596749960af503ec1309b6bd821a7bdbf3
128c1c4b2018808bbe4ec25198b92ef894df5a131cf0ca647dbd3ada66ba939e
GET /images/listing/tool/cv/ytag.js HTTP/1.1
Host: s.yimg.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Fri, 09 Dec 2022 04:32:38 GMT
vary: Accept-Encoding
last-modified: Tue, 30 Aug 2022 04:48:29 GMT
cache-control: public, max-age=600
content-encoding: gzip
server: ATS
age: 564
content-length: 9790
ats-carp-promotion: 1
x-z-chihaya: r=1
X-Firefox-Spdy: h2
b92.yahoo.co.jp/rt/?p=26NUFXJP68&label=&ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&rref=&pt=home&item=&cat=&price=&quantity=&r=1670560921.0089135&pvid=9493f7dovaglbg0u8lq&tsyjad=0&_impl=ytag
183.79.249.124403 Forbidden 14 kB URL HTTP/2 b92.yahoo.co.jp/rt/?p=26NUFXJP68&label=&ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&rref=&pt=home&item=&cat=&price=&quantity=&r=1670560921.0089135&pvid=9493f7dovaglbg0u8lq&tsyjad=0&_impl=ytag
IP 183.79.249.124:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (486)
Hash e986e7a04549f3bef16fe1bb24e61acd
b3ec35460824fae12cf6342ae42d27597ec94fb7
e8b72fe96bc96ffcfef2cdf8ebb503ac854e5c2997ae389b96d04bf78f478edd
GET /rt/?p=26NUFXJP68&label=&ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&rref=&pt=home&item=&cat=&price=&quantity=&r=1670560921.0089135&pvid=9493f7dovaglbg0u8lq&tsyjad=0&_impl=ytag HTTP/1.1
Host: b92.yahoo.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Fri, 09 Dec 2022 04:42:02 GMT
server: ATS
x-z-chihaya: r=1
x-frame-options: SAMEORIGIN
content-length: 14275
content-type: text/html
X-Firefox-Spdy: h2
s.adroll.com/j/roundtrip.js
143.204.55.31200 OK 17 kB URL HTTP/1.1 s.adroll.com/j/roundtrip.js
IP 143.204.55.31:0
File type ASCII text, with very long lines (1096)
Hash da0ef5422cebb1b883b05addc9d27ac7
a59eff4f39686a2b426f0ca188a00f59f72fbdc1
a53b1d0caa02bf28784e7dc940629114955e8887cdb184fad5ff185ed3d5f32b
GET /j/roundtrip.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 15:45:06 GMT
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: 9xobUm0MAvJh1LhW_hNgjVEGwDCPHXvN
Server: AmazonS3
Content-Encoding: gzip
Date: Fri, 09 Dec 2022 03:51:08 GMT
Cache-Control: max-age=3600, must-revalidate
Etag: W/"b1aa61e95e42ee6f3c520b6a2fc39cfa"
Vary: Accept-Encoding
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
Age: 3056
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wrVlWzttC3V-eBaQurkPtRKxJA3ibMG45D5uswF-15qaiiqir9ei0Q==
s.adroll.com/j/exp/5DEKGEZXIZFGBAVTF7IHV4/index.js
143.204.55.31302 Moved Temporarily 0 B URL HTTP/1.1 s.adroll.com/j/exp/5DEKGEZXIZFGBAVTF7IHV4/index.js
IP 143.204.55.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /j/exp/5DEKGEZXIZFGBAVTF7IHV4/index.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Content-Type: application/xml
Content-Length: 0
Connection: keep-alive
Date: Thu, 08 Dec 2022 22:11:39 GMT
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
Age: 23422
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WIivBP7vO2vlNIJRAX8trXW2vArxMJacV5oKVpar6UzBVSCZMrZvlg==
s.adroll.com/j/pre/5DEKGEZXIZFGBAVTF7IHV4/LEK33SDIZZFERBERPONNLY/index.js
143.204.55.31200 OK 0 B URL HTTP/1.1 s.adroll.com/j/pre/5DEKGEZXIZFGBAVTF7IHV4/LEK33SDIZZFERBERPONNLY/index.js
IP 143.204.55.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /j/pre/5DEKGEZXIZFGBAVTF7IHV4/LEK33SDIZZFERBERPONNLY/index.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Last-Modified: Thu, 10 Nov 2022 20:03:58 GMT
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: wdhjnh.C2Yr7gZpYdNIYYxYkajKNLTmY
Accept-Ranges: bytes
Server: AmazonS3
Date: Fri, 09 Dec 2022 04:31:41 GMT
Cache-Control: max-age=3600, must-revalidate
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
Age: 1201
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: E8cRyr9B91zzzx9mAphjbU8-JvD05P1A5NUsQSbQeynn78hXUP1lBw==
s.adroll.com/j/pre/5DEKGEZXIZFGBAVTF7IHV4/LEK33SDIZZFERBERPONNLY/fpconsent.js
143.204.55.31302 Moved Temporarily 0 B URL HTTP/1.1 s.adroll.com/j/pre/5DEKGEZXIZFGBAVTF7IHV4/LEK33SDIZZFERBERPONNLY/fpconsent.js
IP 143.204.55.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /j/pre/5DEKGEZXIZFGBAVTF7IHV4/LEK33SDIZZFERBERPONNLY/fpconsent.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Content-Type: application/xml
Content-Length: 0
Connection: keep-alive
Date: Fri, 09 Dec 2022 00:41:58 GMT
Server: AmazonS3
Location: https://s.adroll.com/j/pre/index.js
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
Age: 14403
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3H7WaRnhii5dSkUlTpwbyDQAfdW3B_YdPxmp6HA4Vd8HtoxtMGjs_g==
s.adroll.com/j/exp/index.js
143.204.55.31200 OK 28 B URL HTTP/1.1 s.adroll.com/j/exp/index.js
IP 143.204.55.31:0
File type ASCII text, with no line terminators
Hash 5816cced8568d223aa09d889f300692b
95cab5e474d7391762c3da5c7dc50fcf05df529f
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
GET /j/exp/index.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 28
Connection: keep-alive
Last-Modified: Fri, 14 Oct 2022 18:57:24 GMT
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: 3TnMO1iw0qw17MhnYw4sprJhuU7ahGp7
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 08 Dec 2022 14:45:08 GMT
Etag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
Age: 50215
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tgesxXkggNtV5WGJks2w01cn9hZl6e0etZMFgOkpVTdPRQ4z9svYIQ==
s.adroll.com/j/pre/index.js
143.204.55.31200 OK 0 B URL HTTP/1.1 s.adroll.com/j/pre/index.js
IP 143.204.55.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /j/pre/index.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 08 Dec 2022 08:30:37 GMT
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
Age: 72687
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rQBDfwwrplp93I3uV7sQgwqYYg4SBeuqA9J0xBifKbU_GwvlnmYGtw==
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 00f5b3bb1de5d7d0dd8e848bf8d7cca1
e7eeaf4bf24824ab21bfa2b35384e57db7bf5288
62d317b6dc90b97c4e9530f8bb3d132c6962d2c39bc5a20354d1884546c70170
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=153405
Date: Fri, 09 Dec 2022 04:42:03 GMT
Etag: "63926593-1d7"
Expires: Sat, 10 Dec 2022 23:18:48 GMT
Last-Modified: Thu, 08 Dec 2022 22:30:43 GMT
Server: ECS (nyb/1D12)
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kR7IP0AUEK6wUByRCYMZiZegF9efgfaBPE5AbnKhpXoUTi1O4IyHew==
Age: 2885
d.adroll.com/consent/check/5DEKGEZXIZFGBAVTF7IHV4?pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&_s=16916a79ddef0d83cfdd76f512f10c50&_b=2
52.209.81.133200 OK 461 B URL HTTP/2 d.adroll.com/consent/check/5DEKGEZXIZFGBAVTF7IHV4?pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&_s=16916a79ddef0d83cfdd76f512f10c50&_b=2
IP 52.209.81.133:0
File type ASCII text, with very long lines (461), with no line terminators
Hash d146675a8db306f79142b774da0d9352
1cc6da4086e03ab15fde4059e2205fa073481099
ebb993dcc362feb220fa30135517d352759e881bdce8e9d1ae50ac9ca3a6fea9
GET /consent/check/5DEKGEZXIZFGBAVTF7IHV4?pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&_s=16916a79ddef0d83cfdd76f512f10c50&_b=2 HTTP/1.1
Host: d.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:42:03 GMT
content-type: application/javascript
content-length: 461
server: nginx/1.22.0
cache-control: no-store, no-cache, must-revalidate
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
set-cookie: __adroll=a54cd93952b22f608fa75726f06554b9-a_1670560923; Version=1; Expires=Mon, 08-Jan-2024 04:42:03 GMT; Max-Age=34128000; Path=/; HttpOnly; SameSite=None; Secure; Domain=d.adroll.com
__adroll_shared=a54cd93952b22f608fa75726f06554b9-a_1670560923; Version=1; Expires=Mon, 08-Jan-2024 04:42:03 GMT; Max-Age=34128000; Path=/; HttpOnly; SameSite=None; Secure; Domain=adroll.com
X-Firefox-Spdy: h2
d.adroll.com/pixel/5DEKGEZXIZFGBAVTF7IHV4/LEK33SDIZZFERBERPONNLY?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&cookie=&adroll_s_ref=&keyw=
52.209.81.133302 Found 0 B URL HTTP/2 d.adroll.com/pixel/5DEKGEZXIZFGBAVTF7IHV4/LEK33SDIZZFERBERPONNLY?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&cookie=&adroll_s_ref=&keyw=
IP 52.209.81.133:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/5DEKGEZXIZFGBAVTF7IHV4/LEK33SDIZZFERBERPONNLY?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&cookie=&adroll_s_ref=&keyw= HTTP/1.1
Host: d.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 09 Dec 2022 04:42:03 GMT
content-length: 0
location: https://s.adroll.com/pixel/5DEKGEZXIZFGBAVTF7IHV4/LEK33SDIZZFERBERPONNLY/T7KB52I6CJEZ3FZ557J2BD.js
server: nginx/1.22.0
cache-control: no-store, no-cache, must-revalidate
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
set-cookie: __adroll=7269e19617f722b7e8d7212bed172feb-a_1670560923; Version=1; Expires=Mon, 08-Jan-2024 04:42:02 GMT; Max-Age=34128000; Path=/; HttpOnly; SameSite=None; Secure; Domain=d.adroll.com
__adroll_shared=7269e19617f722b7e8d7212bed172feb-a_1670560923; Version=1; Expires=Mon, 08-Jan-2024 04:42:02 GMT; Max-Age=34128000; Path=/; HttpOnly; SameSite=None; Secure; Domain=adroll.com
x-advertisable-eid: 5DEKGEZXIZFGBAVTF7IHV4
x-conversion-currency:
x-conversion-value: 0.00
x-pixel-eid: LEK33SDIZZFERBERPONNLY
x-rule: *
x-rule-type: p
x-segment-display-name: Visitors to Unsegmented Pages
x-segment-eid: T7KB52I6CJEZ3FZ557J2BD
x-segment-name: *
X-Firefox-Spdy: h2
s.adroll.com/pixel/5DEKGEZXIZFGBAVTF7IHV4/LEK33SDIZZFERBERPONNLY/T7KB52I6CJEZ3FZ557J2BD.js
143.204.55.31200 OK 1.6 kB URL HTTP/1.1 s.adroll.com/pixel/5DEKGEZXIZFGBAVTF7IHV4/LEK33SDIZZFERBERPONNLY/T7KB52I6CJEZ3FZ557J2BD.js
IP 143.204.55.31:0
File type ASCII text, with very long lines (657)
Hash e0273eb2dfa4a1a2c324646ef4fa4913
f1dd935a49f9dd2fffad31ca99c289ab29e9053d
43984e453c2a5c5e1953441391b79b4f949de6d14d1eba17951cd5db2c3d9244
GET /pixel/5DEKGEZXIZFGBAVTF7IHV4/LEK33SDIZZFERBERPONNLY/T7KB52I6CJEZ3FZ557J2BD.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 19:53:23 GMT
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: uRJRZWC66nmx.Z9zELdJYNT8cBs_ICw9
Server: AmazonS3
Content-Encoding: gzip
Date: Fri, 09 Dec 2022 04:39:33 GMT
Cache-Control: max-age=3600, must-revalidate
Etag: W/"8be3f27d194c30f1f6fe5862e987202b"
Vary: Accept-Encoding
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
Age: 309
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NcP3nsEh9ph1I3EBA5scv3t4k5XEH_3YOMxm0SiXaRf46A2V1eTSdg==
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F111d6163-0ce5-4897-9a84-a9cefa74d2a9.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F111d6163-0ce5-4897-9a84-a9cefa74d2a9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e00cf5825452b2f69b0ac859dccb64ab
60aed079c48181cf46cef4d1aaa1c316a7ef7048
3aea2aa14407b6ac9d64d0f35111fec50f51632adfc39047c15bde4afd148a78
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F111d6163-0ce5-4897-9a84-a9cefa74d2a9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7694
x-amzn-requestid: 0c67138c-1a6d-49ef-bd43-f9a7176679ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c2LZjFjrIAMFUSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63925909-764272151a0a4d284c6cb1bb;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 21:37:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aaEYG20Wueg557qEBq46sSUl3-_HxgZA73s-kPo3GmYgWgrGgFPl_Q==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:48:32 GMT
age: 24811
etag: "60aed079c48181cf46cef4d1aaa1c316a7ef7048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
d.adroll.com/cm/g/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4&google_nid=adroll5
52.209.81.133200 OK 42 B URL HTTP/2 d.adroll.com/cm/g/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4&google_nid=adroll5
IP 52.209.81.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cm/g/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4&google_nid=adroll5 HTTP/1.1
Host: d.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:42:03 GMT
content-type: image/gif
content-length: 42
server: nginx/1.22.0
cache-control: no-store, no-cache, must-revalidate
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
set-cookie: __adroll=8ffeeab50f6e172b1c2b87507ac40301-a_1670560923; Version=1; Expires=Mon, 08-Jan-2024 04:42:02 GMT; Max-Age=34128000; Path=/; HttpOnly; SameSite=None; Secure; Domain=d.adroll.com
__adroll_shared=8ffeeab50f6e172b1c2b87507ac40301-a_1670560923; Version=1; Expires=Mon, 08-Jan-2024 04:42:02 GMT; Max-Age=34128000; Path=/; HttpOnly; SameSite=None; Secure; Domain=adroll.com
X-Firefox-Spdy: h2
d.adroll.com/cm/b/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4
52.209.81.133200 OK 42 B URL HTTP/2 d.adroll.com/cm/b/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4
IP 52.209.81.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cm/b/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4 HTTP/1.1
Host: d.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:42:03 GMT
content-type: image/gif
content-length: 42
server: nginx/1.22.0
cache-control: no-store, no-cache, must-revalidate
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
set-cookie: __adroll=90b77882eaa7f42fef513659e28fb6e1-a_1670560923; Version=1; Expires=Mon, 08-Jan-2024 04:42:03 GMT; Max-Age=34128000; Path=/; HttpOnly; SameSite=None; Secure; Domain=d.adroll.com
__adroll_shared=90b77882eaa7f42fef513659e28fb6e1-a_1670560923; Version=1; Expires=Mon, 08-Jan-2024 04:42:03 GMT; Max-Age=34128000; Path=/; HttpOnly; SameSite=None; Secure; Domain=adroll.com
X-Firefox-Spdy: h2
d.adroll.com/cm/g/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4
52.209.81.133200 OK 42 B URL HTTP/2 d.adroll.com/cm/g/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4
IP 52.209.81.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cm/g/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4 HTTP/1.1
Host: d.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:42:03 GMT
content-type: image/gif
content-length: 42
server: nginx/1.22.0
cache-control: no-store, no-cache, must-revalidate
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
set-cookie: __adroll=997dd38cb4da8a82987f4669e6613bd1-a_1670560923; Version=1; Expires=Mon, 08-Jan-2024 04:42:02 GMT; Max-Age=34128000; Path=/; HttpOnly; SameSite=None; Secure; Domain=d.adroll.com
__adroll_shared=997dd38cb4da8a82987f4669e6613bd1-a_1670560923; Version=1; Expires=Mon, 08-Jan-2024 04:42:02 GMT; Max-Age=34128000; Path=/; HttpOnly; SameSite=None; Secure; Domain=adroll.com
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/global_static/age_ratings/v2/pegi_ext-in-game-purchases.svg
92.223.97.97200 OK 17 kB URL HTTP/2 promo-cdn.worldofwarships.com/global_static/age_ratings/v2/pegi_ext-in-game-purchases.svg
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
Hash 89beac45e5c385aaa96bb9e72c2ad58d
885d519ff401036b837bdfb4aa7185d060c4cc42
bc32954f1981aa48cf8d2e3e596490f4987ab7b3f80116fe9272ceff54c6ed6c
GET /global_static/age_ratings/v2/pegi_ext-in-game-purchases.svg HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:42:00 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Feb 2022 22:01:20 GMT
etag: W/"635ea99325f08d75fd8f09201f998f50"
x-amz-request-id: tx0000000000000002a85b2-00633fe0c3-1c445a09-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-06T08:22:20+00:00
x-id: sto5-up-gc11
content-encoding: gzip
X-Firefox-Spdy: h2
d.adroll.com/cm/l/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4
52.209.81.133200 OK 42 B URL HTTP/2 d.adroll.com/cm/l/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4
IP 52.209.81.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cm/l/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4 HTTP/1.1
Host: d.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:42:03 GMT
content-type: image/gif
content-length: 42
server: nginx/1.22.0
cache-control: no-transform,public,max-age=300,s-maxage=900
vary: Cookie
X-Firefox-Spdy: h2
d.adroll.com/cm/n/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4
52.209.81.133200 OK 42 B URL HTTP/2 d.adroll.com/cm/n/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4
IP 52.209.81.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cm/n/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4 HTTP/1.1
Host: d.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:42:03 GMT
content-type: image/gif
content-length: 42
server: nginx/1.22.0
cache-control: no-store, no-cache, must-revalidate
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
set-cookie: __adroll=f5e22f33e4bf8f364a937e193b197ae2-a_1670560923; Version=1; Expires=Mon, 08-Jan-2024 04:42:02 GMT; Max-Age=34128000; Path=/; HttpOnly; SameSite=None; Secure; Domain=d.adroll.com
__adroll_shared=f5e22f33e4bf8f364a937e193b197ae2-a_1670560923; Version=1; Expires=Mon, 08-Jan-2024 04:42:02 GMT; Max-Age=34128000; Path=/; HttpOnly; SameSite=None; Secure; Domain=adroll.com
X-Firefox-Spdy: h2
d.adroll.com/cm/o/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4
52.209.81.133200 OK 42 B URL HTTP/2 d.adroll.com/cm/o/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4
IP 52.209.81.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cm/o/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4 HTTP/1.1
Host: d.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:42:03 GMT
content-type: image/gif
content-length: 42
server: nginx/1.22.0
cache-control: no-store, no-cache, must-revalidate
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
set-cookie: __adroll=8d18b946990cbbfc3c56d56f4a52ec51-a_1670560923; Version=1; Expires=Mon, 08-Jan-2024 04:42:03 GMT; Max-Age=34128000; Path=/; HttpOnly; SameSite=None; Secure; Domain=d.adroll.com
__adroll_shared=8d18b946990cbbfc3c56d56f4a52ec51-a_1670560923; Version=1; Expires=Mon, 08-Jan-2024 04:42:03 GMT; Max-Age=34128000; Path=/; HttpOnly; SameSite=None; Secure; Domain=adroll.com
X-Firefox-Spdy: h2
d.adroll.com/cm/outbrain/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4
52.209.81.133200 OK 42 B URL HTTP/2 d.adroll.com/cm/outbrain/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4
IP 52.209.81.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cm/outbrain/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4 HTTP/1.1
Host: d.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:42:03 GMT
content-type: image/gif
content-length: 42
server: nginx/1.22.0
cache-control: no-store, no-cache, must-revalidate
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
set-cookie: __adroll=838dbdb652ad1667be8620e882e37a5f-a_1670560923; Version=1; Expires=Mon, 08-Jan-2024 04:42:02 GMT; Max-Age=34128000; Path=/; HttpOnly; SameSite=None; Secure; Domain=d.adroll.com
__adroll_shared=838dbdb652ad1667be8620e882e37a5f-a_1670560923; Version=1; Expires=Mon, 08-Jan-2024 04:42:02 GMT; Max-Age=34128000; Path=/; HttpOnly; SameSite=None; Secure; Domain=adroll.com
X-Firefox-Spdy: h2
d.adroll.com/cm/pubmatic/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4
52.209.81.133200 OK 42 B URL HTTP/2 d.adroll.com/cm/pubmatic/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4
IP 52.209.81.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cm/pubmatic/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4 HTTP/1.1
Host: d.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:42:03 GMT
content-type: image/gif
content-length: 42
server: nginx/1.22.0
cache-control: no-store, no-cache, must-revalidate
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
set-cookie: __adroll=8b3663061f4bfe00590160de8704605f-a_1670560923; Version=1; Expires=Mon, 08-Jan-2024 04:42:02 GMT; Max-Age=34128000; Path=/; HttpOnly; SameSite=None; Secure; Domain=d.adroll.com
__adroll_shared=8b3663061f4bfe00590160de8704605f-a_1670560923; Version=1; Expires=Mon, 08-Jan-2024 04:42:02 GMT; Max-Age=34128000; Path=/; HttpOnly; SameSite=None; Secure; Domain=adroll.com
X-Firefox-Spdy: h2
d.adroll.com/cm/r/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4
52.209.81.133200 OK 42 B URL HTTP/2 d.adroll.com/cm/r/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4
IP 52.209.81.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cm/r/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4 HTTP/1.1
Host: d.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:42:03 GMT
content-type: image/gif
content-length: 42
server: nginx/1.22.0
cache-control: no-store, no-cache, must-revalidate
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
set-cookie: __adroll=20cfbd5bd82f9605e5acc4b5e4213c19-a_1670560923; Version=1; Expires=Mon, 08-Jan-2024 04:42:03 GMT; Max-Age=34128000; Path=/; HttpOnly; SameSite=None; Secure; Domain=d.adroll.com
__adroll_shared=20cfbd5bd82f9605e5acc4b5e4213c19-a_1670560923; Version=1; Expires=Mon, 08-Jan-2024 04:42:03 GMT; Max-Age=34128000; Path=/; HttpOnly; SameSite=None; Secure; Domain=adroll.com
X-Firefox-Spdy: h2
d.adroll.com/cm/taboola/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4
52.209.81.133200 OK 42 B URL HTTP/2 d.adroll.com/cm/taboola/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4
IP 52.209.81.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cm/taboola/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4 HTTP/1.1
Host: d.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:42:03 GMT
content-type: image/gif
content-length: 42
server: nginx/1.22.0
cache-control: no-store, no-cache, must-revalidate
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
set-cookie: __adroll=a085f61fb21de1e51fa6363b47cfedeb-a_1670560923; Version=1; Expires=Mon, 08-Jan-2024 04:42:02 GMT; Max-Age=34128000; Path=/; HttpOnly; SameSite=None; Secure; Domain=d.adroll.com
__adroll_shared=a085f61fb21de1e51fa6363b47cfedeb-a_1670560923; Version=1; Expires=Mon, 08-Jan-2024 04:42:02 GMT; Max-Age=34128000; Path=/; HttpOnly; SameSite=None; Secure; Domain=adroll.com
X-Firefox-Spdy: h2
d.adroll.com/cm/x/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4
52.209.81.133200 OK 42 B URL HTTP/2 d.adroll.com/cm/x/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4
IP 52.209.81.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cm/x/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4 HTTP/1.1
Host: d.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:42:03 GMT
content-type: image/gif
content-length: 42
server: nginx/1.22.0
cache-control: no-store, no-cache, must-revalidate
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
set-cookie: __adroll=9a77a24bf95bd155ff495d4786450bea-a_1670560923; Version=1; Expires=Mon, 08-Jan-2024 04:42:02 GMT; Max-Age=34128000; Path=/; HttpOnly; SameSite=None; Secure; Domain=d.adroll.com
__adroll_shared=9a77a24bf95bd155ff495d4786450bea-a_1670560923; Version=1; Expires=Mon, 08-Jan-2024 04:42:02 GMT; Max-Age=34128000; Path=/; HttpOnly; SameSite=None; Secure; Domain=adroll.com
X-Firefox-Spdy: h2
d.adroll.com/cm/triplelift/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4
52.209.81.133200 OK 42 B URL HTTP/2 d.adroll.com/cm/triplelift/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4
IP 52.209.81.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cm/triplelift/out?adroll_fpc=f2b0960d7a9ee6b3e93cf47ac6ff68bd-1670560922521&pv=76473576486.06085&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3DNR_REDACT%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&advertisable=5DEKGEZXIZFGBAVTF7IHV4 HTTP/1.1
Host: d.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:42:03 GMT
content-type: image/gif
content-length: 42
server: nginx/1.22.0
cache-control: no-store, no-cache, must-revalidate
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
set-cookie: __adroll=f906820dc8d0ff87127bb594386c1ea4-a_1670560923; Version=1; Expires=Mon, 08-Jan-2024 04:42:03 GMT; Max-Age=34128000; Path=/; HttpOnly; SameSite=None; Secure; Domain=d.adroll.com
__adroll_shared=f906820dc8d0ff87127bb594386c1ea4-a_1670560923; Version=1; Expires=Mon, 08-Jan-2024 04:42:03 GMT; Max-Age=34128000; Path=/; HttpOnly; SameSite=None; Secure; Domain=adroll.com
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash c4b8cc5601fdc023e324672c80df3081
28a5ebc8b01b4125c2bea5e8189b11b31d474be1
42cdf62f80ebd3a3c688dd3cc6c161cfa4c5499115bab952b9c3ebc53062636c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3075
Cache-Control: max-age=124836
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:42:04 GMT
Etag: "6391f53d-116"
Expires: Sat, 10 Dec 2022 15:22:40 GMT
Last-Modified: Thu, 08 Dec 2022 14:31:25 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
cwidget.crictimes.org/?v=1.1&a=d22122&bo=d22122&db=d22122
172.67.194.188200 OK 0 B URL HTTP/2 cwidget.crictimes.org/?v=1.1&a=d22122&bo=d22122&db=d22122
IP 172.67.194.188:0
GET /?v=1.1&a=d22122&bo=d22122&db=d22122 HTTP/1.1
Host: cwidget.crictimes.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:41:58 GMT
content-type: text/html
last-modified: Thu, 24 Nov 2022 12:46:16 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zW9k7DgrXQjN6aAhXWUdU8Cl3v5gxSw4dkmfEyosWtpYUXJu1nIp7kNsWvlxzUMBm90yZVk1DNgHq1AQ5DuHKN3cNM9mFxWEfFwQEdSsCowDoIveTXuFxDgl0Y%2BKEPMOUp9Y49OTPmw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776b12497ac4b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CWork+Sans%3A600%2C400%2C500%2C700%7CPT+Serif%3A600%2C700%2C400&display=swap&ver=11.5
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CWork+Sans%3A600%2C400%2C500%2C700%7CPT+Serif%3A600%2C700%2C400&display=swap&ver=11.5
IP 142.250.74.74:0
GET /css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CWork+Sans%3A600%2C400%2C500%2C700%7CPT+Serif%3A600%2C700%2C400&display=swap&ver=11.5 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 04:41:57 GMT
date: Fri, 09 Dec 2022 04:41:57 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,600,700
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,600,700
IP 142.250.74.74:0
GET /css?family=Open+Sans:400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 04:41:57 GMT
date: Fri, 09 Dec 2022 04:41:57 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mp48update.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
64.90.37.168200 OK 0 B URL HTTP/2 mp48update.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 64.90.37.168:0
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: mp48update.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Wed, 02 Nov 2022 06:10:47 GMT
etag: "15e54-5ec76b39e00bf-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:57 GMT
content-encoding: gzip
content-type: application/javascript
X-Firefox-Spdy: h2
mp48update.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.5
64.90.37.168200 OK 0 B URL HTTP/2 mp48update.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.5
IP 64.90.37.168:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.5 HTTP/1.1
Host: mp48update.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 18 Aug 2022 08:30:06 GMT
etag: "44c89-5e67fc9ee6160-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:57 GMT
content-encoding: gzip
content-type: application/javascript
X-Firefox-Spdy: h2
piushtrivedi.neocities.org/hindi_astrology_google_gadget_Hindi4tech.html
198.51.233.2200 OK 0 B URL HTTP/2 piushtrivedi.neocities.org/hindi_astrology_google_gadget_Hindi4tech.html
IP 198.51.233.2:0
GET /hindi_astrology_google_gadget_Hindi4tech.html HTTP/1.1
Host: piushtrivedi.neocities.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mp48update.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:41:58 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Fri, 26 Jun 2020 08:40:24 GMT
etag: W/"5ef5b478-21c8"
server: neocities
x-ipfs-path: /ipns/piushtrivedi.neocities.org
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: *
x-neocities-cdn: cdn-fra
upgrade-insecure-requests: 1
x-cached: HIT
content-encoding: br
X-Firefox-Spdy: h2
mc.yandex.ru/watch/71343676?page-url=goal%3A%2F%2Fpromo.worldofwarships.eu%2FWOWS_All-visitors_LP_set&page-ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&charset=utf-8&hittoken=1670560921_6e47619e5dfd6936cc04420555bd14b7843cd35623c2650d8dcb7e14e0c63541&browser-info=ar%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A2%3Adp%3A0%3Als%3A324513253648%3Ahid%3A228847429%3Az%3A0%3Ai%3A20221209044200%3Aet%3A1670560921%3Ac%3A1%3Arn%3A1053501283%3Arqn%3A2%3Au%3A1670560920163701553%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Aeu%3A1%3Ans%3A1670560918757%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670560921%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(2)aw(1)ecs(1)fip(1)ti(2)
87.250.250.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/71343676?page-url=goal%3A%2F%2Fpromo.worldofwarships.eu%2FWOWS_All-visitors_LP_set&page-ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&charset=utf-8&hittoken=1670560921_6e47619e5dfd6936cc04420555bd14b7843cd35623c2650d8dcb7e14e0c63541&browser-info=ar%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A2%3Adp%3A0%3Als%3A324513253648%3Ahid%3A228847429%3Az%3A0%3Ai%3A20221209044200%3Aet%3A1670560921%3Ac%3A1%3Arn%3A1053501283%3Arqn%3A2%3Au%3A1670560920163701553%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Aeu%3A1%3Ans%3A1670560918757%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670560921%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(2)aw(1)ecs(1)fip(1)ti(2)
IP 87.250.250.119:0
GET /watch/71343676?page-url=goal%3A%2F%2Fpromo.worldofwarships.eu%2FWOWS_All-visitors_LP_set&page-ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&charset=utf-8&hittoken=1670560921_6e47619e5dfd6936cc04420555bd14b7843cd35623c2650d8dcb7e14e0c63541&browser-info=ar%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A2%3Adp%3A0%3Als%3A324513253648%3Ahid%3A228847429%3Az%3A0%3Ai%3A20221209044200%3Aet%3A1670560921%3Ac%3A1%3Arn%3A1053501283%3Arqn%3A2%3Au%3A1670560920163701553%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Aeu%3A1%3Ans%3A1670560918757%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670560921%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(2)aw(1)ecs(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/71343676/1?page-url=goal%3A%2F%2Fpromo.worldofwarships.eu%2FWOWS_All-visitors_LP_set&page-ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&charset=utf-8&hittoken=1670560921_6e47619e5dfd6936cc04420555bd14b7843cd35623c2650d8dcb7e14e0c63541&browser-info=ar%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A2%3Adp%3A0%3Als%3A324513253648%3Ahid%3A228847429%3Az%3A0%3Ai%3A20221209044200%3Aet%3A1670560921%3Ac%3A1%3Arn%3A1053501283%3Arqn%3A2%3Au%3A1670560920163701553%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Aeu%3A1%3Ans%3A1670560918757%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670560921%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29mc%28g-2%29clc%280-0-0%29rqnt%282%29aw%281%29ecs%281%29fip%281%29ti%282%29
date: Fri, 09 Dec 2022 04:42:01 GMT
access-control-allow-origin: https://promo.worldofwarships.eu
set-cookie: yabs-sid=2450043711670560921; Path=/; SameSite=None; Secure
i=VdDUzwoxcauHkdJ5Te4uMczz90MTHJqwIQzonjX63LRSCJhZX7ahgZnirD4sZ8lQPAxNuhT8whnLVkkU7gB/O54nITQ=; Expires=Mon, 06-Dec-2032 04:41:58 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=5489194471670560921; Expires=Sat, 09-Dec-2023 04:42:01 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=5489194471670560921; Expires=Sat, 09-Dec-2023 04:42:01 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1702096921.yc.1670560921#1702096921.yrts.1670560921#1702096921.yrtsi.1670560921; Expires=Sat, 09-Dec-2023 04:42:01 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Dec-2022 04:42:01 GMT
last-modified: Fri, 09-Dec-2022 04:42:01 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/global_static/age_ratings/v2/pegi_rating.svg
92.223.97.97200 OK 0 B URL HTTP/2 promo-cdn.worldofwarships.com/global_static/age_ratings/v2/pegi_rating.svg
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
GET /global_static/age_ratings/v2/pegi_rating.svg HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:42:00 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Feb 2022 22:01:21 GMT
etag: W/"207ef7e145ba483b342b96f8c2fbf72a"
x-amz-request-id: tx0000000000000002a85f1-00633fe0c3-1c4459fa-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-06T08:23:21+00:00
x-id: sto5-up-gc13
content-encoding: gzip
X-Firefox-Spdy: h2
mp48update.com/wp-content/themes/Newspaper/style.css?ver=11.5
64.90.37.168200 OK 0 B URL HTTP/2 mp48update.com/wp-content/themes/Newspaper/style.css?ver=11.5
IP 64.90.37.168:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Newspaper/style.css?ver=11.5 HTTP/1.1
Host: mp48update.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 18 Aug 2022 08:29:40 GMT
etag: "24a54-5e67fc85c483d-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:57 GMT
content-encoding: gzip
content-type: text/css
X-Firefox-Spdy: h2
mp48update.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=6ea45b81e47c58269b68289d05535e19
64.90.37.168200 OK 0 B URL HTTP/2 mp48update.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=6ea45b81e47c58269b68289d05535e19
IP 64.90.37.168:0
GET /wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=6ea45b81e47c58269b68289d05535e19 HTTP/1.1
Host: mp48update.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 18 Aug 2022 08:29:58 GMT
etag: "27b2d-5e67fc978859b-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:57 GMT
content-encoding: gzip
content-type: text/css
X-Firefox-Spdy: h2
geolocation.onetrust.com/cookieconsentpub/v1/geo/location
104.18.26.85200 OK 0 B URL HTTP/2 geolocation.onetrust.com/cookieconsentpub/v1/geo/location
IP 104.18.26.85:0
GET /cookieconsentpub/v1/geo/location HTTP/1.1
Host: geolocation.onetrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:42:00 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 776b125c0ddd1c06-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
mc.yandex.ru/watch/45727869?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A866%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A1%3Adp%3A0%3Als%3A526617896282%3Ahid%3A228847429%3Az%3A0%3Ai%3A20221209044200%3Aet%3A1670560920%3Ac%3A1%3Arn%3A885222827%3Arqn%3A1%3Au%3A1670560920163701553%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A67%2C21%2C8%2C0%2C517%2C0%2C%2C258%2C56%2C%2C%2C%2C880%3Aco%3A0%3Ans%3A1670560918757%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670560920%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.250.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/45727869?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A866%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A1%3Adp%3A0%3Als%3A526617896282%3Ahid%3A228847429%3Az%3A0%3Ai%3A20221209044200%3Aet%3A1670560920%3Ac%3A1%3Arn%3A885222827%3Arqn%3A1%3Au%3A1670560920163701553%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A67%2C21%2C8%2C0%2C517%2C0%2C%2C258%2C56%2C%2C%2C%2C880%3Aco%3A0%3Ans%3A1670560918757%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670560920%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.250.119:0
GET /watch/45727869?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A866%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A1%3Adp%3A0%3Als%3A526617896282%3Ahid%3A228847429%3Az%3A0%3Ai%3A20221209044200%3Aet%3A1670560920%3Ac%3A1%3Arn%3A885222827%3Arqn%3A1%3Au%3A1670560920163701553%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A67%2C21%2C8%2C0%2C517%2C0%2C%2C258%2C56%2C%2C%2C%2C880%3Aco%3A0%3Ans%3A1670560918757%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670560920%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /watch/45727869/1?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A866%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A1%3Adp%3A0%3Als%3A526617896282%3Ahid%3A228847429%3Az%3A0%3Ai%3A20221209044200%3Aet%3A1670560920%3Ac%3A1%3Arn%3A885222827%3Arqn%3A1%3Au%3A1670560920163701553%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A67%2C21%2C8%2C0%2C517%2C0%2C%2C258%2C56%2C%2C%2C%2C880%3Aco%3A0%3Ans%3A1670560918757%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670560920%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Fri, 09 Dec 2022 04:42:01 GMT
access-control-allow-origin: https://promo.worldofwarships.eu
set-cookie: yabs-sid=1132722211670560921; Path=/; SameSite=None; Secure
i=cG0t064+lvwIro0vts5UbiFuF20ujXORImV6Ne/hN+xj59V5JnkPhFbPUYGqyw4nBSJdIEKHYkKqTNZcLHpWMiwcLqo=; Expires=Mon, 06-Dec-2032 04:41:57 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=5467901391670560921; Expires=Sat, 09-Dec-2023 04:42:01 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=5467901391670560921; Expires=Sat, 09-Dec-2023 04:42:01 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1702096921.yc.1670560921#1702096921.yrts.1670560921#1702096921.yrtsi.1670560921; Expires=Sat, 09-Dec-2023 04:42:01 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Dec-2022 04:42:01 GMT
last-modified: Fri, 09-Dec-2022 04:42:01 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-46780/src/libs/aos.js
92.223.97.97200 OK 0 B URL HTTP/2 promo-cdn.worldofwarships.com/glows-46780/src/libs/aos.js
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
GET /glows-46780/src/libs/aos.js HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:42:00 GMT
content-type: text/javascript; charset=utf-8
last-modified: Thu, 17 Nov 2022 14:17:12 GMT
etag: W/"e3b9e99ad931c062d98830bc140e2eac"
x-amz-request-id: tx0000000000000005980b6-00637642a2-1cdf9313-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-07T14:26:41+00:00
x-id: sto5-up-gc13
content-encoding: gzip
X-Firefox-Spdy: h2
mc.yandex.ru/watch/71343676?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A866%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A2%3Adp%3A0%3Als%3A324513253648%3Ahid%3A228847429%3Az%3A0%3Ai%3A20221209044200%3Aet%3A1670560920%3Ac%3A1%3Arn%3A439903513%3Arqn%3A1%3Au%3A1670560920163701553%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A67%2C21%2C8%2C0%2C517%2C0%2C%2C258%2C56%2C%2C%2C%2C880%3Aco%3A0%3Ans%3A1670560918757%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670560920%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.250.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/71343676?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A866%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A2%3Adp%3A0%3Als%3A324513253648%3Ahid%3A228847429%3Az%3A0%3Ai%3A20221209044200%3Aet%3A1670560920%3Ac%3A1%3Arn%3A439903513%3Arqn%3A1%3Au%3A1670560920163701553%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A67%2C21%2C8%2C0%2C517%2C0%2C%2C258%2C56%2C%2C%2C%2C880%3Aco%3A0%3Ans%3A1670560918757%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670560920%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.250.119:0
GET /watch/71343676?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A866%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A2%3Adp%3A0%3Als%3A324513253648%3Ahid%3A228847429%3Az%3A0%3Ai%3A20221209044200%3Aet%3A1670560920%3Ac%3A1%3Arn%3A439903513%3Arqn%3A1%3Au%3A1670560920163701553%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A67%2C21%2C8%2C0%2C517%2C0%2C%2C258%2C56%2C%2C%2C%2C880%3Aco%3A0%3Ans%3A1670560918757%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670560920%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /watch/71343676/1?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A866%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A2%3Adp%3A0%3Als%3A324513253648%3Ahid%3A228847429%3Az%3A0%3Ai%3A20221209044200%3Aet%3A1670560920%3Ac%3A1%3Arn%3A439903513%3Arqn%3A1%3Au%3A1670560920163701553%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A67%2C21%2C8%2C0%2C517%2C0%2C%2C258%2C56%2C%2C%2C%2C880%3Aco%3A0%3Ans%3A1670560918757%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670560920%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Fri, 09 Dec 2022 04:42:01 GMT
access-control-allow-origin: https://promo.worldofwarships.eu
set-cookie: yabs-sid=2118887251670560921; Path=/; SameSite=None; Secure
i=YdXZFq81sc9EU658SHKzKis8Vtpqx8WFQp20BjqOEijVTerDVRO02pRuIZXC+Z9WnfkNehHKVh4kxbrtf8l806csZek=; Expires=Mon, 06-Dec-2032 04:41:55 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=3372196501670560921; Expires=Sat, 09-Dec-2023 04:42:01 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=3372196501670560921; Expires=Sat, 09-Dec-2023 04:42:01 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1702096921.yc.1670560921#1702096921.yrts.1670560921#1702096921.yrtsi.1670560921; Expires=Sat, 09-Dec-2023 04:42:01 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Dec-2022 04:42:01 GMT
last-modified: Fri, 09-Dec-2022 04:42:01 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
a.quora.com/qevents.js
162.159.152.17200 OK 0 B IP 162.159.152.17:0
GET /qevents.js HTTP/1.1
Host: a.quora.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:42:00 GMT
content-type: text/plain
x-amz-id-2: jHbk68zF0oCrN99I6TpiQ8LNg0dDTKL0BkbZQKZkL1zB85BMiiIcpjSQWNebJHGDeWUqTCN88Lg=
x-amz-request-id: 4K18RXATE8CH2H8E
last-modified: Fri, 18 Mar 2022 00:16:52 GMT
etag: W/"47078e63380c6b0cbbfb6d8508b25ee7"
x-amz-meta-s3cmd-attrs: atime:1647562609/ctime:1647562609/gid:150037/gname:ezhang/md5:47078e63380c6b0cbbfb6d8508b25ee7/mode:33204/mtime:1647562609/uid:150037/uname:ezhang
cache-control: public, max-age=14400
x-amz-version-id: vyBstMTGyA6m5sV66zq8xsypUg.tAOk.
cf-cache-status: HIT
age: 10973950
expires: Fri, 09 Dec 2022 08:42:00 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 776b125b6823b4fa-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cookielaw.org/logos/static/ot_guard_logo.svg
104.16.148.64200 OK 0 B URL HTTP/2 cdn.cookielaw.org/logos/static/ot_guard_logo.svg
IP 104.16.148.64:0
GET /logos/static/ot_guard_logo.svg HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:42:01 GMT
content-type: image/svg+xml
content-md5: tXyZydHjxQshFMbbBT1/8A==
last-modified: Wed, 07 Dec 2022 03:42:58 GMT
x-ms-request-id: 1150cdad-201e-0101-0e49-0a9f4e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 66214
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776b125f9a2bb518-OSL
content-encoding: gzip
X-Firefox-Spdy: h2