r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4628
Expires: Wed, 07 Dec 2022 21:52:59 GMT
Date: Wed, 07 Dec 2022 20:35:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21386
Expires: Thu, 08 Dec 2022 02:32:17 GMT
Date: Wed, 07 Dec 2022 20:35:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 20:08:05 GMT
content-type: application/json
age: 1666
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12139
Expires: Wed, 07 Dec 2022 23:58:10 GMT
Date: Wed, 07 Dec 2022 20:35:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: sCByT8i+idnZma6iWkwg71zKmFyqqCxD8Pyfg4tKXwZYXf0Fl8y1qTNEiOsDaRNBxy5Mpy3thgQ=
x-amz-request-id: K6B2MBM1P2ZFS6SH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 19:47:38 GMT
age: 2893
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
foodheed.com/irtu/index.php?QBOT.zip
199.188.200.95301 Moved Permanently 707 B URL HTTP/1.1 foodheed.com/irtu/index.php?QBOT.zip
IP 199.188.200.95:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /irtu/index.php?QBOT.zip HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Wed, 07 Dec 2022 20:35:51 GMT
server: LiteSpeed
location: https://foodheed.com/irtu/index.php?QBOT.zip
x-turbo-charged-by: LiteSpeed
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 20:35:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 20:07:55 GMT
age: 1677
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3213
Cache-Control: max-age=134671
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 20:35:52 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 10:00:23 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 4e1cfdbefae5bc7d344cf9dc1ed67397
40d3b325990a497a476c0e245a1d8532fd8d3536
33355c21e2641fb025fcbd244e94afd88d98029cb5c101e5f7cea2fe79fa7353
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:35:52 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 01:10:26 GMT
Expires: Tue, 13 Dec 2022 01:10:25 GMT
Etag: "40d3b325990a497a476c0e245a1d8532fd8d3536"
Cache-Control: max-age=447872,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77600cdb69a20b02-OSL
foodheed.com/irtu/index.php?QBOT.zip
199.188.200.95301 Moved Permanently 0 B URL HTTP/2 foodheed.com/irtu/index.php?QBOT.zip
IP 199.188.200.95:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /irtu/index.php?QBOT.zip HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://foodheed.com/irtu/?QBOT.zip
x-litespeed-cache: hit
content-length: 0
date: Wed, 07 Dec 2022 20:35:52 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10244
Expires: Wed, 07 Dec 2022 23:26:36 GMT
Date: Wed, 07 Dec 2022 20:35:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10244
Expires: Wed, 07 Dec 2022 23:26:36 GMT
Date: Wed, 07 Dec 2022 20:35:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10244
Expires: Wed, 07 Dec 2022 23:26:36 GMT
Date: Wed, 07 Dec 2022 20:35:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10244
Expires: Wed, 07 Dec 2022 23:26:36 GMT
Date: Wed, 07 Dec 2022 20:35:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10244
Expires: Wed, 07 Dec 2022 23:26:36 GMT
Date: Wed, 07 Dec 2022 20:35:52 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 535710165275856757bd7d1689f79de3
d51162b7fcba50022482b7130a556f3a7dfe822f
c93e2df13b78cd4b718eb4fe3fe70a9d6d12fd0a0d7f505219ec0d5e6a70653c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6186
x-amzn-requestid: 53d1d373-ff6c-4c59-bdeb-fff592bca586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUsyGOEIAMFwfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e67eb-0156077b52dc07fb124c087b;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:51:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KkP8o_5GoqAukEAUkPrvsHE0v_36vO0wI7_97kvnUkqYc4ziC7UPpw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 16:47:32 GMT
age: 13700
etag: "d51162b7fcba50022482b7130a556f3a7dfe822f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a7ee62c5e846e8ad4808f4724f15146d
6d55b299f906908309f91eaf0a720ad65866db04
0d8f51d6f7f3bad4bb9d9c3000999739147f6dd718b290b0dca71a4cba85cb38
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6846
x-amzn-requestid: 53452103-6559-460c-ac40-4685e6816aa4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGx4E-mIAMFatg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a5-5327ec9a2f247cc91654df80;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fo3lMa6shsclTxMwkqU7b-FdfADL1J2vHt8BNpEImo0gsmmI01BNTQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 06:31:28 GMT
age: 50664
etag: "6d55b299f906908309f91eaf0a720ad65866db04"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 08:32:51 GMT
age: 43381
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.240.57.100101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.240.57.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FAidtpiuPCItYLkASrgC8Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: aafW48+HWAJZ1d8ZWhkCjefcJtY=
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 604a4132da78a0c013b5818644adb121
ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566
eecab519c33596c67f2d2021dfd1af24e7fd8f2ed403f99b4ba0c265c08a259f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8701
x-amzn-requestid: 653284c3-ee7f-45f1-9513-3a6c81e1d6e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cm3-2HRWIAMFjfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c39f8-6f8969a26787a9463ba6c2ec;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 06:11:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cmRvAOLmk_xZC4RKdin-lozUNeK9-icqkzsQmSjP9scXnnCLxkvJ5A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:01:53 GMT
age: 81239
etag: "ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 20:49:34 GMT
age: 85578
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b92721cbe24623f1713a5248d6a7c1b2
3628390c62642dcc375b28f58c9b48180c4abd73
37d0451c03bc7cf0253aba6d3204cbf38502692a0fbc751a3ead01b07e9a65d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9613
x-amzn-requestid: 31270e51-34df-4980-9221-e21a5521b3de
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clZQYHzvoAMFvdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ba268-509300b867fcbfb71a7cf6ad;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 19:24:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xk1sLSRBl1t872eGrnw1dVjQO7XvAM4NDFd5Y0wKjdvkKtaqDneEKg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:01:54 GMT
age: 81238
etag: "3628390c62642dcc375b28f58c9b48180c4abd73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 20:35:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CCrimson+Pro%3A400%7CLato%3A400&display=swap&ver=11.5.1
142.250.74.106200 OK 1.5 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CCrimson+Pro%3A400%7CLato%3A400&display=swap&ver=11.5.1
IP 142.250.74.106:0
Hash e2b108c2f517d8d86afe6759f93744cf
e9f939ec30e57283e84810bfbf32594358590bbe
5e7e691266c3b6ea87c620945de60c7255cf64f0e43be38ef44d1fcb65c6318c
GET /css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CCrimson+Pro%3A400%7CLato%3A400&display=swap&ver=11.5.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://foodheed.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Dec 2022 20:35:53 GMT
date: Wed, 07 Dec 2022 20:35:53 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
foodheed.com/wp-includes/css/classic-themes.min.css?ver=1
199.188.200.95200 OK 217 B URL HTTP/2 foodheed.com/wp-includes/css/classic-themes.min.css?ver=1
IP 199.188.200.95:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 20:35:53 GMT
content-type: text/css
last-modified: Wed, 07 Dec 2022 12:24:27 GMT
etag: "d9-639085fb-0;;;"
accept-ranges: bytes
content-length: 217
date: Wed, 07 Dec 2022 20:35:53 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
foodheed.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=6ea45b81e47c58269b68289d05535e19x
199.188.200.95200 OK 4.4 kB URL HTTP/2 foodheed.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=6ea45b81e47c58269b68289d05535e19x
IP 199.188.200.95:0
File type ASCII text, with very long lines (37612), with no line terminators
Hash 4df29c95b736edeeeb33bc7693a99b37
2c41e37aedc03a40d919cba6c90029082d222899
6b7be65cdd77f9d800f56a7c4827f598b866f0fde41a6bd5d297d3bbeb5aedf7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=6ea45b81e47c58269b68289d05535e19x HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 20:35:53 GMT
content-type: text/css
last-modified: Wed, 28 Sep 2022 16:22:23 GMT
etag: "92ec-633474bf-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4410
date: Wed, 07 Dec 2022 20:35:53 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
foodheed.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
199.188.200.95200 OK 12 kB URL HTTP/2 foodheed.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 199.188.200.95:0
File type ASCII text, with very long lines (47826)
Hash c4d7cc056b49b00e05cc29cc59aa3d5a
48c426bec60099d2a8628df430ed682c72aab42a
8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 20:35:53 GMT
content-type: text/css
last-modified: Wed, 07 Dec 2022 12:24:27 GMT
etag: "172a9-639085fb-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Wed, 07 Dec 2022 20:35:53 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
foodheed.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
199.188.200.95200 OK 30 kB URL HTTP/2 foodheed.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 199.188.200.95:0
File type ASCII text, with very long lines (65447)
Hash 3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 20:35:53 GMT
content-type: application/x-javascript
last-modified: Wed, 07 Dec 2022 12:24:27 GMT
etag: "15e54-639085fb-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Wed, 07 Dec 2022 20:35:53 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
foodheed.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=6ea45b81e47c58269b68289d05535e19x
199.188.200.95200 OK 23 kB URL HTTP/2 foodheed.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=6ea45b81e47c58269b68289d05535e19x
IP 199.188.200.95:0
Hash 70a20362ee876fa98945ebefcac79f2a
513be3cadaf66f2dd0a7e5071d3b1bc9a9327d44
86aad8e8e06f7add22519ada2dd449a988af6b2b1741de702b4a592f7964e211
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=6ea45b81e47c58269b68289d05535e19x HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 20:35:53 GMT
content-type: text/css
last-modified: Wed, 28 Sep 2022 16:22:25 GMT
etag: "27b2d-633474c1-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 23083
date: Wed, 07 Dec 2022 20:35:53 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
foodheed.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
199.188.200.95200 OK 4.0 kB URL HTTP/2 foodheed.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 199.188.200.95:0
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 20:35:53 GMT
content-type: application/x-javascript
last-modified: Wed, 07 Dec 2022 12:24:27 GMT
etag: "2bd8-639085fb-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Wed, 07 Dec 2022 20:35:53 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
foodheed.com/wp-content/uploads/2022/10/images.jpg
199.188.200.95200 OK 14 kB URL HTTP/2 foodheed.com/wp-content/uploads/2022/10/images.jpg
IP 199.188.200.95:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 217x232, components 3\012- data
Hash 2bafa89ed5da31749073f2aed532f88e
c1da0da88b38cab941017754e88621a62cdc0df2
1f5bd6173b2433351b0741c5e8c2ec2b4bc8dfebc8f4433dd6a5b0e96a6eb27b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/images.jpg HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 20:35:53 GMT
content-type: image/jpeg
last-modified: Wed, 05 Oct 2022 21:57:04 GMT
etag: "34c2-633dfdb0-0;;;"
accept-ranges: bytes
content-length: 13506
date: Wed, 07 Dec 2022 20:35:53 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
foodheed.com/wp-content/themes/Newspaper/style.css?ver=11.5.1
199.188.200.95200 OK 24 kB URL HTTP/2 foodheed.com/wp-content/themes/Newspaper/style.css?ver=11.5.1
IP 199.188.200.95:0
File type ASCII text, with very long lines (378)
Hash 73a81e49111a6b3e5c477111f2687bca
05af1a4ed04a36d89871640163f912143b5ab61e
6960a5bcf7eceba66da9c9a8a9b18a95d90055c88a3200aec9aa4b10c3f9a471
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Newspaper/style.css?ver=11.5.1 HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 20:35:53 GMT
content-type: text/css
last-modified: Wed, 28 Sep 2022 16:17:06 GMT
etag: "24a56-63347382-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 24019
date: Wed, 07 Dec 2022 20:35:53 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
foodheed.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
199.188.200.95200 OK 4.6 kB URL HTTP/2 foodheed.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 199.188.200.95:0
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 20:35:53 GMT
content-type: application/x-javascript
last-modified: Wed, 07 Dec 2022 12:24:28 GMT
etag: "48b9-639085fc-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Wed, 07 Dec 2022 20:35:53 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 20:35:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://foodheed.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:54 GMT
expires: Thu, 07 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 3720
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 20:35:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 20:35:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 20:35:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 20:35:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://foodheed.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:34:15 GMT
expires: Thu, 07 Dec 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 3699
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
foodheed.com/irtu/?QBOT.zip
199.188.200.95404 Not Found 44 kB URL HTTP/2 foodheed.com/irtu/?QBOT.zip
IP 199.188.200.95:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9458), with CRLF, LF line terminators
Hash 1cf5c35f1cc6b04786fe094b19be1619
0d7806797af2267d4d6d2ed5122b92cb9566ca38
5af8f7682aabe0e2502592a0a50e1ed578a104268892dd9f0351d0661293a374
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /irtu/?QBOT.zip HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://foodheed.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 20:35:52 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
foodheed.com/wp-content/uploads/2022/09/fresh-solanum-tuberosum-potatoes-irish-potato-wooden-background-copy-space-fresh-solanum-tuberosum-potatoes-irish-potato-251947463-768x432.jpg
199.188.200.95200 OK 34 kB URL HTTP/2 foodheed.com/wp-content/uploads/2022/09/fresh-solanum-tuberosum-potatoes-irish-potato-wooden-background-copy-space-fresh-solanum-tuberosum-potatoes-irish-potato-251947463-768x432.jpg
IP 199.188.200.95:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, copyright=Songwuth Suwannawong | Dreamstime.com], baseline, precision 8, 768x432, components 3\012- data
Hash 598e4b65ab4e930e60a5797b2703a682
9d7ae01277f4647c1de61c956c9721a613c59fe8
531edcfb33f2d82d5fb388eb5daef884997148769babb8cde46582329e4ee237
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/fresh-solanum-tuberosum-potatoes-irish-potato-wooden-background-copy-space-fresh-solanum-tuberosum-potatoes-irish-potato-251947463-768x432.jpg HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 20:35:53 GMT
content-type: image/jpeg
last-modified: Wed, 21 Sep 2022 18:24:14 GMT
etag: "86ac-632b56ce-0;;;"
accept-ranges: bytes
content-length: 34476
date: Wed, 07 Dec 2022 20:35:53 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.35200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://foodheed.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:52:41 GMT
expires: Tue, 05 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 178993
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 20:35:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
foodheed.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.5.1
199.188.200.95200 OK 62 kB URL HTTP/2 foodheed.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.5.1
IP 199.188.200.95:0
File type ASCII text, with very long lines (670)
Hash 59ce4486311c4c3b21e271477855e4d9
7cb4990ec57034172c7c3505cd6b3923ded550c5
51d72e5eef64bd08d5a601c7c40ca84e11dcecf95e5ba6b5c36a095dce231e86
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.5.1 HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 20:35:53 GMT
content-type: application/x-javascript
last-modified: Wed, 28 Sep 2022 16:22:25 GMT
etag: "44c89-633474c1-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 61906
date: Wed, 07 Dec 2022 20:35:53 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7cb1aa6fd626d0951c4ec7afdc6ee824
459ccb1dd034e7710a31983256a40fe923a9a469
0bdcb65a76cc55a23e73819f3bcff61058324181c21bf886a4d2f31b0e74182f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0BDCB65A76CC55A23E73819F3BCFF61058324181C21BF886A4D2F31B0E74182F"
Last-Modified: Tue, 06 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=723
Expires: Wed, 07 Dec 2022 20:47:57 GMT
Date: Wed, 07 Dec 2022 20:35:54 GMT
Connection: keep-alive
foodheed.com/wp-content/uploads/2022/09/facts-fats-768x402.jpg
199.188.200.95200 OK 91 kB URL HTTP/2 foodheed.com/wp-content/uploads/2022/09/facts-fats-768x402.jpg
IP 199.188.200.95:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, copyright=\302\251samael334 - stock.adobe.com], baseline, precision 8, 768x402, components 3\012- data
Hash 83a396f0baac36df808b2493ca3c1331
3cf861ab75b8752124a7c15d0d53aa905aa3f974
b3585f0c6f59995830c8878d7ce9381ca6291c6e109de0b9ebdec6759835e5f1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/facts-fats-768x402.jpg HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 20:35:53 GMT
content-type: image/jpeg
last-modified: Fri, 23 Sep 2022 20:09:18 GMT
etag: "1648a-632e126e-0;;;"
accept-ranges: bytes
content-length: 91274
date: Wed, 07 Dec 2022 20:35:53 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
foodheed.com/wp-content/uploads/2022/10/beef-biryanirf.jpg
199.188.200.95200 OK 110 kB URL HTTP/2 foodheed.com/wp-content/uploads/2022/10/beef-biryanirf.jpg
IP 199.188.200.95:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 548x308, components 3\012- data
Size 110 kB (110315 bytes)
Hash f251abd0d755c2b44438e3150b82bce7
c35d4a0ded8299b834de23a0eff685002b50c65a
c4a7ba5b48972242de382df25c0405036e5bf300d63ef37816d41c1c9690a545
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/beef-biryanirf.jpg HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 20:35:53 GMT
content-type: image/jpeg
last-modified: Sun, 02 Oct 2022 17:45:08 GMT
etag: "1aeeb-6339ce24-0;;;"
accept-ranges: bytes
content-length: 110315
date: Wed, 07 Dec 2022 20:35:53 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
foodheed.com/wp-content/uploads/2022/10/FB_IMG_16620604511201920-768x960.jpg
199.188.200.95200 OK 160 kB URL HTTP/2 foodheed.com/wp-content/uploads/2022/10/FB_IMG_16620604511201920-768x960.jpg
IP 199.188.200.95:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 768x960, components 3\012- data
Size 160 kB (160123 bytes)
Hash 208dab7db74d317624604117be02cfc0
0ec38631156ba5372528368d41c0d146df180cad
938d03c2b81d4200687fb32936962985310177ec9f4d9832d1ebab49410be84c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/FB_IMG_16620604511201920-768x960.jpg HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 20:35:53 GMT
content-type: image/jpeg
last-modified: Wed, 05 Oct 2022 22:26:25 GMT
etag: "2717b-633e0491-0;;;"
accept-ranges: bytes
content-length: 160123
date: Wed, 07 Dec 2022 20:35:53 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
way.specialblueitems.com/src/main.js?v=2.01
159.69.234.10200 OK 3.1 kB URL HTTP/1.1 way.specialblueitems.com/src/main.js?v=2.01
IP 159.69.234.10:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (9732), with no line terminators
Hash ee4886936efcd6c7fe2c0f50c46eb551
3f77bc1685ae4f90bee11c721d55f33df2ff0200
ff312b49979047eaad5715d1519775ef8409b9a2d4c436888ab7d06221889561
GET /src/main.js?v=2.01 HTTP/1.1
Host: way.specialblueitems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://foodheed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 20:35:54 GMT
Content-Type: application/javascript
Last-Modified: Wed, 07 Dec 2022 11:43:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63907c4f-2604"
Expires: Sat, 17 Dec 2022 20:35:54 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
foodheed.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?20
199.188.200.95200 OK 29 kB URL HTTP/2 foodheed.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?20
IP 199.188.200.95:0
File type Web Open Font Format, TrueType, length 28732, version 0.0\012- data
Hash 2192d5f834e8b672a73d67cad66e79f6
ddf3eb377defc2ca0a2a09d3f41da2d006303e13
c70da34747fb31860fa118ff5d6736f81661838a0f50f077aa29d63ad7b00e4a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Newspaper/images/icons/newspaper.woff?20 HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://foodheed.com/wp-content/themes/Newspaper/style.css?ver=11.5.1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 20:35:54 GMT
content-type: application/font-woff
last-modified: Wed, 28 Sep 2022 16:17:06 GMT
etag: "703c-63347382-0;;;"
accept-ranges: bytes
content-length: 28732
date: Wed, 07 Dec 2022 20:35:54 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
foodheed.com/wp-content/uploads/2022/09/bg8.jpg
199.188.200.95200 OK 117 kB URL HTTP/2 foodheed.com/wp-content/uploads/2022/09/bg8.jpg
IP 199.188.200.95:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x400, components 3\012- data
Size 117 kB (116827 bytes)
Hash 190ad01279dfb64195cce964380ad0f8
34b27609e88f53bdf65ea70a182275ef73040e12
d4cde4e9b67326a711accef23cfdc7fc2c48678961634a6564b32f87ef025cdb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/bg8.jpg HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 20:35:54 GMT
content-type: image/jpeg
last-modified: Wed, 28 Sep 2022 16:39:08 GMT
etag: "1c85b-633478ac-0;;;"
accept-ranges: bytes
content-length: 116827
date: Wed, 07 Dec 2022 20:35:54 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
foodheed.com/wp-content/uploads/2022/09/bg_mobile.jpg
199.188.200.95200 OK 330 kB URL HTTP/2 foodheed.com/wp-content/uploads/2022/09/bg_mobile.jpg
IP 199.188.200.95:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 933x1400, components 3\012- data
Size 330 kB (329798 bytes)
Hash 442878cb6bb92abe892264d081da4bf7
b8d47b4c3bfa44d350895ad46217ff8362757175
9e447ae33a188560df18fa4b9ec898c52a389d8ff2fea14988b67d41b3338eb6
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/bg_mobile.jpg HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 20:35:54 GMT
content-type: image/jpeg
last-modified: Wed, 28 Sep 2022 16:39:01 GMT
etag: "50846-633478a5-0;;;"
accept-ranges: bytes
content-length: 329798
date: Wed, 07 Dec 2022 20:35:54 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6e04ee5a73ab6de4d6bc1ab7b8f73618
4c1d83b3a9182631b40571c0f555870b8282f43e
4569091916a887e37a770e54d629744b7ead410d5cd39816af269e89fd136251
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4569091916A887E37A770E54D629744B7EAD410D5CD39816AF269E89FD136251"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13693
Expires: Thu, 08 Dec 2022 00:24:07 GMT
Date: Wed, 07 Dec 2022 20:35:54 GMT
Connection: keep-alive
foodheed.com/favicon.ico
199.188.200.95404 Not Found 1.2 kB IP 199.188.200.95:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Wed, 07 Dec 2022 20:35:54 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
js.interestmoments.com/scripts/trim.js
193.169.194.63200 OK 2.2 kB URL HTTP/1.1 js.interestmoments.com/scripts/trim.js
IP 193.169.194.63:0
ASN #50321 FOP Reznichenko Sergey Mykolayovich
File type ASCII text, with very long lines (6444), with no line terminators
Hash 68f64aa377a0e32ed510fd286ffd5b48
d215b23cb14a3dbd5474bbdbe9290541c449359d
0facd0bcf777d8176a4bbc3e14172fdab4c11aae196591ee3ba8ffddee0ec042
GET /scripts/trim.js HTTP/1.1
Host: js.interestmoments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://foodheed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 20:35:54 GMT
Content-Type: application/javascript
Last-Modified: Wed, 07 Dec 2022 11:41:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63907bd9-192c"
Expires: Sat, 17 Dec 2022 20:35:54 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c9573cd12467be4696ad4e51d6cf2206
b899111d6ab445ad5f815abfb990dfa9c7adb6e3
03bebe8919d9e161fd41db70e90215ed44cd27f71fba29ac319e94f10f9d67a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03BEBE8919D9E161FD41DB70E90215ED44CD27F71FBA29AC319E94F10F9D67A7"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7383
Expires: Wed, 07 Dec 2022 22:38:58 GMT
Date: Wed, 07 Dec 2022 20:35:55 GMT
Connection: keep-alive
long.interestmoments.com/go/brad-way.php?id=16477-22-569654345&pid=235&qid=473
193.169.194.63302 Found 0 B URL HTTP/1.1 long.interestmoments.com/go/brad-way.php?id=16477-22-569654345&pid=235&qid=473
IP 193.169.194.63:0
ASN #50321 FOP Reznichenko Sergey Mykolayovich
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/brad-way.php?id=16477-22-569654345&pid=235&qid=473 HTTP/1.1
Host: long.interestmoments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://foodheed.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 07 Dec 2022 20:35:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://long.interestmoments.com/go/brad-way.php?id=568658-12-0956346&pid=3457&lid=05679333&jid=38834&from=vast
Access-Control-Allow-Origin: *
long.interestmoments.com/go/brad-way.php?id=568658-12-0956346&pid=3457&lid=05679333&jid=38834&from=vast
193.169.194.63200 OK 438 B URL HTTP/1.1 long.interestmoments.com/go/brad-way.php?id=568658-12-0956346&pid=3457&lid=05679333&jid=38834&from=vast
IP 193.169.194.63:0
ASN #50321 FOP Reznichenko Sergey Mykolayovich
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 0525d77ebdf7de03d247fdcd914fc360
5ec7fc9668bf62b50ab46497eb3aa67a60c0496d
c548a1af5170a6a7a699b50b9e7bbd50e45d6f7f0f38639e70a80dfabd435781
GET /go/brad-way.php?id=568658-12-0956346&pid=3457&lid=05679333&jid=38834&from=vast HTTP/1.1
Host: long.interestmoments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 20:35:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash e4482fe451f0d7924e71f8534184e360
d3cbc0582c494bb2202e07397cc6eab90349e92c
6836a9985cb3240c41684cc5707819a1f5e77d42d01f2c39371ef84ac353976e
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 07 Dec 2022 20:35:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 07 Dec 2022 00:06:17 GMT
Expires: Thu, 08 Dec 2022 00:06:17 GMT
ETag: "d3cbc0582c494bb2202e07397cc6eab90349e92c"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
track.wargaming-aff.com/click?pid=1287&offer_id=24&ref_id=g6ot6drlldh3wd8cslf7&sub1=E0CDNGBJ6R
35.204.100.195302 Found 0 B URL HTTP/2 track.wargaming-aff.com/click?pid=1287&offer_id=24&ref_id=g6ot6drlldh3wd8cslf7&sub1=E0CDNGBJ6R
IP 35.204.100.195:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=1287&offer_id=24&ref_id=g6ot6drlldh3wd8cslf7&sub1=E0CDNGBJ6R HTTP/1.1
Host: track.wargaming-aff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 07 Dec 2022 20:35:56 GMT
content-length: 0
location: https://trck.wargaming.net/kcf6desd/?t=1&pub_id=1287&xid=6390f92c03bb520001bb84e1&xid_param1=E0CDNGBJ6R&xid_param_2=
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=6390f92c03bb520001bb84e1; expires=Thu, 07 Dec 2023 20:35:56 GMT; secure; SameSite=None
afoffers={"24":1670445356}; expires=Thu, 07 Dec 2023 20:35:56 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd0ed6a89502a0815804dce4971c7313
c5e8d25b61e661c4699e743846fa207ae49fb145
37c3d37a8fb57f51d2473e99cfcfb1c164197ad266681b0d56fb63278f745807
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 434
Cache-Control: max-age=134081
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 20:35:56 GMT
Etag: "6390603b-1d7"
Expires: Fri, 09 Dec 2022 09:50:37 GMT
Last-Modified: Wed, 07 Dec 2022 09:43:23 GMT
Server: ECS (amb/6BA9)
X-Cache: HIT
Content-Length: 471
trck.wargaming.net/kcf6desd/?t=1&pub_id=1287&xid=6390f92c03bb520001bb84e1&xid_param1=E0CDNGBJ6R&xid_param_2=
92.223.23.230301 Moved Permanently 22 B URL HTTP/1.1 trck.wargaming.net/kcf6desd/?t=1&pub_id=1287&xid=6390f92c03bb520001bb84e1&xid_param1=E0CDNGBJ6R&xid_param_2=
IP 92.223.23.230:0
ASN #199524 G-Core Labs S.A.
File type ASCII text, with no line terminators
Hash 0e0bf67572311f8a23814419ff24ee9a
78328dfc54708433cdfb3e7857e57f87ec443b08
c5f6c267ba4a2964fff5d304d4a1e79c371ce30d32eaf017b3bb40becccd58d2
GET /kcf6desd/?t=1&pub_id=1287&xid=6390f92c03bb520001bb84e1&xid_param1=E0CDNGBJ6R&xid_param_2= HTTP/1.1
Host: trck.wargaming.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 07 Dec 2022 20:35:56 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 22
Connection: keep-alive
Location: https://promo.worldofwarships.eu/glows-34505/eu-no/?t=1&pub_id=1287&xid=6390f92c03bb520001bb84e1&xid_param1=E0CDNGBJ6R&xid_param_2=&sid=SIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA&enctid=covvgj0b2fd2&lpsn=WOWS+TMPLT1+CODE+BOOM+global+WITH+BONUS+SUBTITLE&foris=1&teclient=1670445356936695067&utm_source=wlap&utm_medium=affiliate&utm_campaign=kcf6desd&utm_content=1287
Set-Cookie: STIDREFERRAL=SIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA; Domain=wargaming.net; Max-Age=2592000; Path=/; SameSite=None; Secure
enctid=covvgj0b2fd2; Domain=wargaming.net; Max-Age=2592000; Path=/; SameSite=None; Secure
teclient=1670445356936695067; Domain=wargaming.net; Max-Age=315360000; Path=/; SameSite=None; Secure
Cache-Control: no-cache
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d9b9105ac653af24ca82aa8ca434013a
510a5f7df1ebead772c1b5f11fb7ddc90fe102c7
5d0c78daef32bd89145f2c9dbbe76246e4820d18928b528b4b311c599b4cc249
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D0C78DAEF32BD89145F2C9DBBE76246E4820D18928B528B4B311C599B4CC249"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3254
Expires: Wed, 07 Dec 2022 21:30:11 GMT
Date: Wed, 07 Dec 2022 20:35:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d9b9105ac653af24ca82aa8ca434013a
510a5f7df1ebead772c1b5f11fb7ddc90fe102c7
5d0c78daef32bd89145f2c9dbbe76246e4820d18928b528b4b311c599b4cc249
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D0C78DAEF32BD89145F2C9DBBE76246E4820D18928B528B4B311C599B4CC249"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3254
Expires: Wed, 07 Dec 2022 21:30:11 GMT
Date: Wed, 07 Dec 2022 20:35:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d9b9105ac653af24ca82aa8ca434013a
510a5f7df1ebead772c1b5f11fb7ddc90fe102c7
5d0c78daef32bd89145f2c9dbbe76246e4820d18928b528b4b311c599b4cc249
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D0C78DAEF32BD89145F2C9DBBE76246E4820D18928B528B4B311C599B4CC249"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3254
Expires: Wed, 07 Dec 2022 21:30:11 GMT
Date: Wed, 07 Dec 2022 20:35:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d9b9105ac653af24ca82aa8ca434013a
510a5f7df1ebead772c1b5f11fb7ddc90fe102c7
5d0c78daef32bd89145f2c9dbbe76246e4820d18928b528b4b311c599b4cc249
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D0C78DAEF32BD89145F2C9DBBE76246E4820D18928B528B4B311C599B4CC249"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3254
Expires: Wed, 07 Dec 2022 21:30:11 GMT
Date: Wed, 07 Dec 2022 20:35:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d9b9105ac653af24ca82aa8ca434013a
510a5f7df1ebead772c1b5f11fb7ddc90fe102c7
5d0c78daef32bd89145f2c9dbbe76246e4820d18928b528b4b311c599b4cc249
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D0C78DAEF32BD89145F2C9DBBE76246E4820D18928B528B4B311C599B4CC249"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3254
Expires: Wed, 07 Dec 2022 21:30:11 GMT
Date: Wed, 07 Dec 2022 20:35:57 GMT
Connection: keep-alive
promo-cdn.worldofwarships.com/glows-34505/src/images/wowsl_logo.png
92.223.97.97200 OK 10 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/images/wowsl_logo.png
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 749 x 299, 8-bit colormap, non-interlaced\012- data
Hash 4d9371a87a4f9a0d6a8792e0397aa303
1308b49f8614f0ab05e81698daf5bfc4a2498bf0
68ddcc9fad945493001c241d8de6fb9acdd436bc82bff503302dbffa64f4f5ed
GET /glows-34505/src/images/wowsl_logo.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 20:35:57 GMT
content-type: image/png
content-length: 10514
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: "4d9371a87a4f9a0d6a8792e0397aa303"
x-amz-request-id: tx0000000000000001ae8c2-00637ca118-1cf5682d-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-04T10:16:04+00:00
x-id: sto5-up-gc13
accept-ranges: bytes
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/images/footer-logo.png
92.223.97.97200 OK 1.9 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/images/footer-logo.png
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 275 x 63, 8-bit colormap, non-interlaced\012- data
Hash 7ce94cd1324102c254e60ced58661dc3
b76e3b4e14cf98aa766788bc8cf4fbc97058fec0
fdd269a537d61d3fafbef167c6c7e22ae7707217427b506674f5f0d2f3caed48
GET /glows-34505/src/images/footer-logo.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 20:35:57 GMT
content-type: image/png
content-length: 1939
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: "7ce94cd1324102c254e60ced58661dc3"
x-amz-request-id: tx000000000000004c1da19-00637ca118-1c8e9cf0-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-04T10:16:05+00:00
x-id: sto5-up-gc11
accept-ranges: bytes
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/images/restless-fire.png
92.223.97.97200 OK 25 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/images/restless-fire.png
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 512 x 436, 8-bit colormap, non-interlaced\012- data
Hash 3043f931ada25f81bca06d4f0ea4dbaa
78f9bdc4a4b037b944687a7ee575793fd531b823
b3605f7cd8f58e9f7381a92d0919354d65c77b6793c14714263659a014a815fc
GET /glows-34505/src/images/restless-fire.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 20:35:57 GMT
content-type: image/png
content-length: 25054
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: "3043f931ada25f81bca06d4f0ea4dbaa"
x-amz-request-id: tx000000000000004c1da16-00637ca118-1c8e9cf0-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-04T10:16:04+00:00
x-id: sto5-up-gc12
accept-ranges: bytes
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/images/doubloons.png
92.223.97.97200 OK 39 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/images/doubloons.png
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 512 x 436, 8-bit colormap, non-interlaced\012- data
Hash 68091925676a9a77a9740b81acd666fe
8cada809874a5f8b6993ed3f913a6f72366b4cc5
c1a9b019676d7156280d39fda63b5b22a3ab53ea4f870c33dc2596d28b9b6f45
GET /glows-34505/src/images/doubloons.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 20:35:57 GMT
content-type: image/png
content-length: 39260
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: "68091925676a9a77a9740b81acd666fe"
x-amz-request-id: tx0000000000000016b606f-00637ca118-1bfc3e68-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-04T10:16:04+00:00
x-id: sto5-up-gc10
accept-ranges: bytes
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/images/ship-emden.png
92.223.97.97200 OK 60 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/images/ship-emden.png
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 512 x 436, 8-bit colormap, non-interlaced\012- data
Hash b9182e13a30e8408117ea8c4383bd2e7
4964d7625738a00496d6ff495bf8f4c56c738c64
d213e73d4cc6d18a1e37ee13439919b46fd10f4b8e97ad13fe4333992801ebd4
GET /glows-34505/src/images/ship-emden.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 20:35:57 GMT
content-type: image/png
content-length: 60180
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: "b9182e13a30e8408117ea8c4383bd2e7"
x-amz-request-id: tx0000000000000016b606e-00637ca118-1bfc3e68-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-04T10:16:04+00:00
x-id: sto5-up-gc10
accept-ranges: bytes
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/images/premium-7-days.png
92.223.97.97200 OK 49 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/images/premium-7-days.png
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 512 x 436, 8-bit colormap, non-interlaced\012- data
Hash 98b09a0cd4166bddf0b0f3697c439740
2519fd7126fb29013a3981d2f4c14a3878bd8c55
9c8625714a90a8398492e86d233216eebd81db8ca311332be90d5c284bac7bbe
GET /glows-34505/src/images/premium-7-days.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 20:35:57 GMT
content-type: image/png
content-length: 49403
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: "98b09a0cd4166bddf0b0f3697c439740"
x-amz-request-id: tx000000000000000c425ae-00637ca118-1ce993ea-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-04T10:16:05+00:00
x-id: sto5-up-gc13
accept-ranges: bytes
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/images/ship-luis.png
92.223.97.97200 OK 67 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/images/ship-luis.png
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 512 x 436, 8-bit colormap, non-interlaced\012- data
Hash fd8388d631a2faf5d87e73a4c6aab79b
fb194c3ec881e98c1b5fc5cfee2899316ebfc86b
1f78488eb95a277f03cec5474bfb15ef822ce19435bc7efd1f37cbd4cb339a6b
GET /glows-34505/src/images/ship-luis.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 20:35:57 GMT
content-type: image/png
content-length: 67245
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: "fd8388d631a2faf5d87e73a4c6aab79b"
x-amz-request-id: tx000000000000004c1da17-00637ca118-1c8e9cf0-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-04T10:16:04+00:00
x-id: sto5-up-gc10
accept-ranges: bytes
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/video/video_bg_poster.jpg
92.223.97.97200 OK 1.1 MB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/video/video_bg_poster.jpg
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size 1.1 MB (1084614 bytes)
Hash 902cd1abfd666f6c0f58461a864305fc
24f6b660a15b03b886218c041af0fc1a20e15bfc
bf04190956fba52b0c074ed9246e904f4ee68772b4792385c6ea75a15b7e10fb
GET /glows-34505/src/video/video_bg_poster.jpg HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 20:35:57 GMT
content-type: image/jpeg
content-length: 1084614
last-modified: Tue, 22 Nov 2022 10:14:27 GMT
etag: "902cd1abfd666f6c0f58461a864305fc"
x-amz-request-id: tx000000000000000152a32-00637ca118-1cf7ee3c-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-04T10:16:04+00:00
x-id: sto5-up-gc12
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 7b37a30b88667d56864122116cf9e754
4d840c311c1634c2e837f6f73029491813a22a1d
611c38612f55ca87a6017f84049594909b30929f05f30c19b214ec7146470d66
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2897
Cache-Control: max-age=124307
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 20:35:57 GMT
Etag: "6390306f-118"
Expires: Fri, 09 Dec 2022 07:07:44 GMT
Last-Modified: Wed, 07 Dec 2022 06:19:27 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd0ed6a89502a0815804dce4971c7313
c5e8d25b61e661c4699e743846fa207ae49fb145
37c3d37a8fb57f51d2473e99cfcfb1c164197ad266681b0d56fb63278f745807
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 435
Cache-Control: max-age=134081
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 20:35:57 GMT
Etag: "6390603b-1d7"
Expires: Fri, 09 Dec 2022 09:50:38 GMT
Last-Modified: Wed, 07 Dec 2022 09:43:23 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
cdn.cookielaw.org/consent/68edbfbe-e009-4939-a55b-f4c65daa640b/OtAutoBlock.js
104.16.148.64200 OK 1.9 kB URL HTTP/2 cdn.cookielaw.org/consent/68edbfbe-e009-4939-a55b-f4c65daa640b/OtAutoBlock.js
IP 104.16.148.64:0
File type ASCII text, with very long lines (835)
Hash b00b992406de0267439d1368c0f3f2a3
82fca6bb4bb2c006415fdc311dad9681e73bda74
700beb542a377941732a2680ca40673c81c44667edbddf7b042190eb82a975ab
GET /consent/68edbfbe-e009-4939-a55b-f4c65daa640b/OtAutoBlock.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 20:35:57 GMT
content-type: application/x-javascript
content-length: 1931
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: sAuZJAbeAmdDnRNowPPyow==
last-modified: Fri, 25 Nov 2022 10:09:35 GMT
etag: 0x8DACECD27C13A68
x-ms-request-id: d93dc5c4-001e-00f7-5cb6-00fe0d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 37109
expires: Thu, 08 Dec 2022 20:35:57 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77600cfbba2bb50b-OSL
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/images/logo-main.svg
92.223.97.97200 OK 2.1 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/images/logo-main.svg
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
Hash 6da231e864ce31f20bfe77ab3581dfc7
e679ec554f68931780a9d24c8923acbee9be3371
d70169e0c54d8bc0a7b7ebffa622ac7aef97e5dbdfbc1160b89ee5df44fa39cd
GET /glows-34505/src/images/logo-main.svg HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 20:35:57 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: W/"3205035293624ac8f4502ce6c888db9e"
x-amz-request-id: tx000000000000000cba074-00637ca118-1ce8cb68-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-04T10:16:04+00:00
x-id: sto5-up-gc10
content-encoding: gzip
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/fonts/robotocondensed-bold.woff
92.223.97.97200 OK 92 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/fonts/robotocondensed-bold.woff
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type Web Open Font Format, TrueType, length 92496, version 1.0\012- data
Hash fb69d9cc5aea733510b530ed221b75dc
86276b2f2dfb7b42dc1639730c0bec56aa709be4
3b063cd5ae1793c617df8450a6c4343f7493ad006a574d9c3e9f7e81be9578f8
GET /glows-34505/src/fonts/robotocondensed-bold.woff HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Referer: https://promo-cdn.worldofwarships.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 20:35:57 GMT
content-length: 92496
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: "fb69d9cc5aea733510b530ed221b75dc"
x-amz-request-id: tx000000000000000c425dc-00637ca119-1ce993ea-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-04T10:16:04+00:00
x-id: sto5-up-gc15
accept-ranges: bytes
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/fonts/robotocondensed-regular.woff
92.223.97.97200 OK 92 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/fonts/robotocondensed-regular.woff
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type Web Open Font Format, TrueType, length 92000, version 1.0\012- data
Hash 390bd5d824e087653e297bdd9b369153
98d3f9b6c56788ca8a31212c8edc71e476a97bec
b32cf642f870c95b900ad763b21c6278701e4a4de13ac6f28e2da2a891a1706b
GET /glows-34505/src/fonts/robotocondensed-regular.woff HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Referer: https://promo-cdn.worldofwarships.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 20:35:57 GMT
content-length: 92000
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: "390bd5d824e087653e297bdd9b369153"
x-amz-request-id: tx00000000000000129a8b2-00637ca119-1cdfff90-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-04T10:16:04+00:00
x-id: sto5-up-gc15
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8aa9320315b7fc787bfd0fd1baea8721
45328506883b22acc927b8038b73e5247b0a1679
c5827834b5ce1e49980b439410b06fca062d877abd8ca89719b589a2fe28b4b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 20:35:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.cookielaw.org/scripttemplates/otSDKStub.js
104.16.148.64200 OK 7.2 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/otSDKStub.js
IP 104.16.148.64:0
File type ASCII text, with very long lines (21747)
Hash 6ca9058d9138dc07d9a378e6f20a8b7b
ff5f65ad24a8e2b3042cbb0136be7edb52215c1a
1561d36bd995a09ea69c243767e196dd2e76a2753b59b78ecbf999161904f86d
GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 20:35:57 GMT
content-type: application/javascript
content-length: 7151
content-encoding: gzip
content-md5: bKkFjZE43AfZo3jm8gqLew==
last-modified: Tue, 06 Dec 2022 07:45:09 GMT
etag: 0x8DAD75DCC9E2F9F
x-ms-request-id: b80b8554-f01e-014c-18d0-0959ac000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 67579
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77600cfbfa98b50b-OSL
X-Firefox-Spdy: h2
tenor.wargaming.net/assets/campaigns/static/campaign_data_gtm_sender.js
92.223.21.16200 OK 6.6 kB URL HTTP/1.1 tenor.wargaming.net/assets/campaigns/static/campaign_data_gtm_sender.js
IP 92.223.21.16:0
ASN #199524 G-Core Labs S.A.
File type HTML document, ASCII text, with very long lines (7249)
Hash 51b44a9f232d5cec869a12623ae6dbfd
19305e6be93c7944f3e4cd68d778a73bf4a03031
32d957fdbd3debc51e0df55c6af4dbf747c501d19fafdd75731cb9a02cc68107
GET /assets/campaigns/static/campaign_data_gtm_sender.js HTTP/1.1
Host: tenor.wargaming.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 20:35:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=200
Last-Modified: Wed, 09 Nov 2022 09:49:54 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"636b77c2-4ced"
Content-Encoding: gzip
www.googletagmanager.com/gtm.js?id=GTM-58Z37MT
172.217.21.168200 OK 122 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-58Z37MT
IP 172.217.21.168:0
File type ASCII text, with very long lines (38867)
Size 122 kB (121559 bytes)
Hash 4d6ad07c848eddc205bc90075f356781
20f0d9d7db7344b741e73b86e69ed18427524ae1
9a6ef0979ba912da9a7b8f902a54412373967817ffc0429188a861dc86ef8cec
GET /gtm.js?id=GTM-58Z37MT HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 20:35:57 GMT
expires: Wed, 07 Dec 2022 20:35:57 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 121559
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/images/credits.png
92.223.97.97200 OK 1.9 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/images/credits.png
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)\012- data
Hash 23b49030e418c340a4d3b3c510f6558d
fd7f8e05f97e7bf21c83782409f6972b172121f1
0f1e442050ca65df6cbaa0371a5097b75cb8bd93d0a7df66dfb88c249ed86b71
GET /glows-34505/src/images/credits.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 20:35:57 GMT
content-type: image/png
content-length: 60960
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: "f245ac5b8cd1d7f859b96690b4a220d1"
x-amz-request-id: tx00000000000000129a883-00637ca118-1cdfff90-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-04T10:16:05+00:00
x-id: sto5-up-gc12
accept-ranges: bytes
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/global_static/age_ratings/v2/pegi_rating.svg
92.223.97.97200 OK 3.6 MB URL HTTP/2 promo-cdn.worldofwarships.com/global_static/age_ratings/v2/pegi_rating.svg
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
Size 3.6 MB (3587796 bytes)
Hash bd0713e3d672cebc03522b3fe820fcee
77bfe80caf0b6438f71a57132d2175f040bbf2df
fab078ea07cd1b272e965748e03ae438eb1df834b1f3b608f93a8f8f44ecd2e6
GET /global_static/age_ratings/v2/pegi_rating.svg HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 20:35:57 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Feb 2022 22:01:21 GMT
etag: W/"207ef7e145ba483b342b96f8c2fbf72a"
x-amz-request-id: tx0000000000000002a85f1-00633fe0c3-1c4459fa-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-06T08:23:21+00:00
x-id: sto5-up-gc13
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c7a5f887bbc7d30b9cfe15163c3d8ddb
21d65790a1d10a06d198b54218365aa474126e1c
2a2e7930f967d947cc5293c95221913e24596773577bbf56ff402db6236bbda1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 20:35:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 42bdfac4b74435a3d8add640fc703403
e1a183562d91f7cec147112026b6d9d904533ed1
4366d9c119721babbd7188548e8885917a1c011f1cf828dceef088140e8fe8c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 20:35:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
promo-cdn.worldofwarships.com/glows-34505/src/styles/style.css?v=2.2
92.223.97.97200 OK 6.9 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/styles/style.css?v=2.2
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type ASCII text, with very long lines (949)
Hash dbfa4f3728c5ce32f5480819fc672187
b63ea64fe671dc083c917408b2ce542114ed1538
8e6d3909d8681c1710197bf7df2e392bb5e53b2b50d46f73cb7afd6920705d97
GET /glows-34505/src/styles/style.css?v=2.2 HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 20:35:57 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: W/"c051de716150069a75decab6539edd41"
x-amz-request-id: tx000000000000000002722-006384d5c2-1d0d20f6-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-06T15:38:43+00:00
x-id: sto5-up-gc13
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 041c78e55e0f2f990f7b625df4e315b1
e52007128f5faa0bd437d8904bd6d1f2df5e62c4
42f2132fd07bea118af881968e7073717b61cd7d89e3ef00cca39c4fafea79ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "42F2132FD07BEA118AF881968E7073717B61CD7D89E3EF00CCA39C4FAFEA79AD"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10411
Expires: Wed, 07 Dec 2022 23:29:28 GMT
Date: Wed, 07 Dec 2022 20:35:57 GMT
Connection: keep-alive
promo-cdn.worldofwarships.com/glows-34505/src/libs/aos.css
92.223.97.97200 OK 9.4 MB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/libs/aos.css
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
Size 9.4 MB (9442100 bytes)
Hash 175667fd94be61ab4b81e909e303c53b
fe10703791b70fde59566e98b574f61c8b448127
fa02457d17afc212f55ecaabdee940ffb108becfe0b6cb1c8cf824702190b1ce
GET /glows-34505/src/libs/aos.css HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 20:35:57 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Tue, 22 Nov 2022 10:14:27 GMT
etag: W/"1691966fad1799cece5fedf5bbd55bfc"
x-amz-request-id: tx00000000000000129a88c-00637ca118-1cdfff90-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-04T10:16:03+00:00
x-id: sto5-up-gc12
content-encoding: gzip
X-Firefox-Spdy: h2
10697551.fls.doubleclick.net/activityi;src=10697551;type=pagev0;cat=allvi0;ord=6291569230220;gtm=2wgbu0;gcs=G111;auiddc=174837149.1670445357;u1=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287;~oref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287?
142.250.74.6200 OK 609 B URL HTTP/2 10697551.fls.doubleclick.net/activityi;src=10697551;type=pagev0;cat=allvi0;ord=6291569230220;gtm=2wgbu0;gcs=G111;auiddc=174837149.1670445357;u1=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287;~oref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287?
IP 142.250.74.6:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1527), with no line terminators
Hash 5da42f7a5efeef60f176512d37266b9e
89c769a2400641448b4d3029e4c0cbf52904173b
85a5f726eddb80fdf9867707795fb0327ac36029dc11438aa9249ecda63e6007
GET /activityi;src=10697551;type=pagev0;cat=allvi0;ord=6291569230220;gtm=2wgbu0;gcs=G111;auiddc=174837149.1670445357;u1=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287;~oref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287? HTTP/1.1
Host: 10697551.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 20:35:57 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 609
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 20:50:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b328600bd0a521b83e3bd033a60ba55e
f809d005d56ac5d0a877ebc23e7b38f512bea223
6ddd4d2213314cfa05d5b26c29f53c7a0647315c2436138b81241003bc9d8a3d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2560
Cache-Control: max-age=144475
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 20:35:58 GMT
Etag: "63908089-118"
Expires: Fri, 09 Dec 2022 12:43:53 GMT
Last-Modified: Wed, 07 Dec 2022 12:01:13 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 041c78e55e0f2f990f7b625df4e315b1
e52007128f5faa0bd437d8904bd6d1f2df5e62c4
42f2132fd07bea118af881968e7073717b61cd7d89e3ef00cca39c4fafea79ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "42F2132FD07BEA118AF881968E7073717B61CD7D89E3EF00CCA39C4FAFEA79AD"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10410
Expires: Wed, 07 Dec 2022 23:29:28 GMT
Date: Wed, 07 Dec 2022 20:35:58 GMT
Connection: keep-alive
cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
151.101.193.229200 OK 85 kB URL HTTP/2 cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
IP 151.101.193.229:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (586)
Hash 38bcc0f8505c69e2c6fe7f07747a688d
0f67a6ec36f89ac04a363efeec43ef2840508691
e499aad948729045fb029421fdc1dba4aa4cd0f4f1476d0aa74bdb8b8d48a06c
GET /npm/yandex-metrica-watch/tag.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.250.0
x-jsd-version-type: version
etag: W/"346dd-nsZLR4YN/Jfyl2nmrii/8cxDozY"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 07 Dec 2022 20:35:58 GMT
age: 7881
x-served-by: cache-fra-eddf8230060-FRA, cache-bma1668-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 85055
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 42bdfac4b74435a3d8add640fc703403
e1a183562d91f7cec147112026b6d9d904533ed1
4366d9c119721babbd7188548e8885917a1c011f1cf828dceef088140e8fe8c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 20:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.redditstatic.com/ads/pixel.js
151.101.65.140200 OK 7.7 kB URL HTTP/2 www.redditstatic.com/ads/pixel.js
IP 151.101.65.140:0
File type ASCII text, with very long lines (25224)
Hash 3528fd00b652f61a266eb584d96f4fcc
d89e16aa1323c6c4f1ed3941122020684a599361
77efa9f2ddfdca7a45df37bbcd22fdaeb7b97161a2acd87e21eb78bdeaad1332
GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 07 Nov 2022 16:45:46 GMT
etag: "3528fd00b652f61a266eb584d96f4fcc"
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 07 Dec 2022 20:35:58 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7722
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash 079451948e6692ace71832c046209123
78ae2c65403b487c14e4cdc230f5eb403c2517d9
8aae86cec0e47fa119209716fbd5f158c239fe0c26b0ce4e3d555958c2163340
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:35:58 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "16CE6C0EC5280A772EE4B0CEE2DE24F576BB8DC5"
Expires: Thu, 08 Dec 2022 07:00:00 GMT
Last-Modified: Wed, 07 Dec 2022 19:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2015
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77600d019e5fb51d-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9084a518c70ad57bb3226fb519b648fd
79348ebe6f5900a035d4d65e08a7409fd9708f15
f0c6b0f66c31aa7cb2d2808eb4c04c3681d48e731efc8cbba0f3fef1d218ce7b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 20:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd6dabd083ee1c237c8ea3ba38cc48d5
bbe4420bf1c0fe0d5621336865563418d2f16f39
c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 20:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/landing?gcs=G111&gcd=G111&rnd=1913900807.1670445357&url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F>m=2wgbu058Z37MT&auid=174837149.1670445357
216.58.207.228302 Found 42 B URL HTTP/2 www.google.com/pagead/landing?gcs=G111&gcd=G111&rnd=1913900807.1670445357&url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F>m=2wgbu058Z37MT&auid=174837149.1670445357
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
POST /pagead/landing?gcs=G111&gcd=G111&rnd=1913900807.1670445357&url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F>m=2wgbu058Z37MT&auid=174837149.1670445357 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 20:35:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G111&rnd=1913900807.1670445357&url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F>m=2wgbu058Z37MT&auid=174837149.1670445357
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=10697551;type=pagev0;cat=allvi0;ord=6291569230220;gtm=2wgbu0;gcs=G111;auiddc=174837149.1670445357;u1=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287;~oref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287
142.250.74.98200 OK 610 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=10697551;type=pagev0;cat=allvi0;ord=6291569230220;gtm=2wgbu0;gcs=G111;auiddc=174837149.1670445357;u1=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287;~oref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1526), with no line terminators
Hash 1f9add80664a8f7bc3e1ef6203b8afd5
17d2dc95ef15d54fd663e247a8fc8d10b34b692d
bb58c7889adb024713f7d2aadf62bc5b7a2606ad962c3649ec077b140794f68f
GET /ddm/fls/i/src=10697551;type=pagev0;cat=allvi0;ord=6291569230220;gtm=2wgbu0;gcs=G111;auiddc=174837149.1670445357;u1=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287;~oref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287 HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10697551.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 20:35:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 610
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd6dabd083ee1c237c8ea3ba38cc48d5
bbe4420bf1c0fe0d5621336865563418d2f16f39
c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 20:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd6dabd083ee1c237c8ea3ba38cc48d5
bbe4420bf1c0fe0d5621336865563418d2f16f39
c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 20:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9f7b88bc2d098c47ebc61791344a5dbd
8b0993570d8402b7b115609af8dda8043d9a934d
b609e33d144ff22b7797f42c65da5c422fc0765e1cae90202fa6faa06b668df3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B609E33D144FF22B7797F42C65DA5C422FC0765E1CAE90202FA6FAA06B668DF3"
Last-Modified: Wed, 07 Dec 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2787
Expires: Wed, 07 Dec 2022 21:22:25 GMT
Date: Wed, 07 Dec 2022 20:35:58 GMT
Connection: keep-alive
cdn.cookielaw.org/scripttemplates/202211.1.0/otBannerSdk.js
104.16.148.64200 OK 94 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/202211.1.0/otBannerSdk.js
IP 104.16.148.64:0
File type ASCII text, with very long lines (65451)
Hash f6a491be9dc7f6ba1271f4faa9753179
e11e8e291ca6548f4933103088b8acd15af84191
6cf04708cbb25e9b7144e865deebd75bd4b2d42fa703299ba303a084d457b081
GET /scripttemplates/202211.1.0/otBannerSdk.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 20:35:58 GMT
content-type: application/javascript
content-length: 93485
content-encoding: gzip
content-md5: 9qSRvp3H9roScfT6qXUxeQ==
last-modified: Wed, 30 Nov 2022 07:37:09 GMT
etag: 0x8DAD2A5B0177E6D
x-ms-request-id: 7cacc22c-c01e-014f-273e-055aab000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 43077
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77600d030d69b50b-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6d7737802f93eeb14503d61c77c137bc
fa6861c298d00f879b9f16af4f05470cecfc80af
6b1b9763bcfaeb92a63ad6020651b3745e8279c634eb3505fc9fa875e772af42
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 20:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash e76f661702cc0fbe5bc6b3399f81ceda
fbeae9f757be13eabf36f3c3d11c21d1b2d18afd
92986e7ea1c22ac47222affadcf214a5fe66a6f7cc6b1f7f14c4707d2a3ff1fa
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:35:58 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Sun, 11 Dec 2022 17:33:37 GMT
ETag: "fbeae9f757be13eabf36f3c3d11c21d1b2d18afd"
Last-Modified: Wed, 07 Dec 2022 17:33:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 359
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77600d033887b51d-OSL
googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G111&rnd=1913900807.1670445357&url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F>m=2wgbu058Z37MT&auid=174837149.1670445357
172.217.21.162200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G111&rnd=1913900807.1670445357&url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F>m=2wgbu058Z37MT&auid=174837149.1670445357
IP 172.217.21.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/landing?gcs=G111&gcd=G111&rnd=1913900807.1670445357&url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F>m=2wgbu058Z37MT&auid=174837149.1670445357 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 20:35:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 20:50:58 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash e76f661702cc0fbe5bc6b3399f81ceda
fbeae9f757be13eabf36f3c3d11c21d1b2d18afd
92986e7ea1c22ac47222affadcf214a5fe66a6f7cc6b1f7f14c4707d2a3ff1fa
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:35:58 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Sun, 11 Dec 2022 17:33:37 GMT
ETag: "fbeae9f757be13eabf36f3c3d11c21d1b2d18afd"
Last-Modified: Wed, 07 Dec 2022 17:33:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 359
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77600d0348a0b51d-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash e76f661702cc0fbe5bc6b3399f81ceda
fbeae9f757be13eabf36f3c3d11c21d1b2d18afd
92986e7ea1c22ac47222affadcf214a5fe66a6f7cc6b1f7f14c4707d2a3ff1fa
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:35:58 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Sun, 11 Dec 2022 17:33:37 GMT
ETag: "fbeae9f757be13eabf36f3c3d11c21d1b2d18afd"
Last-Modified: Wed, 07 Dec 2022 17:33:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 359
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77600d035bd30b39-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0fa282ae07239f0cf04503485877d681
631aa2fff49d29c46341db6540d25917b3626ef5
9020928ea0c9addf3e0a04d78db4158b54b4f29577785b5adb4cf7f2949ced17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 20:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6d7737802f93eeb14503d61c77c137bc
fa6861c298d00f879b9f16af4f05470cecfc80af
6b1b9763bcfaeb92a63ad6020651b3745e8279c634eb3505fc9fa875e772af42
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 20:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/i/src=10697551;type=pagev0;cat=allvi0;ord=6291569230220;gtm=2wgbu0;gcs=G111;auiddc=174837149.1670445357;u1=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287;~oref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287
142.250.74.34200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=10697551;type=pagev0;cat=allvi0;ord=6291569230220;gtm=2wgbu0;gcs=G111;auiddc=174837149.1670445357;u1=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287;~oref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=10697551;type=pagev0;cat=allvi0;ord=6291569230220;gtm=2wgbu0;gcs=G111;auiddc=174837149.1670445357;u1=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287;~oref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287 HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 20:35:58 GMT
expires: Wed, 07 Dec 2022 20:35:58 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.cookielaw.org/consent/68edbfbe-e009-4939-a55b-f4c65daa640b/ad5c42f4-14cd-4309-be4a-e049aeb7b78d/en.json
104.16.148.64200 OK 12 kB URL HTTP/2 cdn.cookielaw.org/consent/68edbfbe-e009-4939-a55b-f4c65daa640b/ad5c42f4-14cd-4309-be4a-e049aeb7b78d/en.json
IP 104.16.148.64:0
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (48198), with no line terminators
Hash b423017d2eccc05cb5e3921d36eeb535
b989dd503a71fa6a448860a5d59c28bbceee910b
b8aab8ba299a063e0e5faacea59d7cc56da466c0fd3b91a8d03480184eaf7495
GET /consent/68edbfbe-e009-4939-a55b-f4c65daa640b/ad5c42f4-14cd-4309-be4a-e049aeb7b78d/en.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 20:35:58 GMT
content-type: application/x-javascript
content-length: 11485
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: tCMBfS7MwFy145IdNu61NQ==
last-modified: Fri, 25 Nov 2022 10:09:21 GMT
etag: 0x8DACECD1F1475FC
x-ms-request-id: ba3e27e9-f01e-00e9-15b6-0024e0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 36425
expires: Thu, 08 Dec 2022 20:35:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77600d039e4eb50b-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c221e4deeb8144b7fc354cce5dc563f8
578e9395e2800e2e19bde2a1d49d9501f6aa3364
258bf83c23b05e8bc9b987e849a194b9f81742ee4268f6453a1e88bfaca959f5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 20:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
q.quora.com/_/ad/e4652778ed5c49c1b1a36d8c41a61ba9/pixel?j=1&u=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&tag=ViewContent&ts=1670445357743
100.25.7.120200 OK 43 B URL HTTP/1.1 q.quora.com/_/ad/e4652778ed5c49c1b1a36d8c41a61ba9/pixel?j=1&u=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&tag=ViewContent&ts=1670445357743
IP 100.25.7.120:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /_/ad/e4652778ed5c49c1b1a36d8c41a61ba9/pixel?j=1&u=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&tag=ViewContent&ts=1670445357743 HTTP/1.1
Host: q.quora.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Date: Wed, 07 Dec 2022 20:35:58 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,c1e6641017ddcf0276bec3ad2aab2431,10.0.0.34,58724,91.90.42.154,,218265018508,1,1670445358.653,0.002,,.,0,0,0.000,0.000,-,0,0,197,313,156,10,26847,,,,,,-,
Content-Length: 43
Connection: keep-alive
mc.yandex.ru/watch/14976586/1?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A2b7w95bdqfdb0kzrg7tcl8%3Afp%3A1266%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A3%3Adp%3A0%3Als%3A925049189803%3Ahid%3A135149832%3Az%3A0%3Ai%3A20221207203558%3Aet%3A1670445358%3Ac%3A1%3Arn%3A882873968%3Arqn%3A1%3Au%3A1670445358860089443%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A81%2C21%2C8%2C0%2C780%2C0%2C%2C304%2C58%2C%2C%2C%2C1223%3Aco%3A0%3Ans%3A1670445355737%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670445358%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29mc%28g-2%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
87.250.250.119200 OK 419 B URL HTTP/2 mc.yandex.ru/watch/14976586/1?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A2b7w95bdqfdb0kzrg7tcl8%3Afp%3A1266%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A3%3Adp%3A0%3Als%3A925049189803%3Ahid%3A135149832%3Az%3A0%3Ai%3A20221207203558%3Aet%3A1670445358%3Ac%3A1%3Arn%3A882873968%3Arqn%3A1%3Au%3A1670445358860089443%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A81%2C21%2C8%2C0%2C780%2C0%2C%2C304%2C58%2C%2C%2C%2C1223%3Aco%3A0%3Ans%3A1670445355737%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670445358%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29mc%28g-2%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash a7a2cd5e317842197551d112a5c659f3
6206a701e1722d19727be2c56742ae6aa55753e1
a84e1fa9a3937853966c5d57f86a7eb141b91a83bb30e67e62b4390c1b5228bf
GET /watch/14976586/1?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A2b7w95bdqfdb0kzrg7tcl8%3Afp%3A1266%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A3%3Adp%3A0%3Als%3A925049189803%3Ahid%3A135149832%3Az%3A0%3Ai%3A20221207203558%3Aet%3A1670445358%3Ac%3A1%3Arn%3A882873968%3Arqn%3A1%3Au%3A1670445358860089443%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A81%2C21%2C8%2C0%2C780%2C0%2C%2C304%2C58%2C%2C%2C%2C1223%3Aco%3A0%3Ans%3A1670445355737%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670445358%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29mc%28g-2%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Referer: https://promo.worldofwarships.eu/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 419
date: Wed, 07 Dec 2022 20:35:58 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://promo.worldofwarships.eu
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 07-Dec-2022 20:35:58 GMT
last-modified: Wed, 07-Dec-2022 20:35:58 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/71343676?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A2b7w95bdqfdb0kzrg7tcl8%3Afp%3A1266%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A0%3Als%3A19336121061%3Ahid%3A135149832%3Az%3A0%3Ai%3A20221207203558%3Aet%3A1670445358%3Ac%3A1%3Arn%3A1023752368%3Arqn%3A1%3Au%3A1670445358860089443%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A81%2C21%2C8%2C0%2C780%2C0%2C%2C304%2C58%2C%2C%2C%2C1223%3Aco%3A0%3Ans%3A1670445355737%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670445358%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.250.119302 Found 419 B URL HTTP/2 mc.yandex.ru/watch/71343676?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A2b7w95bdqfdb0kzrg7tcl8%3Afp%3A1266%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A0%3Als%3A19336121061%3Ahid%3A135149832%3Az%3A0%3Ai%3A20221207203558%3Aet%3A1670445358%3Ac%3A1%3Arn%3A1023752368%3Arqn%3A1%3Au%3A1670445358860089443%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A81%2C21%2C8%2C0%2C780%2C0%2C%2C304%2C58%2C%2C%2C%2C1223%3Aco%3A0%3Ans%3A1670445355737%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670445358%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash cff99a1a6648464ec8512319818d4326
e32d2af3d3b7848bef0e0e0b0d21b3616a6b059c
4beb78402f455e46da681ff664f6f1c2bf83810c442a2e1d3c73c40cf8da5079
GET /watch/71343676?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A2b7w95bdqfdb0kzrg7tcl8%3Afp%3A1266%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A0%3Als%3A19336121061%3Ahid%3A135149832%3Az%3A0%3Ai%3A20221207203558%3Aet%3A1670445358%3Ac%3A1%3Arn%3A1023752368%3Arqn%3A1%3Au%3A1670445358860089443%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A81%2C21%2C8%2C0%2C780%2C0%2C%2C304%2C58%2C%2C%2C%2C1223%3Aco%3A0%3Ans%3A1670445355737%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670445358%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /watch/71343676/1?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A2b7w95bdqfdb0kzrg7tcl8%3Afp%3A1266%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A0%3Als%3A19336121061%3Ahid%3A135149832%3Az%3A0%3Ai%3A20221207203558%3Aet%3A1670445358%3Ac%3A1%3Arn%3A1023752368%3Arqn%3A1%3Au%3A1670445358860089443%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A81%2C21%2C8%2C0%2C780%2C0%2C%2C304%2C58%2C%2C%2C%2C1223%3Aco%3A0%3Ans%3A1670445355737%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670445358%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Wed, 07 Dec 2022 20:35:58 GMT
access-control-allow-origin: https://promo.worldofwarships.eu
set-cookie: yabs-sid=2070707061670445358; Path=/; SameSite=None; Secure
i=M71XANtWdCCkdPfd6weMLSChvb8Kp2Fgqi3P7FoO3Pd8khhekkNm+DMDZVOLxJcac1bzjnS29yxbVh5Ox20uk5YSJL8=; Expires=Sat, 04-Dec-2032 20:35:52 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=6332162201670445358; Expires=Thu, 07-Dec-2023 20:35:58 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=6332162201670445358; Expires=Thu, 07-Dec-2023 20:35:58 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1701981358.yc.1670445358#1701981358.yrts.1670445358#1701981358.yrtsi.1670445358; Expires=Thu, 07-Dec-2023 20:35:58 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 07-Dec-2022 20:35:58 GMT
last-modified: Wed, 07-Dec-2022 20:35:58 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/71343676/1?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A2b7w95bdqfdb0kzrg7tcl8%3Afp%3A1266%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A0%3Als%3A19336121061%3Ahid%3A135149832%3Az%3A0%3Ai%3A20221207203558%3Aet%3A1670445358%3Ac%3A1%3Arn%3A1023752368%3Arqn%3A1%3Au%3A1670445358860089443%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A81%2C21%2C8%2C0%2C780%2C0%2C%2C304%2C58%2C%2C%2C%2C1223%3Aco%3A0%3Ans%3A1670445355737%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670445358%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
87.250.250.119200 OK 400 B URL HTTP/2 mc.yandex.ru/watch/71343676/1?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A2b7w95bdqfdb0kzrg7tcl8%3Afp%3A1266%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A0%3Als%3A19336121061%3Ahid%3A135149832%3Az%3A0%3Ai%3A20221207203558%3Aet%3A1670445358%3Ac%3A1%3Arn%3A1023752368%3Arqn%3A1%3Au%3A1670445358860089443%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A81%2C21%2C8%2C0%2C780%2C0%2C%2C304%2C58%2C%2C%2C%2C1223%3Aco%3A0%3Ans%3A1670445355737%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670445358%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash c7a0efbd5852e555bb09dd60ebb9d4a4
3fe3dc39d4067a2999956192e70a077436c1599f
b204a85901e0b40bf14d1f4403a8333333f5cb6a75db6bfca63480cbcc9f49dd
GET /watch/71343676/1?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A2b7w95bdqfdb0kzrg7tcl8%3Afp%3A1266%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A0%3Als%3A19336121061%3Ahid%3A135149832%3Az%3A0%3Ai%3A20221207203558%3Aet%3A1670445358%3Ac%3A1%3Arn%3A1023752368%3Arqn%3A1%3Au%3A1670445358860089443%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A81%2C21%2C8%2C0%2C780%2C0%2C%2C304%2C58%2C%2C%2C%2C1223%3Aco%3A0%3Ans%3A1670445355737%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670445358%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Referer: https://promo.worldofwarships.eu/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Wed, 07 Dec 2022 20:35:58 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://promo.worldofwarships.eu
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 07-Dec-2022 20:35:58 GMT
last-modified: Wed, 07-Dec-2022 20:35:58 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/202211.1.0/assets/otCenterRounded.json
104.16.148.64200 OK 2.6 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/202211.1.0/assets/otCenterRounded.json
IP 104.16.148.64:0
File type JSON data\012- , ASCII text, with very long lines (7753)
Hash 688f5aef949a8982bda0771893cc67d3
c50441dea985350ab305848e2d87d6286adfda3c
da30c398b0e6646c44fc5a53e44371004a33267d6cd07404775ab6380979b058
GET /scripttemplates/202211.1.0/assets/otCenterRounded.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 20:35:58 GMT
content-type: application/json
content-length: 2639
content-encoding: gzip
content-md5: aI9a75SaiYK9oHcYk8xn0w==
last-modified: Wed, 30 Nov 2022 07:37:01 GMT
etag: 0x8DAD2A5AB6C83EE
x-ms-request-id: 448de741-101e-008e-32c9-049747000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 36425
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77600d042f2fb50b-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/202211.1.0/assets/v2/otPcCenter.json
104.16.148.64200 OK 12 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/202211.1.0/assets/v2/otPcCenter.json
IP 104.16.148.64:0
File type JSON data\012- , ASCII text, with very long lines (50353)
Hash 0cd2fb0fd730954ef2159520d96f1934
d2656260dfdac230479c8e7dc44444e9d5c8faf2
b821093423791675ca31c2d688b528b329737cca90ef62bc44f5c5b39423c8f6
GET /scripttemplates/202211.1.0/assets/v2/otPcCenter.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 20:35:58 GMT
content-type: application/json
content-length: 12540
content-encoding: gzip
content-md5: DNL7D9cwlU7yFZUg2W8ZNA==
last-modified: Wed, 30 Nov 2022 07:37:02 GMT
etag: 0x8DAD2A5AC58BC53
x-ms-request-id: fbcd2477-d01e-00ba-40c9-0438ef000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 36425
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77600d042f32b50b-OSL
X-Firefox-Spdy: h2
mc.yandex.ru/watch/45727869?page-url=goal%3A%2F%2Fpromo.worldofwarships.eu%2FWOWS_All-visitors_LP_set&page-ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&charset=utf-8&hittoken=1670445358_2602606f2634a17bccb7f4f69923d3ea0480b8b91e706e89f0985a33911c6583&browser-info=ar%3A1%3Avf%3A2b7w95bdqfdb0kzrg7tcl8%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A99337117796%3Ahid%3A135149832%3Az%3A0%3Ai%3A20221207203558%3Aet%3A1670445358%3Ac%3A1%3Arn%3A777541186%3Arqn%3A2%3Au%3A1670445358860089443%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Aeu%3A1%3Ans%3A1670445355737%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670445358%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(2)aw(1)ecs(1)fip(1)ti(2)
87.250.250.119302 Found 43 B URL HTTP/2 mc.yandex.ru/watch/45727869?page-url=goal%3A%2F%2Fpromo.worldofwarships.eu%2FWOWS_All-visitors_LP_set&page-ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&charset=utf-8&hittoken=1670445358_2602606f2634a17bccb7f4f69923d3ea0480b8b91e706e89f0985a33911c6583&browser-info=ar%3A1%3Avf%3A2b7w95bdqfdb0kzrg7tcl8%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A99337117796%3Ahid%3A135149832%3Az%3A0%3Ai%3A20221207203558%3Aet%3A1670445358%3Ac%3A1%3Arn%3A777541186%3Arqn%3A2%3Au%3A1670445358860089443%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Aeu%3A1%3Ans%3A1670445355737%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670445358%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(2)aw(1)ecs(1)fip(1)ti(2)
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/45727869?page-url=goal%3A%2F%2Fpromo.worldofwarships.eu%2FWOWS_All-visitors_LP_set&page-ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&charset=utf-8&hittoken=1670445358_2602606f2634a17bccb7f4f69923d3ea0480b8b91e706e89f0985a33911c6583&browser-info=ar%3A1%3Avf%3A2b7w95bdqfdb0kzrg7tcl8%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A99337117796%3Ahid%3A135149832%3Az%3A0%3Ai%3A20221207203558%3Aet%3A1670445358%3Ac%3A1%3Arn%3A777541186%3Arqn%3A2%3Au%3A1670445358860089443%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Aeu%3A1%3Ans%3A1670445355737%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670445358%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(2)aw(1)ecs(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/45727869/1?page-url=goal%3A%2F%2Fpromo.worldofwarships.eu%2FWOWS_All-visitors_LP_set&page-ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&charset=utf-8&hittoken=1670445358_2602606f2634a17bccb7f4f69923d3ea0480b8b91e706e89f0985a33911c6583&browser-info=ar%3A1%3Avf%3A2b7w95bdqfdb0kzrg7tcl8%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A99337117796%3Ahid%3A135149832%3Az%3A0%3Ai%3A20221207203558%3Aet%3A1670445358%3Ac%3A1%3Arn%3A777541186%3Arqn%3A2%3Au%3A1670445358860089443%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Aeu%3A1%3Ans%3A1670445355737%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670445358%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29mc%28g-2%29clc%280-0-0%29rqnt%282%29aw%281%29ecs%281%29fip%281%29ti%282%29
date: Wed, 07 Dec 2022 20:35:58 GMT
access-control-allow-origin: https://promo.worldofwarships.eu
set-cookie: yabs-sid=2328002941670445358; Path=/; SameSite=None; Secure
i=Yw25WCH+HG3FXNm9d/8mpyuDG8oTwy9NB3EOjgPqNDRw8lPXcbuBwowIIxuLLXmY2alhFeBNnsNgs0fPBsv+DDDtvQQ=; Expires=Sat, 04-Dec-2032 20:35:56 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=2086503771670445358; Expires=Thu, 07-Dec-2023 20:35:58 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=2086503771670445358; Expires=Thu, 07-Dec-2023 20:35:58 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1701981358.yc.1670445358#1701981358.yrts.1670445358#1701981358.yrtsi.1670445358; Expires=Thu, 07-Dec-2023 20:35:58 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 07-Dec-2022 20:35:58 GMT
last-modified: Wed, 07-Dec-2022 20:35:58 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/45727869/1?page-url=goal%3A%2F%2Fpromo.worldofwarships.eu%2FWOWS_All-visitors_LP_set&page-ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&charset=utf-8&hittoken=1670445358_2602606f2634a17bccb7f4f69923d3ea0480b8b91e706e89f0985a33911c6583&browser-info=ar%3A1%3Avf%3A2b7w95bdqfdb0kzrg7tcl8%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A99337117796%3Ahid%3A135149832%3Az%3A0%3Ai%3A20221207203558%3Aet%3A1670445358%3Ac%3A1%3Arn%3A777541186%3Arqn%3A2%3Au%3A1670445358860089443%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Aeu%3A1%3Ans%3A1670445355737%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670445358%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29mc%28g-2%29clc%280-0-0%29rqnt%282%29aw%281%29ecs%281%29fip%281%29ti%282%29
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/45727869/1?page-url=goal%3A%2F%2Fpromo.worldofwarships.eu%2FWOWS_All-visitors_LP_set&page-ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&charset=utf-8&hittoken=1670445358_2602606f2634a17bccb7f4f69923d3ea0480b8b91e706e89f0985a33911c6583&browser-info=ar%3A1%3Avf%3A2b7w95bdqfdb0kzrg7tcl8%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A99337117796%3Ahid%3A135149832%3Az%3A0%3Ai%3A20221207203558%3Aet%3A1670445358%3Ac%3A1%3Arn%3A777541186%3Arqn%3A2%3Au%3A1670445358860089443%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Aeu%3A1%3Ans%3A1670445355737%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670445358%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29mc%28g-2%29clc%280-0-0%29rqnt%282%29aw%281%29ecs%281%29fip%281%29ti%282%29
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/45727869/1?page-url=goal%3A%2F%2Fpromo.worldofwarships.eu%2FWOWS_All-visitors_LP_set&page-ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&charset=utf-8&hittoken=1670445358_2602606f2634a17bccb7f4f69923d3ea0480b8b91e706e89f0985a33911c6583&browser-info=ar%3A1%3Avf%3A2b7w95bdqfdb0kzrg7tcl8%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A99337117796%3Ahid%3A135149832%3Az%3A0%3Ai%3A20221207203558%3Aet%3A1670445358%3Ac%3A1%3Arn%3A777541186%3Arqn%3A2%3Au%3A1670445358860089443%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Aeu%3A1%3Ans%3A1670445355737%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670445358%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29mc%28g-2%29clc%280-0-0%29rqnt%282%29aw%281%29ecs%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Referer: https://promo.worldofwarships.eu/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 07 Dec 2022 20:35:58 GMT
access-control-allow-origin: https://promo.worldofwarships.eu
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 07-Dec-2022 20:35:58 GMT
last-modified: Wed, 07-Dec-2022 20:35:58 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
cdn.cookielaw.org/logos/04fe1919-d767-41dc-abd4-f409a111f829/d0c760aa-d1b6-44a8-964c-9ae294f365f3/40885536-3b1f-4688-b7c1-39913d45a61e/wg_logo_secondversion_white1r.png
104.16.148.64200 OK 13 kB URL HTTP/2 cdn.cookielaw.org/logos/04fe1919-d767-41dc-abd4-f409a111f829/d0c760aa-d1b6-44a8-964c-9ae294f365f3/40885536-3b1f-4688-b7c1-39913d45a61e/wg_logo_secondversion_white1r.png
IP 104.16.148.64:0
File type PNG image data, 1000 x 320, 8-bit/color RGBA, non-interlaced\012- data
Hash c90475872d8975dcc4b5ed7db6cc5e28
1e5a413845f5d501c174ae4940e1329a2575067f
e79eb16948cca42e0f7884fad7637fa6ec69117a07dbc04cc8b3ea7ebeaef719
GET /logos/04fe1919-d767-41dc-abd4-f409a111f829/d0c760aa-d1b6-44a8-964c-9ae294f365f3/40885536-3b1f-4688-b7c1-39913d45a61e/wg_logo_secondversion_white1r.png HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 20:35:58 GMT
content-type: image/png
content-length: 13003
content-md5: yQR1hy2JddzEte19tsxeKA==
last-modified: Fri, 02 Oct 2020 14:20:55 GMT
etag: 0x8D866DE604098C2
x-ms-request-id: 80efabc0-001e-0056-516d-c43096000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 43257
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77600d0589dab50b-OSL
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/libs/aos.js
92.223.97.97200 OK 6.9 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/libs/aos.js
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
Hash a4ddeb1cdce12b6f8dc4fdd97e0099f9
11de55a794d2cd0297155f39da04f0ed583d5a36
69f5b46530be52a8297a9d0b9f0eb05c941272257ef958f42733f94740777340
GET /glows-34505/src/libs/aos.js HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 20:35:57 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 22 Nov 2022 10:14:27 GMT
etag: W/"7ee92212a3ecbc19d9d71fa3818508af"
x-amz-request-id: tx00000000000000129a87f-00637ca117-1cdfff90-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-04T10:16:03+00:00
x-id: sto5-up-gc15
content-encoding: gzip
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/global_static/favicon/v2/favicon-64x64.png
92.223.97.97200 OK 1.2 kB URL HTTP/2 promo-cdn.worldofwarships.com/global_static/favicon/v2/favicon-64x64.png
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash de30b29e8bbc72b7828734d5d781b9eb
9d5fb51148291180b45d9481b756eb7fc2d4a352
e47efd1c616db1a5564776f4be806183ee085c80d2d3722d3f8d5a06115e46ee
GET /global_static/favicon/v2/favicon-64x64.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 20:35:59 GMT
content-type: image/png
content-length: 1198
last-modified: Mon, 05 Sep 2022 07:56:21 GMT
etag: "de30b29e8bbc72b7828734d5d781b9eb"
x-amz-request-id: tx00000000000000080ac6e-00633fe0d1-1c4c0c09-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-06T08:24:03+00:00
x-id: sto5-up-gc12
accept-ranges: bytes
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 07 Dec 2022 20:35:59 GMT
access-control-allow-origin: *
etag: "638eb36c-2b"
expires: Wed, 07 Dec 2022 21:35:59 GMT
accept-ranges: bytes
last-modified: Tue, 06 Dec 2022 06:13:48 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
87.250.250.119200 OK 73 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.250.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (586)
Hash a4567a1e52f99c2b3870f58375ec8cac
dbfc795e71fc19f7e45e8637abc4ac770f639a48
2b13b5716855040bd9a08972b0e61369e50c6daa402ed937e18f6795f82429c8
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 73266
date: Wed, 07 Dec 2022 20:35:59 GMT
access-control-allow-origin: *
etag: "638eb36c-11e32"
expires: Wed, 07 Dec 2022 21:35:59 GMT
last-modified: Tue, 06 Dec 2022 06:13:48 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/libs/jquery.fullpage.js
92.223.97.97200 OK 32 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/libs/jquery.fullpage.js
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
Hash 0ad79640d6df8b62cc89040a9358871e
f75a85203e00bfde9a79d8568770fc1f67eb1b7e
356b12d12f398be7cd0d74bebda7a93edd7e8bf257e674181f7cb85bbe55a3eb
GET /glows-34505/src/libs/jquery.fullpage.js HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 20:35:57 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 22 Nov 2022 10:14:27 GMT
etag: W/"9a854eed59d24b9252aa7e8ff082eda8"
x-amz-request-id: tx0000000000000001ae8db-00637ca118-1cf5682d-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-04T10:16:04+00:00
x-id: sto5-up-gc14
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0fa282ae07239f0cf04503485877d681
631aa2fff49d29c46341db6540d25917b3626ef5
9020928ea0c9addf3e0a04d78db4158b54b4f29577785b5adb4cf7f2949ced17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 20:35:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.yimg.jp/images/listing/tool/cv/ytag.js
182.22.16.123200 OK 9.8 kB URL HTTP/2 s.yimg.jp/images/listing/tool/cv/ytag.js
IP 182.22.16.123:0
ASN #23816 Yahoo Japan Corporation
File type ASCII text, with very long lines (32042), with no line terminators
Hash 756de2120f79f1aa501b0e0b490dca58
4a4b8d596749960af503ec1309b6bd821a7bdbf3
128c1c4b2018808bbe4ec25198b92ef894df5a131cf0ca647dbd3ada66ba939e
GET /images/listing/tool/cv/ytag.js HTTP/1.1
Host: s.yimg.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Wed, 07 Dec 2022 20:32:30 GMT
vary: Accept-Encoding
last-modified: Tue, 30 Aug 2022 04:48:29 GMT
cache-control: public, max-age=600
content-encoding: gzip
server: ATS
age: 209
content-length: 9790
ats-carp-promotion: 1
x-z-chihaya: r=1
X-Firefox-Spdy: h2
cdn.cookielaw.org/logos/static/ot_guard_logo.svg
104.16.148.64200 OK 11 kB URL HTTP/2 cdn.cookielaw.org/logos/static/ot_guard_logo.svg
IP 104.16.148.64:0
Hash 3a83d4181181ded5f25568ba13028aad
6265e55782981716924ecc18b143f19bbea6e698
d15fb538a9e05f2af86963c1b7295956ac557f42f75c8e0e31b4fda9d83b35fc
GET /logos/static/ot_guard_logo.svg HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 20:35:58 GMT
content-type: image/svg+xml
content-md5: tXyZydHjxQshFMbbBT1/8A==
last-modified: Tue, 06 Dec 2022 07:45:19 GMT
x-ms-request-id: 19a3e488-201e-014e-2280-095b56000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 37108
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77600d0589deb50b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
b92.yahoo.co.jp/rt/?p=26NUFXJP68&label=&ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&rref=&pt=home&item=&cat=&price=&quantity=&r=1670445358.7929735&pvid=tony5e441blbe41c2p&tsyjad=0&_impl=ytag
182.22.16.123403 Forbidden 14 kB URL HTTP/2 b92.yahoo.co.jp/rt/?p=26NUFXJP68&label=&ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&rref=&pt=home&item=&cat=&price=&quantity=&r=1670445358.7929735&pvid=tony5e441blbe41c2p&tsyjad=0&_impl=ytag
IP 182.22.16.123:0
ASN #23816 Yahoo Japan Corporation
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (486)
Hash e986e7a04549f3bef16fe1bb24e61acd
b3ec35460824fae12cf6342ae42d27597ec94fb7
e8b72fe96bc96ffcfef2cdf8ebb503ac854e5c2997ae389b96d04bf78f478edd
GET /rt/?p=26NUFXJP68&label=&ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&rref=&pt=home&item=&cat=&price=&quantity=&r=1670445358.7929735&pvid=tony5e441blbe41c2p&tsyjad=0&_impl=ytag HTTP/1.1
Host: b92.yahoo.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 07 Dec 2022 20:36:00 GMT
server: ATS
x-z-chihaya: r=1
x-frame-options: SAMEORIGIN
content-length: 14275
content-type: text/html
X-Firefox-Spdy: h2
promo.worldofwarships.eu/glows-34505/eu-no/?t=1&pub_id=1287&xid=6390f92c03bb520001bb84e1&xid_param1=E0CDNGBJ6R&xid_param_2=&sid=SIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA&enctid=covvgj0b2fd2&lpsn=WOWS+TMPLT1+CODE+BOOM+global+WITH+BONUS+SUBTITLE&foris=1&teclient=1670445356936695067&utm_source=wlap&utm_medium=affiliate&utm_campaign=kcf6desd&utm_content=1287
92.223.97.97200 OK 23 kB URL HTTP/2 promo.worldofwarships.eu/glows-34505/eu-no/?t=1&pub_id=1287&xid=6390f92c03bb520001bb84e1&xid_param1=E0CDNGBJ6R&xid_param_2=&sid=SIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA&enctid=covvgj0b2fd2&lpsn=WOWS+TMPLT1+CODE+BOOM+global+WITH+BONUS+SUBTITLE&foris=1&teclient=1670445356936695067&utm_source=wlap&utm_medium=affiliate&utm_campaign=kcf6desd&utm_content=1287
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1096)
Hash 6daf9b724e30165d5ee30d459a1aa05f
ea931a049fc438c7a4a86c65ad002c9d88af1415
d730afb5c48ef24533dcdd5ae5e364b493c935640922899323135fe6152ca54f
GET /glows-34505/eu-no/?t=1&pub_id=1287&xid=6390f92c03bb520001bb84e1&xid_param1=E0CDNGBJ6R&xid_param_2=&sid=SIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA&enctid=covvgj0b2fd2&lpsn=WOWS+TMPLT1+CODE+BOOM+global+WITH+BONUS+SUBTITLE&foris=1&teclient=1670445356936695067&utm_source=wlap&utm_medium=affiliate&utm_campaign=kcf6desd&utm_content=1287 HTTP/1.1
Host: promo.worldofwarships.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 20:35:57 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 17 Nov 2022 12:32:22 GMT
etag: W/"eaf6bef074a5ee6283d9d64ad7bf4660"
x-amz-request-id: tx000000000000000e456c4-00637a3856-1cdf9313-ed1
cache: HIT
x-cached-since: 2022-12-06T15:11:22+00:00
x-id: sto5-up-gc14
content-encoding: gzip
X-Firefox-Spdy: h2
s.adroll.com/j/pre/5DEKGEZXIZFGBAVTF7IHV4/LEK33SDIZZFERBERPONNLY/index.js
143.204.55.31200 OK 0 B URL HTTP/1.1 s.adroll.com/j/pre/5DEKGEZXIZFGBAVTF7IHV4/LEK33SDIZZFERBERPONNLY/index.js
IP 143.204.55.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /j/pre/5DEKGEZXIZFGBAVTF7IHV4/LEK33SDIZZFERBERPONNLY/index.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Last-Modified: Thu, 10 Nov 2022 20:03:58 GMT
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: wdhjnh.C2Yr7gZpYdNIYYxYkajKNLTmY
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 07 Dec 2022 20:27:29 GMT
Cache-Control: max-age=3600, must-revalidate
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
Age: 601
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9TSJRed4juwXW-XnNe_YsItBYJxcW63w9A35iYLPa_2_oTZRD1382A==
s.adroll.com/j/exp/5DEKGEZXIZFGBAVTF7IHV4/index.js
143.204.55.31302 Moved Temporarily 0 B URL HTTP/1.1 s.adroll.com/j/exp/5DEKGEZXIZFGBAVTF7IHV4/index.js
IP 143.204.55.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /j/exp/5DEKGEZXIZFGBAVTF7IHV4/index.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Content-Type: application/xml
Content-Length: 0
Connection: keep-alive
Date: Tue, 06 Dec 2022 22:51:36 GMT
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
Age: 78263
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aRKI6IOPYaMY7OU_Fonvy0ixWz83UJkJ7ye-lpDFi7uXKhHxXWUo_A==
s.adroll.com/j/pre/5DEKGEZXIZFGBAVTF7IHV4/LEK33SDIZZFERBERPONNLY/fpconsent.js
143.204.55.31302 Moved Temporarily 0 B URL HTTP/1.1 s.adroll.com/j/pre/5DEKGEZXIZFGBAVTF7IHV4/LEK33SDIZZFERBERPONNLY/fpconsent.js
IP 143.204.55.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /j/pre/5DEKGEZXIZFGBAVTF7IHV4/LEK33SDIZZFERBERPONNLY/fpconsent.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Content-Type: application/xml
Content-Length: 0
Connection: keep-alive
Date: Wed, 07 Dec 2022 00:41:53 GMT
Server: AmazonS3
Location: https://s.adroll.com/j/pre/index.js
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
Age: 71647
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eHDypWrSZt_EtoD8JCpZBcYpNgxITVYOQrqrgjVaw2_Xl4BtWgNMSg==
s.adroll.com/j/exp/index.js
143.204.55.31200 OK 28 B URL HTTP/1.1 s.adroll.com/j/exp/index.js
IP 143.204.55.31:0
File type ASCII text, with no line terminators
Hash 5816cced8568d223aa09d889f300692b
95cab5e474d7391762c3da5c7dc50fcf05df529f
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
GET /j/exp/index.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 28
Connection: keep-alive
Last-Modified: Fri, 14 Oct 2022 18:57:24 GMT
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: 3TnMO1iw0qw17MhnYw4sprJhuU7ahGp7
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 07 Dec 2022 14:45:35 GMT
Etag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
Age: 21054
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FvGjCiI1p0jlxV6d_LBjM-8_I51GHbDWnPVjTKVSTRtnEusCpVDx8g==
s.adroll.com/j/pre/index.js
143.204.55.31200 OK 0 B URL HTTP/1.1 s.adroll.com/j/pre/index.js
IP 143.204.55.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /j/pre/index.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 07 Dec 2022 08:30:56 GMT
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
Age: 43525
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: g2TIDZRUv-yLF-OJB38wMk8BX6th2q6edkPfLIezxBpNWBsM2RZTOw==
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8116e95d-8c6c-4a81-8560-89710dcf8c9b.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8116e95d-8c6c-4a81-8560-89710dcf8c9b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 22e3174edbfe337cc29266cc38abb51e
80283cb298a1b2326620be406ee3daa42ee0b3ef
520858a9d9540d5768988d0ebb04f0162ded5eb9cd8f4718989b033d04702111
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8116e95d-8c6c-4a81-8560-89710dcf8c9b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 3b64a1cf-0ad7-4ecf-a25e-ca65c06330ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csVFcECMoAMF1SQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6889-42dde2da60f083383ab06b82;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:54:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qRfO2pJfTDGteBczJUQoyy49rrUyN5BYhJuadhIbwxyoAR2Vjl6x6A==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 15:56:10 GMT
age: 16790
etag: "80283cb298a1b2326620be406ee3daa42ee0b3ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 59d3343b47a278cf33aaf753f47cae4a
9854aad097672a0ea291ce9871aa59b2c1d7efc2
6fa2239c243cae71a4045c425e18d4e0b7b8841aed455963d81f1b8ff9656a4c
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 07 Dec 2022 20:36:00 GMT
Last-Modified: Wed, 07 Dec 2022 18:56:12 GMT
Server: ECS (nyb/1D0E)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Wfc0NwIamN6Kgbuh-ZSv3OIqFsV9_5gNgZTHZHyISE04HjeyIRazHQ==
Age: 5989
d.adroll.com/consent/check/5DEKGEZXIZFGBAVTF7IHV4?pv=68820742407.76721&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&_s=1165ceea61301d033ca32fa41226bba4&_b=2
52.209.35.32200 OK 461 B URL HTTP/2 d.adroll.com/consent/check/5DEKGEZXIZFGBAVTF7IHV4?pv=68820742407.76721&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&_s=1165ceea61301d033ca32fa41226bba4&_b=2
IP 52.209.35.32:0
File type ASCII text, with very long lines (461), with no line terminators
Hash 5f6e1113fbdfa1786032c0d1c204d0ab
44349d2c490d7be82a327fd92ec0ce8d893f3b28
eeb9ef3575a8380a5dffd61078973481a5effdc4b158798910a6469da8a359c2
GET /consent/check/5DEKGEZXIZFGBAVTF7IHV4?pv=68820742407.76721&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&_s=1165ceea61301d033ca32fa41226bba4&_b=2 HTTP/1.1
Host: d.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 20:36:00 GMT
content-type: application/javascript
content-length: 461
server: nginx/1.22.0
cache-control: no-store, no-cache, must-revalidate
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
set-cookie: __adroll=e4d6b8986f9644255162b95b2ad8239c-a_1670445360; Version=1; Expires=Sat, 06-Jan-2024 20:36:00 GMT; Max-Age=34128000; Path=/; HttpOnly; SameSite=None; Secure; Domain=d.adroll.com
__adroll_shared=e4d6b8986f9644255162b95b2ad8239c-a_1670445360; Version=1; Expires=Sat, 06-Jan-2024 20:36:00 GMT; Max-Age=34128000; Path=/; HttpOnly; SameSite=None; Secure; Domain=adroll.com
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash c530a51fd2f7eed9877eedea14816eab
832e73b790110b3b9c487b82c69af169ca48e960
cf6f2106ff92f4137b85c1e373e68b78c2ff938342ea4c7fd03ed828c282c5c0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5885
Cache-Control: max-age=156809
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 20:36:01 GMT
Etag: "6390a3bd-116"
Expires: Fri, 09 Dec 2022 16:09:30 GMT
Last-Modified: Wed, 07 Dec 2022 14:31:25 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 278
geolocation.onetrust.com/cookieconsentpub/v1/geo/location
188.114.99.234200 OK 0 B URL HTTP/2 geolocation.onetrust.com/cookieconsentpub/v1/geo/location
IP 188.114.99.234:0
GET /cookieconsentpub/v1/geo/location HTTP/1.1
Host: geolocation.onetrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 20:35:58 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 77600d015ae7b51b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/scripts/script.js
92.223.97.97200 OK 0 B URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/scripts/script.js
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
GET /glows-34505/src/scripts/script.js HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 20:35:57 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: W/"eab843ce65c0521f3d120a4b09548b66"
x-amz-request-id: tx0000000000000001ae8bd-00637ca117-1cf5682d-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-04T10:16:04+00:00
x-id: sto5-up-gc11
content-encoding: gzip
X-Firefox-Spdy: h2
mc.yandex.ru/watch/14976586?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A2b7w95bdqfdb0kzrg7tcl8%3Afp%3A1266%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A3%3Adp%3A0%3Als%3A925049189803%3Ahid%3A135149832%3Az%3A0%3Ai%3A20221207203558%3Aet%3A1670445358%3Ac%3A1%3Arn%3A882873968%3Arqn%3A1%3Au%3A1670445358860089443%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A81%2C21%2C8%2C0%2C780%2C0%2C%2C304%2C58%2C%2C%2C%2C1223%3Aco%3A0%3Ans%3A1670445355737%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670445358%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.250.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/14976586?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A2b7w95bdqfdb0kzrg7tcl8%3Afp%3A1266%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A3%3Adp%3A0%3Als%3A925049189803%3Ahid%3A135149832%3Az%3A0%3Ai%3A20221207203558%3Aet%3A1670445358%3Ac%3A1%3Arn%3A882873968%3Arqn%3A1%3Au%3A1670445358860089443%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A81%2C21%2C8%2C0%2C780%2C0%2C%2C304%2C58%2C%2C%2C%2C1223%3Aco%3A0%3Ans%3A1670445355737%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670445358%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.250.119:0
GET /watch/14976586?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A2b7w95bdqfdb0kzrg7tcl8%3Afp%3A1266%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A3%3Adp%3A0%3Als%3A925049189803%3Ahid%3A135149832%3Az%3A0%3Ai%3A20221207203558%3Aet%3A1670445358%3Ac%3A1%3Arn%3A882873968%3Arqn%3A1%3Au%3A1670445358860089443%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A81%2C21%2C8%2C0%2C780%2C0%2C%2C304%2C58%2C%2C%2C%2C1223%3Aco%3A0%3Ans%3A1670445355737%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670445358%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /watch/14976586/1?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A2b7w95bdqfdb0kzrg7tcl8%3Afp%3A1266%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A3%3Adp%3A0%3Als%3A925049189803%3Ahid%3A135149832%3Az%3A0%3Ai%3A20221207203558%3Aet%3A1670445358%3Ac%3A1%3Arn%3A882873968%3Arqn%3A1%3Au%3A1670445358860089443%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A81%2C21%2C8%2C0%2C780%2C0%2C%2C304%2C58%2C%2C%2C%2C1223%3Aco%3A0%3Ans%3A1670445355737%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670445358%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29mc%28g-2%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Wed, 07 Dec 2022 20:35:58 GMT
access-control-allow-origin: https://promo.worldofwarships.eu
set-cookie: yabs-sid=1304978411670445358; Path=/; SameSite=None; Secure
i=66mhp7i42aV+YerAsYS8ryLGTnSLKBZQY9/F2CKSaOe33V0LdQ+XcMjCc0US1TezcuFvHYO1m1UTWwU5qqIjHCA6tM8=; Expires=Sat, 04-Dec-2032 20:35:58 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=7321570921670445358; Expires=Thu, 07-Dec-2023 20:35:58 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=7321570921670445358; Expires=Thu, 07-Dec-2023 20:35:58 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1701981358.yc.1670445358#1701981358.yrts.1670445358#1701981358.yrtsi.1670445358; Expires=Thu, 07-Dec-2023 20:35:58 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 07-Dec-2022 20:35:58 GMT
last-modified: Wed, 07-Dec-2022 20:35:58 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/global_static/age_ratings/v2/pegi_ext-in-game-purchases.svg
92.223.97.97200 OK 0 B URL HTTP/2 promo-cdn.worldofwarships.com/global_static/age_ratings/v2/pegi_ext-in-game-purchases.svg
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
GET /global_static/age_ratings/v2/pegi_ext-in-game-purchases.svg HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 20:35:57 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Feb 2022 22:01:20 GMT
etag: W/"635ea99325f08d75fd8f09201f998f50"
x-amz-request-id: tx0000000000000002a85b2-00633fe0c3-1c445a09-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-06T08:22:20+00:00
x-id: sto5-up-gc11
content-encoding: gzip
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/global_static/age_ratings/v2/pegi_ext-violence.svg
92.223.97.97200 OK 0 B URL HTTP/2 promo-cdn.worldofwarships.com/global_static/age_ratings/v2/pegi_ext-violence.svg
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
GET /global_static/age_ratings/v2/pegi_ext-violence.svg HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 20:35:57 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Feb 2022 22:01:20 GMT
etag: W/"9a3e2c35d77bd8b96138310eeb6b7f7b"
x-amz-request-id: tx00000000000000080ab06-00633fe0c3-1c4c0c09-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-06T08:22:20+00:00
x-id: sto5-up-gc11
content-encoding: gzip
X-Firefox-Spdy: h2
mc.yandex.ru/watch/45727869?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A2b7w95bdqfdb0kzrg7tcl8%3Afp%3A1266%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A99337117796%3Ahid%3A135149832%3Az%3A0%3Ai%3A20221207203558%3Aet%3A1670445358%3Ac%3A1%3Arn%3A1057678283%3Arqn%3A1%3Au%3A1670445358860089443%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A81%2C21%2C8%2C0%2C780%2C0%2C%2C304%2C58%2C%2C%2C%2C1223%3Aco%3A0%3Ans%3A1670445355737%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670445358%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.250.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/45727869?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A2b7w95bdqfdb0kzrg7tcl8%3Afp%3A1266%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A99337117796%3Ahid%3A135149832%3Az%3A0%3Ai%3A20221207203558%3Aet%3A1670445358%3Ac%3A1%3Arn%3A1057678283%3Arqn%3A1%3Au%3A1670445358860089443%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A81%2C21%2C8%2C0%2C780%2C0%2C%2C304%2C58%2C%2C%2C%2C1223%3Aco%3A0%3Ans%3A1670445355737%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670445358%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.250.119:0
GET /watch/45727869?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A2b7w95bdqfdb0kzrg7tcl8%3Afp%3A1266%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A99337117796%3Ahid%3A135149832%3Az%3A0%3Ai%3A20221207203558%3Aet%3A1670445358%3Ac%3A1%3Arn%3A1057678283%3Arqn%3A1%3Au%3A1670445358860089443%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A81%2C21%2C8%2C0%2C780%2C0%2C%2C304%2C58%2C%2C%2C%2C1223%3Aco%3A0%3Ans%3A1670445355737%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670445358%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /watch/45727869/1?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A2b7w95bdqfdb0kzrg7tcl8%3Afp%3A1266%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A99337117796%3Ahid%3A135149832%3Az%3A0%3Ai%3A20221207203558%3Aet%3A1670445358%3Ac%3A1%3Arn%3A1057678283%3Arqn%3A1%3Au%3A1670445358860089443%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A81%2C21%2C8%2C0%2C780%2C0%2C%2C304%2C58%2C%2C%2C%2C1223%3Aco%3A0%3Ans%3A1670445355737%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670445358%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Wed, 07 Dec 2022 20:35:58 GMT
access-control-allow-origin: https://promo.worldofwarships.eu
set-cookie: yabs-sid=1448998791670445358; Path=/; SameSite=None; Secure
i=EZ0DzYf2XBalnFz7Q3qUV7pUmdXYwVubDv7fSiDp4268DBsB/UdPVo6c/wKdfe2/6AtUEUJWUE6YJdKGix5AK5utpk0=; Expires=Sat, 04-Dec-2032 20:35:58 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=1236206501670445358; Expires=Thu, 07-Dec-2023 20:35:58 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=1236206501670445358; Expires=Thu, 07-Dec-2023 20:35:58 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1701981358.yc.1670445358#1701981358.yrts.1670445358#1701981358.yrtsi.1670445358; Expires=Thu, 07-Dec-2023 20:35:58 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 07-Dec-2022 20:35:58 GMT
last-modified: Wed, 07-Dec-2022 20:35:58 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
thirawogla.com/b.3gVG0fPw3fpLv/bymZVxJXZ_Dc0V0zNxThkzzWMqz/cl2ULDT/QN1_OeTwMazxNMzacn
88.85.94.246200 OK 0 B URL HTTP/2 thirawogla.com/b.3gVG0fPw3fpLv/bymZVxJXZ_Dc0V0zNxThkzzWMqz/cl2ULDT/QN1_OeTwMazxNMzacn
IP 88.85.94.246:0
GET /b.3gVG0fPw3fpLv/bymZVxJXZ_Dc0V0zNxThkzzWMqz/cl2ULDT/QN1_OeTwMazxNMzacn HTTP/1.1
Host: thirawogla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://long.interestmoments.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 20:35:56 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
p3p: CP="CUR ADM OUR NOR STA NID"
last-modified: Wed, 07 Dec 2022 20:35:55 GMT
x-frame-options: DENY
referrer-policy: no-referrer
set-cookie: kadCCap=221398:1:1670061406;218693:1:1669515516;220790:1:1668460505;222775:1:1669981400;212269:1:1667199062;194136:1:1669413157;218665:1:1670219511;223255:1:1670393482;215297:1:1669786163;219047:1:1667194435;219652:1:1669330335;79610:1:1669272875;222513:1:1670219541;220335:1:1670435916;199455:1:1668245056;221352:1:1670163762;222582:1:1669973958;219484:1:1667715065;132751:1:1669884292; max-age=1701981356; path=/
kadACap=401659:1:1670416416;446714:1:1669965428;445499:1:1670164226;451139:1:1669898733;419291:1:1670274736;445506:1:1669286676;407100:1:1668246232;419299:1:1669735589;419323:1:1669947125;453831:1:1670244468;383700:1:1670440962;446531:1:1669270846;442019:1:1670232446;424441:1:1670396486;451724:1:1669565807;190964:1:1669272875;445788:1:1669918420;458041:1:1670424583;419297:1:1670425925;419303:1:1670398063;450649:1:1670060949;419301:1:1669646033;419293:1:1669526430;446013:1:1668228435;449523:1:1670210030;346329:1:1670226206;419321:1:1669463839;444748:1:1669841678;458045:1:1670426588;419295:1:1670440857;346327:1:1670398317;272913:1:1670219562;445735:1:1669286676;410252:1:1669943525; max-age=1701981356; path=/
kadCSCap=223255:1:1670393482;220335:1:1670435916; path=/
kadASCap=346327:1:1670398317;383700:1:1670440962;419297:1:1670425925;401659:1:1670416416;419295:1:1670440857;458045:1:1670426588;458041:1:1670424583;419303:1:1670398063;424441:1:1670396486; path=/
kadRPixJ=bnVsbA==; max-age=1701981356; path=/
kadUnP3=CA8Qu/C/nAYaDQioiJcCEAMYit3AnAYaDQiIrZcCEAEY74DBnAYaDQjowJcCEAIYg7HBnAYaDQjQqJgCEAEYmc/DnAYaDQiQrJgCEAEYxvTAnAYaDQjgrZgCEAUYoJDCnAYaDQjzwZkBEAEY7YLBnAYaDQivp/4BEAEYu/C/nAYiCggBEAEYu/C/nAYiCggDEA4Yit3AnAYqDAj09CcQARjG9MCcBioMCKSTKBADGIrdwJwGKgwI2pcoEAEY74DBnAYqDAjzmigQAhiDscGcBioMCLqoKBABGJnPw5wGKgwIiqkoEAUYoJDCnAYqDAjD6QwQARi78L+cBioMCIy9EhABGO2CwZwG; max-age=1701981356; path=/
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/libs/oneTrustBanner.js
92.223.97.97200 OK 0 B URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/libs/oneTrustBanner.js
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
GET /glows-34505/src/libs/oneTrustBanner.js HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 20:35:57 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 22 Nov 2022 10:14:27 GMT
etag: W/"756187d7b894fafd3191e6683d92af26"
x-amz-request-id: tx000000000000001384a84-00637ca117-1cdf9313-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-04T10:16:03+00:00
x-id: sto5-up-gc12
content-encoding: gzip
X-Firefox-Spdy: h2
a.quora.com/qevents.js
162.159.153.247200 OK 0 B IP 162.159.153.247:0
GET /qevents.js HTTP/1.1
Host: a.quora.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 20:35:57 GMT
content-type: text/plain
x-amz-id-2: jHbk68zF0oCrN99I6TpiQ8LNg0dDTKL0BkbZQKZkL1zB85BMiiIcpjSQWNebJHGDeWUqTCN88Lg=
x-amz-request-id: 4K18RXATE8CH2H8E
last-modified: Fri, 18 Mar 2022 00:16:52 GMT
etag: W/"47078e63380c6b0cbbfb6d8508b25ee7"
x-amz-meta-s3cmd-attrs: atime:1647562609/ctime:1647562609/gid:150037/gname:ezhang/md5:47078e63380c6b0cbbfb6d8508b25ee7/mode:33204/mtime:1647562609/uid:150037/uname:ezhang
cache-control: public, max-age=14400
x-amz-version-id: vyBstMTGyA6m5sV66zq8xsypUg.tAOk.
cf-cache-status: HIT
age: 10858387
expires: Thu, 08 Dec 2022 00:35:57 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 77600cfe68dcb4ee-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mc.yandex.ru/watch/71343676?page-url=goal%3A%2F%2Fpromo.worldofwarships.eu%2FWOWS_All-visitors_LP_set&page-ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&charset=utf-8&hittoken=1670445358_9837a638a998eabfe976fefb03b833a9da62ca561c276b89995ed1b326491313&browser-info=ar%3A1%3Avf%3A2b7w95bdqfdb0kzrg7tcl8%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A0%3Als%3A19336121061%3Ahid%3A135149832%3Az%3A0%3Ai%3A20221207203558%3Aet%3A1670445358%3Ac%3A1%3Arn%3A787982939%3Arqn%3A2%3Au%3A1670445358860089443%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Aeu%3A1%3Ans%3A1670445355737%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670445358%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(2)aw(1)ecs(1)fip(1)ti(2)
87.250.250.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/71343676?page-url=goal%3A%2F%2Fpromo.worldofwarships.eu%2FWOWS_All-visitors_LP_set&page-ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&charset=utf-8&hittoken=1670445358_9837a638a998eabfe976fefb03b833a9da62ca561c276b89995ed1b326491313&browser-info=ar%3A1%3Avf%3A2b7w95bdqfdb0kzrg7tcl8%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A0%3Als%3A19336121061%3Ahid%3A135149832%3Az%3A0%3Ai%3A20221207203558%3Aet%3A1670445358%3Ac%3A1%3Arn%3A787982939%3Arqn%3A2%3Au%3A1670445358860089443%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Aeu%3A1%3Ans%3A1670445355737%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670445358%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(2)aw(1)ecs(1)fip(1)ti(2)
IP 87.250.250.119:0
GET /watch/71343676?page-url=goal%3A%2F%2Fpromo.worldofwarships.eu%2FWOWS_All-visitors_LP_set&page-ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&charset=utf-8&hittoken=1670445358_9837a638a998eabfe976fefb03b833a9da62ca561c276b89995ed1b326491313&browser-info=ar%3A1%3Avf%3A2b7w95bdqfdb0kzrg7tcl8%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A0%3Als%3A19336121061%3Ahid%3A135149832%3Az%3A0%3Ai%3A20221207203558%3Aet%3A1670445358%3Ac%3A1%3Arn%3A787982939%3Arqn%3A2%3Au%3A1670445358860089443%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Aeu%3A1%3Ans%3A1670445355737%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670445358%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(2)aw(1)ecs(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/71343676/1?page-url=goal%3A%2F%2Fpromo.worldofwarships.eu%2FWOWS_All-visitors_LP_set&page-ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6390f92c03bb520001bb84e1%26xid_param1%3DE0CDNGBJ6R%26xid_param_2%3D%26sid%3DSIDbJD3sXIn33NMlmj7QNlIwzIIhUUlWgD2sRADVyNXEYn6-UlfqozsYLFhfMlzcSZVGU5N94pmDndu73lKRqCQJRHURiC1yzdsNC_MS6X-ZuslEvlvIucXmPRrS0HZ9eDDCRGOrkPy1e8sOA%26enctid%3Dcovvgj0b2fd2%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1670445356936695067%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&charset=utf-8&hittoken=1670445358_9837a638a998eabfe976fefb03b833a9da62ca561c276b89995ed1b326491313&browser-info=ar%3A1%3Avf%3A2b7w95bdqfdb0kzrg7tcl8%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A0%3Als%3A19336121061%3Ahid%3A135149832%3Az%3A0%3Ai%3A20221207203558%3Aet%3A1670445358%3Ac%3A1%3Arn%3A787982939%3Arqn%3A2%3Au%3A1670445358860089443%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Aeu%3A1%3Ans%3A1670445355737%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670445358%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29mc%28g-2%29clc%280-0-0%29rqnt%282%29aw%281%29ecs%281%29fip%281%29ti%282%29
date: Wed, 07 Dec 2022 20:35:58 GMT
access-control-allow-origin: https://promo.worldofwarships.eu
set-cookie: yabs-sid=331053121670445358; Path=/; SameSite=None; Secure
i=ZxrYqt4N2E4WM7ob8FH0o/oHWRpjS613gjy8hkr0LPYDdbtRSqZU+OFcG1P7hCaAqSuR2qSp5zCklh1fhdZWLPJpwQw=; Expires=Sat, 04-Dec-2032 20:35:55 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=6075601161670445358; Expires=Thu, 07-Dec-2023 20:35:58 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=6075601161670445358; Expires=Thu, 07-Dec-2023 20:35:58 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1701981358.yc.1670445358#1701981358.yrts.1670445358#1701981358.yrtsi.1670445358; Expires=Thu, 07-Dec-2023 20:35:58 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 07-Dec-2022 20:35:58 GMT
last-modified: Wed, 07-Dec-2022 20:35:58 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
foodheed.com/wp-content/uploads/2022/10/CampfireCake600x600.jpg
199.188.200.95200 OK 0 B URL HTTP/2 foodheed.com/wp-content/uploads/2022/10/CampfireCake600x600.jpg
IP 199.188.200.95:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/CampfireCake600x600.jpg HTTP/1.1
Host: foodheed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://foodheed.com/irtu/?QBOT.zip
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 20:35:53 GMT
content-type: image/jpeg
last-modified: Wed, 05 Oct 2022 22:19:28 GMT
etag: "1852b-633e02f0-0;;;"
accept-ranges: bytes
content-length: 99627
date: Wed, 07 Dec 2022 20:35:53 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/202211.1.0/assets/otCommonStyles.css
104.16.148.64200 OK 0 B URL HTTP/2 cdn.cookielaw.org/scripttemplates/202211.1.0/assets/otCommonStyles.css
IP 104.16.148.64:0
GET /scripttemplates/202211.1.0/assets/otCommonStyles.css HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 20:35:58 GMT
content-type: text/css
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
last-modified: Wed, 30 Nov 2022 07:37:14 GMT
x-ms-request-id: 35f86005-301e-00d6-78c9-04933c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 36425
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77600d042f39b50b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/libs/jquery.fullpage.min.css
92.223.97.97200 OK 0 B URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/libs/jquery.fullpage.min.css
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
GET /glows-34505/src/libs/jquery.fullpage.min.css HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 20:35:57 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Tue, 22 Nov 2022 10:14:27 GMT
etag: W/"c397710fd5227e7e53b0c95cbc6b9d61"
x-amz-request-id: tx0000000000000001ae8cd-00637ca118-1cf5682d-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-04T10:16:03+00:00
x-id: sto5-up-gc10
content-encoding: gzip
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/libs/jquery.min.js
92.223.97.97200 OK 0 B URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/libs/jquery.min.js
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
GET /glows-34505/src/libs/jquery.min.js HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 20:35:57 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 22 Nov 2022 10:14:27 GMT
etag: W/"4f252523d4af0b478c810c2547a63e19"
x-amz-request-id: tx0000000000000001ae8d2-00637ca118-1cf5682d-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-04T10:16:04+00:00
x-id: sto5-up-gc14
content-encoding: gzip
X-Firefox-Spdy: h2