Overview

URL4.us.findthewind.xyz/feed/?link=true&tid=4&subid=4.us&ref=redir.findthewind.xyz&s1=6354fd691ad2662b345359ed
IP 23.235.251.114 (United States)
ASN#19437 SS-ASH
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-10-23 08:38:27 UTC
StatusLoading report..
IDS alerts0
Blocklist alert1
urlquery alerts No alerts detected
Tags None

Domain Summary (50)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
www.redditstatic.com (1) 1440 2012-06-30 12:33:28 UTC 2022-10-23 04:44:52 UTC 151.101.85.140
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-10-23 04:13:36 UTC 142.250.74.10
firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-23 01:34:59 UTC 143.204.55.35
redir.findthewind.xyz (1) 0 2022-08-11 09:16:56 UTC 2022-10-23 05:00:21 UTC 198.211.113.186 Unknown ranking
img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-22 04:43:01 UTC 34.120.237.76
go.redanemone.xyz (1) 72592 2020-01-16 10:48:25 UTC 2022-10-23 06:47:02 UTC 198.134.116.30
go.money616.xyz (1) 0 2022-07-29 05:26:08 UTC 2022-10-22 19:28:04 UTC 52.59.165.42 Unknown ranking
bat.bing.com (3) 387 2014-04-08 09:23:16 UTC 2022-10-22 05:39:34 UTC 13.107.21.200
leche.labtrffc.com (1) 0 2021-02-18 14:08:36 UTC 2022-10-22 19:28:27 UTC 51.83.143.92 Domain (labtrffc.com) ranked at: 87846
bilqi-omv.com (2) 0 2022-10-17 13:55:17 UTC 2022-10-23 04:46:17 UTC 35.174.150.83 Unknown ranking
rdr.wargaming.net (1) 88763 2018-04-19 16:16:11 UTC 2022-10-22 19:06:29 UTC 92.223.23.230
sp.analytics.yahoo.com (2) 816 2014-01-31 20:48:24 UTC 2022-10-23 04:47:27 UTC 98.137.155.8
c.bing.com (1) 247 2012-05-22 10:26:32 UTC 2022-10-23 05:58:18 UTC 13.107.21.200
lms-static.wgcdn.co (14) 181442 2019-12-18 07:43:14 UTC 2022-10-22 17:44:09 UTC 92.223.84.84
connect.facebook.net (1) 139 2012-05-22 02:51:28 UTC 2022-10-23 04:47:12 UTC 31.13.72.12
www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-10-23 01:00:06 UTC 142.250.74.164
pixel.quantserve.com (1) 417 2018-04-06 01:24:19 UTC 2022-10-23 04:47:14 UTC 91.228.74.200
region1.analytics.google.com (1) 0 2022-03-17 11:26:33 UTC 2022-10-23 06:04:14 UTC 216.239.32.36 Domain (google.com) ranked at: 1
c.clarity.ms (2) 803 2021-02-03 23:22:47 UTC 2022-10-23 06:01:05 UTC 20.234.93.27
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-23 05:08:18 UTC 34.160.144.191
push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-23 04:44:25 UTC 52.39.57.61
ocsp.pki.goog (18) 175 2017-06-14 07:23:31 UTC 2022-10-23 04:14:13 UTC 142.250.74.35
www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-10-22 13:22:05 UTC 142.250.74.168
cdn2wotcom.gcdn.co (1) 292377 2016-10-21 21:20:45 UTC 2022-10-22 17:44:09 UTC 92.223.84.84
stats.g.doubleclick.net (2) 96 2013-06-10 20:21:11 UTC 2022-10-23 04:44:13 UTC 173.194.222.157
adservice.google.no (1) 96969 2017-09-26 14:23:08 UTC 2022-10-23 04:13:35 UTC 142.250.74.34
secure.quantserve.com (1) 973 2018-05-21 20:36:17 UTC 2022-10-22 05:20:15 UTC 91.228.74.200
join.worldoftanks.eu (1) 241001 2019-12-18 07:43:13 UTC 2022-10-22 17:41:34 UTC 92.223.51.163
fonts.gstatic.com (4) 0 2014-09-09 00:40:21 UTC 2022-10-23 04:13:30 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
sc-static.net (1) 1183 2022-01-24 20:13:30 UTC 2022-10-22 19:38:35 UTC 54.230.82.240
tenor.wargaming.net (3) 102366 2018-10-16 09:06:38 UTC 2022-10-22 19:14:04 UTC 92.223.21.16
www.google.no (1) 25607 2016-04-05 19:50:59 UTC 2022-10-22 23:17:58 UTC 142.250.74.35
www.clarity.ms (2) 1404 2018-08-22 07:41:57 UTC 2022-10-23 06:01:04 UTC 13.107.246.53
www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-10-23 05:38:43 UTC 142.250.74.174
googleads.g.doubleclick.net (1) 42 2021-02-20 15:43:32 UTC 2022-10-23 02:52:33 UTC 216.58.207.226
s2.adform.net (1) 4693 2013-04-18 11:49:52 UTC 2022-10-23 03:59:20 UTC 37.157.2.247
a1.adform.net (2) 10707 2012-10-27 23:25:52 UTC 2022-10-23 06:55:22 UTC 37.157.6.248
ad.doubleclick.net (1) 186 2013-05-06 20:24:43 UTC 2022-10-22 23:22:45 UTC 142.250.74.102
alb.reddit.com (1) 1521 2017-06-15 05:33:56 UTC 2022-10-23 04:44:52 UTC 151.101.85.140
r3.o.lencr.org (12) 344 2020-12-02 08:52:13 UTC 2022-10-22 04:42:34 UTC 23.36.77.32
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-23 04:44:24 UTC 34.117.237.239
ocsp.digicert.com (15) 86 2012-05-21 07:02:23 UTC 2022-10-23 01:04:53 UTC 93.184.220.29
pdxx-7fmavzpxk2xlm-4-2.lowsea.fun (1) 0 2022-08-21 08:58:43 UTC 2022-10-23 06:46:39 UTC 5.161.78.177 Unknown ranking
cola.trffclb.com (1) 0 2022-09-30 11:19:40 UTC 2022-10-23 02:11:26 UTC 51.83.143.92 Unknown ranking
adspredictiv.com (2) 160243 2015-04-30 21:27:53 UTC 2022-10-22 19:28:12 UTC 35.190.38.40
4.us.findthewind.xyz (1) 0 2022-08-03 12:57:45 UTC 2022-10-23 06:46:56 UTC 23.235.251.114 Unknown ranking
ocsp.sectigo.com (2) 487 2018-12-17 11:31:55 UTC 2022-10-23 02:36:45 UTC 104.18.32.68
s.yimg.com (2) 375 2012-05-20 22:45:00 UTC 2022-10-22 15:12:42 UTC 87.248.119.252
tr.snapchat.com (4) 978 2017-04-26 06:25:03 UTC 2022-10-23 04:30:23 UTC 35.190.43.134
adservice.google.com (1) 76 2021-02-20 16:10:48 UTC 2022-10-23 04:22:19 UTC 142.250.74.130

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-10-23 2 trffclb.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 23.235.251.114
Date UQ / IDS / BL URL IP
2023-02-05 11:22:44 +0000 0 - 0 - 2 4.us.silverwinds.xyz/feed/?link=true&tid=4&su (...) 23.235.251.114
2023-02-03 20:22:48 +0000 0 - 0 - 2 8.us.tealwinds.xyz/feed/?link=true&tid=8&subi (...) 23.235.251.114
2023-01-29 16:07:50 +0000 0 - 2 - 2 66.us.tealwinds.xyz/feed/?link=true&tid=66&su (...) 23.235.251.114
2023-01-25 06:47:03 +0000 0 - 0 - 1 21.us.tealwinds.xyz/feed/?link=true&tid=21&su (...) 23.235.251.114
2023-01-19 15:47:03 +0000 0 - 0 - 2 60.us.tealwinds.xyz/feed/?link=true&tid=60&su (...) 23.235.251.114


Last 5 reports on ASN: SS-ASH
Date UQ / IDS / BL URL IP
2023-02-05 11:22:44 +0000 0 - 0 - 2 4.us.silverwinds.xyz/feed/?link=true&tid=4&su (...) 23.235.251.114
2023-02-03 20:22:48 +0000 0 - 0 - 2 8.us.tealwinds.xyz/feed/?link=true&tid=8&subi (...) 23.235.251.114
2023-02-01 20:53:46 +0000 0 - 0 - 22 www.montereycountyclinicservices.org/ 131.153.100.222
2023-01-31 07:05:58 +0000 0 - 0 - 4 www.afamag.com/ 131.153.100.9
2023-01-29 16:07:50 +0000 0 - 2 - 2 66.us.tealwinds.xyz/feed/?link=true&tid=66&su (...) 23.235.251.114


Last 5 reports on domain: findthewind.xyz
Date UQ / IDS / BL URL IP
2022-10-25 09:31:58 +0000 0 - 0 - 9 68.us.findthewind.xyz/feed/?link=true&tid=68& (...) 23.235.251.114
2022-10-24 06:48:06 +0000 0 - 0 - 7 4.us.findthewind.xyz/feed/?link=true&tid=4&su (...) 23.235.251.114
2022-10-24 00:22:55 +0000 0 - 0 - 4 4.us.findthewind.xyz/feed/?link=true&tid=4&su (...) 23.235.251.114
2022-10-23 08:38:27 +0000 0 - 0 - 1 4.us.findthewind.xyz/feed/?link=true&tid=4&su (...) 23.235.251.114
2022-10-22 19:28:14 +0000 0 - 0 - 5 4.us.findthewind.xyz/feed/?link=true&tid=4&su (...) 23.235.251.114


Last 1 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-26 16:54:57 +0000 0 - 1 - 0 f21c1049e.srtrak.com/promo-tools/direct-offer (...) 91.132.60.212

JavaScript

Executed Scripts (36)

Executed Evals (13)
#1 JavaScript::Eval (size: 119) - SHA256: d5d71526c0b6e323edc7867c5ce5c9039fbc3e6ead5fc79413027bf2a4ff9205
(function() {
    var b = google_tag_manager["GTM-58QVDL8"].macro(4),
        a = "denied";
    b.includes("0002") && (a = "granted");
    return a
})();
#2 JavaScript::Eval (size: 169) - SHA256: 1ffceafa32673d670fdf2a489fd3e4ecb2d4a3473b0872ca0cb0729085de69c7
(function() {
    var a = "teclient",
        b = (new URLSearchParams(window.location.search)).get(a);
    a = document.cookie.match("(^|;) ?" + a + "\x3d([^;]*)(;|$)");
    return b = b ? b : a ? a[2] : null
})();
#3 JavaScript::Eval (size: 354) - SHA256: b464585d4668229d70ecfaa3c0e2eb6aab371ddd785846ed9487b36a0a32be73
(function() {
    if ("undefined" === typeof window._gtm_scroll_depth_set || "0,0,0,0,0" === window._gtm_scroll_depth_set.thresholds) {
        var a = [20, 40, 60, 80, 100],
            b = document.querySelector("body"),
            c = b.scrollHeight;
        window._gtm_scroll_depth_set = {
            thresholds: a.map(function(d) {
                return parseInt(.01 * c * d)
            }).join(),
            percentages: a
        }
    }
    return window._gtm_scroll_depth_set.thresholds
})();
#4 JavaScript::Eval (size: 653) - SHA256: eedad2b22c9b0be9adb56f18ce34061a0c61b2a8258fb8da60845afde84ee46b
(function() {
    return function(e) {
        var k = [{
                name: "info",
                regex: /(\/\d+-[\w\d]+)|(\/[\w\d]+-\d+)/
            }],
            h = "_" + e.get("trackingId") + "_sendHitTask",
            l = window[h] = window[h] || e.get("sendHitTask"),
            b, c, d, a;
        e.set("sendHitTask", function(f) {
            c = f.get("hitPayload").split("\x26");
            for (b = 0; b < c.length; b++) {
                d = c[b].split("\x3d");
                try {
                    a = decodeURIComponent(decodeURIComponent(d[1]))
                } catch (g) {
                    a = decodeURIComponent(d[1])
                }
                k.forEach(function(g) {
                    if (a.includes("/accounts/") || a.includes("/players/") || a.includes("/profile/") || a.includes("/user/")) a =
                        a.replace(g.regex, "[REDACTED " + g.name + "]")
                });
                d[1] = encodeURIComponent(a);
                c[b] = d.join("\x3d")
            }
            f.set("hitPayload", c.join("\x26"), !0);
            l(f)
        })
    }
})();
#5 JavaScript::Eval (size: 78) - SHA256: eff81132fb0f203a137677636f01cfa5d23de877da9da5d10cb7f353a4260f36
(function() {
    return google_tag_manager["GTM-5WXX"].macro(17).split("?")[0]
})();
#6 JavaScript::Eval (size: 117) - SHA256: 79ceff1fb21239f4ef954bacdb9b65b29234e8a46c615586b8a688973c74137d
(function() {
    var b = google_tag_manager["GTM-5WXX"].macro(18),
        a = "denied";
    b.includes("0004") && (a = "granted");
    return a
})();
#7 JavaScript::Eval (size: 300) - SHA256: d41e1dcde991113b31463b01bf26258e4a9ff50dc530bd1a66eb61d1c685bb7f
(function() {
    var a = (new Date).getTime();
    "undefined" !== typeof performance && "function" === typeof performance.now && (a += performance.now());
    return "xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g, function(c) {
        var b = (a + 16 * Math.random()) % 16 | 0;
        a = Math.floor(a / 16);
        return ("x" === c ? b : b & 3 | 8).toString(16)
    })
})();
#8 JavaScript::Eval (size: 83) - SHA256: db67f3a811c17993a0388ea2c4679e41f29d21c3a74de4b873ff862df1dfdb07
(function() {
    var b = 2;
    return function(a) {
        a.set("dimension" + b, a.get("clientId"))
    }
})();
#9 JavaScript::Eval (size: 117) - SHA256: 411e0bf6ab711dedbac23d0ce83adb04636d05bfba480c90bd9b1ac25383341c
(function() {
    var b = google_tag_manager["GTM-5WXX"].macro(19),
        a = "denied";
    b.includes("0002") && (a = "granted");
    return a
})();
#10 JavaScript::Eval (size: 119) - SHA256: e10da87658d5a9299ef88b0b9dc390bf4d0a3587d6857dec969e5b9fe22caa1d
(function() {
    var b = google_tag_manager["GTM-58QVDL8"].macro(3),
        a = "denied";
    b.includes("0004") && (a = "granted");
    return a
})();
#11 JavaScript::Eval (size: 311) - SHA256: 83b34ed574c9630f2d800fa605bcc5d84e287907f47456c7bd1be0deabd38901
(function() {
    var a = new Date,
        d = -a.getTimezoneOffset(),
        e = 0 <= d ? "+" : "-",
        b = function(c) {
            c = Math.abs(Math.floor(c));
            return (10 > c ? "0" : "") + c
        };
    return a.getFullYear() + "-" + b(a.getMonth() + 1) + "-" + b(a.getDate()) + "T" + b(a.getHours()) + ":" + b(a.getMinutes()) + ":" + b(a.getSeconds()) + "." + b(a.getMilliseconds()) + e + b(d / 60) + ":" + b(d % 60)
})();
#12 JavaScript::Eval (size: 3312) - SHA256: fce924847bd5cac2e8b6733110e67e86ef6adbfa84e0d0445e56b4f4209b4569
(function() {
    var a = "secureurl.fwdcdn.com poczta.wp.pl poczta.onet.pl 10minutemail.com poczta.interia.pl deref-gmx.net poczta.o2.pl deref-web-02.de 10minutemail.info wot.gcdn.co 10minutemail.net nowapoczta.wp.pl 10minutemail.org 24mail.chacuo.net account.mail.ru mail-pda.rambler.ru m.poczta.onet.pl amail.centrum.cz api-mail.walla.co.il appmail.mail.10086.cn bmail.uol.com.br btmail.bt.com citromail.hu correio.portugalmail.pt deref-mail.com dropmail.me e.mail.ru email.1and1.fr email.bws-school.org.uk nm20.abv.bg nm50.abv.bg email.excite.co.jp orange.fr email.mweb.co.za mail3.nate.com email.mynet.com email.seznam.cz nm80.abv.bg email. nm40.abv.bg email.ukrgas.com.ua eowebmail.eonet.jp euwebmail.mail.126.com nm60.abv.bg nm.abv.bg exchangemail.aquinas.wa.edu.au freemail.net.hr poczta.gazeta.pl freemail.services.in.gr crazymailing.com gmail.hu go.mail.ru guerrillamail.com html5.mail.10086.cn nm70.abv.bg hushmail.com imonmail.com indamail.hu accounts.youtube.com nm30.abv.bg fakemailgenerator.com ipad.mail.tiscali.it m.gmail.hu m.mail. mail2.daum.net m.mail.sohu.com m.my.mail.cz m.abv.bg m.yopmail.com m0.mail.sina.cn m0.mail.sina.com.cn m1.mail.sina.cn m1.mail.sina.com.cn login.live.com oauth.vk.com outlook.live.com emailfake.com nowapoczta.interklasa.pl poczta.pl poczta.int.pl poczta.nazwa.pl webmaila.juno.com pc.tim.it tempr.email 10minut.xyz mailnesia.com account.microsoft.com en.generator.email mail2.oiinternet.com.br mailto.space webmaila.netzero.net webmailb.juno.com emailtemporal.org webmailb.netzero.net webmailrc.nordnet.com account.live.com accounts.login.idm.telekom.com b0x7.want.host:2096 connect.emailsrvr.com email01.godaddy.com email14.godaddy.com email17.godaddy.com emailondeck.com emailsrvr.com generator.email hometel.mymailsrvr.com webmail.virgilio.it mail34b.webmail.libero.it manilamail.iopex.com mbox.webmail.teletu.it m-email.t-online.de migmail.pl mps.kpnmail.nl mtsmail.ca my.mail. my10minutemail.com myemail.cox.net myemail.delta.com nymail.spray.se otvet.mail.ru pdamail.meta.ua pmail.centrum.sk post.mail.kz posti.mail.ee primamail.net rediffmail.com regamail.ru sg2003.webmail.hinet.net sibmail.com spoofmail.de sso.kabelmail.de temp-mail.org t-freemail.net.hr t-mail. tnrc.mail.edu.tw mail01.tcsbank.ru mail1.ammsusa.com mail10.online.ua mail14.cp247.net mail2.online.ua mail2.spectrum.net mail2web.com mail3.online.ua mail4.online.ua mail5.online.ua mail5009.smarterasp.net mail9.online.ua mailbj.xdf.cn mailbox.gr maildrop.cc mailserver.polifarbe.hu mailserver.yoncu.com touch.mail.ru t-pmail.centrum.sk trashcanmail.com trash-mail.com poczta.cal.pl poczta.farutex.pl poczta.su.krakow.pl poczta.zenbox.pl ud-mail.de url.qmail.com uswebmail.mail.126.com vipmail.cnnb.com.cn web.mail.comcast.net webtop.webmail.optimum.net wegwerfemail.de webmail-seguro.com.br webmail-srv2.servage.net wm.cloud-mail.jp webmail04.register.com webmail1. webmail2. webmail30.189.cn webmail4-hki2.hosting.fi webmailcpr04n.ono.com email.it wegwerfemailadresse.com wmail.mediacat.ne.jp wmail.wedos.net yopmail.com zmail.zoznam.sk accounts.google. webmail. mail.".split(" "),
        b = RegExp("https?://([^/:]+)").exec(google_tag_manager["GTM-58QVDL8"].macro(6));
    if (b)
        for (var c = a.length; c--;)
            if ((new RegExp(a[c] + ".*")).test(b[1])) return null;
    return google_tag_manager["GTM-58QVDL8"].macro(7)
})();
#13 JavaScript::Eval (size: 80) - SHA256: f8819e0149aae477fbcd1b209f731baa132d59fb251c1c4b3935126cf0bbfc40
(function() {
    return google_tag_manager["GTM-58QVDL8"].macro(8).split("?")[0]
})();

Executed Writes (0)


HTTP Transactions (130)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 23 Oct 2022 07:52:50 GMT
Expires: Sun, 23 Oct 2022 08:07:04 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8XWJHAxWEGzA3hmASWjADRqBSfB_mLWwc3f2GuKDjp_JuShKW2aKHw==
Age: 2725


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    c9df6b36bf16969ac566c1b798362e4a
Sha1:   e56eff34815153ae019a4bf63eb9746dd9ae2e5b
Sha256: 33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "310C633350812C064E159275B6DBBDBA6D6A5991A54CCFCC23459320C6513572"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15406
Expires: Sun, 23 Oct 2022 12:55:01 GMT
Date: Sun, 23 Oct 2022 08:38:15 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "82D9EE4948FCE839F7EDB1F8490C4213CDED3912464A4169B0BF6A61278694BD"
Last-Modified: Sat, 22 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15517
Expires: Sun, 23 Oct 2022 12:56:52 GMT
Date: Sun, 23 Oct 2022 08:38:15 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: uB+p2WBlH5SRN/24aI2PUSQ16VQooXgnpZTtidg2ucbUSrIckcrbzmtupe/K2ZhbS1Yup0KRrTE=
x-amz-request-id: 9QFKK0BNK8HR6C1J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 23 Oct 2022 08:08:01 GMT
age: 1815
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /feed/?link=true&tid=4&subid=4.us&ref=redir.findthewind.xyz&s1=6354fd691ad2662b345359ed HTTP/1.1 
Host: 4.us.findthewind.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         23.235.251.114
HTTP/1.1 301 Moved Permanently
                                        
Cache-Control: no-cache
Location: https://redir.findthewind.xyz/click/invalid/?tid=4&subid=4&s1=6354fd691ad2662b345359ed
Date: Sun, 23 Oct 2022 08:38:15 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 23 Oct 2022 08:38:16 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D260D3845F09117750E10860046E5A16558AF88D4F6BE04AE0C7BB3A5CBC3227"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5638
Expires: Sun, 23 Oct 2022 10:12:14 GMT
Date: Sun, 23 Oct 2022 08:38:16 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 23 Oct 2022 07:43:40 GMT
Cache-Control: max-age=3600
Expires: Sun, 23 Oct 2022 08:24:41 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SZ19l6ICBIQcHxoFvdxN1bOe8XEO-4K-I3UU86RsLR_RKj-koc9JAQ==
Age: 3276


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /click/invalid/?tid=4&subid=4&s1=6354fd691ad2662b345359ed HTTP/1.1 
Host: redir.findthewind.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         198.211.113.186
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
X-Powered-By: Express
Surrogate-Control: no-store
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: 0
Location: https://leche.labtrffc.com/p.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240?s=nxs-4
Vary: Accept
Content-Length: 230
Date: Sun, 23 Oct 2022 08:38:16 GMT
Connection: keep-alive
Keep-Alive: timeout=5


--- Additional Info ---
Magic:  HTML document, ASCII text, with no line terminators
Size:   230
Md5:    7ef6d31c814979bd842f5e6f09cfb7bd
Sha1:   4f9fa32f92cbc28d74e40dad8f216379df418ce6
Sha256: 96c1f5b72cb60e7e91cd1d2d542c492e3148b180736ed3fcb36d45a84f454525
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "61A9C5B0EBB800DD2B380752829AFD8EC5DC95E8EA0CEEB445892E5B08C91D7B"
Last-Modified: Sat, 22 Oct 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6994
Expires: Sun, 23 Oct 2022 10:34:50 GMT
Date: Sun, 23 Oct 2022 08:38:16 GMT
Connection: keep-alive

                                        
                                            GET /p.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240?s=nxs-4 HTTP/1.1 
Host: leche.labtrffc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         51.83.143.92
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Sun, 23 Oct 2022 08:38:16 GMT
Content-Length: 0
Connection: keep-alive
Round:
Raund:
Location: https://pdxx-7fmavzpxk2xlm-4-2.lowsea.fun/emw/v1/dt?sid=888b&k=bfb&url=&xrw=&lid=6354fd7866c3781b5b743ef1&fid=888

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4977
Cache-Control: max-age=89486
Date: Sun, 23 Oct 2022 08:38:16 GMT
Etag: "6353a495-1d7"
Expires: Mon, 24 Oct 2022 09:29:42 GMT
Last-Modified: Sat, 22 Oct 2022 08:06:45 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "78A2AAC75F89EFF3A845C58CE19360B72F642C65566B1726B34EA11316F94D94"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4406
Expires: Sun, 23 Oct 2022 09:51:42 GMT
Date: Sun, 23 Oct 2022 08:38:16 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2iv1aumyoeqHUiEM5DlC/w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.39.57.61
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IDOBdaTO+KH3HUULoHf0f/ZTz24=

                                        
                                            GET /emw/v1/dt?sid=888b&k=bfb&url=&xrw=&lid=6354fd7866c3781b5b743ef1&fid=888 HTTP/1.1 
Host: pdxx-7fmavzpxk2xlm-4-2.lowsea.fun
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         5.161.78.177
HTTP/2 307 Temporary Redirect
content-type: text/html
                                        
date: Sun, 23 Oct 2022 08:38:17 GMT
content-length: 164
location: https://cola.trffclb.com/a.php?p=c:xecd97ulmxry7e481&d=62ff4322ec41a549b07c0d74&pid=6354fd7866c3781b5b743ef1&source=888b
set-cookie: emwxcid_4_1=UEzE5B2JI2wM9gFr8FAK9ZMg2V5m8NWb9W2pKl2zFpEuq6krEJ; expires=Mon, Oct 23 2023 08:38:17 GMT; Max-Age=31536000; path=/; domain=lowsea.fun; SameSite=Lax
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   164
Md5:    813f9846b49c0ada805648edf1b2fdbd
Sha1:   caa24890460f73e6a72bb49426351e67e83b053d
Sha256: 8f03491247cbfa8a2e60e0f7ec62d63b5070659f60383a1c81abeb2b20221be3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "61A9C5B0EBB800DD2B380752829AFD8EC5DC95E8EA0CEEB445892E5B08C91D7B"
Last-Modified: Sat, 22 Oct 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6993
Expires: Sun, 23 Oct 2022 10:34:50 GMT
Date: Sun, 23 Oct 2022 08:38:17 GMT
Connection: keep-alive

                                        
                                            GET /a.php?p=c:xecd97ulmxry7e481&d=62ff4322ec41a549b07c0d74&pid=6354fd7866c3781b5b743ef1&source=888b HTTP/1.1 
Host: cola.trffclb.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         51.83.143.92
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Sun, 23 Oct 2022 08:38:17 GMT
Content-Length: 0
Connection: keep-alive
Round: 12n1frmxnl
Raund: 2h2
Location: https://go.redanemone.xyz/redirect?feed=465513&url=cola.trffclb.com&subid=custom_12c7dmujng.no.linux.firefox&pub_clickid=6354fd79fc80cf054b6c1047


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2A18DBEF5FD383E3D954067DF8989E702A289F5283560803A9CD16436EFC1A09"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16777
Expires: Sun, 23 Oct 2022 13:17:54 GMT
Date: Sun, 23 Oct 2022 08:38:17 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16155
Expires: Sun, 23 Oct 2022 13:07:33 GMT
Date: Sun, 23 Oct 2022 08:38:18 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16155
Expires: Sun, 23 Oct 2022 13:07:33 GMT
Date: Sun, 23 Oct 2022 08:38:18 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16155
Expires: Sun, 23 Oct 2022 13:07:33 GMT
Date: Sun, 23 Oct 2022 08:38:18 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16155
Expires: Sun, 23 Oct 2022 13:07:33 GMT
Date: Sun, 23 Oct 2022 08:38:18 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffec9f432-15c2-48a5-a72c-411765b4b8bc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10309
x-amzn-requestid: 440e8c86-be5e-47c5-8c91-a6b093b7077c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZkTaoHWCIAMFwsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e65dd-7a06ea100494b8db4b76c4ec;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 05:21:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MBUhf5kPAItEZUj03TKeekl9YXcbeh1KeoYnI4rb_v9eBptmVoEgAA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 22:03:35 GMT
age: 38083
etag: "a3e88fdb581161ee4a77a2e871b5dbf6438740ff"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10309
Md5:    d7d9a7abaf87962b855521efa710812f
Sha1:   a3e88fdb581161ee4a77a2e871b5dbf6438740ff
Sha256: 77c606ec418fdcf921011e7791c702a96ccb5ed9157988da3c7d9f2c460c2bbf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F412682e9-14c9-40e4-bfec-f73f656f5e10.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5348
x-amzn-requestid: d44ded7c-15b6-4c30-a810-4af1edbb9bc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aPYYZEnboAMFcMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634fa102-6bdd3c1a2fa437b106f8ea79;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 07:02:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dx2yJ8T_lM1OMR3h0DUtiV359392U2UyReU6hi4tOxxbvFR0iZ_kAg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 22:01:40 GMT
age: 38198
etag: "4b5e283e4397985f837ab28d94c167ddfdb26c7c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5348
Md5:    37143b9d51a289f11607b6b0f9ba534a
Sha1:   4b5e283e4397985f837ab28d94c167ddfdb26c7c
Sha256: d664702a83cac4eaee1710fd03ca41e35d62ae699224490367e605b529e45566
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeb090f5-d3fb-4dcf-bfb4-7490dee6c833.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6821
x-amzn-requestid: 05d1de38-a072-4392-b1c6-a07f7d67fbf0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMGWZGH-IAMFVzg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e50f5-3868ae460a52caa178d8ff2f;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:08:37 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Q0jfZigs37oi_sofHLQimt37uujfVdoqz2kLm26FgF5i1ziagz3noQ==
via: 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:09:09 GMT
age: 41349
etag: "6c453568c39d65380ebcf7151b5383994b864abe"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6821
Md5:    ebab98ee9ab567348e2c31cccdbc62c2
Sha1:   6c453568c39d65380ebcf7151b5383994b864abe
Sha256: e9bf601eb67aa9778b326e7568f990352d9bfa574da283e879e62e9a2dddb2fa
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0856e94c-65e7-489a-95b5-cc37407bf90f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12031
x-amzn-requestid: 38ca5b87-35e4-46d5-aa1a-15433660ab86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aZGifEXzIAMFdHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63538476-6c2e5d980616d50c0ef8698a;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 05:49:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DpE5uiagdaNLvVqbkou7bVNaLYPZ9vhYawucSE36lWIp65bga3gN2w==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 08:04:17 GMT
age: 2041
etag: "50d9f1642c3c47504fb2d4086a40ae8fb9479b50"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12031
Md5:    208445a6f07a7259b8a420c062a81998
Sha1:   50d9f1642c3c47504fb2d4086a40ae8fb9479b50
Sha256: 607a81c5d0210faaa103d09fba1e0b9dde333c5142969272b0b5351a779acfa4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e25b9a-b0d2-47fc-824e-f7441e1bdd01.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3518
x-amzn-requestid: 8b13ebbd-b086-4007-a17d-d8ab307e2575
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aFhSdGtEoAMFajw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634baf42-0ca66cd74f79dbfa54f3613b;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 07:14:10 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xW8lD02LEzgVvUNKqXck7eMr2CXbt_xdVzN4H1M7qj4qQJpvXLFy5Q==
via: 1.1 1949caaabae48a894fcd770a3e1384f6.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:48:55 GMT
age: 38963
etag: "454136ba1c69e33ae3ba4fcfe4963bd492991e07"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3518
Md5:    85de0c3844ed8f109992d7c37cc5db1b
Sha1:   454136ba1c69e33ae3ba4fcfe4963bd492991e07
Sha256: c8d2f6fabb976cc65c2029b102fee589b639c0f18110f1c2502733903da73d0e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd19113d-c1df-4109-b7c9-1d4ed544d9d8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8639
x-amzn-requestid: e598ff88-e152-4b9e-af16-aa30dcf452a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-m5HlMoAMFvjQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6353115f-7f17a59522afc40e64ac216d;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: b760bBSu62p--j9lUv-AHR8xZKOPskf1LmXb-lJ_DSiM8k_usKOmwA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 22:01:36 GMT
age: 38202
etag: "715f72710799f828e2c06932c33919d8f23844f5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8639
Md5:    97e9c05ece38dedeaa752c612029c78d
Sha1:   715f72710799f828e2c06932c33919d8f23844f5
Sha256: 29408c0bd34660a836f59a7abb61c7c2b1f864b31194787ddf4d178314184b96
                                        
                                            GET /redirect?feed=465513&url=cola.trffclb.com&subid=custom_12c7dmujng.no.linux.firefox&pub_clickid=6354fd79fc80cf054b6c1047 HTTP/1.1 
Host: go.redanemone.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         198.134.116.30
HTTP/1.1 302 Found
                                        
Server: nginx
Date: Sun, 23 Oct 2022 08:38:18 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Location: http://bilqi-omv.com/zcvisitor/0abb2f27-52ae-11ed-be52-12ff7df229bb/1091bff0-8a8a-11ec-80f2-0a0a528900a9?campaignid=06d8a3f0-48cd-11ed-a334-0a918cbcbb97
Pragma: no-cache

                                        
                                            GET /zcvisitor/0abb2f27-52ae-11ed-be52-12ff7df229bb/1091bff0-8a8a-11ec-80f2-0a0a528900a9?campaignid=06d8a3f0-48cd-11ed-a334-0a918cbcbb97 HTTP/1.1 
Host: bilqi-omv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         35.174.150.83
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Date: Sun, 23 Oct 2022 08:38:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: ajCHvhjZ


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   996
Md5:    0048b4d3eff6c4a2888cef5896278d72
Sha1:   b54aa54591ca910705e97d1139156018fb882b71
Sha256: 9b225534997712b08ada7d5c6f0d0efc5d0ddcf95d9969b57b20205fea0948a2
                                        
                                            GET /zcredirect?visitid=0abb2f27-52ae-11ed-be52-12ff7df229bb&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false HTTP/1.1 
Host: bilqi-omv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bilqi-omv.com/zcvisitor/0abb2f27-52ae-11ed-be52-12ff7df229bb/1091bff0-8a8a-11ec-80f2-0a0a528900a9?campaignid=06d8a3f0-48cd-11ed-a334-0a918cbcbb97
Upgrade-Insecure-Requests: 1

search
                                         35.174.150.83
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Date: Sun, 23 Oct 2022 08:38:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: sGhSrhyY


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   324
Md5:    53cf6b93cca8591d237bccd71d373095
Sha1:   1cb06d0c29b4a81d075abffa5780590d2a33d365
Sha256: 2ddbf5140b3b0574c02d0467c8d7f6016b5087484afe6ec782b5ab92d2e37cb3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D8A9B9361037F474C59EA60DDD5CDCE5172A6C474D9205D347AC3BA2B2F4C71D"
Last-Modified: Fri, 21 Oct 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8946
Expires: Sun, 23 Oct 2022 11:07:25 GMT
Date: Sun, 23 Oct 2022 08:38:19 GMT
Connection: keep-alive

                                        
                                            GET /s4?sub1=heliotrope-eel&sub2=echo-rid-1ozwpgpq2m HTTP/1.1 
Host: go.money616.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bilqi-omv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         52.59.165.42
HTTP/1.1 200 OK
content-type: text/html; charset=utf-8
                                        
connection: close
x-content-type-options: nosniff
x-powered-by: Short.io link shortener
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
content-length: 1552
Date: Sun, 23 Oct 2022 08:38:19 GMT


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (364)
Size:   1552
Md5:    b2acef9d1d7af32bef493240033e3598
Sha1:   45ce65673def40bb54ce762d9b3139ca5c19af09
Sha256: 389b6540ae5516024100ed7954cfad2496b49c820ba0d6045f37e4c6082291a2
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 23 Oct 2022 08:38:19 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 22 Oct 2022 22:25:06 GMT
Expires: Sat, 29 Oct 2022 22:25:05 GMT
Etag: "cfacf43717b7f1d77314dae8390737274d913315"
Cache-Control: max-age=567405,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e927e1bf12b512-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 23 Oct 2022 08:38:19 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 22 Oct 2022 22:25:06 GMT
Expires: Sat, 29 Oct 2022 22:25:05 GMT
Etag: "cfacf43717b7f1d77314dae8390737274d913315"
Cache-Control: max-age=567405,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e927e419dcb512-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6592
Cache-Control: max-age=93285
Date: Sun, 23 Oct 2022 08:38:19 GMT
Etag: "6353ad20-1d7"
Expires: Mon, 24 Oct 2022 10:33:04 GMT
Last-Modified: Sat, 22 Oct 2022 08:43:12 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /sfangt2l/?pub_id=6359262&xid=166651429910000TNOTV415326358024Vf9&xid_param1=6359262-2133874209-3759591136&xid_param2=277883820 HTTP/1.1 
Host: rdr.wargaming.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         92.223.23.230
HTTP/1.1 301 Moved Permanently
Content-Type: text/plain; charset=utf-8
                                        
Server: nginx
Date: Sun, 23 Oct 2022 08:38:19 GMT
Content-Length: 22
Connection: keep-alive
Location: https://join.worldoftanks.eu/1600946604/no/?pub_id=6359262&xid=166651429910000TNOTV415326358024Vf9&xid_param1=6359262-2133874209-3759591136&xid_param2=277883820&sid=SIDI9cvlEf5bPlaXd5VUvo5GqRgkInuihNA9RQ_7yrWPEQQW6frmTigpT8eWQN4-eu2XUzUjm-DPvb0sFXEUZGK5Yy5eOJ8A-sZpG3wj8Kp-GJciK9Abc9OUnEjBwMOlfQnXhiYvY01OXc&enctid=cnt60kdm7mds&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=1&teclient=1666514299990552217&utm_source=networks&utm_medium=affiliate&utm_campaign=sfangt2l&utm_content=6359262
Set-Cookie: STIDREFERRAL=SIDI9cvlEf5bPlaXd5VUvo5GqRgkInuihNA9RQ_7yrWPEQQW6frmTigpT8eWQN4-eu2XUzUjm-DPvb0sFXEUZGK5Yy5eOJ8A-sZpG3wj8Kp-GJciK9Abc9OUnEjBwMOlfQnXhiYvY01OXc; Domain=wargaming.net; Max-Age=2592000; Path=/; SameSite=None; Secure enctid=cnt60kdm7mds; Domain=wargaming.net; Max-Age=2592000; Path=/; SameSite=None; Secure teclient=1666514299990552217; Domain=wargaming.net; Max-Age=315360000; Path=/; SameSite=None; Secure
Cache-Control: no-cache


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   22
Md5:    0e0bf67572311f8a23814419ff24ee9a
Sha1:   78328dfc54708433cdfb3e7857e57f87ec443b08
Sha256: c5f6c267ba4a2964fff5d304d4a1e79c371ce30d32eaf017b3bb40becccd58d2
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3386
Cache-Control: max-age=100833
Date: Sun, 23 Oct 2022 08:38:20 GMT
Etag: "6353d723-1d7"
Expires: Mon, 24 Oct 2022 12:38:53 GMT
Last-Modified: Sat, 22 Oct 2022 11:42:27 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /1600946604/no/?pub_id=6359262&xid=166651429910000TNOTV415326358024Vf9&xid_param1=6359262-2133874209-3759591136&xid_param2=277883820&sid=SIDI9cvlEf5bPlaXd5VUvo5GqRgkInuihNA9RQ_7yrWPEQQW6frmTigpT8eWQN4-eu2XUzUjm-DPvb0sFXEUZGK5Yy5eOJ8A-sZpG3wj8Kp-GJciK9Abc9OUnEjBwMOlfQnXhiYvY01OXc&enctid=cnt60kdm7mds&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=1&teclient=1666514299990552217&utm_source=networks&utm_medium=affiliate&utm_campaign=sfangt2l&utm_content=6359262 HTTP/1.1 
Host: join.worldoftanks.eu
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         92.223.51.163
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Sun, 23 Oct 2022 08:38:20 GMT
Last-Modified: Fri, 01 Jul 2022 12:11:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62bee46c-10101"
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (51156)
Size:   16133
Md5:    76d6249792ec3ed63f71341dce79d771
Sha1:   f9bfaf0fbf9f93f8ca4587bb5844ee6f7036d0c8
Sha256: d70c54e44582c3c51947bd25e6644906d4acd66d0e09b59cc7d78ffad22b47d4
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 23 Oct 2022 08:38:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 23 Oct 2022 08:38:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3713
Cache-Control: max-age=171062
Date: Sun, 23 Oct 2022 08:38:20 GMT
Etag: "6354e831-1d7"
Expires: Tue, 25 Oct 2022 08:09:22 GMT
Last-Modified: Sun, 23 Oct 2022 07:07:29 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4003
Cache-Control: max-age=171352
Date: Sun, 23 Oct 2022 08:38:20 GMT
Etag: "6354e831-1d7"
Expires: Tue, 25 Oct 2022 08:14:12 GMT
Last-Modified: Sun, 23 Oct 2022 07:07:29 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4792
Cache-Control: max-age=85742
Date: Sun, 23 Oct 2022 08:38:20 GMT
Etag: "635396b2-1d7"
Expires: Mon, 24 Oct 2022 08:27:22 GMT
Last-Modified: Sat, 22 Oct 2022 07:07:30 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5104
Cache-Control: max-age=86054
Date: Sun, 23 Oct 2022 08:38:20 GMT
Etag: "635396b2-1d7"
Expires: Mon, 24 Oct 2022 08:32:34 GMT
Last-Modified: Sat, 22 Oct 2022 07:07:30 GMT
Server: ECS (amb/6B82)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3713
Cache-Control: max-age=171062
Date: Sun, 23 Oct 2022 08:38:20 GMT
Etag: "6354e831-1d7"
Expires: Tue, 25 Oct 2022 08:09:22 GMT
Last-Modified: Sun, 23 Oct 2022 07:07:29 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /videoback-ongoing-eu-wothq-1691/f649b2f12a074726bf8db29fe5633628_1639483774.png HTTP/1.1 
Host: lms-static.wgcdn.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         92.223.84.84
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sun, 23 Oct 2022 08:38:20 GMT
content-length: 13892
last-modified: Tue, 14 Dec 2021 12:09:34 GMT
etag: "61b8897e-3644"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-07-11T11:30:21+00:00
x-id: sto5-up-gc10
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 208x208, components 3\012- data
Size:   13892
Md5:    87d3c37b826fc0c8237c8e716934f6b2
Sha1:   79632ce4b4f0f1cbe6a0ac9081dba9924b4d0cd0
Sha256: 5dd52ce85650d9cc13997187633c865d7284e628f3f28af2ce38896d8d7d3da0
                                        
                                            GET /videoback-ongoing-eu-wothq-1691/9a3147f7202207fd86f303867669af7c_1600947283.png HTTP/1.1 
Host: lms-static.wgcdn.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         92.223.84.84
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sun, 23 Oct 2022 08:38:20 GMT
content-length: 1572
last-modified: Thu, 24 Sep 2020 11:34:43 GMT
etag: "5f6c8453-624"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-07-11T09:20:16+00:00
x-id: sto5-up-gc10
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 26 x 25, 8-bit/color RGBA, non-interlaced\012- data
Size:   1572
Md5:    65952e9526844e297b5ed12b51af3073
Sha1:   ab06c5be859a20aea602c95a592d366152f66fda
Sha256: 0eb8340c0b3fc3e36cd816cb9ce8e819b64b40ded2504741eb4662bb10eea015
                                        
                                            GET /videoback-ongoing-eu-wothq-1691/2aef0c94f5bc198cba6f45ee06d503a0_1639484015.png HTTP/1.1 
Host: lms-static.wgcdn.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         92.223.84.84
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sun, 23 Oct 2022 08:38:20 GMT
content-length: 29062
last-modified: Tue, 14 Dec 2021 12:13:35 GMT
etag: "61b88a6f-7186"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-07-11T09:20:16+00:00
x-id: sto5-up-gc10
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1174 x 363, 8-bit/color RGBA, non-interlaced\012- data
Size:   29062
Md5:    5ce0d2852121a1cd85a26c2426a40dae
Sha1:   474a69d1816e7d29cea432b640e43e5acff39450
Sha256: 07871f75a6f4007f7f7d9adf5382f953c1dce8407149662dd88617a1d8d4055a
                                        
                                            GET /videoback-ongoing-eu-wothq-1691/04b0ba212e17098cc7786c56bca5d832_1600946934.png HTTP/1.1 
Host: lms-static.wgcdn.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         92.223.84.84
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sun, 23 Oct 2022 08:38:20 GMT
content-length: 6662
last-modified: Thu, 24 Sep 2020 11:28:54 GMT
etag: "5f6c82f6-1a06"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-07-11T09:20:16+00:00
x-id: sto5-up-gc10
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 248 x 110, 8-bit colormap, non-interlaced\012- data
Size:   6662
Md5:    91f01fe893320cb394fc52461a1b24a5
Sha1:   f43616cd9e85af6a2a73a914a44085662d123807
Sha256: 3038bb7d8adebbe73e330bbea5739b04efe6b04d5a1d81db314bd29251813967
                                        
                                            GET /videoback-ongoing-eu-wothq-1691/518e6d6bd45d6086554daa0295291ee1_1639483949.png HTTP/1.1 
Host: lms-static.wgcdn.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         92.223.84.84
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sun, 23 Oct 2022 08:38:20 GMT
content-length: 2976
last-modified: Tue, 14 Dec 2021 12:12:29 GMT
etag: "61b88a2d-ba0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-07-11T11:30:21+00:00
x-id: sto5-up-gc10
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 123 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size:   2976
Md5:    5b1962befd8938b36c48ed62ca7c04f5
Sha1:   4e3e0524f822003a2567d04501b9d5e7d55d7d06
Sha256: cd2a2481818213f1c1b4e065ead65f83ff50d25a5b63a4a8cf515614f3ad05cf
                                        
                                            GET /videoback-ongoing-eu-wothq-1691/ba06c381ed267fb7dfd6b007931ed0bf_1639483823.png HTTP/1.1 
Host: lms-static.wgcdn.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         92.223.84.84
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sun, 23 Oct 2022 08:38:20 GMT
content-length: 30233
last-modified: Tue, 14 Dec 2021 12:10:23 GMT
etag: "61b889af-7619"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-07-11T11:30:21+00:00
x-id: sto5-up-gc10
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 219 x 220, 8-bit grayscale, non-interlaced\012- data
Size:   30233
Md5:    e15fed82b2db8b2e31de05ab2a5601f4
Sha1:   405cbff152f965bdbf3a72faabbff5cafa4bcc14
Sha256: 549b0b011eb72bfb724708d7caeb637c1411be84c32ccbb5a9d7a76afc8b30bd
                                        
                                            GET /gtm.js?id=GTM-58QVDL8 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 23 Oct 2022 08:38:20 GMT
expires: Sun, 23 Oct 2022 08:38:20 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 102787
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (46280)
Size:   102787
Md5:    6143240578c892158d57cf39fe4b830e
Sha1:   62193fef02d4b15d91648d9f49ff8fb6d77fc5c3
Sha256: 29bc8db4680ae8c55fd3038e9678ac4e86cc6919325d37f2d9ddbaec324fd1b0
                                        
                                            GET /videoback-ongoing-eu-wothq-1691/a3c86a67f4c5bb1c6cdb50b1092c0761_1600946860.jpg HTTP/1.1 
Host: lms-static.wgcdn.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         92.223.84.84
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sun, 23 Oct 2022 08:38:20 GMT
content-length: 373020
last-modified: Thu, 24 Sep 2020 11:27:40 GMT
etag: "5f6c82ac-5b11c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-09-19T12:11:21+00:00
x-id: sto5-up-gc10
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size:   373020
Md5:    6baad877e262149d8eea54bb33563765
Sha1:   e4584c51785969af9c25718cff399e0e444af9a9
Sha256: f6a40920a81d3a3489189bbb747f7d3e1b2a87f7568361e4872353bc2cb082b2
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 23 Oct 2022 08:38:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 23 Oct 2022 08:38:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 23 Oct 2022 08:38:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 23 Oct 2022 08:38:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 23 Oct 2022 08:38:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 23 Oct 2022 08:38:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://join.worldoftanks.eu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 18 Oct 2022 22:17:41 GMT
expires: Wed, 18 Oct 2023 22:17:41 GMT
cache-control: public, max-age=31536000
age: 382839
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15660, version 1.0\012- data
Size:   15660
Md5:    d7b0b953a50fddaa88089b5b787cf719
Sha1:   2f85bc568b27659a3d6452f58f9fd7678450326d
Sha256: e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
                                        
                                            GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://join.worldoftanks.eu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Oct 2022 16:04:44 GMT
expires: Sat, 21 Oct 2023 16:04:44 GMT
cache-control: public, max-age=31536000
age: 146016
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data
Size:   15700
Md5:    3d7f7413fca69bff4d231ebdc50aaab0
Sha1:   cb18e7943b6a8a0e3672d7242197c19a226b92e8
Sha256: 6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
                                        
                                            GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://join.worldoftanks.eu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9692
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 18 Oct 2022 23:14:18 GMT
expires: Wed, 18 Oct 2023 23:14:18 GMT
cache-control: public, max-age=31536000
age: 379442
last-modified: Tue, 19 Apr 2022 18:44:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 9692, version 1.0\012- data
Size:   9692
Md5:    d572b531f0823555818998b466028e08
Sha1:   788073fb7656c7b44a3d67468fc355ceb618290e
Sha256: bddd7c9debeee9bccc8d6a0f0990743d3db200fe23fc08dbad9e60a007e52919
                                        
                                            GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19G7DRs5.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://join.worldoftanks.eu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7120
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 17:23:54 GMT
expires: Fri, 20 Oct 2023 17:23:54 GMT
cache-control: public, max-age=31536000
age: 227666
last-modified: Tue, 19 Apr 2022 18:54:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7120, version 1.0\012- data
Size:   7120
Md5:    1e58a6b01c300f7c84abdacf53503eaf
Sha1:   ed6f0d2f1564e5d763e07a8fde2f16c5e911f32f
Sha256: 85f70e68e3ba976fbfee39a96c5275550eb881f302c7dedf91aa7d0a802ba5f6
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 23 Oct 2022 08:38:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 23 Oct 2022 08:38:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /jump/next.php?stamat=m%257CL2djEqdhaQdH8AH0dEdHP3xP.2fa%252C7H0PozvLiGV-YkDx825CHq_5mNyzZhovkYDfyjWLDI0Sb21IYsIWB7DkTq9zqOvWb4dT8psPrxvBBjgvx_GqtkagCRPOe8bNuwkXNn4K9yGdbZY6BGu8xDxu89NChByi&cbpage=https://adspredictiv.com/jump/next.php?r=6359262&sub1=heliotrope-eel&sub2=echo-rid-1ozwpgpq2m&cbur=0.5753800470546164&cbtitle=&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fgo.money616.xyz%2F HTTP/1.1 
Host: adspredictiv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         35.190.38.40
HTTP/2 302 Found
content-type: text/html; charset=utf-8
                                        
server: openresty
date: Sun, 23 Oct 2022 08:38:19 GMT
access-control-allow-origin: *
location: https://adspredictiv.com/script/i.php?stamat=m%257C%252C%252CA2e79jJqoGU3B0-GH0dEdHP3xP.442%252CgU3kWvmNb_DMmelc6GcZgtIjb1YKHkkglLDsnbXwyeJTYXTcogZSfSnkQQtweOlVOvUip64ATN6tmLBRRKNpyNfq9fwRVIe2apLIGAQ-YtDlnyKzvARqdfeS7T2OEb-GLqez7KvgKV4L1vb13y6QwQrdcuvepcYOKUDQCYNv445-Kw-cE6myLpSUMgz4CzgcQmcIAIlqsrvbTYkoy42aLuSI6L8OYgWWhzxU1M9abaLFDAdPC9jEDrHbqeJQD-FVmc51z8dg2VsNRtEXsFZjiW8b8PIqkaUdsqAbfEZpArPJUQwOvoq0PUfaWieqFKyZM1oeLuioroWDjGcdc7p9HLCJk2eRFPDeB1j1puPFIWqYgwuZLrGOfEOagAq8LzkSZuaNwVFwpZuvee1fMf5J5LcXQvwL8RQ8zyjn9coo_HWUzvytiiMJaZsSXL7ccsfF53uKtfoMsD_YKlMKq3-ToTN9CivdJExWP_7jmAH_pu27xTDKskEi7jDM4F7nypBA-M9bFYJptNiXWLAyaTSxn7rfc01mvRZgdP9r2bFfzsaIflt6ki8kmH9NmX-dDfCnfPpG2YAlPq6c2PQziHiXGK7bssmyKzxrtcyaVZZTwZw%252C
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   11817
Md5:    af6f703171e72aeb7236db7031e441b1
Sha1:   9f1e922ab68bc2ed12d9b436da7f202657bc53d7
Sha256: 17cebe9c73d7ebcbfa9a26f37ee3a5375d5104e559f99b1001819dce8a2a8e02
                                        
                                            GET /videoback-ongoing-eu-wothq-1691/50e485b431d538125efcbfa8fc76a665_1600946565.png HTTP/1.1 
Host: lms-static.wgcdn.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         92.223.84.84
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sun, 23 Oct 2022 08:38:20 GMT
content-length: 5124
last-modified: Thu, 24 Sep 2020 11:22:45 GMT
etag: "5f6c8185-1404"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-07-11T09:20:19+00:00
x-id: sto5-up-gc10
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   5124
Md5:    c28eb738166485ff11b13d9e74a52be8
Sha1:   dd161225ce2e844e2d6f05753e5210d922934ec6
Sha256: 2e9c3e61433c5952bd3b7d963ae90d9789c262a67411447bbaa1b598f53c2411
                                        
                                            GET /promo_web/WOT/March2019/WOT_New_videoback_v3.webm HTTP/1.1 
Host: cdn2wotcom.gcdn.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         92.223.84.84
HTTP/2 206 Partial Content
content-type: video/webm
                                        
server: nginx
date: Sun, 23 Oct 2022 08:38:20 GMT
content-length: 7678225
last-modified: Tue, 12 Mar 2019 07:13:16 GMT
etag: "752911-583e06c461b00"
cache-control: max-age=290304000, public
expires: Thu, 21 Sep 2023 12:03:33 GMT
cache: HIT
x-cached-since: 2022-09-21T12:03:33+00:00
x-id: sto5-up-gc13
content-range: bytes 0-7678224/7678225
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  WebM\012- EBML file, creator webmB\20\012- data
Size:   7678225
Md5:    276c4475cdb31241611170b2fb686f5b
Sha1:   a2cda0beddd67a47b423d798f6f48a59a12a366d
Sha256: 333a1356229544852de21506199e090e01791081b4b32e3a5d7864506a07eeb9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6496
Cache-Control: max-age=149337
Date: Sun, 23 Oct 2022 08:38:22 GMT
Etag: "63548877-1d7"
Expires: Tue, 25 Oct 2022 02:07:19 GMT
Last-Modified: Sun, 23 Oct 2022 00:19:03 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 23 Oct 2022 06:41:09 GMT
expires: Sun, 23 Oct 2022 08:41:09 GMT
cache-control: public, max-age=7200
age: 7032
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 23 Oct 2022 08:38:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /scevent.min.js HTTP/1.1 
Host: sc-static.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.82.240
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
                                        
content-length: 8764
server: CloudFront
date: Sun, 23 Oct 2022 08:38:22 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Mon, 24 Oct 2022 07:28:48 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Rj7HZyLAh6hRWYwtW90R8cZW7T84LtyRTMXdt2rKbuyl6PcsH-Ws4w==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (25360), with no line terminators
Size:   8764
Md5:    e9a9d4e245fb5df1ac33be19306752e8
Sha1:   246e5996a63a71ce325dff7ca6c9ef71f324b62f
Sha256: 64211912b65ff9a15aa212c8e8f5d4e60b86629d305c130f8824eb55837b8d4a
                                        
                                            GET /en_US/fbevents.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: kqu/tw7+jCwPZ+HuDv5bqsh/CBG/7v8O5//uSArmSzISD7siXa4z8QBQDKItAQlcsa5WJZFlc149d/lHDUJv5Q==
content-length: 27027
x-fb-trip-id: 1904183273
date: Sun, 23 Oct 2022 08:38:22 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64348)
Size:   27027
Md5:    71875f848896ee82a106224e048bd060
Sha1:   277a624e507dff2cd9cff104aa0c5618ca76e105
Sha256: a22635e404a419027fc88eee705d254910d05d481953733d5e1fda4bc6ab3c5b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3028
Cache-Control: max-age=89718
Date: Sun, 23 Oct 2022 08:38:22 GMT
Etag: "6353ad20-1d7"
Expires: Mon, 24 Oct 2022 09:33:40 GMT
Last-Modified: Sat, 22 Oct 2022 08:43:12 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /bat.js HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         13.107.21.200
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: private,max-age=1800
content-length: 11367
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=28B0AC0DC9D269610305BE4BC8276844; domain=.bing.com; expires=Fri, 17-Nov-2023 08:38:22 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 871AAF91F79946488F5964AA2B97F91E Ref B: OSL30EDGE0515 Ref C: 2022-10-23T08:38:21Z
date: Sun, 23 Oct 2022 08:38:21 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Size:   11367
Md5:    293ae3e0fc8b0d5c143fdf9d8490228d
Sha1:   3976c659b908e70818a3a1ac71860b497fe2d1a9
Sha256: 04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
                                        
                                            GET /pagead/conversion_async.js HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 23 Oct 2022 08:38:22 GMT
expires: Sun, 23 Oct 2022 08:38:22 GMT
cache-control: private, max-age=3600
etag: 10463233247470928422
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15169
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1654)
Size:   15169
Md5:    24fd6c715f1f63277e70251543da72e3
Sha1:   df812f6fc49802cdae539755e361201fa061ebc6
Sha256: 1c2948cf01342a560e7f3669ec3fbe69c4d565ee5e13d0873f89422b8c7c2503
                                        
                                            GET /jump/next.php?r=6359262&sub1=heliotrope-eel&sub2=echo-rid-1ozwpgpq2m HTTP/1.1 
Host: adspredictiv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.money616.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         35.190.38.40
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: openresty
date: Sun, 23 Oct 2022 08:38:19 GMT
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   3227
Md5:    3b203cb1d5a75556f8c5f6ac45585271
Sha1:   ba56a6008ba8f53c2faae8644e4b654703bf44eb
Sha256: 38338eaf589550157a6c58af71f8243c7a64c5437c66649c66e096ce63643d1e
                                        
                                            GET /assets/device/static/collect.js HTTP/1.1 
Host: tenor.wargaming.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         92.223.21.16
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: openresty
Date: Sun, 23 Oct 2022 08:38:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=200
Last-Modified: Tue, 18 Oct 2022 07:32:10 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"634e567a-3ac2"
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (7249)
Size:   5440
Md5:    026f62fad760986ddac0bb642b46db1d
Sha1:   934e6b4936e4c044e0e68ebe8243a3c38a2763ca
Sha256: 76c6cf4c397fcca4cf8000908a09bae78997b814b1a3b345279bc8e178aa2900
                                        
                                            GET /wi/ytc.js HTTP/1.1 
Host: s.yimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         87.248.119.252
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: tYV2ePyU8HVdeUYwx1aAo+Ll4uY24xQcUk82Zb7FPTBmaLa70N60AhZRiQTYj9+a0OFiQyChl/U=
x-amz-request-id: PK5M1VYZKWKWQJRM
date: Sun, 23 Oct 2022 08:38:17 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 6
content-encoding: gzip
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   6401
Md5:    ac3c4b53650e700e0ab2cc7fd7e4dd8f
Sha1:   68c58684a4266f077d12bcd658c881ff4b29041e
Sha256: 3daf989b034253ce77e9ba5cb3962d5206361a3946c2c547434196e9596b893a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 23 Oct 2022 08:38:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 23 Oct 2022 08:38:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-77NSW0BT3P&cid=183657958.1666514318&gtm=2oeaj0&aip=1&z=159898827 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 23 Oct 2022 08:38:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /pagead/viewthroughconversion/1006839708/?random=1666514318060&cv=9&fst=1666514318060&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgaj0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fjoin.worldoftanks.eu%2F1600946604%2Fno%2F%3Fpub_id%3D6359262%26xid%3D166651429910000TNOTV415326358024Vf9%26xid_param1%3D6359262-2133874209-3759591136%26xid_param2%3D277883820%26sid%3DSIDI9cvlEf5bPlaXd5VUvo5GqRgkInuihNA9RQ_7yrWPEQQW6frmTigpT8eWQN4-eu2XUzUjm-DPvb0sFXEUZGK5Yy5eOJ8A-sZpG3wj8Kp-GJciK9Abc9OUnEjBwMOlfQnXhiYvY01OXc%26enctid%3Dcnt60kdm7mds%26lpsn%3DWOT%2520ONGOING%2520WW%2520Videoback%2520LMS%2520WOTHQ-1691%26foris%3D1%26teclient%3D1666514299990552217%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dsfangt2l%26utm_content%3D6359262&tiba=World%20of%20Tanks%E2%80%94Gratis%20%C3%A5%20spille%20tanksaction%20MMO.%20Last%20ned%20n%C3%A5%20og%20spill%20gratis!&auid=122829167.1666514317&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.226
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 23 Oct 2022 08:38:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1447
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 23-Oct-2022 08:53:22 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3460), with no line terminators
Size:   1447
Md5:    be2f066e2c1842f77db4dd47f8943386
Sha1:   09e53b4c4b0ae8cc47d3bc7dfe6a2cc03e30b666
Sha256: 1381f7f589b29353f8f7ee31da652dd3a9e5b4824047398e2ff37bcf4f1a4099
                                        
                                            OPTIONS /cf HTTP/1.1 
Host: tenor.wargaming.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://join.worldoftanks.eu/
Origin: https://join.worldoftanks.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         92.223.21.16
HTTP/1.1 200 OK
Content-Type: application/octet-stream
                                        
Server: openresty
Date: Sun, 23 Oct 2022 08:38:22 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=200
Access-Control-Allow-Origin: https://join.worldoftanks.eu
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: CONTENT-TYPE

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 23 Oct 2022 08:38:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wi/config/10180089.json HTTP/1.1 
Host: s.yimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://join.worldoftanks.eu
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         87.248.119.252
HTTP/2 200 OK
content-type: application/json
                                        
x-amz-id-2: v4u8f5KkRlg2ude+XmlBM97bSCf+ObyOEDVCXYd+wy2mFWfjYrpBbnAoiM7ouH3o6aJcOvO/2yA=
x-amz-request-id: Q1P52PNN6SJTDDE7
date: Sun, 23 Oct 2022 06:52:45 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Wed, 16 Mar 2022 15:56:22 GMT
x-amz-expiration: expiry-date="Fri, 21 Apr 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "c6ded5892a90c67512603a071c819e4e"
x-amz-server-side-encryption: AES256
x-amz-version-id: hucc9FIkp5UShj6EZB33GhrqRv4Mo1tn
accept-ranges: bytes
server: ATS
content-length: 46
referrer-policy: no-referrer-when-downgrade
age: 6338
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   46
Md5:    c6ded5892a90c67512603a071c819e4e
Sha1:   b0db884308ecef9f44d5c38bacf96702096d5830
Sha256: c63fe9a284f1b9cfd799a123c1a92a566f22bd5cd0be03d5af3a3fbf0936e226
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 23 Oct 2022 08:38:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /cf HTTP/1.1 
Host: tenor.wargaming.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://join.worldoftanks.eu/
Content-Type: application/json
Origin: https://join.worldoftanks.eu
Content-Length: 299
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         92.223.21.16
HTTP/1.1 204 No Content
Content-Type: application/json; charset=utf-8
                                        
Server: openresty
Date: Sun, 23 Oct 2022 08:38:22 GMT
Content-Length: 2
Connection: keep-alive
Keep-Alive: timeout=200
Access-Control-Expose-Headers: Server,Date,Content-Length
Access-Control-Allow-Origin: https://join.worldoftanks.eu
Access-Control-Allow-Credentials: true

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2778
Cache-Control: max-age=165420
Date: Sun, 23 Oct 2022 08:38:22 GMT
Etag: "6354d5d0-1d7"
Expires: Tue, 25 Oct 2022 06:35:22 GMT
Last-Modified: Sun, 23 Oct 2022 05:49:04 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3366
Cache-Control: max-age=166008
Date: Sun, 23 Oct 2022 08:38:22 GMT
Etag: "6354d5d0-1d7"
Expires: Tue, 25 Oct 2022 06:45:10 GMT
Last-Modified: Sun, 23 Oct 2022 05:49:04 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /cm/i?pid=22df7ed7-ab83-4fcd-b6a0-e8494aed20d8&u_scsid=0b78d537-317f-4761-873f-911ec3b20c55&u_sclid=ed0fec1d-553b-43c7-9cec-083586dca394 HTTP/1.1 
Host: tr.snapchat.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         35.190.43.134
HTTP/2 200 OK
content-type: text/html
                                        
date: Sun, 23 Oct 2022 08:38:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 1
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /action/0?ti=26043906&tm=gtm002&Ver=2&mid=835944b9-e6f0-4c2d-8e73-4a7e720f5edc&sid=16fb4e7052ae11ed86a5efdaa5609706&vid=16fb572052ae11ed826cf3355fa0e83a&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=World%20of%20Tanks%E2%80%94Gratis%20%C3%A5%20spille%20tanksaction%20MMO.%20Last%20ned%20n%C3%A5%20og%20spill%20gratis!&p=https%3A%2F%2Fjoin.worldoftanks.eu%2F1600946604%2Fno%2F%3Fpub_id%3D6359262%26xid%3D166651429910000TNOTV415326358024Vf9%26xid_param1%3D6359262-2133874209-3759591136%26xid_param2%3D277883820%26sid%3DSIDI9cvlEf5bPlaXd5VUvo5GqRgkInuihNA9RQ_7yrWPEQQW6frmTigpT8eWQN4-eu2XUzUjm-DPvb0sFXEUZGK5Yy5eOJ8A-sZpG3wj8Kp-GJciK9Abc9OUnEjBwMOlfQnXhiYvY01OXc%26enctid%3Dcnt60kdm7mds%26lpsn%3DWOT%2520ONGOING%2520WW%2520Videoback%2520LMS%2520WOTHQ-1691%26foris%3D1%26teclient%3D1666514299990552217%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dsfangt2l%26utm_content%3D6359262&r=&lt=1294&evt=pageLoad&sv=1&rn=176253 HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         13.107.21.200
HTTP/2 204 No Content
                                        
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=1D5052B80EF667AF1CA440FE0F03667A; domain=.bing.com; expires=Fri, 17-Nov-2023 08:38:22 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 60B038AD975B4D3688D563ADD2C260A7 Ref B: OSL30EDGE0515 Ref C: 2022-10-23T08:38:22Z
date: Sun, 23 Oct 2022 08:38:22 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /p/action/26043906.js HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         13.107.21.200
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
cache-control: private,max-age=60
content-length: 1423
content-encoding: gzip
vary: Accept-Encoding
set-cookie: MUID=31C2B6E848766BB13188A4AE49836AB5; domain=.bing.com; expires=Fri, 17-Nov-2023 08:38:22 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FEDB1A8416754096A8E3F73BCB2323C0 Ref B: OSL30EDGE0515 Ref C: 2022-10-23T08:38:22Z
date: Sun, 23 Oct 2022 08:38:22 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1423
Md5:    5ccab94753771a3d9f34c937a0edda89
Sha1:   0e4f16622e090eaa09fc6c910fbe979ca4fb0a65
Sha256: 2f60750d4aadf9925d7d1a28a1c94ffb13c7e6a851af89805440b7d57a5832aa
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3366
Cache-Control: max-age=166008
Date: Sun, 23 Oct 2022 08:38:22 GMT
Etag: "6354d5d0-1d7"
Expires: Tue, 25 Oct 2022 06:45:10 GMT
Last-Modified: Sun, 23 Oct 2022 05:49:04 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /init?pids=22df7ed7-ab83-4fcd-b6a0-e8494aed20d8 HTTP/1.1 
Host: tr.snapchat.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://join.worldoftanks.eu/
Origin: https://join.worldoftanks.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.190.43.134
HTTP/2 200 OK
content-type: application/json
                                        
date: Sun, 23 Oct 2022 08:38:22 GMT
access-control-allow-origin: https://join.worldoftanks.eu
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   129
Md5:    08175f93be41576390e91ec665509fcf
Sha1:   01c7a04cbcda6d039543aef4740d4df7aa141ad8
Sha256: 001648221631680bcc5682b0b4fe6543b4929f1a560200bf7f08f338afa2a233
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4426
Cache-Control: max-age=127431
Date: Sun, 23 Oct 2022 08:38:22 GMT
Etag: "63543afb-1d7"
Expires: Mon, 24 Oct 2022 20:02:13 GMT
Last-Modified: Sat, 22 Oct 2022 18:48:27 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 23 Oct 2022 08:38:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /p HTTP/1.1 
Host: tr.snapchat.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------10941410185201351983040031592
Content-Length: 2545
Origin: https://join.worldoftanks.eu
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         35.190.43.134
HTTP/2 200 OK
content-type: text/html
                                        
date: Sun, 23 Oct 2022 08:38:22 GMT
access-control-allow-origin: https://join.worldoftanks.eu
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgQ0AIQgDwIlIqED/HQdNOgXDe6ft50hpXliWH9r6Dxk9Upf7FnoGJAsZvsYfbqyM8zIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 10
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   68
Md5:    c4a2b870062c2bb98c500bc1526c0498
Sha1:   528666ccdb12997358077bc8fcdbfb6b825c7788
Sha256: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
                                        
                                            GET /ddm/activity/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1600946604/no/;u3=WOT%20ONGOING%20WW%20Videoback%20LMS%20WOTHQ-1691;u4=affiliate;u5=sfangt2l;match_id=1666514299990552217;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=373207989 HTTP/1.1 
Host: ad.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.102
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 23 Oct 2022 08:38:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.com/ddm/fls/p/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1600946604/no/;u3=WOT%20ONGOING%20WW%20Videoback%20LMS%20WOTHQ-1691;u4=affiliate;u5=sfangt2l;match_id=1666514299990552217;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=373207989;~oref=https://join.worldoftanks.eu/
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 23-Oct-2022 08:53:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /ads/pixel.js HTTP/1.1 
Host: www.redditstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.85.140
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Tue, 19 Jul 2022 22:48:09 GMT
etag: "95212d33cfff78ad59f5af5b20c48c53"
cache-control: public, max-age=60
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 23 Oct 2022 08:38:22 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7722
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (25224)
Size:   7722
Md5:    95212d33cfff78ad59f5af5b20c48c53
Sha1:   9b99a4091a6eb716bc68f1428e3c86eca068b25b
Sha256: bd69f250efa08cb2c0a06c35d91fda762779820d87779019c25211f4559ebb1d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 23 Oct 2022 08:38:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-40205758-4&cid=183657958.1666514318&jid=237157914&gjid=747198132&_gid=988379887.1666514318&_u=YGhACEABBAAAACAFO~&z=1849005296 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://join.worldoftanks.eu
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         173.194.222.157
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://join.worldoftanks.eu
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 23 Oct 2022 08:38:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    48c0473b7821185d937e685216e2168b
Sha1:   3743e47f8a429a5e87b86cb582d78940733d9d2e
Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
                                        
                                            GET /banners/scripts/st/trackpoint-async.js HTTP/1.1 
Host: s2.adform.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         37.157.2.247
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 23 Oct 2022 08:38:22 GMT
vary: Accept-Encoding
last-modified: Wed, 05 Oct 2022 12:23:24 GMT
x-rgw-object-type: Normal
etag: W/"4cb8e818a3c8dda5fd80d6d9a55d958d"
x-amz-request-id: tx00000655b730b984fd408-006354fb05-329385b8-default
access-control-allow-origin: *
cache-control: public, max-age=604800
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   30865
Md5:    2c4c8842224309163b2c49196f8edd8b
Sha1:   da58d1c9e6e196158924f54ca6d6f53cc02435ea
Sha256: ad23a6310a683184c3295f88e4c7d08ffe62427aba93d132004f1789be3b331d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1149
Cache-Control: max-age=118058
Date: Sun, 23 Oct 2022 08:38:22 GMT
Etag: "6354232b-1d7"
Expires: Mon, 24 Oct 2022 17:26:00 GMT
Last-Modified: Sat, 22 Oct 2022 17:06:51 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-150089307-6&cid=183657958.1666514318&jid=1552453867&gjid=289938983&_gid=1981571764.1666514318&_u=YGhACEABBAAAACAEO~&z=730434146 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://join.worldoftanks.eu
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         173.194.222.157
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://join.worldoftanks.eu
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 23 Oct 2022 08:38:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    48c0473b7821185d937e685216e2168b
Sha1:   3743e47f8a429a5e87b86cb582d78940733d9d2e
Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 23 Oct 2022 08:38:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ddm/fls/p/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1600946604/no/;u3=WOT%20ONGOING%20WW%20Videoback%20LMS%20WOTHQ-1691;u4=affiliate;u5=sfangt2l;match_id=1666514299990552217;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=373207989;~oref=https://join.worldoftanks.eu/ HTTP/1.1 
Host: adservice.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://join.worldoftanks.eu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.130
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 23 Oct 2022 08:38:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.no/ddm/fls/p/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1600946604/no/;u3=WOT%20ONGOING%20WW%20Videoback%20LMS%20WOTHQ-1691;u4=affiliate;u5=sfangt2l;match_id=1666514299990552217;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=373207989;~oref=https://join.worldoftanks.eu/
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /tag/uet/26043906 HTTP/1.1 
Host: www.clarity.ms
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         13.107.246.53
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: no-cache, no-store
content-length: 1783
expires: -1
set-cookie: CLID=1fbfc7ecfc344a6c84ef9290c12f521e.20221023.20231023; expires=Mon, 23 Oct 2023 08:38:22 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
x-cache: CONFIG_NOCACHE
x-azure-ref: 0fv1UYwAAAABlx5CvCqQwS6YaTikCfovnU1ZHMjBFREdFMDYxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sun, 23 Oct 2022 08:38:21 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1783), with no line terminators
Size:   1783
Md5:    ef5c0e5d88ebd499b98db947830e09e0
Sha1:   2b8666213105a698975736999d960c1c551652d8
Sha256: 49284c9fa7c56e0a2a707ef2594c256731f2a2c3e09e64cdc65ba2016e61155a
                                        
                                            GET /Serving/TrackPoint/?CC=1&pm=2446135&ADFPageName=WOT%20-%20EU%20-%20Landing%20Page&ADFdivider=%7C&ord=730482327784&ADFtpmode=2&loc=https%3A%2F%2Fjoin.worldoftanks.eu%2F1600946604%2Fno%2F%3Fpub_id%3D6359262%26xid%3D166651429910000TNOTV415326358024Vf9%26&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1 
Host: a1.adform.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://join.worldoftanks.eu/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         37.157.6.248
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
server: nginx
date: Sun, 23 Oct 2022 08:38:22 GMT
content-length: 196
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   196
Md5:    0ede06ce62bcf9e842e1b0f3313e6f83
Sha1:   a1a6675d17c5e308cbf033eb3d53fd8d12272be4
Sha256: b453c48d135033a9f54030c39d0241419c85531378e79ef47a5991ab5d418a97
                                        
                                            GET /Serving/TrackPoint/?pm=2446135&ADFPageName=WOT%20-%20EU%20-%20Landing%20Page&ADFdivider=%7C&ord=730482327784&ADFtpmode=2&loc=https%3A%2F%2Fjoin.worldoftanks.eu%2F1600946604%2Fno%2F%3Fpub_id%3D6359262%26xid%3D166651429910000TNOTV415326358024Vf9%26&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1 
Host: a1.adform.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         37.157.6.248
HTTP/2 302 Found
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Sun, 23 Oct 2022 08:38:22 GMT
location: https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2446135&ADFPageName=WOT%20-%20EU%20-%20Landing%20Page&ADFdivider=%7C&ord=730482327784&ADFtpmode=2&loc=https%3A%2F%2Fjoin.worldoftanks.eu%2F1600946604%2Fno%2F%3Fpub_id%3D6359262%26xid%3D166651429910000TNOTV415326358024Vf9%26&Set1=en-US%7Cen-US%7C1280x1024%7C24
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 23-Nov-2022 09:38:22 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (382), with CRLF, LF line terminators
Size:   676
Md5:    d6038fbd04d778111f9dd13dc5c03e4b
Sha1:   702629654683f1c7d14d239f83af26076dc2a4ec
Sha256: 404826c8c388ccad060c1ae9d2654f1df5388a2d89a7a1b12a15d6d9274c0bf2
                                        
                                            GET /pixel;r=1492277718;labels=_fp.event.PageView;source=gtm;event=refresh;rf=0;a=p-UH9pPWqqbvvtC;url=https%3A%2F%2Fjoin.worldoftanks.eu%2F1600946604%2Fno%2F%3Fpub_id%3D6359262%26xid%3D166651429910000TNOTV415326358024Vf9%26xid_param1%3D6359262-2133874209-3759591136%26xid_param2%3D277883820%26sid%3DSIDI9cvlEf5bPlaXd5VUvo5GqRgkInuihNA9RQ_7yrWPEQQW6frmTigpT8eWQN4-eu2XUzUjm-DPvb0sFXEUZGK5Yy5eOJ8A-sZpG3wj8Kp-GJciK9Abc9OUnEjBwMOlfQnXhiYvY01OXc%26enctid%3Dcnt60kdm7mds%26lpsn%3DWOT%2520ONGOING%2520WW%2520Videoback%2520LMS%2520WOTHQ-1691%26foris%3D1%26teclient%3D1666514299990552217%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dsfangt2l%26utm_content%3D6359262;uht=2;fpan=1;fpa=P0-1789652998-1666514318586;pbc=;ns=0;ce=1;qjs=1;qv=7a1cba14-20221011131736;cm=;gdpr=0;ref=;d=worldoftanks.eu;dst=0;et=1666514318586;tzo=0;ogl=;ses=91824062-e030-4eee-b1f4-60e9ff84a4a2 HTTP/1.1 
Host: pixel.quantserve.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         91.228.74.200
HTTP/2 200 OK
content-type: image/gif
                                        
date: Sun, 23 Oct 2022 08:38:22 GMT
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=6354fd7e-aaed6-a34cb-1270c; expires=Thu, 23-Nov-2023 08:38:22 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    55d25e9dc950d5db4d53a3b195c046c6
Sha1:   75e91ae3e549dab12ed1c9787ade9131aef1c981
Sha256: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
                                        
                                            GET /ddm/fls/p/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1600946604/no/;u3=WOT%20ONGOING%20WW%20Videoback%20LMS%20WOTHQ-1691;u4=affiliate;u5=sfangt2l;match_id=1666514299990552217;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=373207989;~oref=https://join.worldoftanks.eu/ HTTP/1.1 
Host: adservice.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://join.worldoftanks.eu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.34
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 23 Oct 2022 08:38:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /g/collect?v=2&tid=G-77NSW0BT3P&gtm=2oeaj0&_p=1281840602&_gaz=1&gcs=G1--&cid=183657958.1666514318&ul=en-us&sr=1280x1024&_s=1&sid=1666514318&sct=1&seg=0&dl=https%3A%2F%2Fjoin.worldoftanks.eu%2F1600946604%2Fno%2F%3Fpub_id%3D6359262%26xid%3D166651429910000TNOTV415326358024Vf9%26xid_param1%3D6359262-2133874209-3759591136%26xid_param2%3D277883820%26sid%3DSIDI9cvlEf5bPlaXd5VUvo5GqRgkInuihNA9RQ_7yrWPEQQW6frmTigpT8eWQN4-eu2XUzUjm-DPvb0sFXEUZGK5Yy5eOJ8A-sZpG3wj8Kp-GJciK9Abc9OUnEjBwMOlfQnXhiYvY01OXc%26enctid%3Dcnt60kdm7mds%26lpsn%3DWOT%2520ONGOING%2520WW%2520Videoback%2520LMS%2520WOTHQ-1691%26foris%3D1%26teclient%3D1666514299990552217%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dsfangt2l%26utm_content%3D6359262&dt=World%20of%20Tanks%E2%80%94Gratis%20%C3%A5%20spille%20tanksaction%20MMO.%20Last%20ned%20n%C3%A5%20og%20spill%20gratis!&en=page_view&_fv=1&_ss=1&ep.prod_name=wot&ep.prod_realm=eu&ep.prod_lang=no&ep.prod_type=lp&ep.prod_lptype=videoback%2FWOTHQ-1691%2FACQ%2Freg-wg HTTP/1.1 
Host: region1.analytics.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://join.worldoftanks.eu
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         216.239.32.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://join.worldoftanks.eu
date: Sun, 23 Oct 2022 08:38:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /rp.gif?ts=1666514318394&id=t2_a043ik42&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=e668be1d-f0e8-432a-a814-5c299a66c3aa&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6 HTTP/1.1 
Host: alb.reddit.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.85.140
HTTP/2 200 OK
content-type: image/gif
                                        
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
date: Sun, 23 Oct 2022 08:38:22 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /sp.pl?a=10000&b=World%20of%20Tanks%E2%80%94Gratis%20%C3%A5%20spille%20tanksaction%20MMO.%20Last%20ned%20n%C3%A5%20og%20spill%20gratis!&.yp=10180089&f=https%3A%2F%2Fjoin.worldoftanks.eu%2F1600946604%2Fno%2F%3Fpub_id%3D6359262%26xid%3D166651429910000TNOTV415326358024Vf9%26xid_param1%3D6359262-2133874209-3759591136%26xid_param2%3D277883820%26sid%3DSIDI9cvlEf5bPlaXd5VUvo5GqRgkInuihNA9RQ_7yrWPEQQW6frmTigpT8eWQN4-eu2XUzUjm-DPvb0sFXEUZGK5Yy5eOJ8A-sZpG3wj8Kp-GJciK9Abc9OUnEjBwMOlfQnXhiYvY01OXc%26enctid%3Dcnt60kdm7mds%26lpsn%3DWOT%2520ONGOING%2520WW%2520Videoback%2520LMS%2520WOTHQ-1691%26foris%3D1%26teclient%3D1666514299990552217%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dsfangt2l%26utm_content%3D6359262&enc=UTF-8&yv=1.13.0&et=custom&ec=LP%20Interaction&ea=Page%20View&el=Landing%20Page&tagmgr=gtm HTTP/1.1 
Host: sp.analytics.yahoo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         98.137.155.8
HTTP/2 200 OK
content-type: image/gif
                                        
date: Sun, 23 Oct 2022 08:38:22 GMT
expires: Sun, 23 Oct 2022 08:38:22 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBH79VGMCEOty1enUBG19Dtpht9TjuWoFEgEBAQFOVmNeYwAAAAAA_eMAAA&S=AQAAAlrv0bqkmCDV87xsUeY3-Xs; Expires=Mon, 23 Oct 2023 14:38:22 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    bff56ce49dd485d195fdfa0a02342568
Sha1:   74fb4071deab7d3ab083562067b735df32c43397
Sha256: 0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
                                        
                                            GET /sp.pl?a=10000&d=Sun%2C%2023%20Oct%202022%2008%3A38%3A38%20GMT&n=0&b=World%20of%20Tanks%E2%80%94Gratis%20%C3%A5%20spille%20tanksaction%20MMO.%20Last%20ned%20n%C3%A5%20og%20spill%20gratis!&.yp=10180089&f=https%3A%2F%2Fjoin.worldoftanks.eu%2F1600946604%2Fno%2F%3Fpub_id%3D6359262%26xid%3D166651429910000TNOTV415326358024Vf9%26xid_param1%3D6359262-2133874209-3759591136%26xid_param2%3D277883820%26sid%3DSIDI9cvlEf5bPlaXd5VUvo5GqRgkInuihNA9RQ_7yrWPEQQW6frmTigpT8eWQN4-eu2XUzUjm-DPvb0sFXEUZGK5Yy5eOJ8A-sZpG3wj8Kp-GJciK9Abc9OUnEjBwMOlfQnXhiYvY01OXc%26enctid%3Dcnt60kdm7mds%26lpsn%3DWOT%2520ONGOING%2520WW%2520Videoback%2520LMS%2520WOTHQ-1691%26foris%3D1%26teclient%3D1666514299990552217%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dsfangt2l%26utm_content%3D6359262&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1 
Host: sp.analytics.yahoo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         98.137.155.8
HTTP/2 200 OK
content-type: image/gif
                                        
date: Sun, 23 Oct 2022 08:38:22 GMT
expires: Sun, 23 Oct 2022 08:38:22 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBH79VGMCEJOj3bEObY2NyL76N87TEn4FEgEBAQFOVmNeYwAAAAAA_eMAAA&S=AQAAAh5s8wx3TqOVCkyk7Rss95I; Expires=Mon, 23 Oct 2023 14:38:22 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    bff56ce49dd485d195fdfa0a02342568
Sha1:   74fb4071deab7d3ab083562067b735df32c43397
Sha256: 0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
                                        
                                            GET /1600946604/dist/landing/videoback/eval.js HTTP/1.1 
Host: lms-static.wgcdn.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         92.223.84.84
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 23 Oct 2022 08:38:23 GMT
content-length: 177
last-modified: Fri, 01 Jul 2022 12:11:16 GMT
etag: "62bee464-b1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-09-22T18:23:00+00:00
x-id: sto5-up-gc10
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   177
Md5:    ab56a375dc50a8ab25c09dd2116ebcd0
Sha1:   19ee177c451c354bedf9d355a34476134464d0be
Sha256: a6b484f867056eb70f872f3e159a26591e2c653581553f9667946642f1c0759a
                                        
                                            GET /1600946604/dist/landing/videoback/sha3.js HTTP/1.1 
Host: lms-static.wgcdn.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         92.223.84.84
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 23 Oct 2022 08:38:23 GMT
last-modified: Fri, 01 Jul 2022 12:11:16 GMT
vary: Accept-Encoding
etag: W/"62bee464-1704"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: gzip
cache: HIT
x-cached-since: 2022-09-22T18:23:00+00:00
x-id: sto5-up-gc10
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2447
Md5:    35a6527a525906870dc0368a0a45b352
Sha1:   46abbe73604bcebcb61e643b4eb81ffd9828b17c
Sha256: 5b981dbced691785495a8e32bfa6d2a4efc4f5d360fe2108c008cce54d259c89
                                        
                                            GET /c.gif HTTP/1.1 
Host: c.clarity.ms
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         20.234.93.27
HTTP/2 302 Found
                                        
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=78AE7EBF3E5D4A869CA776C9BE9CDD96&RedC=c.clarity.ms&MXFR=0B15A37EDDA664991407B138D9A66AC5
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure; MUID=0B15A37EDDA664991407B138D9A66AC5; domain=.clarity.ms; expires=Fri, 17-Nov-2023 08:38:23 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Sun, 23 Oct 2022 08:38:22 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /c.gif?CtsSyncId=78AE7EBF3E5D4A869CA776C9BE9CDD96&RedC=c.clarity.ms&MXFR=0B15A37EDDA664991407B138D9A66AC5 HTTP/1.1 
Host: c.bing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://join.worldoftanks.eu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         13.107.21.200
HTTP/2 302 Found
                                        
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=78AE7EBF3E5D4A869CA776C9BE9CDD96&MUID=2BAEECF047A366941770FEB646566796
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=2BAEECF047A366941770FEB646566796; domain=c.bing.com; expires=Fri, 17-Nov-2023 08:38:23 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 201CC2663EF54AFEB9327C66A164FE4B Ref B: OSL30EDGE0515 Ref C: 2022-10-23T08:38:23Z
date: Sun, 23 Oct 2022 08:38:23 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /c.gif?CtsSyncId=78AE7EBF3E5D4A869CA776C9BE9CDD96&MUID=2BAEECF047A366941770FEB646566796 HTTP/1.1 
Host: c.clarity.ms
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://join.worldoftanks.eu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         20.234.93.27
HTTP/2 200 OK
content-type: image/gif
                                        
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ranges: bytes
etag: "40db785d3fdfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Sun, 23-Oct-2022 08:48:23 GMT; path=/; SameSite=None; Secure;
date: Sun, 23 Oct 2022 08:38:22 GMT
content-length: 42
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    32023bb33cfb2a1990a4ef2d85b6ac16
Sha1:   23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
Sha256: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
                                        
                                            GET /eus2/s/0.6.43/clarity.js HTTP/1.1 
Host: www.clarity.ms
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         13.107.246.53
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
                                        
cache-control: public,max-age=86400
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8e493fccc944c"
vary: Accept-Encoding
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-cache: CONFIG_NOCACHE
x-azure-ref: 0fv1UYwAAAACxiRRJyWEFRYiJKF0bhfViU1ZHMjBFREdFMDYxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sun, 23 Oct 2022 08:38:21 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (55029)
Size:   23642
Md5:    1f1b177be16cbbfa004e309993605c2c
Sha1:   9c534d105ef01cd076fae1da85a76b2dcedd368b
Sha256: d6c2571ec81a26089e780320513e61f016dfecdd283ba8d54ec31cdbfde21705
                                        
                                            GET /quant.js HTTP/1.1 
Host: secure.quantserve.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         91.228.74.200
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 23 Oct 2022 08:38:22 GMT
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "cbFpuah7ilcpMTJLYeCgng=="
expires: Sun, 30 Oct 2022 08:38:22 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /1600946604/dist/landing/videoback/riddler.js HTTP/1.1 
Host: lms-static.wgcdn.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         92.223.84.84
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 23 Oct 2022 08:38:23 GMT
last-modified: Fri, 01 Jul 2022 12:11:16 GMT
vary: Accept-Encoding
etag: W/"62bee464-4391"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: gzip
cache: HIT
x-cached-since: 2022-09-22T18:23:00+00:00
x-id: sto5-up-gc10
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Noto+Sans+KR:400,700|Roboto+Condensed:400,700&display=swap&subset=cyrillic,greek,vietnamese HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 23 Oct 2022 08:38:20 GMT
date: Sun, 23 Oct 2022 08:38:20 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /1600946604/dist/landing/videoback/vendors~app.97349e52.js HTTP/1.1 
Host: lms-static.wgcdn.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         92.223.84.84
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 23 Oct 2022 08:38:20 GMT
last-modified: Fri, 01 Jul 2022 12:11:16 GMT
vary: Accept-Encoding
etag: W/"62bee464-2e3df"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: gzip
cache: HIT
x-cached-since: 2022-10-01T16:57:50+00:00
x-id: sto5-up-gc10
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /1600946604/dist/landing/videoback/app.e97d588e.js HTTP/1.1 
Host: lms-static.wgcdn.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         92.223.84.84
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 23 Oct 2022 08:38:20 GMT
last-modified: Fri, 01 Jul 2022 12:11:16 GMT
vary: Accept-Encoding
etag: W/"62bee464-14229"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: gzip
cache: HIT
x-cached-since: 2022-09-20T10:52:19+00:00
x-id: sto5-up-gc10
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /1600946604/dist/landing/videoback/app.9ad664eb.css HTTP/1.1 
Host: lms-static.wgcdn.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         92.223.84.84
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sun, 23 Oct 2022 08:38:20 GMT
last-modified: Fri, 01 Jul 2022 12:11:16 GMT
vary: Accept-Encoding
etag: W/"62bee464-15b6f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: gzip
cache: HIT
x-cached-since: 2022-10-01T16:57:50+00:00
x-id: sto5-up-gc10
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /collector/is_enabled?pids=22df7ed7-ab83-4fcd-b6a0-e8494aed20d8&tld=eu HTTP/1.1 
Host: tr.snapchat.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://join.worldoftanks.eu/
Origin: https://join.worldoftanks.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search