urlquery - report: 4.us.findthewind.xyz/feed/?link=true&tid=4&subid=4.us&ref=redir.findthewind.xyz&s1=6354fd691ad2662b345359ed

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
www.redditstatic.com (1)	1440	2012-06-30 12:33:28 UTC	2022-10-23 04:44:52 UTC	151.101.85.140
fonts.googleapis.com (1)	8877	2013-06-10 20:14:26 UTC	2022-10-23 04:13:36 UTC	142.250.74.10
firefox.settings.services.mozilla.com (2)	867	2020-05-27 20:08:30 UTC	2022-10-23 01:34:59 UTC	143.204.55.35
redir.findthewind.xyz (1)	0	2022-08-11 09:16:56 UTC	2022-10-23 05:00:21 UTC	198.211.113.186	Unknown ranking
img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-10-22 04:43:01 UTC	34.120.237.76
go.redanemone.xyz (1)	72592	2020-01-16 10:48:25 UTC	2022-10-23 06:47:02 UTC	198.134.116.30
go.money616.xyz (1)	0	2022-07-29 05:26:08 UTC	2022-10-22 19:28:04 UTC	52.59.165.42	Unknown ranking
bat.bing.com (3)	387	2014-04-08 09:23:16 UTC	2022-10-22 05:39:34 UTC	13.107.21.200
leche.labtrffc.com (1)	0	2021-02-18 14:08:36 UTC	2022-10-22 19:28:27 UTC	51.83.143.92	Domain (labtrffc.com) ranked at: 87846
bilqi-omv.com (2)	0	2022-10-17 13:55:17 UTC	2022-10-23 04:46:17 UTC	35.174.150.83	Unknown ranking
rdr.wargaming.net (1)	88763	2018-04-19 16:16:11 UTC	2022-10-22 19:06:29 UTC	92.223.23.230
sp.analytics.yahoo.com (2)	816	2014-01-31 20:48:24 UTC	2022-10-23 04:47:27 UTC	98.137.155.8
c.bing.com (1)	247	2012-05-22 10:26:32 UTC	2022-10-23 05:58:18 UTC	13.107.21.200
lms-static.wgcdn.co (14)	181442	2019-12-18 07:43:14 UTC	2022-10-22 17:44:09 UTC	92.223.84.84
connect.facebook.net (1)	139	2012-05-22 02:51:28 UTC	2022-10-23 04:47:12 UTC	31.13.72.12
www.google.com (1)	7	2016-08-04 12:36:31 UTC	2022-10-23 01:00:06 UTC	142.250.74.164
pixel.quantserve.com (1)	417	2018-04-06 01:24:19 UTC	2022-10-23 04:47:14 UTC	91.228.74.200
region1.analytics.google.com (1)	0	2022-03-17 11:26:33 UTC	2022-10-23 06:04:14 UTC	216.239.32.36	Domain (google.com) ranked at: 1
c.clarity.ms (2)	803	2021-02-03 23:22:47 UTC	2022-10-23 06:01:05 UTC	20.234.93.27
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-10-23 05:08:18 UTC	34.160.144.191
push.services.mozilla.com (1)	2140	2015-09-03 10:29:36 UTC	2022-10-23 04:44:25 UTC	52.39.57.61
ocsp.pki.goog (18)	175	2017-06-14 07:23:31 UTC	2022-10-23 04:14:13 UTC	142.250.74.35
www.googletagmanager.com (1)	75	2012-12-25 14:52:06 UTC	2022-10-22 13:22:05 UTC	142.250.74.168
cdn2wotcom.gcdn.co (1)	292377	2016-10-21 21:20:45 UTC	2022-10-22 17:44:09 UTC	92.223.84.84
stats.g.doubleclick.net (2)	96	2013-06-10 20:21:11 UTC	2022-10-23 04:44:13 UTC	173.194.222.157
adservice.google.no (1)	96969	2017-09-26 14:23:08 UTC	2022-10-23 04:13:35 UTC	142.250.74.34
secure.quantserve.com (1)	973	2018-05-21 20:36:17 UTC	2022-10-22 05:20:15 UTC	91.228.74.200
join.worldoftanks.eu (1)	241001	2019-12-18 07:43:13 UTC	2022-10-22 17:41:34 UTC	92.223.51.163
fonts.gstatic.com (4)	0	2014-09-09 00:40:21 UTC	2022-10-23 04:13:30 UTC	216.58.207.195	Domain (gstatic.com) ranked at: 540
sc-static.net (1)	1183	2022-01-24 20:13:30 UTC	2022-10-22 19:38:35 UTC	54.230.82.240
tenor.wargaming.net (3)	102366	2018-10-16 09:06:38 UTC	2022-10-22 19:14:04 UTC	92.223.21.16
www.google.no (1)	25607	2016-04-05 19:50:59 UTC	2022-10-22 23:17:58 UTC	142.250.74.35
www.clarity.ms (2)	1404	2018-08-22 07:41:57 UTC	2022-10-23 06:01:04 UTC	13.107.246.53
www.google-analytics.com (1)	40	2012-10-03 01:04:21 UTC	2022-10-23 05:38:43 UTC	142.250.74.174
googleads.g.doubleclick.net (1)	42	2021-02-20 15:43:32 UTC	2022-10-23 02:52:33 UTC	216.58.207.226
s2.adform.net (1)	4693	2013-04-18 11:49:52 UTC	2022-10-23 03:59:20 UTC	37.157.2.247
a1.adform.net (2)	10707	2012-10-27 23:25:52 UTC	2022-10-23 06:55:22 UTC	37.157.6.248
ad.doubleclick.net (1)	186	2013-05-06 20:24:43 UTC	2022-10-22 23:22:45 UTC	142.250.74.102
alb.reddit.com (1)	1521	2017-06-15 05:33:56 UTC	2022-10-23 04:44:52 UTC	151.101.85.140
r3.o.lencr.org (12)	344	2020-12-02 08:52:13 UTC	2022-10-22 04:42:34 UTC	23.36.77.32
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-10-23 04:44:24 UTC	34.117.237.239
ocsp.digicert.com (15)	86	2012-05-21 07:02:23 UTC	2022-10-23 01:04:53 UTC	93.184.220.29
pdxx-7fmavzpxk2xlm-4-2.lowsea.fun (1)	0	2022-08-21 08:58:43 UTC	2022-10-23 06:46:39 UTC	5.161.78.177	Unknown ranking
cola.trffclb.com (1)	0	2022-09-30 11:19:40 UTC	2022-10-23 02:11:26 UTC	51.83.143.92	Unknown ranking
adspredictiv.com (2)	160243	2015-04-30 21:27:53 UTC	2022-10-22 19:28:12 UTC	35.190.38.40
4.us.findthewind.xyz (1)	0	2022-08-03 12:57:45 UTC	2022-10-23 06:46:56 UTC	23.235.251.114	Unknown ranking
ocsp.sectigo.com (2)	487	2018-12-17 11:31:55 UTC	2022-10-23 02:36:45 UTC	104.18.32.68
s.yimg.com (2)	375	2012-05-20 22:45:00 UTC	2022-10-22 15:12:42 UTC	87.248.119.252
tr.snapchat.com (4)	978	2017-04-26 06:25:03 UTC	2022-10-23 04:30:23 UTC	35.190.43.134
adservice.google.com (1)	76	2021-02-20 16:10:48 UTC	2022-10-23 04:22:19 UTC	142.250.74.130

Scan Date	Severity	Indicator	Comment
2022-10-23	2	trffclb.com	Sinkholed

Date	UQ / IDS / BL	URL	IP
2023-02-05 11:22:44 +0000	0 - 0 - 2	4.us.silverwinds.xyz/feed/?link=true&tid=4&su (...)	23.235.251.114
2023-02-03 20:22:48 +0000	0 - 0 - 2	8.us.tealwinds.xyz/feed/?link=true&tid=8&subi (...)	23.235.251.114
2023-01-29 16:07:50 +0000	0 - 2 - 2	66.us.tealwinds.xyz/feed/?link=true&tid=66&su (...)	23.235.251.114
2023-01-25 06:47:03 +0000	0 - 0 - 1	21.us.tealwinds.xyz/feed/?link=true&tid=21&su (...)	23.235.251.114
2023-01-19 15:47:03 +0000	0 - 0 - 2	60.us.tealwinds.xyz/feed/?link=true&tid=60&su (...)	23.235.251.114

Date	UQ / IDS / BL	URL	IP
2023-02-05 11:22:44 +0000	0 - 0 - 2	4.us.silverwinds.xyz/feed/?link=true&tid=4&su (...)	23.235.251.114
2023-02-03 20:22:48 +0000	0 - 0 - 2	8.us.tealwinds.xyz/feed/?link=true&tid=8&subi (...)	23.235.251.114
2023-02-01 20:53:46 +0000	0 - 0 - 22	www.montereycountyclinicservices.org/	131.153.100.222
2023-01-31 07:05:58 +0000	0 - 0 - 4	www.afamag.com/	131.153.100.9
2023-01-29 16:07:50 +0000	0 - 2 - 2	66.us.tealwinds.xyz/feed/?link=true&tid=66&su (...)	23.235.251.114

Date	UQ / IDS / BL	URL	IP
2022-10-25 09:31:58 +0000	0 - 0 - 9	68.us.findthewind.xyz/feed/?link=true&tid=68& (...)	23.235.251.114
2022-10-24 06:48:06 +0000	0 - 0 - 7	4.us.findthewind.xyz/feed/?link=true&tid=4&su (...)	23.235.251.114
2022-10-24 00:22:55 +0000	0 - 0 - 4	4.us.findthewind.xyz/feed/?link=true&tid=4&su (...)	23.235.251.114
2022-10-23 08:38:27 +0000	0 - 0 - 1	4.us.findthewind.xyz/feed/?link=true&tid=4&su (...)	23.235.251.114
2022-10-22 19:28:14 +0000	0 - 0 - 5	4.us.findthewind.xyz/feed/?link=true&tid=4&su (...)	23.235.251.114

Date	UQ / IDS / BL	URL	IP
2023-01-26 16:54:57 +0000	0 - 1 - 0	f21c1049e.srtrak.com/promo-tools/direct-offer (...)	91.132.60.212

Request	Response
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.35 HASH: 33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0 143.204.55.35 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff Cache-Control: max-age=3600 Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Sun, 23 Oct 2022 07:52:50 GMT Expires: Sun, 23 Oct 2022 08:07:04 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: 8XWJHAxWEGzA3hmASWjADRqBSfB_mLWwc3f2GuKDjp_JuShKW2aKHw== Age: 2725 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: c9df6b36bf16969ac566c1b798362e4a Sha1: e56eff34815153ae019a4bf63eb9746dd9ae2e5b Sha256: 33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 310c633350812c064e159275b6dbbdba6d6a5991a54ccfcc23459320c6513572 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "310C633350812C064E159275B6DBBDBA6D6A5991A54CCFCC23459320C6513572" Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15406 Expires: Sun, 23 Oct 2022 12:55:01 GMT Date: Sun, 23 Oct 2022 08:38:15 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 73c4166ca864f777db2cc1cd8658a7c2 Sha1: c56b66b0b7c8516d4d5bfafe0c166711c78f3d25 Sha256: 310c633350812c064e159275b6dbbdba6d6a5991a54ccfcc23459320c6513572
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 82d9ee4948fce839f7edb1f8490c4213cded3912464a4169b0bf6a61278694bd 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "82D9EE4948FCE839F7EDB1F8490C4213CDED3912464A4169B0BF6A61278694BD" Last-Modified: Sat, 22 Oct 2022 14:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15517 Expires: Sun, 23 Oct 2022 12:56:52 GMT Date: Sun, 23 Oct 2022 08:38:15 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ae56efd62a0d9249d98573172eb8b28b Sha1: 5ff4e9959be677ad76c26ca73f9ef4feb9fa2f28 Sha256: 82d9ee4948fce839f7edb1f8490c4213cded3912464a4169b0bf6a61278694bd
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: uB+p2WBlH5SRN/24aI2PUSQ16VQooXgnpZTtidg2ucbUSrIckcrbzmtupe/K2ZhbS1Yup0KRrTE= x-amz-request-id: 9QFKK0BNK8HR6C1J content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sun, 23 Oct 2022 08:08:01 GMT age: 1815 last-modified: Fri, 30 Sep 2022 18:50:55 GMT etag: "67d5a988edcda47bc3b3b3f65d32b4b6" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 67d5a988edcda47bc3b3b3f65d32b4b6 Sha1: d4f0e0da8b3690cc7da925026d3414b68c7d954f Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /feed/?link=true&tid=4&subid=4.us&ref=redir.findthewind.xyz&s1=6354fd691ad2662b345359ed HTTP/1.1 Host: 4.us.findthewind.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: 4.us.findthewind.xyz/feed/?link=true&tid=4&subid=4.us&r (...) FQDN: 4.us.findthewind.xyz IP: 23.235.251.114 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 23.235.251.114 HTTP/1.1 301 Moved Permanently Cache-Control: no-cache Location: https://redir.findthewind.xyz/click/invalid/?tid=4&subid=4&s1=6354fd691ad2662b345359ed Date: Sun, 23 Oct 2022 08:38:15 GMT Connection: keep-alive Keep-Alive: timeout=5 Transfer-Encoding: chunked --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Sun, 23 Oct 2022 08:38:16 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: d260d3845f09117750e10860046e5a16558af88d4f6be04ae0c7bb3a5cbc3227 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D260D3845F09117750E10860046E5A16558AF88D4F6BE04AE0C7BB3A5CBC3227" Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5638 Expires: Sun, 23 Oct 2022 10:12:14 GMT Date: Sun, 23 Oct 2022 08:38:16 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 09715e59355c6bc58cdb948a5b8f0f6e Sha1: d18d83438b98c55b5776ad24fc3da3841fbb4cdf Sha256: d260d3845f09117750e10860046e5a16558af88d4f6be04ae0c7bb3a5cbc3227
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.35 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 143.204.55.35 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Date: Sun, 23 Oct 2022 07:43:40 GMT Cache-Control: max-age=3600 Expires: Sun, 23 Oct 2022 08:24:41 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: SZ19l6ICBIQcHxoFvdxN1bOe8XEO-4K-I3UU86RsLR_RKj-koc9JAQ== Age: 3276 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /click/invalid/?tid=4&subid=4&s1=6354fd691ad2662b345359ed HTTP/1.1 Host: redir.findthewind.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: redir.findthewind.xyz/click/invalid/?tid=4&subid=4&s1=6 (...) FQDN: redir.findthewind.xyz IP: 198.211.113.186 HASH: 96c1f5b72cb60e7e91cd1d2d542c492e3148b180736ed3fcb36d45a84f454525 198.211.113.186 HTTP/1.1 302 Found Content-Type: text/html; charset=utf-8 X-Powered-By: Express Surrogate-Control: no-store Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate Pragma: no-cache Expires: 0 Location: https://leche.labtrffc.com/p.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240?s=nxs-4 Vary: Accept Content-Length: 230 Date: Sun, 23 Oct 2022 08:38:16 GMT Connection: keep-alive Keep-Alive: timeout=5 --- Additional Info --- Magic: HTML document, ASCII text, with no line terminators Size: 230 Md5: 7ef6d31c814979bd842f5e6f09cfb7bd Sha1: 4f9fa32f92cbc28d74e40dad8f216379df418ce6 Sha256: 96c1f5b72cb60e7e91cd1d2d542c492e3148b180736ed3fcb36d45a84f454525
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 61a9c5b0ebb800dd2b380752829afd8ec5dc95e8ea0ceeb445892e5b08c91d7b 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "61A9C5B0EBB800DD2B380752829AFD8EC5DC95E8EA0CEEB445892E5B08C91D7B" Last-Modified: Sat, 22 Oct 2022 23:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6994 Expires: Sun, 23 Oct 2022 10:34:50 GMT Date: Sun, 23 Oct 2022 08:38:16 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 0eef9ecfc5fd26948b051fdf29ecc862 Sha1: eb731318d35edf55c1ad4e5bd12380864fffc71c Sha256: 61a9c5b0ebb800dd2b380752829afd8ec5dc95e8ea0ceeb445892e5b08c91d7b
GET /p.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240?s=nxs-4 HTTP/1.1 Host: leche.labtrffc.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: leche.labtrffc.com/p.php?p=c:9qopki6xwqp07eckv&d=603611 (...) FQDN: leche.labtrffc.com IP: 51.83.143.92 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 51.83.143.92 HTTP/1.1 302 Found Content-Type: text/html; charset=UTF-8 Server: nginx Date: Sun, 23 Oct 2022 08:38:16 GMT Content-Length: 0 Connection: keep-alive Round: Raund: Location: https://pdxx-7fmavzpxk2xlm-4-2.lowsea.fun/emw/v1/dt?sid=888b&k=bfb&url=&xrw=&lid=6354fd7866c3781b5b743ef1&fid=888 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 83e0fb564f86df4300e8fc4b5baaf0ed13102c384922d388e02620fb3363a842 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4977 Cache-Control: max-age=89486 Date: Sun, 23 Oct 2022 08:38:16 GMT Etag: "6353a495-1d7" Expires: Mon, 24 Oct 2022 09:29:42 GMT Last-Modified: Sat, 22 Oct 2022 08:06:45 GMT Server: ECS (ska/F70B) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: fecd12689ba4c6aa556814b7fac0d344 Sha1: a3005f6333ce5201a73e2857c764a1b0091a91d5 Sha256: 83e0fb564f86df4300e8fc4b5baaf0ed13102c384922d388e02620fb3363a842
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 78a2aac75f89eff3a845c58ce19360b72f642c65566b1726b34ea11316f94d94 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "78A2AAC75F89EFF3A845C58CE19360B72F642C65566B1726B34EA11316F94D94" Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4406 Expires: Sun, 23 Oct 2022 09:51:42 GMT Date: Sun, 23 Oct 2022 08:38:16 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 3c45356d9dd692ff7963d0de8a3e71f7 Sha1: c3aa5157e23881cac6660e205540ee16b27b0380 Sha256: 78a2aac75f89eff3a845c58ce19360b72f642c65566b1726b34ea11316f94d94
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 2iv1aumyoeqHUiEM5DlC/w== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 52.39.57.61 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 52.39.57.61 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: IDOBdaTO+KH3HUULoHf0f/ZTz24= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /emw/v1/dt?sid=888b&k=bfb&url=&xrw=&lid=6354fd7866c3781b5b743ef1&fid=888 HTTP/1.1 Host: pdxx-7fmavzpxk2xlm-4-2.lowsea.fun User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: pdxx-7fmavzpxk2xlm-4-2.lowsea.fun/emw/v1/dt?sid=888b&k= (...) FQDN: pdxx-7fmavzpxk2xlm-4-2.lowsea.fun IP: 5.161.78.177 HASH: 8f03491247cbfa8a2e60e0f7ec62d63b5070659f60383a1c81abeb2b20221be3 5.161.78.177 HTTP/2 307 Temporary Redirect content-type: text/html date: Sun, 23 Oct 2022 08:38:17 GMT content-length: 164 location: https://cola.trffclb.com/a.php?p=c:xecd97ulmxry7e481&d=62ff4322ec41a549b07c0d74&pid=6354fd7866c3781b5b743ef1&source=888b set-cookie: emwxcid_4_1=UEzE5B2JI2wM9gFr8FAK9ZMg2V5m8NWb9W2pKl2zFpEuq6krEJ; expires=Mon, Oct 23 2023 08:38:17 GMT; Max-Age=31536000; path=/; domain=lowsea.fun; SameSite=Lax X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 164 Md5: 813f9846b49c0ada805648edf1b2fdbd Sha1: caa24890460f73e6a72bb49426351e67e83b053d Sha256: 8f03491247cbfa8a2e60e0f7ec62d63b5070659f60383a1c81abeb2b20221be3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 61a9c5b0ebb800dd2b380752829afd8ec5dc95e8ea0ceeb445892e5b08c91d7b 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "61A9C5B0EBB800DD2B380752829AFD8EC5DC95E8EA0CEEB445892E5B08C91D7B" Last-Modified: Sat, 22 Oct 2022 23:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6993 Expires: Sun, 23 Oct 2022 10:34:50 GMT Date: Sun, 23 Oct 2022 08:38:17 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 0eef9ecfc5fd26948b051fdf29ecc862 Sha1: eb731318d35edf55c1ad4e5bd12380864fffc71c Sha256: 61a9c5b0ebb800dd2b380752829afd8ec5dc95e8ea0ceeb445892e5b08c91d7b
GET /a.php?p=c:xecd97ulmxry7e481&d=62ff4322ec41a549b07c0d74&pid=6354fd7866c3781b5b743ef1&source=888b HTTP/1.1 Host: cola.trffclb.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: cola.trffclb.com/a.php?p=c:xecd97ulmxry7e481&d=62ff4322 (...) FQDN: cola.trffclb.com IP: 51.83.143.92 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 51.83.143.92 HTTP/1.1 302 Found Content-Type: text/html; charset=UTF-8 Server: nginx Date: Sun, 23 Oct 2022 08:38:17 GMT Content-Length: 0 Connection: keep-alive Round: 12n1frmxnl Raund: 2h2 Location: https://go.redanemone.xyz/redirect?feed=465513&url=cola.trffclb.com&subid=custom_12c7dmujng.no.linux.firefox&pub_clickid=6354fd79fc80cf054b6c1047 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 2a18dbef5fd383e3d954067df8989e702a289f5283560803a9cd16436efc1a09 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "2A18DBEF5FD383E3D954067DF8989E702A289F5283560803A9CD16436EFC1A09" Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16777 Expires: Sun, 23 Oct 2022 13:17:54 GMT Date: Sun, 23 Oct 2022 08:38:17 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c13e069270e8b0ed16d51faa7fd95a9d Sha1: 26038333ad32f2cee00e835149f6dacb05b15df6 Sha256: 2a18dbef5fd383e3d954067df8989e702a289f5283560803a9cd16436efc1a09
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1" Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16155 Expires: Sun, 23 Oct 2022 13:07:33 GMT Date: Sun, 23 Oct 2022 08:38:18 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: f1b833a135e4d839859e4994f349bb6c Sha1: 399b607015c4d9200df20084c7396591007dc995 Sha256: 28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1" Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16155 Expires: Sun, 23 Oct 2022 13:07:33 GMT Date: Sun, 23 Oct 2022 08:38:18 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: f1b833a135e4d839859e4994f349bb6c Sha1: 399b607015c4d9200df20084c7396591007dc995 Sha256: 28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1" Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16155 Expires: Sun, 23 Oct 2022 13:07:33 GMT Date: Sun, 23 Oct 2022 08:38:18 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: f1b833a135e4d839859e4994f349bb6c Sha1: 399b607015c4d9200df20084c7396591007dc995 Sha256: 28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1" Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16155 Expires: Sun, 23 Oct 2022 13:07:33 GMT Date: Sun, 23 Oct 2022 08:38:18 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: f1b833a135e4d839859e4994f349bb6c Sha1: 399b607015c4d9200df20084c7396591007dc995 Sha256: 28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffec9f432-15c2-48a5-a72c-411765b4b8bc.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 77c606ec418fdcf921011e7791c702a96ccb5ed9157988da3c7d9f2c460c2bbf 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10309 x-amzn-requestid: 440e8c86-be5e-47c5-8c91-a6b093b7077c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZkTaoHWCIAMFwsg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-633e65dd-7a06ea100494b8db4b76c4ec;Sampled=0 x-amzn-remapped-date: Thu, 06 Oct 2022 05:21:33 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: MBUhf5kPAItEZUj03TKeekl9YXcbeh1KeoYnI4rb_v9eBptmVoEgAA== via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google date: Sat, 22 Oct 2022 22:03:35 GMT age: 38083 etag: "a3e88fdb581161ee4a77a2e871b5dbf6438740ff" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10309 Md5: d7d9a7abaf87962b855521efa710812f Sha1: a3e88fdb581161ee4a77a2e871b5dbf6438740ff Sha256: 77c606ec418fdcf921011e7791c702a96ccb5ed9157988da3c7d9f2c460c2bbf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F412682e9-14c9-40e4-bfec-f73f656f5e10.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: d664702a83cac4eaee1710fd03ca41e35d62ae699224490367e605b529e45566 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5348 x-amzn-requestid: d44ded7c-15b6-4c30-a810-4af1edbb9bc3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: aPYYZEnboAMFcMw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-634fa102-6bdd3c1a2fa437b106f8ea79;Sampled=0 x-amzn-remapped-date: Wed, 19 Oct 2022 07:02:26 GMT x-amz-cf-pop: SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: dx2yJ8T_lM1OMR3h0DUtiV359392U2UyReU6hi4tOxxbvFR0iZ_kAg== via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google date: Sat, 22 Oct 2022 22:01:40 GMT age: 38198 etag: "4b5e283e4397985f837ab28d94c167ddfdb26c7c" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5348 Md5: 37143b9d51a289f11607b6b0f9ba534a Sha1: 4b5e283e4397985f837ab28d94c167ddfdb26c7c Sha256: d664702a83cac4eaee1710fd03ca41e35d62ae699224490367e605b529e45566
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeb090f5-d3fb-4dcf-bfb4-7490dee6c833.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: e9bf601eb67aa9778b326e7568f990352d9bfa574da283e879e62e9a2dddb2fa 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6821 x-amzn-requestid: 05d1de38-a072-4392-b1c6-a07f7d67fbf0 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: aMGWZGH-IAMFVzg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-634e50f5-3868ae460a52caa178d8ff2f;Sampled=0 x-amzn-remapped-date: Tue, 18 Oct 2022 07:08:37 GMT x-amz-cf-pop: SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: Q0jfZigs37oi_sofHLQimt37uujfVdoqz2kLm26FgF5i1ziagz3noQ== via: 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google date: Sat, 22 Oct 2022 21:09:09 GMT age: 41349 etag: "6c453568c39d65380ebcf7151b5383994b864abe" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6821 Md5: ebab98ee9ab567348e2c31cccdbc62c2 Sha1: 6c453568c39d65380ebcf7151b5383994b864abe Sha256: e9bf601eb67aa9778b326e7568f990352d9bfa574da283e879e62e9a2dddb2fa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0856e94c-65e7-489a-95b5-cc37407bf90f.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 607a81c5d0210faaa103d09fba1e0b9dde333c5142969272b0b5351a779acfa4 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 12031 x-amzn-requestid: 38ca5b87-35e4-46d5-aa1a-15433660ab86 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: aZGifEXzIAMFdHw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63538476-6c2e5d980616d50c0ef8698a;Sampled=0 x-amzn-remapped-date: Sat, 22 Oct 2022 05:49:42 GMT x-amz-cf-pop: SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: DpE5uiagdaNLvVqbkou7bVNaLYPZ9vhYawucSE36lWIp65bga3gN2w== via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google date: Sun, 23 Oct 2022 08:04:17 GMT age: 2041 etag: "50d9f1642c3c47504fb2d4086a40ae8fb9479b50" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12031 Md5: 208445a6f07a7259b8a420c062a81998 Sha1: 50d9f1642c3c47504fb2d4086a40ae8fb9479b50 Sha256: 607a81c5d0210faaa103d09fba1e0b9dde333c5142969272b0b5351a779acfa4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e25b9a-b0d2-47fc-824e-f7441e1bdd01.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: c8d2f6fabb976cc65c2029b102fee589b639c0f18110f1c2502733903da73d0e 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 3518 x-amzn-requestid: 8b13ebbd-b086-4007-a17d-d8ab307e2575 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: aFhSdGtEoAMFajw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-634baf42-0ca66cd74f79dbfa54f3613b;Sampled=0 x-amzn-remapped-date: Sun, 16 Oct 2022 07:14:10 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: xW8lD02LEzgVvUNKqXck7eMr2CXbt_xdVzN4H1M7qj4qQJpvXLFy5Q== via: 1.1 1949caaabae48a894fcd770a3e1384f6.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google date: Sat, 22 Oct 2022 21:48:55 GMT age: 38963 etag: "454136ba1c69e33ae3ba4fcfe4963bd492991e07" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 3518 Md5: 85de0c3844ed8f109992d7c37cc5db1b Sha1: 454136ba1c69e33ae3ba4fcfe4963bd492991e07 Sha256: c8d2f6fabb976cc65c2029b102fee589b639c0f18110f1c2502733903da73d0e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd19113d-c1df-4109-b7c9-1d4ed544d9d8.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 29408c0bd34660a836f59a7abb61c7c2b1f864b31194787ddf4d178314184b96 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8639 x-amzn-requestid: e598ff88-e152-4b9e-af16-aa30dcf452a8 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: aX-m5HlMoAMFvjQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6353115f-7f17a59522afc40e64ac216d;Sampled=0 x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:39 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: b760bBSu62p--j9lUv-AHR8xZKOPskf1LmXb-lJ_DSiM8k_usKOmwA== via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google date: Sat, 22 Oct 2022 22:01:36 GMT age: 38202 etag: "715f72710799f828e2c06932c33919d8f23844f5" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8639 Md5: 97e9c05ece38dedeaa752c612029c78d Sha1: 715f72710799f828e2c06932c33919d8f23844f5 Sha256: 29408c0bd34660a836f59a7abb61c7c2b1f864b31194787ddf4d178314184b96
GET /redirect?feed=465513&url=cola.trffclb.com&subid=custom_12c7dmujng.no.linux.firefox&pub_clickid=6354fd79fc80cf054b6c1047 HTTP/1.1 Host: go.redanemone.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: go.redanemone.xyz/redirect?feed=465513&url=cola.trffclb (...) FQDN: go.redanemone.xyz IP: 198.134.116.30 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 198.134.116.30 HTTP/1.1 302 Found Server: nginx Date: Sun, 23 Oct 2022 08:38:18 GMT Content-Length: 0 Connection: keep-alive Cache-Control: no-store Age: 0 Location: http://bilqi-omv.com/zcvisitor/0abb2f27-52ae-11ed-be52-12ff7df229bb/1091bff0-8a8a-11ec-80f2-0a0a528900a9?campaignid=06d8a3f0-48cd-11ed-a334-0a918cbcbb97 Pragma: no-cache --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zcvisitor/0abb2f27-52ae-11ed-be52-12ff7df229bb/1091bff0-8a8a-11ec-80f2-0a0a528900a9?campaignid=06d8a3f0-48cd-11ed-a334-0a918cbcbb97 HTTP/1.1 Host: bilqi-omv.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: bilqi-omv.com/zcvisitor/0abb2f27-52ae-11ed-be52-12ff7df (...) FQDN: bilqi-omv.com IP: 35.174.150.83 HASH: 9b225534997712b08ada7d5c6f0d0efc5d0ddcf95d9969b57b20205fea0948a2 35.174.150.83 HTTP/1.1 200 Content-Type: text/html;charset=UTF-8 Date: Sun, 23 Oct 2022 08:38:18 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: no-store, no-cache, pre-check=0, post-check=0 content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET,POST,OPTIONS Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag Server: ajCHvhjZ --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 996 Md5: 0048b4d3eff6c4a2888cef5896278d72 Sha1: b54aa54591ca910705e97d1139156018fb882b71 Sha256: 9b225534997712b08ada7d5c6f0d0efc5d0ddcf95d9969b57b20205fea0948a2
GET /zcredirect?visitid=0abb2f27-52ae-11ed-be52-12ff7df229bb&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false HTTP/1.1 Host: bilqi-omv.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://bilqi-omv.com/zcvisitor/0abb2f27-52ae-11ed-be52-12ff7df229bb/1091bff0-8a8a-11ec-80f2-0a0a528900a9?campaignid=06d8a3f0-48cd-11ed-a334-0a918cbcbb97 Upgrade-Insecure-Requests: 1	URL: bilqi-omv.com/zcredirect?visitid=0abb2f27-52ae-11ed-be5 (...) FQDN: bilqi-omv.com IP: 35.174.150.83 HASH: 2ddbf5140b3b0574c02d0467c8d7f6016b5087484afe6ec782b5ab92d2e37cb3 35.174.150.83 HTTP/1.1 200 Content-Type: text/html;charset=UTF-8 Date: Sun, 23 Oct 2022 08:38:18 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: no-store, no-cache, pre-check=0, post-check=0 content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET,POST,OPTIONS Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag redirected: JS Server: sGhSrhyY --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 324 Md5: 53cf6b93cca8591d237bccd71d373095 Sha1: 1cb06d0c29b4a81d075abffa5780590d2a33d365 Sha256: 2ddbf5140b3b0574c02d0467c8d7f6016b5087484afe6ec782b5ab92d2e37cb3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: d8a9b9361037f474c59ea60ddd5cdce5172a6c474d9205d347ac3ba2b2f4c71d 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D8A9B9361037F474C59EA60DDD5CDCE5172A6C474D9205D347AC3BA2B2F4C71D" Last-Modified: Fri, 21 Oct 2022 13:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8946 Expires: Sun, 23 Oct 2022 11:07:25 GMT Date: Sun, 23 Oct 2022 08:38:19 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6bec2efbacb4420b536dbb10dc1cc93e Sha1: b0bf72b4f3ca363e941a616d55b43534621c11e6 Sha256: d8a9b9361037f474c59ea60ddd5cdce5172a6c474d9205d347ac3ba2b2f4c71d
GET /s4?sub1=heliotrope-eel&sub2=echo-rid-1ozwpgpq2m HTTP/1.1 Host: go.money616.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://bilqi-omv.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: go.money616.xyz/s4?sub1=heliotrope-eel&sub2=echo-rid-1o (...) FQDN: go.money616.xyz IP: 52.59.165.42 HASH: 389b6540ae5516024100ed7954cfad2496b49c820ba0d6045f37e4c6082291a2 52.59.165.42 HTTP/1.1 200 OK content-type: text/html; charset=utf-8 connection: close x-content-type-options: nosniff x-powered-by: Short.io link shortener cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache content-length: 1552 Date: Sun, 23 Oct 2022 08:38:19 GMT --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (364) Size: 1552 Md5: b2acef9d1d7af32bef493240033e3598 Sha1: 45ce65673def40bb54ce762d9b3139ca5c19af09 Sha256: 389b6540ae5516024100ed7954cfad2496b49c820ba0d6045f37e4c6082291a2
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 104.18.32.68 HASH: 3edf03c09f18dfb6c8677c751e99f9ab6e26890c438338338dcfb218b8d7162a 104.18.32.68 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 23 Oct 2022 08:38:19 GMT Content-Length: 472 Connection: keep-alive Last-Modified: Sat, 22 Oct 2022 22:25:06 GMT Expires: Sat, 29 Oct 2022 22:25:05 GMT Etag: "cfacf43717b7f1d77314dae8390737274d913315" Cache-Control: max-age=567405,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb2 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 75e927e1bf12b512-OSL --- Additional Info --- Magic: data Size: 472 Md5: 4b4947263357a5cf383a519dcca40228 Sha1: cfacf43717b7f1d77314dae8390737274d913315 Sha256: 3edf03c09f18dfb6c8677c751e99f9ab6e26890c438338338dcfb218b8d7162a
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 104.18.32.68 HASH: 3edf03c09f18dfb6c8677c751e99f9ab6e26890c438338338dcfb218b8d7162a 104.18.32.68 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 23 Oct 2022 08:38:19 GMT Content-Length: 472 Connection: keep-alive Last-Modified: Sat, 22 Oct 2022 22:25:06 GMT Expires: Sat, 29 Oct 2022 22:25:05 GMT Etag: "cfacf43717b7f1d77314dae8390737274d913315" Cache-Control: max-age=567405,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb1 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 75e927e419dcb512-OSL --- Additional Info --- Magic: data Size: 472 Md5: 4b4947263357a5cf383a519dcca40228 Sha1: cfacf43717b7f1d77314dae8390737274d913315 Sha256: 3edf03c09f18dfb6c8677c751e99f9ab6e26890c438338338dcfb218b8d7162a
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 6c7c97b56f330b0d83d8396d0338f168eb78eb1c1000d06c246b07cd9aef766b 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6592 Cache-Control: max-age=93285 Date: Sun, 23 Oct 2022 08:38:19 GMT Etag: "6353ad20-1d7" Expires: Mon, 24 Oct 2022 10:33:04 GMT Last-Modified: Sat, 22 Oct 2022 08:43:12 GMT Server: ECS (ska/F70B) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 6f804641bcceec9ce007426a49d15975 Sha1: d41dd39ef11b315898f7f1ed8f110baadc41a15a Sha256: 6c7c97b56f330b0d83d8396d0338f168eb78eb1c1000d06c246b07cd9aef766b
GET /sfangt2l/?pub_id=6359262&xid=166651429910000TNOTV415326358024Vf9&xid_param1=6359262-2133874209-3759591136&xid_param2=277883820 HTTP/1.1 Host: rdr.wargaming.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: rdr.wargaming.net/sfangt2l/?pub_id=6359262&xid=16665142 (...) FQDN: rdr.wargaming.net IP: 92.223.23.230 HASH: c5f6c267ba4a2964fff5d304d4a1e79c371ce30d32eaf017b3bb40becccd58d2 92.223.23.230 HTTP/1.1 301 Moved Permanently Content-Type: text/plain; charset=utf-8 Server: nginx Date: Sun, 23 Oct 2022 08:38:19 GMT Content-Length: 22 Connection: keep-alive Location: https://join.worldoftanks.eu/1600946604/no/?pub_id=6359262&xid=166651429910000TNOTV415326358024Vf9&xid_param1=6359262-2133874209-3759591136&xid_param2=277883820&sid=SIDI9cvlEf5bPlaXd5VUvo5GqRgkInuihNA9RQ_7yrWPEQQW6frmTigpT8eWQN4-eu2XUzUjm-DPvb0sFXEUZGK5Yy5eOJ8A-sZpG3wj8Kp-GJciK9Abc9OUnEjBwMOlfQnXhiYvY01OXc&enctid=cnt60kdm7mds&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=1&teclient=1666514299990552217&utm_source=networks&utm_medium=affiliate&utm_campaign=sfangt2l&utm_content=6359262 Set-Cookie: STIDREFERRAL=SIDI9cvlEf5bPlaXd5VUvo5GqRgkInuihNA9RQ_7yrWPEQQW6frmTigpT8eWQN4-eu2XUzUjm-DPvb0sFXEUZGK5Yy5eOJ8A-sZpG3wj8Kp-GJciK9Abc9OUnEjBwMOlfQnXhiYvY01OXc; Domain=wargaming.net; Max-Age=2592000; Path=/; SameSite=None; Secure enctid=cnt60kdm7mds; Domain=wargaming.net; Max-Age=2592000; Path=/; SameSite=None; Secure teclient=1666514299990552217; Domain=wargaming.net; Max-Age=315360000; Path=/; SameSite=None; Secure Cache-Control: no-cache --- Additional Info --- Magic: ASCII text, with no line terminators Size: 22 Md5: 0e0bf67572311f8a23814419ff24ee9a Sha1: 78328dfc54708433cdfb3e7857e57f87ec443b08 Sha256: c5f6c267ba4a2964fff5d304d4a1e79c371ce30d32eaf017b3bb40becccd58d2
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 663e3b8be7d2220f78e321fb42449d80d361ddae47b40559a59579e8cead8034 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3386 Cache-Control: max-age=100833 Date: Sun, 23 Oct 2022 08:38:20 GMT Etag: "6353d723-1d7" Expires: Mon, 24 Oct 2022 12:38:53 GMT Last-Modified: Sat, 22 Oct 2022 11:42:27 GMT Server: ECS (ska/F70B) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: edccb62d4a0c76b2e42e2fbd6b8219be Sha1: 6f4bc89bda5c5ae3e5adca96f9b8b1bce8fb95d2 Sha256: 663e3b8be7d2220f78e321fb42449d80d361ddae47b40559a59579e8cead8034
GET /1600946604/no/?pub_id=6359262&xid=166651429910000TNOTV415326358024Vf9&xid_param1=6359262-2133874209-3759591136&xid_param2=277883820&sid=SIDI9cvlEf5bPlaXd5VUvo5GqRgkInuihNA9RQ_7yrWPEQQW6frmTigpT8eWQN4-eu2XUzUjm-DPvb0sFXEUZGK5Yy5eOJ8A-sZpG3wj8Kp-GJciK9Abc9OUnEjBwMOlfQnXhiYvY01OXc&enctid=cnt60kdm7mds&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=1&teclient=1666514299990552217&utm_source=networks&utm_medium=affiliate&utm_campaign=sfangt2l&utm_content=6359262 HTTP/1.1 Host: join.worldoftanks.eu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: join.worldoftanks.eu/1600946604/no/?pub_id=6359262&xid= (...) FQDN: join.worldoftanks.eu IP: 92.223.51.163 HASH: d70c54e44582c3c51947bd25e6644906d4acd66d0e09b59cc7d78ffad22b47d4 92.223.51.163 HTTP/1.1 200 OK Content-Type: text/html Server: nginx Date: Sun, 23 Oct 2022 08:38:20 GMT Last-Modified: Fri, 01 Jul 2022 12:11:24 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"62bee46c-10101" Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (51156) Size: 16133 Md5: 76d6249792ec3ed63f71341dce79d771 Sha1: f9bfaf0fbf9f93f8ca4587bb5844ee6f7036d0c8 Sha256: d70c54e44582c3c51947bd25e6644906d4acd66d0e09b59cc7d78ffad22b47d4
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: f933a7ff2c6ec9189ba29fdf09da9125ac59d9c03b4a14e14e9f1b5fa5322b1c 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 23 Oct 2022 08:38:20 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: ea20460028066b7fba2f10b51d883192 Sha1: a73b8263a4477aceeda349c7beff7050de9df38b Sha256: f933a7ff2c6ec9189ba29fdf09da9125ac59d9c03b4a14e14e9f1b5fa5322b1c
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 576b3bf619d0a152889cc44165a229ad0100ccc319cf4d9044b2f26d4b676658 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 23 Oct 2022 08:38:20 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 05ee461624e2ec37f65e859afe6543ba Sha1: b99dcb558535d3d35d140e730aeeb41587622b30 Sha256: 576b3bf619d0a152889cc44165a229ad0100ccc319cf4d9044b2f26d4b676658
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: dca521bce5873b86ee71c9dc427b18a275a28ee6f2da06a02dc38a343b2a55b9 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3713 Cache-Control: max-age=171062 Date: Sun, 23 Oct 2022 08:38:20 GMT Etag: "6354e831-1d7" Expires: Tue, 25 Oct 2022 08:09:22 GMT Last-Modified: Sun, 23 Oct 2022 07:07:29 GMT Server: ECS (ska/F708) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: c0aa31dd7e786d185b1499d9e8c44c28 Sha1: 2eb00fbd3903548f81ff5a551d23f8eaf0c89747 Sha256: dca521bce5873b86ee71c9dc427b18a275a28ee6f2da06a02dc38a343b2a55b9
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: dca521bce5873b86ee71c9dc427b18a275a28ee6f2da06a02dc38a343b2a55b9 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4003 Cache-Control: max-age=171352 Date: Sun, 23 Oct 2022 08:38:20 GMT Etag: "6354e831-1d7" Expires: Tue, 25 Oct 2022 08:14:12 GMT Last-Modified: Sun, 23 Oct 2022 07:07:29 GMT Server: ECS (ska/F713) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: c0aa31dd7e786d185b1499d9e8c44c28 Sha1: 2eb00fbd3903548f81ff5a551d23f8eaf0c89747 Sha256: dca521bce5873b86ee71c9dc427b18a275a28ee6f2da06a02dc38a343b2a55b9
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: c4c2b67e4db5c0f26e2d73ca6853c63d0cb8a542a79c417e180dc56cd2594187 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4792 Cache-Control: max-age=85742 Date: Sun, 23 Oct 2022 08:38:20 GMT Etag: "635396b2-1d7" Expires: Mon, 24 Oct 2022 08:27:22 GMT Last-Modified: Sat, 22 Oct 2022 07:07:30 GMT Server: ECS (ska/F709) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 3a41b43aec3777baa49530dcbd917494 Sha1: 820e411f8d835bfb7398ea2483a4f78b848c423a Sha256: c4c2b67e4db5c0f26e2d73ca6853c63d0cb8a542a79c417e180dc56cd2594187
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: c4c2b67e4db5c0f26e2d73ca6853c63d0cb8a542a79c417e180dc56cd2594187 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5104 Cache-Control: max-age=86054 Date: Sun, 23 Oct 2022 08:38:20 GMT Etag: "635396b2-1d7" Expires: Mon, 24 Oct 2022 08:32:34 GMT Last-Modified: Sat, 22 Oct 2022 07:07:30 GMT Server: ECS (amb/6B82) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 3a41b43aec3777baa49530dcbd917494 Sha1: 820e411f8d835bfb7398ea2483a4f78b848c423a Sha256: c4c2b67e4db5c0f26e2d73ca6853c63d0cb8a542a79c417e180dc56cd2594187
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: dca521bce5873b86ee71c9dc427b18a275a28ee6f2da06a02dc38a343b2a55b9 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3713 Cache-Control: max-age=171062 Date: Sun, 23 Oct 2022 08:38:20 GMT Etag: "6354e831-1d7" Expires: Tue, 25 Oct 2022 08:09:22 GMT Last-Modified: Sun, 23 Oct 2022 07:07:29 GMT Server: ECS (ska/F708) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: c0aa31dd7e786d185b1499d9e8c44c28 Sha1: 2eb00fbd3903548f81ff5a551d23f8eaf0c89747 Sha256: dca521bce5873b86ee71c9dc427b18a275a28ee6f2da06a02dc38a343b2a55b9
GET /videoback-ongoing-eu-wothq-1691/f649b2f12a074726bf8db29fe5633628_1639483774.png HTTP/1.1 Host: lms-static.wgcdn.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: lms-static.wgcdn.co/videoback-ongoing-eu-wothq-1691/f64 (...) FQDN: lms-static.wgcdn.co IP: 92.223.84.84 HASH: 5dd52ce85650d9cc13997187633c865d7284e628f3f28af2ce38896d8d7d3da0 92.223.84.84 HTTP/2 200 OK content-type: image/png server: nginx date: Sun, 23 Oct 2022 08:38:20 GMT content-length: 13892 last-modified: Tue, 14 Dec 2021 12:09:34 GMT etag: "61b8897e-3644" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: * cache: HIT x-cached-since: 2022-07-11T11:30:21+00:00 x-id: sto5-up-gc10 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 208x208, components 3\012- data Size: 13892 Md5: 87d3c37b826fc0c8237c8e716934f6b2 Sha1: 79632ce4b4f0f1cbe6a0ac9081dba9924b4d0cd0 Sha256: 5dd52ce85650d9cc13997187633c865d7284e628f3f28af2ce38896d8d7d3da0
GET /videoback-ongoing-eu-wothq-1691/9a3147f7202207fd86f303867669af7c_1600947283.png HTTP/1.1 Host: lms-static.wgcdn.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: lms-static.wgcdn.co/videoback-ongoing-eu-wothq-1691/9a3 (...) FQDN: lms-static.wgcdn.co IP: 92.223.84.84 HASH: 0eb8340c0b3fc3e36cd816cb9ce8e819b64b40ded2504741eb4662bb10eea015 92.223.84.84 HTTP/2 200 OK content-type: image/png server: nginx date: Sun, 23 Oct 2022 08:38:20 GMT content-length: 1572 last-modified: Thu, 24 Sep 2020 11:34:43 GMT etag: "5f6c8453-624" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: * cache: HIT x-cached-since: 2022-07-11T09:20:16+00:00 x-id: sto5-up-gc10 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 26 x 25, 8-bit/color RGBA, non-interlaced\012- data Size: 1572 Md5: 65952e9526844e297b5ed12b51af3073 Sha1: ab06c5be859a20aea602c95a592d366152f66fda Sha256: 0eb8340c0b3fc3e36cd816cb9ce8e819b64b40ded2504741eb4662bb10eea015
GET /videoback-ongoing-eu-wothq-1691/2aef0c94f5bc198cba6f45ee06d503a0_1639484015.png HTTP/1.1 Host: lms-static.wgcdn.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: lms-static.wgcdn.co/videoback-ongoing-eu-wothq-1691/2ae (...) FQDN: lms-static.wgcdn.co IP: 92.223.84.84 HASH: 07871f75a6f4007f7f7d9adf5382f953c1dce8407149662dd88617a1d8d4055a 92.223.84.84 HTTP/2 200 OK content-type: image/png server: nginx date: Sun, 23 Oct 2022 08:38:20 GMT content-length: 29062 last-modified: Tue, 14 Dec 2021 12:13:35 GMT etag: "61b88a6f-7186" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: * cache: HIT x-cached-since: 2022-07-11T09:20:16+00:00 x-id: sto5-up-gc10 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 1174 x 363, 8-bit/color RGBA, non-interlaced\012- data Size: 29062 Md5: 5ce0d2852121a1cd85a26c2426a40dae Sha1: 474a69d1816e7d29cea432b640e43e5acff39450 Sha256: 07871f75a6f4007f7f7d9adf5382f953c1dce8407149662dd88617a1d8d4055a
GET /videoback-ongoing-eu-wothq-1691/04b0ba212e17098cc7786c56bca5d832_1600946934.png HTTP/1.1 Host: lms-static.wgcdn.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: lms-static.wgcdn.co/videoback-ongoing-eu-wothq-1691/04b (...) FQDN: lms-static.wgcdn.co IP: 92.223.84.84 HASH: 3038bb7d8adebbe73e330bbea5739b04efe6b04d5a1d81db314bd29251813967 92.223.84.84 HTTP/2 200 OK content-type: image/png server: nginx date: Sun, 23 Oct 2022 08:38:20 GMT content-length: 6662 last-modified: Thu, 24 Sep 2020 11:28:54 GMT etag: "5f6c82f6-1a06" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: * cache: HIT x-cached-since: 2022-07-11T09:20:16+00:00 x-id: sto5-up-gc10 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 248 x 110, 8-bit colormap, non-interlaced\012- data Size: 6662 Md5: 91f01fe893320cb394fc52461a1b24a5 Sha1: f43616cd9e85af6a2a73a914a44085662d123807 Sha256: 3038bb7d8adebbe73e330bbea5739b04efe6b04d5a1d81db314bd29251813967
GET /videoback-ongoing-eu-wothq-1691/518e6d6bd45d6086554daa0295291ee1_1639483949.png HTTP/1.1 Host: lms-static.wgcdn.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: lms-static.wgcdn.co/videoback-ongoing-eu-wothq-1691/518 (...) FQDN: lms-static.wgcdn.co IP: 92.223.84.84 HASH: cd2a2481818213f1c1b4e065ead65f83ff50d25a5b63a4a8cf515614f3ad05cf 92.223.84.84 HTTP/2 200 OK content-type: image/png server: nginx date: Sun, 23 Oct 2022 08:38:20 GMT content-length: 2976 last-modified: Tue, 14 Dec 2021 12:12:29 GMT etag: "61b88a2d-ba0" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: * cache: HIT x-cached-since: 2022-07-11T11:30:21+00:00 x-id: sto5-up-gc10 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 123 x 150, 8-bit/color RGBA, non-interlaced\012- data Size: 2976 Md5: 5b1962befd8938b36c48ed62ca7c04f5 Sha1: 4e3e0524f822003a2567d04501b9d5e7d55d7d06 Sha256: cd2a2481818213f1c1b4e065ead65f83ff50d25a5b63a4a8cf515614f3ad05cf
GET /videoback-ongoing-eu-wothq-1691/ba06c381ed267fb7dfd6b007931ed0bf_1639483823.png HTTP/1.1 Host: lms-static.wgcdn.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: lms-static.wgcdn.co/videoback-ongoing-eu-wothq-1691/ba0 (...) FQDN: lms-static.wgcdn.co IP: 92.223.84.84 HASH: 549b0b011eb72bfb724708d7caeb637c1411be84c32ccbb5a9d7a76afc8b30bd 92.223.84.84 HTTP/2 200 OK content-type: image/png server: nginx date: Sun, 23 Oct 2022 08:38:20 GMT content-length: 30233 last-modified: Tue, 14 Dec 2021 12:10:23 GMT etag: "61b889af-7619" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: * cache: HIT x-cached-since: 2022-07-11T11:30:21+00:00 x-id: sto5-up-gc10 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 219 x 220, 8-bit grayscale, non-interlaced\012- data Size: 30233 Md5: e15fed82b2db8b2e31de05ab2a5601f4 Sha1: 405cbff152f965bdbf3a72faabbff5cafa4bcc14 Sha256: 549b0b011eb72bfb724708d7caeb637c1411be84c32ccbb5a9d7a76afc8b30bd
GET /gtm.js?id=GTM-58QVDL8 HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.googletagmanager.com/gtm.js?id=GTM-58QVDL8 FQDN: www.googletagmanager.com IP: 142.250.74.168 HASH: 29bc8db4680ae8c55fd3038e9678ac4e86cc6919325d37f2d9ddbaec324fd1b0 142.250.74.168 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Sun, 23 Oct 2022 08:38:20 GMT expires: Sun, 23 Oct 2022 08:38:20 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 102787 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (46280) Size: 102787 Md5: 6143240578c892158d57cf39fe4b830e Sha1: 62193fef02d4b15d91648d9f49ff8fb6d77fc5c3 Sha256: 29bc8db4680ae8c55fd3038e9678ac4e86cc6919325d37f2d9ddbaec324fd1b0
GET /videoback-ongoing-eu-wothq-1691/a3c86a67f4c5bb1c6cdb50b1092c0761_1600946860.jpg HTTP/1.1 Host: lms-static.wgcdn.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: lms-static.wgcdn.co/videoback-ongoing-eu-wothq-1691/a3c (...) FQDN: lms-static.wgcdn.co IP: 92.223.84.84 HASH: f6a40920a81d3a3489189bbb747f7d3e1b2a87f7568361e4872353bc2cb082b2 92.223.84.84 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Sun, 23 Oct 2022 08:38:20 GMT content-length: 373020 last-modified: Thu, 24 Sep 2020 11:27:40 GMT etag: "5f6c82ac-5b11c" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: * cache: HIT x-cached-since: 2022-09-19T12:11:21+00:00 x-id: sto5-up-gc10 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data Size: 373020 Md5: 6baad877e262149d8eea54bb33563765 Sha1: e4584c51785969af9c25718cff399e0e444af9a9 Sha256: f6a40920a81d3a3489189bbb747f7d3e1b2a87f7568361e4872353bc2cb082b2
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: f933a7ff2c6ec9189ba29fdf09da9125ac59d9c03b4a14e14e9f1b5fa5322b1c 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 23 Oct 2022 08:38:20 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: ea20460028066b7fba2f10b51d883192 Sha1: a73b8263a4477aceeda349c7beff7050de9df38b Sha256: f933a7ff2c6ec9189ba29fdf09da9125ac59d9c03b4a14e14e9f1b5fa5322b1c
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 576b3bf619d0a152889cc44165a229ad0100ccc319cf4d9044b2f26d4b676658 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 23 Oct 2022 08:38:20 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 05ee461624e2ec37f65e859afe6543ba Sha1: b99dcb558535d3d35d140e730aeeb41587622b30 Sha256: 576b3bf619d0a152889cc44165a229ad0100ccc319cf4d9044b2f26d4b676658
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 23 Oct 2022 08:38:20 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 9f84a11cd39c014fffc187f2a8b0d8df Sha1: 1875e117dec3fc707db902e87df9ec691b2cc763 Sha256: bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 23 Oct 2022 08:38:20 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 9f84a11cd39c014fffc187f2a8b0d8df Sha1: 1875e117dec3fc707db902e87df9ec691b2cc763 Sha256: bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 23 Oct 2022 08:38:20 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 9f84a11cd39c014fffc187f2a8b0d8df Sha1: 1875e117dec3fc707db902e87df9ec691b2cc763 Sha256: bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 23 Oct 2022 08:38:20 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 9f84a11cd39c014fffc187f2a8b0d8df Sha1: 1875e117dec3fc707db902e87df9ec691b2cc763 Sha256: bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1
GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://join.worldoftanks.eu Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5j (...) FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15660 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 18 Oct 2022 22:17:41 GMT expires: Wed, 18 Oct 2023 22:17:41 GMT cache-control: public, max-age=31536000 age: 382839 last-modified: Tue, 19 Apr 2022 18:42:42 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 15660, version 1.0\012- data Size: 15660 Md5: d7b0b953a50fddaa88089b5b787cf719 Sha1: 2f85bc568b27659a3d6452f58f9fd7678450326d Sha256: e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://join.worldoftanks.eu Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5j (...) FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: 6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15700 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 21 Oct 2022 16:04:44 GMT expires: Sat, 21 Oct 2023 16:04:44 GMT cache-control: public, max-age=31536000 age: 146016 last-modified: Tue, 19 Apr 2022 18:51:55 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data Size: 15700 Md5: 3d7f7413fca69bff4d231ebdc50aaab0 Sha1: cb18e7943b6a8a0e3672d7242197c19a226b92e8 Sha256: 6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://join.worldoftanks.eu Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5j (...) FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: bddd7c9debeee9bccc8d6a0f0990743d3db200fe23fc08dbad9e60a007e52919 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 9692 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 18 Oct 2022 23:14:18 GMT expires: Wed, 18 Oct 2023 23:14:18 GMT cache-control: public, max-age=31536000 age: 379442 last-modified: Tue, 19 Apr 2022 18:44:23 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 9692, version 1.0\012- data Size: 9692 Md5: d572b531f0823555818998b466028e08 Sha1: 788073fb7656c7b44a3d67468fc355ceb618290e Sha256: bddd7c9debeee9bccc8d6a0f0990743d3db200fe23fc08dbad9e60a007e52919
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19G7DRs5.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://join.worldoftanks.eu Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5j (...) FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: 85f70e68e3ba976fbfee39a96c5275550eb881f302c7dedf91aa7d0a802ba5f6 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 7120 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 20 Oct 2022 17:23:54 GMT expires: Fri, 20 Oct 2023 17:23:54 GMT cache-control: public, max-age=31536000 age: 227666 last-modified: Tue, 19 Apr 2022 18:54:03 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 7120, version 1.0\012- data Size: 7120 Md5: 1e58a6b01c300f7c84abdacf53503eaf Sha1: ed6f0d2f1564e5d763e07a8fde2f16c5e911f32f Sha256: 85f70e68e3ba976fbfee39a96c5275550eb881f302c7dedf91aa7d0a802ba5f6
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 23 Oct 2022 08:38:20 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 9f84a11cd39c014fffc187f2a8b0d8df Sha1: 1875e117dec3fc707db902e87df9ec691b2cc763 Sha256: bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 23 Oct 2022 08:38:20 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 9f84a11cd39c014fffc187f2a8b0d8df Sha1: 1875e117dec3fc707db902e87df9ec691b2cc763 Sha256: bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1
GET /jump/next.php?stamat=m%257CL2djEqdhaQdH8AH0dEdHP3xP.2fa%252C7H0PozvLiGV-YkDx825CHq_5mNyzZhovkYDfyjWLDI0Sb21IYsIWB7DkTq9zqOvWb4dT8psPrxvBBjgvx_GqtkagCRPOe8bNuwkXNn4K9yGdbZY6BGu8xDxu89NChByi&cbpage=https://adspredictiv.com/jump/next.php?r=6359262&sub1=heliotrope-eel&sub2=echo-rid-1ozwpgpq2m&cbur=0.5753800470546164&cbtitle=&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fgo.money616.xyz%2F HTTP/1.1 Host: adspredictiv.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin TE: trailers	URL: adspredictiv.com/jump/next.php?stamat=m%257CL2djEqdhaQd (...) FQDN: adspredictiv.com IP: 35.190.38.40 HASH: 17cebe9c73d7ebcbfa9a26f37ee3a5375d5104e559f99b1001819dce8a2a8e02 35.190.38.40 HTTP/2 302 Found content-type: text/html; charset=utf-8 server: openresty date: Sun, 23 Oct 2022 08:38:19 GMT access-control-allow-origin: * location: https://adspredictiv.com/script/i.php?stamat=m%257C%252C%252CA2e79jJqoGU3B0-GH0dEdHP3xP.442%252CgU3kWvmNb_DMmelc6GcZgtIjb1YKHkkglLDsnbXwyeJTYXTcogZSfSnkQQtweOlVOvUip64ATN6tmLBRRKNpyNfq9fwRVIe2apLIGAQ-YtDlnyKzvARqdfeS7T2OEb-GLqez7KvgKV4L1vb13y6QwQrdcuvepcYOKUDQCYNv445-Kw-cE6myLpSUMgz4CzgcQmcIAIlqsrvbTYkoy42aLuSI6L8OYgWWhzxU1M9abaLFDAdPC9jEDrHbqeJQD-FVmc51z8dg2VsNRtEXsFZjiW8b8PIqkaUdsqAbfEZpArPJUQwOvoq0PUfaWieqFKyZM1oeLuioroWDjGcdc7p9HLCJk2eRFPDeB1j1puPFIWqYgwuZLrGOfEOagAq8LzkSZuaNwVFwpZuvee1fMf5J5LcXQvwL8RQ8zyjn9coo_HWUzvytiiMJaZsSXL7ccsfF53uKtfoMsD_YKlMKq3-ToTN9CivdJExWP_7jmAH_pu27xTDKskEi7jDM4F7nypBA-M9bFYJptNiXWLAyaTSxn7rfc01mvRZgdP9r2bFfzsaIflt6ki8kmH9NmX-dDfCnfPpG2YAlPq6c2PQziHiXGK7bssmyKzxrtcyaVZZTwZw%252C via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 11817 Md5: af6f703171e72aeb7236db7031e441b1 Sha1: 9f1e922ab68bc2ed12d9b436da7f202657bc53d7 Sha256: 17cebe9c73d7ebcbfa9a26f37ee3a5375d5104e559f99b1001819dce8a2a8e02
GET /videoback-ongoing-eu-wothq-1691/50e485b431d538125efcbfa8fc76a665_1600946565.png HTTP/1.1 Host: lms-static.wgcdn.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: lms-static.wgcdn.co/videoback-ongoing-eu-wothq-1691/50e (...) FQDN: lms-static.wgcdn.co IP: 92.223.84.84 HASH: 2e9c3e61433c5952bd3b7d963ae90d9789c262a67411447bbaa1b598f53c2411 92.223.84.84 HTTP/2 200 OK content-type: image/png server: nginx date: Sun, 23 Oct 2022 08:38:20 GMT content-length: 5124 last-modified: Thu, 24 Sep 2020 11:22:45 GMT etag: "5f6c8185-1404" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: * cache: HIT x-cached-since: 2022-07-11T09:20:19+00:00 x-id: sto5-up-gc10 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data Size: 5124 Md5: c28eb738166485ff11b13d9e74a52be8 Sha1: dd161225ce2e844e2d6f05753e5210d922934ec6 Sha256: 2e9c3e61433c5952bd3b7d963ae90d9789c262a67411447bbaa1b598f53c2411
GET /promo_web/WOT/March2019/WOT_New_videoback_v3.webm HTTP/1.1 Host: cdn2wotcom.gcdn.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: video/webm,video/ogg,video/;q=0.9,application/ogg;q=0.7,audio/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: video Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn2wotcom.gcdn.co/promo_web/WOT/March2019/WOT_New_vide (...) FQDN: cdn2wotcom.gcdn.co IP: 92.223.84.84 HASH: 333a1356229544852de21506199e090e01791081b4b32e3a5d7864506a07eeb9 92.223.84.84 HTTP/2 206 Partial Content content-type: video/webm server: nginx date: Sun, 23 Oct 2022 08:38:20 GMT content-length: 7678225 last-modified: Tue, 12 Mar 2019 07:13:16 GMT etag: "752911-583e06c461b00" cache-control: max-age=290304000, public expires: Thu, 21 Sep 2023 12:03:33 GMT cache: HIT x-cached-since: 2022-09-21T12:03:33+00:00 x-id: sto5-up-gc13 content-range: bytes 0-7678224/7678225 X-Firefox-Spdy: h2 --- Additional Info --- Magic: WebM\012- EBML file, creator webmB\20\012- data Size: 7678225 Md5: 276c4475cdb31241611170b2fb686f5b Sha1: a2cda0beddd67a47b423d798f6f48a59a12a366d Sha256: 333a1356229544852de21506199e090e01791081b4b32e3a5d7864506a07eeb9
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 1e715af11344f63c3a22960250d1f8d6bcbd0f262adc34a5fab2652840406a17 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6496 Cache-Control: max-age=149337 Date: Sun, 23 Oct 2022 08:38:22 GMT Etag: "63548877-1d7" Expires: Tue, 25 Oct 2022 02:07:19 GMT Last-Modified: Sun, 23 Oct 2022 00:19:03 GMT Server: ECS (ska/F713) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: aaa41c3017784be7bfe3937bb4975afb Sha1: 9c2314e6f23bb7d42c71b334b32abf87ab59e314 Sha256: 1e715af11344f63c3a22960250d1f8d6bcbd0f262adc34a5fab2652840406a17
GET /analytics.js HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.google-analytics.com/analytics.js FQDN: www.google-analytics.com IP: 142.250.74.174 HASH: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e 142.250.74.174 HTTP/2 200 OK content-type: text/javascript strict-transport-security: max-age=10886400; includeSubDomains; preload x-content-type-options: nosniff vary: Accept-Encoding content-encoding: gzip cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 20039 date: Sun, 23 Oct 2022 06:41:09 GMT expires: Sun, 23 Oct 2022 08:41:09 GMT cache-control: public, max-age=7200 age: 7032 last-modified: Tue, 27 Sep 2022 22:01:05 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1325) Size: 20039 Md5: 47e6f374ca946fddd5b59871b325736c Sha1: baa9282efc8785e84d247c3bff518eaa45f101c4 Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 049ff9ce34cf51144dd1c80c0155d98ef0fa3c50234431de3c3c691624f840bd 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 23 Oct 2022 08:38:21 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: aaa80dd51eaef47c83770b112b9e286c Sha1: bfd081a3ad2267e522a20b45695cd8a0860b4ad3 Sha256: 049ff9ce34cf51144dd1c80c0155d98ef0fa3c50234431de3c3c691624f840bd
GET /scevent.min.js HTTP/1.1 Host: sc-static.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: sc-static.net/scevent.min.js FQDN: sc-static.net IP: 54.230.82.240 HASH: 64211912b65ff9a15aa212c8e8f5d4e60b86629d305c130f8824eb55837b8d4a 54.230.82.240 HTTP/2 200 OK content-type: application/javascript;charset=utf-8 content-length: 8764 server: CloudFront date: Sun, 23 Oct 2022 08:38:22 GMT content-encoding: gzip access-control-allow-origin: * access-control-allow-headers: Content-Type cache-control: private, s-maxage=0, max-age=600 set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Mon, 24 Oct 2022 07:28:48 GMT;Path=/scevent.min.js; Secure; SameSite=None x-cache: LambdaGeneratedResponse from cloudfront via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: Rj7HZyLAh6hRWYwtW90R8cZW7T84LtyRTMXdt2rKbuyl6PcsH-Ws4w== X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (25360), with no line terminators Size: 8764 Md5: e9a9d4e245fb5df1ac33be19306752e8 Sha1: 246e5996a63a71ce325dff7ca6c9ef71f324b62f Sha256: 64211912b65ff9a15aa212c8e8f5d4e60b86629d305c130f8824eb55837b8d4a
GET /en_US/fbevents.js HTTP/1.1 Host: connect.facebook.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: connect.facebook.net/en_US/fbevents.js FQDN: connect.facebook.net IP: 31.13.72.12 HASH: a22635e404a419027fc88eee705d254910d05d481953733d5e1fda4bc6ab3c5b 31.13.72.12 HTTP/2 200 OK content-type: application/x-javascript; charset=utf-8 vary: Accept-Encoding content-encoding: gzip x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups pragma: public cache-control: public, max-age=1200 expires: Sat, 01 Jan 2000 00:00:00 GMT x-content-type-options: nosniff x-xss-protection: 0 x-frame-options: DENY strict-transport-security: max-age=31536000; preload; includeSubDomains x-fb-debug: kqu/tw7+jCwPZ+HuDv5bqsh/CBG/7v8O5//uSArmSzISD7siXa4z8QBQDKItAQlcsa5WJZFlc149d/lHDUJv5Q== content-length: 27027 x-fb-trip-id: 1904183273 date: Sun, 23 Oct 2022 08:38:22 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (64348) Size: 27027 Md5: 71875f848896ee82a106224e048bd060 Sha1: 277a624e507dff2cd9cff104aa0c5618ca76e105 Sha256: a22635e404a419027fc88eee705d254910d05d481953733d5e1fda4bc6ab3c5b
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 6c7c97b56f330b0d83d8396d0338f168eb78eb1c1000d06c246b07cd9aef766b 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3028 Cache-Control: max-age=89718 Date: Sun, 23 Oct 2022 08:38:22 GMT Etag: "6353ad20-1d7" Expires: Mon, 24 Oct 2022 09:33:40 GMT Last-Modified: Sat, 22 Oct 2022 08:43:12 GMT Server: ECS (ska/F709) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 6f804641bcceec9ce007426a49d15975 Sha1: d41dd39ef11b315898f7f1ed8f110baadc41a15a Sha256: 6c7c97b56f330b0d83d8396d0338f168eb78eb1c1000d06c246b07cd9aef766b
GET /bat.js HTTP/1.1 Host: bat.bing.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: bat.bing.com/bat.js FQDN: bat.bing.com IP: 13.107.21.200 HASH: 04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab 13.107.21.200 HTTP/2 200 OK content-type: application/javascript cache-control: private,max-age=1800 content-length: 11367 content-encoding: gzip last-modified: Thu, 28 Jul 2022 17:32:37 GMT accept-ranges: bytes etag: "80a8697a8a2d81:0" vary: Accept-Encoding set-cookie: MUID=28B0AC0DC9D269610305BE4BC8276844; domain=.bing.com; expires=Fri, 17-Nov-2023 08:38:22 GMT; path=/; SameSite=None; Secure; Priority=High; strict-transport-security: max-age=31536000; includeSubDomains; preload access-control-allow-origin: * x-cache: CONFIG_NOCACHE accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref: Ref A: 871AAF91F79946488F5964AA2B97F91E Ref B: OSL30EDGE0515 Ref C: 2022-10-23T08:38:21Z date: Sun, 23 Oct 2022 08:38:21 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (38826), with no line terminators Size: 11367 Md5: 293ae3e0fc8b0d5c143fdf9d8490228d Sha1: 3976c659b908e70818a3a1ac71860b497fe2d1a9 Sha256: 04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /pagead/conversion_async.js HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.google.com/pagead/conversion_async.js FQDN: www.google.com IP: 142.250.74.164 HASH: 1c2948cf01342a560e7f3669ec3fbe69c4d565ee5e13d0873f89422b8c7c2503 142.250.74.164 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin vary: Accept-Encoding date: Sun, 23 Oct 2022 08:38:22 GMT expires: Sun, 23 Oct 2022 08:38:22 GMT cache-control: private, max-age=3600 etag: 10463233247470928422 x-content-type-options: nosniff content-disposition: attachment; filename="f.txt" content-encoding: br server: cafe content-length: 15169 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1654) Size: 15169 Md5: 24fd6c715f1f63277e70251543da72e3 Sha1: df812f6fc49802cdae539755e361201fa061ebc6 Sha256: 1c2948cf01342a560e7f3669ec3fbe69c4d565ee5e13d0873f89422b8c7c2503
GET /jump/next.php?r=6359262&sub1=heliotrope-eel&sub2=echo-rid-1ozwpgpq2m HTTP/1.1 Host: adspredictiv.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://go.money616.xyz/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: adspredictiv.com/jump/next.php?r=6359262&sub1=heliotrop (...) FQDN: adspredictiv.com IP: 35.190.38.40 HASH: 38338eaf589550157a6c58af71f8243c7a64c5437c66649c66e096ce63643d1e 35.190.38.40 HTTP/2 200 OK content-type: text/html; charset=utf-8 server: openresty date: Sun, 23 Oct 2022 08:38:19 GMT access-control-allow-origin: * content-encoding: gzip via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 3227 Md5: 3b203cb1d5a75556f8c5f6ac45585271 Sha1: ba56a6008ba8f53c2faae8644e4b654703bf44eb Sha256: 38338eaf589550157a6c58af71f8243c7a64c5437c66649c66e096ce63643d1e
GET /assets/device/static/collect.js HTTP/1.1 Host: tenor.wargaming.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: tenor.wargaming.net/assets/device/static/collect.js FQDN: tenor.wargaming.net IP: 92.223.21.16 HASH: 76c6cf4c397fcca4cf8000908a09bae78997b814b1a3b345279bc8e178aa2900 92.223.21.16 HTTP/1.1 200 OK Content-Type: application/javascript Server: openresty Date: Sun, 23 Oct 2022 08:38:22 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=200 Last-Modified: Tue, 18 Oct 2022 07:32:10 GMT Vary: Accept-Encoding, Accept-Encoding ETag: W/"634e567a-3ac2" Content-Encoding: gzip --- Additional Info --- Magic: HTML document, ASCII text, with very long lines (7249) Size: 5440 Md5: 026f62fad760986ddac0bb642b46db1d Sha1: 934e6b4936e4c044e0e68ebe8243a3c38a2763ca Sha256: 76c6cf4c397fcca4cf8000908a09bae78997b814b1a3b345279bc8e178aa2900
GET /wi/ytc.js HTTP/1.1 Host: s.yimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: s.yimg.com/wi/ytc.js FQDN: s.yimg.com IP: 87.248.119.252 HASH: 3daf989b034253ce77e9ba5cb3962d5206361a3946c2c547434196e9596b893a 87.248.119.252 HTTP/2 200 OK content-type: application/javascript x-amz-id-2: tYV2ePyU8HVdeUYwx1aAo+Ll4uY24xQcUk82Zb7FPTBmaLa70N60AhZRiQTYj9+a0OFiQyChl/U= x-amz-request-id: PK5M1VYZKWKWQJRM date: Sun, 23 Oct 2022 08:38:17 GMT last-modified: Tue, 14 Jun 2022 12:21:31 GMT x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle" etag: "6a624022b5d271dcefb070b0b6670abc-df" x-amz-server-side-encryption: AES256 cache-control: public,max-age=3600 x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C accept-ranges: bytes server: ATS referrer-policy: no-referrer-when-downgrade vary: Origin, Accept-Encoding age: 6 content-encoding: gzip strict-transport-security: max-age=15552000 expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-xss-protection: 1; mode=block x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 6401 Md5: ac3c4b53650e700e0ab2cc7fd7e4dd8f Sha1: 68c58684a4266f077d12bcd658c881ff4b29041e Sha256: 3daf989b034253ce77e9ba5cb3962d5206361a3946c2c547434196e9596b893a
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 23481ba8ebf19debe4a6119d605ad31c0589a08bbc253a6428938ac9a84d5b22 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 23 Oct 2022 08:38:22 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 32b18cf6617f4e930872c1470af05703 Sha1: 4c07ce8749baf89e9812de6bb45deb0a3fc5013e Sha256: 23481ba8ebf19debe4a6119d605ad31c0589a08bbc253a6428938ac9a84d5b22
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: ca7fa279357206e9e419d5b80281cc14bc5666b20ef262560dea86d31132c729 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 23 Oct 2022 08:38:22 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: e082919080a1a229ac3eec9b7b857933 Sha1: a5847abc620bd00e87afda17746b0a590e0c9464 Sha256: ca7fa279357206e9e419d5b80281cc14bc5666b20ef262560dea86d31132c729
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-77NSW0BT3P&cid=183657958.1666514318&gtm=2oeaj0&aip=1&z=159898827 HTTP/1.1 Host: www.google.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&t (...) FQDN: www.google.no IP: 142.250.74.35 HASH: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 142.250.74.35 HTTP/2 200 OK content-type: image/gif p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Sun, 23 Oct 2022 08:38:22 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 42 Md5: d89746888da2d9510b64a9f031eaecd5 Sha1: d5fceb6532643d0d84ffe09c40c481ecdf59e15a Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/1006839708/?random=1666514318060&cv=9&fst=1666514318060&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgaj0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fjoin.worldoftanks.eu%2F1600946604%2Fno%2F%3Fpub_id%3D6359262%26xid%3D166651429910000TNOTV415326358024Vf9%26xid_param1%3D6359262-2133874209-3759591136%26xid_param2%3D277883820%26sid%3DSIDI9cvlEf5bPlaXd5VUvo5GqRgkInuihNA9RQ_7yrWPEQQW6frmTigpT8eWQN4-eu2XUzUjm-DPvb0sFXEUZGK5Yy5eOJ8A-sZpG3wj8Kp-GJciK9Abc9OUnEjBwMOlfQnXhiYvY01OXc%26enctid%3Dcnt60kdm7mds%26lpsn%3DWOT%2520ONGOING%2520WW%2520Videoback%2520LMS%2520WOTHQ-1691%26foris%3D1%26teclient%3D1666514299990552217%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dsfangt2l%26utm_content%3D6359262&tiba=World%20of%20Tanks%E2%80%94Gratis%20%C3%A5%20spille%20tanksaction%20MMO.%20Last%20ned%20n%C3%A5%20og%20spill%20gratis!&auid=122829167.1666514317&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1 Host: googleads.g.doubleclick.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: googleads.g.doubleclick.net/pagead/viewthroughconversio (...) FQDN: googleads.g.doubleclick.net IP: 216.58.207.226 HASH: 1381f7f589b29353f8f7ee31da652dd3a9e5b4824047398e2ff37bcf4f1a4099 216.58.207.226 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Sun, 23 Oct 2022 08:38:22 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, must-revalidate x-content-type-options: nosniff content-disposition: attachment; filename="f.txt" content-encoding: gzip server: cafe content-length: 1447 x-xss-protection: 0 set-cookie: test_cookie=CheckForPermission; expires=Sun, 23-Oct-2022 08:53:22 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (3460), with no line terminators Size: 1447 Md5: be2f066e2c1842f77db4dd47f8943386 Sha1: 09e53b4c4b0ae8cc47d3bc7dfe6a2cc03e30b666 Sha256: 1381f7f589b29353f8f7ee31da652dd3a9e5b4824047398e2ff37bcf4f1a4099
OPTIONS /cf HTTP/1.1 Host: tenor.wargaming.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://join.worldoftanks.eu/ Origin: https://join.worldoftanks.eu Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: tenor.wargaming.net/cf FQDN: tenor.wargaming.net IP: 92.223.21.16 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 92.223.21.16 HTTP/1.1 200 OK Content-Type: application/octet-stream Server: openresty Date: Sun, 23 Oct 2022 08:38:22 GMT Content-Length: 0 Connection: keep-alive Keep-Alive: timeout=200 Access-Control-Allow-Origin: https://join.worldoftanks.eu Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: POST Access-Control-Allow-Headers: CONTENT-TYPE --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 23481ba8ebf19debe4a6119d605ad31c0589a08bbc253a6428938ac9a84d5b22 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 23 Oct 2022 08:38:22 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 32b18cf6617f4e930872c1470af05703 Sha1: 4c07ce8749baf89e9812de6bb45deb0a3fc5013e Sha256: 23481ba8ebf19debe4a6119d605ad31c0589a08bbc253a6428938ac9a84d5b22
GET /wi/config/10180089.json HTTP/1.1 Host: s.yimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://join.worldoftanks.eu Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: s.yimg.com/wi/config/10180089.json FQDN: s.yimg.com IP: 87.248.119.252 HASH: c63fe9a284f1b9cfd799a123c1a92a566f22bd5cd0be03d5af3a3fbf0936e226 87.248.119.252 HTTP/2 200 OK content-type: application/json x-amz-id-2: v4u8f5KkRlg2ude+XmlBM97bSCf+ObyOEDVCXYd+wy2mFWfjYrpBbnAoiM7ouH3o6aJcOvO/2yA= x-amz-request-id: Q1P52PNN6SJTDDE7 date: Sun, 23 Oct 2022 06:52:45 GMT access-control-allow-origin: * access-control-allow-methods: GET vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method last-modified: Wed, 16 Mar 2022 15:56:22 GMT x-amz-expiration: expiry-date="Fri, 21 Apr 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle" etag: "c6ded5892a90c67512603a071c819e4e" x-amz-server-side-encryption: AES256 x-amz-version-id: hucc9FIkp5UShj6EZB33GhrqRv4Mo1tn accept-ranges: bytes server: ATS content-length: 46 referrer-policy: no-referrer-when-downgrade age: 6338 strict-transport-security: max-age=15552000 expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-xss-protection: 1; mode=block x-content-type-options: nosniff X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 46 Md5: c6ded5892a90c67512603a071c819e4e Sha1: b0db884308ecef9f44d5c38bacf96702096d5830 Sha256: c63fe9a284f1b9cfd799a123c1a92a566f22bd5cd0be03d5af3a3fbf0936e226
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: ca7fa279357206e9e419d5b80281cc14bc5666b20ef262560dea86d31132c729 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 23 Oct 2022 08:38:22 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: e082919080a1a229ac3eec9b7b857933 Sha1: a5847abc620bd00e87afda17746b0a590e0c9464 Sha256: ca7fa279357206e9e419d5b80281cc14bc5666b20ef262560dea86d31132c729
POST /cf HTTP/1.1 Host: tenor.wargaming.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://join.worldoftanks.eu/ Content-Type: application/json Origin: https://join.worldoftanks.eu Content-Length: 299 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: tenor.wargaming.net/cf FQDN: tenor.wargaming.net IP: 92.223.21.16 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 92.223.21.16 HTTP/1.1 204 No Content Content-Type: application/json; charset=utf-8 Server: openresty Date: Sun, 23 Oct 2022 08:38:22 GMT Content-Length: 2 Connection: keep-alive Keep-Alive: timeout=200 Access-Control-Expose-Headers: Server,Date,Content-Length Access-Control-Allow-Origin: https://join.worldoftanks.eu Access-Control-Allow-Credentials: true --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 3d0a942268e4987a05a4c449f0b67685225112e30f75c5c30fb58e5a839bafd9 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2778 Cache-Control: max-age=165420 Date: Sun, 23 Oct 2022 08:38:22 GMT Etag: "6354d5d0-1d7" Expires: Tue, 25 Oct 2022 06:35:22 GMT Last-Modified: Sun, 23 Oct 2022 05:49:04 GMT Server: ECS (ska/F713) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 824126ba460978b26e51bbefa77ba83e Sha1: 1118bf44441420936c009f69db0f1f96883d30f0 Sha256: 3d0a942268e4987a05a4c449f0b67685225112e30f75c5c30fb58e5a839bafd9
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 3d0a942268e4987a05a4c449f0b67685225112e30f75c5c30fb58e5a839bafd9 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3366 Cache-Control: max-age=166008 Date: Sun, 23 Oct 2022 08:38:22 GMT Etag: "6354d5d0-1d7" Expires: Tue, 25 Oct 2022 06:45:10 GMT Last-Modified: Sun, 23 Oct 2022 05:49:04 GMT Server: ECS (ska/F708) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 824126ba460978b26e51bbefa77ba83e Sha1: 1118bf44441420936c009f69db0f1f96883d30f0 Sha256: 3d0a942268e4987a05a4c449f0b67685225112e30f75c5c30fb58e5a839bafd9
GET /cm/i?pid=22df7ed7-ab83-4fcd-b6a0-e8494aed20d8&u_scsid=0b78d537-317f-4761-873f-911ec3b20c55&u_sclid=ed0fec1d-553b-43c7-9cec-083586dca394 HTTP/1.1 Host: tr.snapchat.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: tr.snapchat.com/cm/i?pid=22df7ed7-ab83-4fcd-b6a0-e8494a (...) FQDN: tr.snapchat.com IP: 35.190.43.134 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 35.190.43.134 HTTP/2 200 OK content-type: text/html date: Sun, 23 Oct 2022 08:38:22 GMT strict-transport-security: max-age=31536000; includeSubDomains; preload content-length: 0 x-envoy-upstream-service-time: 1 server: API Gateway via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=26043906&tm=gtm002&Ver=2&mid=835944b9-e6f0-4c2d-8e73-4a7e720f5edc&sid=16fb4e7052ae11ed86a5efdaa5609706&vid=16fb572052ae11ed826cf3355fa0e83a&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=World%20of%20Tanks%E2%80%94Gratis%20%C3%A5%20spille%20tanksaction%20MMO.%20Last%20ned%20n%C3%A5%20og%20spill%20gratis!&p=https%3A%2F%2Fjoin.worldoftanks.eu%2F1600946604%2Fno%2F%3Fpub_id%3D6359262%26xid%3D166651429910000TNOTV415326358024Vf9%26xid_param1%3D6359262-2133874209-3759591136%26xid_param2%3D277883820%26sid%3DSIDI9cvlEf5bPlaXd5VUvo5GqRgkInuihNA9RQ_7yrWPEQQW6frmTigpT8eWQN4-eu2XUzUjm-DPvb0sFXEUZGK5Yy5eOJ8A-sZpG3wj8Kp-GJciK9Abc9OUnEjBwMOlfQnXhiYvY01OXc%26enctid%3Dcnt60kdm7mds%26lpsn%3DWOT%2520ONGOING%2520WW%2520Videoback%2520LMS%2520WOTHQ-1691%26foris%3D1%26teclient%3D1666514299990552217%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dsfangt2l%26utm_content%3D6359262&r=&lt=1294&evt=pageLoad&sv=1&rn=176253 HTTP/1.1 Host: bat.bing.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: bat.bing.com/action/0?ti=26043906&tm=gtm002&Ver=2&mid=8 (...) FQDN: bat.bing.com IP: 13.107.21.200 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 13.107.21.200 HTTP/2 204 No Content cache-control: no-cache, must-revalidate pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT set-cookie: MUID=1D5052B80EF667AF1CA440FE0F03667A; domain=.bing.com; expires=Fri, 17-Nov-2023 08:38:22 GMT; path=/; SameSite=None; Secure; Priority=High; strict-transport-security: max-age=31536000; includeSubDomains; preload access-control-allow-origin: * x-cache: CONFIG_NOCACHE accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref: Ref A: 60B038AD975B4D3688D563ADD2C260A7 Ref B: OSL30EDGE0515 Ref C: 2022-10-23T08:38:22Z date: Sun, 23 Oct 2022 08:38:22 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/26043906.js HTTP/1.1 Host: bat.bing.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: bat.bing.com/p/action/26043906.js FQDN: bat.bing.com IP: 13.107.21.200 HASH: 2f60750d4aadf9925d7d1a28a1c94ffb13c7e6a851af89805440b7d57a5832aa 13.107.21.200 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 cache-control: private,max-age=60 content-length: 1423 content-encoding: gzip vary: Accept-Encoding set-cookie: MUID=31C2B6E848766BB13188A4AE49836AB5; domain=.bing.com; expires=Fri, 17-Nov-2023 08:38:22 GMT; path=/; SameSite=None; Secure; Priority=High; strict-transport-security: max-age=31536000; includeSubDomains; preload access-control-allow-origin: * x-cache: CONFIG_NOCACHE accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref: Ref A: FEDB1A8416754096A8E3F73BCB2323C0 Ref B: OSL30EDGE0515 Ref C: 2022-10-23T08:38:22Z date: Sun, 23 Oct 2022 08:38:22 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 1423 Md5: 5ccab94753771a3d9f34c937a0edda89 Sha1: 0e4f16622e090eaa09fc6c910fbe979ca4fb0a65 Sha256: 2f60750d4aadf9925d7d1a28a1c94ffb13c7e6a851af89805440b7d57a5832aa
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 3d0a942268e4987a05a4c449f0b67685225112e30f75c5c30fb58e5a839bafd9 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3366 Cache-Control: max-age=166008 Date: Sun, 23 Oct 2022 08:38:22 GMT Etag: "6354d5d0-1d7" Expires: Tue, 25 Oct 2022 06:45:10 GMT Last-Modified: Sun, 23 Oct 2022 05:49:04 GMT Server: ECS (ska/F709) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 824126ba460978b26e51bbefa77ba83e Sha1: 1118bf44441420936c009f69db0f1f96883d30f0 Sha256: 3d0a942268e4987a05a4c449f0b67685225112e30f75c5c30fb58e5a839bafd9
GET /init?pids=22df7ed7-ab83-4fcd-b6a0-e8494aed20d8 HTTP/1.1 Host: tr.snapchat.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://join.worldoftanks.eu/ Origin: https://join.worldoftanks.eu Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: tr.snapchat.com/init?pids=22df7ed7-ab83-4fcd-b6a0-e8494 (...) FQDN: tr.snapchat.com IP: 35.190.43.134 HASH: 001648221631680bcc5682b0b4fe6543b4929f1a560200bf7f08f338afa2a233 35.190.43.134 HTTP/2 200 OK content-type: application/json date: Sun, 23 Oct 2022 08:38:22 GMT access-control-allow-origin: https://join.worldoftanks.eu strict-transport-security: max-age=31536000; includeSubDomains; preload x-envoy-upstream-service-time: 0 content-encoding: gzip vary: Accept-Encoding server: API Gateway access-control-allow-credentials: true via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 129 Md5: 08175f93be41576390e91ec665509fcf Sha1: 01c7a04cbcda6d039543aef4740d4df7aa141ad8 Sha256: 001648221631680bcc5682b0b4fe6543b4929f1a560200bf7f08f338afa2a233
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 335778064e4097d714aa98d1ca839f81d572267dde6b06e3ea18ef70851759e5 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4426 Cache-Control: max-age=127431 Date: Sun, 23 Oct 2022 08:38:22 GMT Etag: "63543afb-1d7" Expires: Mon, 24 Oct 2022 20:02:13 GMT Last-Modified: Sat, 22 Oct 2022 18:48:27 GMT Server: ECS (ska/F70B) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 2724b31c127b24cfb73b40c62d314b58 Sha1: f20357b24df0ab19dddded0bc55ff5ad9d715ff4 Sha256: 335778064e4097d714aa98d1ca839f81d572267dde6b06e3ea18ef70851759e5
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: b28c05d5d828380e6afebdb13654fa0c2acdd6a074df31f17930612195eae656 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 23 Oct 2022 08:38:22 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: e3ae8884dbbabf14b5929dbc3b512794 Sha1: de6193115a075ac52ce357860db2e2ef9a83be8f Sha256: b28c05d5d828380e6afebdb13654fa0c2acdd6a074df31f17930612195eae656
POST /p HTTP/1.1 Host: tr.snapchat.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: multipart/form-data; boundary=---------------------------10941410185201351983040031592 Content-Length: 2545 Origin: https://join.worldoftanks.eu Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: tr.snapchat.com/p FQDN: tr.snapchat.com IP: 35.190.43.134 HASH: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11 35.190.43.134 HTTP/2 200 OK content-type: text/html date: Sun, 23 Oct 2022 08:38:22 GMT access-control-allow-origin: https://join.worldoftanks.eu cache-control: no-cache, no-transform set-cookie: sc_at=v2\|H4sIAAAAAAAAAAXBgQ0AIQgDwIlIqED/HQdNOgXDe6ft50hpXliWH9r6Dxk9Upf7FnoGJAsZvsYfbqyM8zIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure strict-transport-security: max-age=31536000; includeSubDomains; preload content-length: 68 x-envoy-upstream-service-time: 10 server: API Gateway access-control-allow-credentials: true via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data Size: 68 Md5: c4a2b870062c2bb98c500bc1526c0498 Sha1: 528666ccdb12997358077bc8fcdbfb6b825c7788 Sha256: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /ddm/activity/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1600946604/no/;u3=WOT%20ONGOING%20WW%20Videoback%20LMS%20WOTHQ-1691;u4=affiliate;u5=sfangt2l;match_id=1666514299990552217;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=373207989 HTTP/1.1 Host: ad.doubleclick.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: ad.doubleclick.net/ddm/activity/src=9463992;type=acqpa0 (...) FQDN: ad.doubleclick.net IP: 142.250.74.102 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 142.250.74.102 HTTP/2 302 Found content-type: text/html; charset=UTF-8 p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Sun, 23 Oct 2022 08:38:22 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, must-revalidate location: https://adservice.google.com/ddm/fls/p/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1600946604/no/;u3=WOT%20ONGOING%20WW%20Videoback%20LMS%20WOTHQ-1691;u4=affiliate;u5=sfangt2l;match_id=1666514299990552217;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=373207989;~oref=https://join.worldoftanks.eu/ x-content-type-options: nosniff server: cafe content-length: 0 x-xss-protection: 0 set-cookie: test_cookie=CheckForPermission; expires=Sun, 23-Oct-2022 08:53:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads/pixel.js HTTP/1.1 Host: www.redditstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.redditstatic.com/ads/pixel.js FQDN: www.redditstatic.com IP: 151.101.85.140 HASH: bd69f250efa08cb2c0a06c35d91fda762779820d87779019c25211f4559ebb1d 151.101.85.140 HTTP/2 200 OK content-type: application/javascript last-modified: Tue, 19 Jul 2022 22:48:09 GMT etag: "95212d33cfff78ad59f5af5b20c48c53" cache-control: public, max-age=60 content-encoding: gzip via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Sun, 23 Oct 2022 08:38:22 GMT vary: Accept-Encoding,Origin server: snooserv report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]} nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02} content-length: 7722 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (25224) Size: 7722 Md5: 95212d33cfff78ad59f5af5b20c48c53 Sha1: 9b99a4091a6eb716bc68f1428e3c86eca068b25b Sha256: bd69f250efa08cb2c0a06c35d91fda762779820d87779019c25211f4559ebb1d
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: b28c05d5d828380e6afebdb13654fa0c2acdd6a074df31f17930612195eae656 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 23 Oct 2022 08:38:22 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: e3ae8884dbbabf14b5929dbc3b512794 Sha1: de6193115a075ac52ce357860db2e2ef9a83be8f Sha256: b28c05d5d828380e6afebdb13654fa0c2acdd6a074df31f17930612195eae656
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-40205758-4&cid=183657958.1666514318&jid=237157914&gjid=747198132&_gid=988379887.1666514318&_u=YGhACEABBAAAACAFO~&z=1849005296 HTTP/1.1 Host: stats.g.doubleclick.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 0 Origin: https://join.worldoftanks.eu Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_ (...) FQDN: stats.g.doubleclick.net IP: 173.194.222.157 HASH: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a 173.194.222.157 HTTP/2 200 OK content-type: text/plain access-control-allow-origin: https://join.worldoftanks.eu strict-transport-security: max-age=10886400; includeSubDomains; preload date: Sun, 23 Oct 2022 08:38:22 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT access-control-allow-credentials: true x-content-type-options: nosniff cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 4 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 4 Md5: 48c0473b7821185d937e685216e2168b Sha1: 3743e47f8a429a5e87b86cb582d78940733d9d2e Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
GET /banners/scripts/st/trackpoint-async.js HTTP/1.1 Host: s2.adform.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: s2.adform.net/banners/scripts/st/trackpoint-async.js FQDN: s2.adform.net IP: 37.157.2.247 HASH: ad23a6310a683184c3295f88e4c7d08ffe62427aba93d132004f1789be3b331d 37.157.2.247 HTTP/2 200 OK content-type: application/javascript server: nginx date: Sun, 23 Oct 2022 08:38:22 GMT vary: Accept-Encoding last-modified: Wed, 05 Oct 2022 12:23:24 GMT x-rgw-object-type: Normal etag: W/"4cb8e818a3c8dda5fd80d6d9a55d958d" x-amz-request-id: tx00000655b730b984fd408-006354fb05-329385b8-default access-control-allow-origin: * cache-control: public, max-age=604800 x-cache-status: HIT content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 30865 Md5: 2c4c8842224309163b2c49196f8edd8b Sha1: da58d1c9e6e196158924f54ca6d6f53cc02435ea Sha256: ad23a6310a683184c3295f88e4c7d08ffe62427aba93d132004f1789be3b331d
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 2913160e489f5989326c37c6f63a11f1c9a39285be320fb885a814c4ae5c8f33 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 1149 Cache-Control: max-age=118058 Date: Sun, 23 Oct 2022 08:38:22 GMT Etag: "6354232b-1d7" Expires: Mon, 24 Oct 2022 17:26:00 GMT Last-Modified: Sat, 22 Oct 2022 17:06:51 GMT Server: ECS (ska/F713) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 347e8ae57cec299ddeb1d04d5d0932da Sha1: bc24a15a79e46d632d80516bab0351071bd4443a Sha256: 2913160e489f5989326c37c6f63a11f1c9a39285be320fb885a814c4ae5c8f33
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-150089307-6&cid=183657958.1666514318&jid=1552453867&gjid=289938983&_gid=1981571764.1666514318&_u=YGhACEABBAAAACAEO~&z=730434146 HTTP/1.1 Host: stats.g.doubleclick.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 0 Origin: https://join.worldoftanks.eu Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_ (...) FQDN: stats.g.doubleclick.net IP: 173.194.222.157 HASH: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a 173.194.222.157 HTTP/2 200 OK content-type: text/plain access-control-allow-origin: https://join.worldoftanks.eu strict-transport-security: max-age=10886400; includeSubDomains; preload date: Sun, 23 Oct 2022 08:38:22 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT access-control-allow-credentials: true x-content-type-options: nosniff cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 4 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 4 Md5: 48c0473b7821185d937e685216e2168b Sha1: 3743e47f8a429a5e87b86cb582d78940733d9d2e Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 12045f462e3aa1fa3d2c97f1c3c67951dedc6410db5ce75c1907de5beff81bf4 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 23 Oct 2022 08:38:22 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 924935dfe678e1cafb56906ef15defec Sha1: 063dc4e38a869415d29ff059c0e173966c0c96dd Sha256: 12045f462e3aa1fa3d2c97f1c3c67951dedc6410db5ce75c1907de5beff81bf4
GET /ddm/fls/p/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1600946604/no/;u3=WOT%20ONGOING%20WW%20Videoback%20LMS%20WOTHQ-1691;u4=affiliate;u5=sfangt2l;match_id=1666514299990552217;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=373207989;~oref=https://join.worldoftanks.eu/ HTTP/1.1 Host: adservice.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://join.worldoftanks.eu/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: adservice.google.com/ddm/fls/p/src=9463992;type=acqpa00 (...) FQDN: adservice.google.com IP: 142.250.74.130 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 142.250.74.130 HTTP/2 302 Found content-type: text/html; charset=UTF-8 p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Sun, 23 Oct 2022 08:38:22 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, must-revalidate location: https://adservice.google.no/ddm/fls/p/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1600946604/no/;u3=WOT%20ONGOING%20WW%20Videoback%20LMS%20WOTHQ-1691;u4=affiliate;u5=sfangt2l;match_id=1666514299990552217;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=373207989;~oref=https://join.worldoftanks.eu/ x-content-type-options: nosniff server: cafe content-length: 0 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tag/uet/26043906 HTTP/1.1 Host: www.clarity.ms User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.clarity.ms/tag/uet/26043906 FQDN: www.clarity.ms IP: 13.107.246.53 HASH: 49284c9fa7c56e0a2a707ef2594c256731f2a2c3e09e64cdc65ba2016e61155a 13.107.246.53 HTTP/2 200 OK content-type: application/x-javascript cache-control: no-cache, no-store content-length: 1783 expires: -1 set-cookie: CLID=1fbfc7ecfc344a6c84ef9290c12f521e.20221023.20231023; expires=Mon, 23 Oct 2023 08:38:22 GMT; path=/; secure; samesite=none; httponly request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81 x-cache: CONFIG_NOCACHE x-azure-ref: 0fv1UYwAAAABlx5CvCqQwS6YaTikCfovnU1ZHMjBFREdFMDYxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE= date: Sun, 23 Oct 2022 08:38:21 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1783), with no line terminators Size: 1783 Md5: ef5c0e5d88ebd499b98db947830e09e0 Sha1: 2b8666213105a698975736999d960c1c551652d8 Sha256: 49284c9fa7c56e0a2a707ef2594c256731f2a2c3e09e64cdc65ba2016e61155a
GET /Serving/TrackPoint/?CC=1&pm=2446135&ADFPageName=WOT%20-%20EU%20-%20Landing%20Page&ADFdivider=%7C&ord=730482327784&ADFtpmode=2&loc=https%3A%2F%2Fjoin.worldoftanks.eu%2F1600946604%2Fno%2F%3Fpub_id%3D6359262%26xid%3D166651429910000TNOTV415326358024Vf9%26&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1 Host: a1.adform.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://join.worldoftanks.eu/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: a1.adform.net/Serving/TrackPoint/?CC=1&pm=2446135&ADFPa (...) FQDN: a1.adform.net IP: 37.157.6.248 HASH: b453c48d135033a9f54030c39d0241419c85531378e79ef47a5991ab5d418a97 37.157.6.248 HTTP/2 200 OK content-type: text/javascript; charset=utf-8 server: nginx date: Sun, 23 Oct 2022 08:38:22 GMT content-length: 196 cache-control: no-cache, no-store, must-revalidate, no-transform pragma: no-cache content-encoding: gzip expires: -1 vary: Accept-Encoding access-control-allow-origin: * p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 196 Md5: 0ede06ce62bcf9e842e1b0f3313e6f83 Sha1: a1a6675d17c5e308cbf033eb3d53fd8d12272be4 Sha256: b453c48d135033a9f54030c39d0241419c85531378e79ef47a5991ab5d418a97
GET /Serving/TrackPoint/?pm=2446135&ADFPageName=WOT%20-%20EU%20-%20Landing%20Page&ADFdivider=%7C&ord=730482327784&ADFtpmode=2&loc=https%3A%2F%2Fjoin.worldoftanks.eu%2F1600946604%2Fno%2F%3Fpub_id%3D6359262%26xid%3D166651429910000TNOTV415326358024Vf9%26&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1 Host: a1.adform.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: a1.adform.net/Serving/TrackPoint/?pm=2446135&ADFPageNam (...) FQDN: a1.adform.net IP: 37.157.6.248 HASH: 404826c8c388ccad060c1ae9d2654f1df5388a2d89a7a1b12a15d6d9274c0bf2 37.157.6.248 HTTP/2 302 Found content-type: text/html; charset=utf-8 server: nginx date: Sun, 23 Oct 2022 08:38:22 GMT location: https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2446135&ADFPageName=WOT%20-%20EU%20-%20Landing%20Page&ADFdivider=%7C&ord=730482327784&ADFtpmode=2&loc=https%3A%2F%2Fjoin.worldoftanks.eu%2F1600946604%2Fno%2F%3Fpub_id%3D6359262%26xid%3D166651429910000TNOTV415326358024Vf9%26&Set1=en-US%7Cen-US%7C1280x1024%7C24 cache-control: no-cache, no-store, must-revalidate, no-transform pragma: no-cache expires: -1 access-control-allow-origin: * set-cookie: C=1; domain=adform.net; expires=Wed, 23-Nov-2022 09:38:22 GMT; path=/ p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (382), with CRLF, LF line terminators Size: 676 Md5: d6038fbd04d778111f9dd13dc5c03e4b Sha1: 702629654683f1c7d14d239f83af26076dc2a4ec Sha256: 404826c8c388ccad060c1ae9d2654f1df5388a2d89a7a1b12a15d6d9274c0bf2
GET /pixel;r=1492277718;labels=_fp.event.PageView;source=gtm;event=refresh;rf=0;a=p-UH9pPWqqbvvtC;url=https%3A%2F%2Fjoin.worldoftanks.eu%2F1600946604%2Fno%2F%3Fpub_id%3D6359262%26xid%3D166651429910000TNOTV415326358024Vf9%26xid_param1%3D6359262-2133874209-3759591136%26xid_param2%3D277883820%26sid%3DSIDI9cvlEf5bPlaXd5VUvo5GqRgkInuihNA9RQ_7yrWPEQQW6frmTigpT8eWQN4-eu2XUzUjm-DPvb0sFXEUZGK5Yy5eOJ8A-sZpG3wj8Kp-GJciK9Abc9OUnEjBwMOlfQnXhiYvY01OXc%26enctid%3Dcnt60kdm7mds%26lpsn%3DWOT%2520ONGOING%2520WW%2520Videoback%2520LMS%2520WOTHQ-1691%26foris%3D1%26teclient%3D1666514299990552217%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dsfangt2l%26utm_content%3D6359262;uht=2;fpan=1;fpa=P0-1789652998-1666514318586;pbc=;ns=0;ce=1;qjs=1;qv=7a1cba14-20221011131736;cm=;gdpr=0;ref=;d=worldoftanks.eu;dst=0;et=1666514318586;tzo=0;ogl=;ses=91824062-e030-4eee-b1f4-60e9ff84a4a2 HTTP/1.1 Host: pixel.quantserve.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: pixel.quantserve.com/pixel;r=1492277718;labels=_fp.even (...) FQDN: pixel.quantserve.com IP: 91.228.74.200 HASH: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 91.228.74.200 HTTP/2 200 OK content-type: image/gif date: Sun, 23 Oct 2022 08:38:22 GMT content-length: 35 cache-control: private, no-cache, no-store, proxy-revalidate expires: Fri, 04 Aug 1978 12:00:00 GMT p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" pragma: no-cache set-cookie: mc=6354fd7e-aaed6-a34cb-1270c; expires=Thu, 23-Nov-2023 08:38:22 GMT; path=/; domain=.quantserve.com X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 35 Md5: 55d25e9dc950d5db4d53a3b195c046c6 Sha1: 75e91ae3e549dab12ed1c9787ade9131aef1c981 Sha256: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /ddm/fls/p/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1600946604/no/;u3=WOT%20ONGOING%20WW%20Videoback%20LMS%20WOTHQ-1691;u4=affiliate;u5=sfangt2l;match_id=1666514299990552217;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=373207989;~oref=https://join.worldoftanks.eu/ HTTP/1.1 Host: adservice.google.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://join.worldoftanks.eu/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: adservice.google.no/ddm/fls/p/src=9463992;type=acqpa00; (...) FQDN: adservice.google.no IP: 142.250.74.34 HASH: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 142.250.74.34 HTTP/2 200 OK content-type: image/gif p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Sun, 23 Oct 2022 08:38:22 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, must-revalidate x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 42 Md5: d89746888da2d9510b64a9f031eaecd5 Sha1: d5fceb6532643d0d84ffe09c40c481ecdf59e15a Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
POST /g/collect?v=2&tid=G-77NSW0BT3P&gtm=2oeaj0&_p=1281840602&_gaz=1&gcs=G1--&cid=183657958.1666514318&ul=en-us&sr=1280x1024&_s=1&sid=1666514318&sct=1&seg=0&dl=https%3A%2F%2Fjoin.worldoftanks.eu%2F1600946604%2Fno%2F%3Fpub_id%3D6359262%26xid%3D166651429910000TNOTV415326358024Vf9%26xid_param1%3D6359262-2133874209-3759591136%26xid_param2%3D277883820%26sid%3DSIDI9cvlEf5bPlaXd5VUvo5GqRgkInuihNA9RQ_7yrWPEQQW6frmTigpT8eWQN4-eu2XUzUjm-DPvb0sFXEUZGK5Yy5eOJ8A-sZpG3wj8Kp-GJciK9Abc9OUnEjBwMOlfQnXhiYvY01OXc%26enctid%3Dcnt60kdm7mds%26lpsn%3DWOT%2520ONGOING%2520WW%2520Videoback%2520LMS%2520WOTHQ-1691%26foris%3D1%26teclient%3D1666514299990552217%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dsfangt2l%26utm_content%3D6359262&dt=World%20of%20Tanks%E2%80%94Gratis%20%C3%A5%20spille%20tanksaction%20MMO.%20Last%20ned%20n%C3%A5%20og%20spill%20gratis!&en=page_view&_fv=1&_ss=1&ep.prod_name=wot&ep.prod_realm=eu&ep.prod_lang=no&ep.prod_type=lp&ep.prod_lptype=videoback%2FWOTHQ-1691%2FACQ%2Freg-wg HTTP/1.1 Host: region1.analytics.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://join.worldoftanks.eu Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0	URL: region1.analytics.google.com/g/collect?v=2&tid=G-77NSW0 (...) FQDN: region1.analytics.google.com IP: 216.239.32.36 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 216.239.32.36 HTTP/2 204 No Content content-type: text/plain access-control-allow-origin: https://join.worldoftanks.eu date: Sun, 23 Oct 2022 08:38:22 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate access-control-allow-credentials: true cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rp.gif?ts=1666514318394&id=t2_a043ik42&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=e668be1d-f0e8-432a-a814-5c299a66c3aa&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6 HTTP/1.1 Host: alb.reddit.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: alb.reddit.com/rp.gif?ts=1666514318394&id=t2_a043ik42&e (...) FQDN: alb.reddit.com IP: 151.101.85.140 HASH: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 151.101.85.140 HTTP/2 200 OK content-type: image/gif server: Varnish retry-after: 0 cross-origin-resource-policy: cross-origin accept-ranges: bytes date: Sun, 23 Oct 2022 08:38:22 GMT via: 1.1 varnish content-length: 42 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 42 Md5: d89746888da2d9510b64a9f031eaecd5 Sha1: d5fceb6532643d0d84ffe09c40c481ecdf59e15a Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /sp.pl?a=10000&b=World%20of%20Tanks%E2%80%94Gratis%20%C3%A5%20spille%20tanksaction%20MMO.%20Last%20ned%20n%C3%A5%20og%20spill%20gratis!&.yp=10180089&f=https%3A%2F%2Fjoin.worldoftanks.eu%2F1600946604%2Fno%2F%3Fpub_id%3D6359262%26xid%3D166651429910000TNOTV415326358024Vf9%26xid_param1%3D6359262-2133874209-3759591136%26xid_param2%3D277883820%26sid%3DSIDI9cvlEf5bPlaXd5VUvo5GqRgkInuihNA9RQ_7yrWPEQQW6frmTigpT8eWQN4-eu2XUzUjm-DPvb0sFXEUZGK5Yy5eOJ8A-sZpG3wj8Kp-GJciK9Abc9OUnEjBwMOlfQnXhiYvY01OXc%26enctid%3Dcnt60kdm7mds%26lpsn%3DWOT%2520ONGOING%2520WW%2520Videoback%2520LMS%2520WOTHQ-1691%26foris%3D1%26teclient%3D1666514299990552217%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dsfangt2l%26utm_content%3D6359262&enc=UTF-8&yv=1.13.0&et=custom&ec=LP%20Interaction&ea=Page%20View&el=Landing%20Page&tagmgr=gtm HTTP/1.1 Host: sp.analytics.yahoo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: sp.analytics.yahoo.com/sp.pl?a=10000&b=World%20of%20Tan (...) FQDN: sp.analytics.yahoo.com IP: 98.137.155.8 HASH: 0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39 98.137.155.8 HTTP/2 200 OK content-type: image/gif date: Sun, 23 Oct 2022 08:38:22 GMT expires: Sun, 23 Oct 2022 08:38:22 GMT pragma: no-cache cache-control: no-cache, private, must-revalidate accept-ranges: bytes content-length: 43 server: ATS age: 0 strict-transport-security: max-age=31536000 expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options: DENY x-content-type-options: nosniff referrer-policy: strict-origin-when-cross-origin content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic set-cookie: A3=d=AQABBH79VGMCEOty1enUBG19Dtpht9TjuWoFEgEBAQFOVmNeYwAAAAAA_eMAAA&S=AQAAAlrv0bqkmCDV87xsUeY3-Xs; Expires=Mon, 23 Oct 2023 14:38:22 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: bff56ce49dd485d195fdfa0a02342568 Sha1: 74fb4071deab7d3ab083562067b735df32c43397 Sha256: 0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&d=Sun%2C%2023%20Oct%202022%2008%3A38%3A38%20GMT&n=0&b=World%20of%20Tanks%E2%80%94Gratis%20%C3%A5%20spille%20tanksaction%20MMO.%20Last%20ned%20n%C3%A5%20og%20spill%20gratis!&.yp=10180089&f=https%3A%2F%2Fjoin.worldoftanks.eu%2F1600946604%2Fno%2F%3Fpub_id%3D6359262%26xid%3D166651429910000TNOTV415326358024Vf9%26xid_param1%3D6359262-2133874209-3759591136%26xid_param2%3D277883820%26sid%3DSIDI9cvlEf5bPlaXd5VUvo5GqRgkInuihNA9RQ_7yrWPEQQW6frmTigpT8eWQN4-eu2XUzUjm-DPvb0sFXEUZGK5Yy5eOJ8A-sZpG3wj8Kp-GJciK9Abc9OUnEjBwMOlfQnXhiYvY01OXc%26enctid%3Dcnt60kdm7mds%26lpsn%3DWOT%2520ONGOING%2520WW%2520Videoback%2520LMS%2520WOTHQ-1691%26foris%3D1%26teclient%3D1666514299990552217%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dsfangt2l%26utm_content%3D6359262&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1 Host: sp.analytics.yahoo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: sp.analytics.yahoo.com/sp.pl?a=10000&d=Sun%2C%2023%20Oc (...) FQDN: sp.analytics.yahoo.com IP: 98.137.155.8 HASH: 0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39 98.137.155.8 HTTP/2 200 OK content-type: image/gif date: Sun, 23 Oct 2022 08:38:22 GMT expires: Sun, 23 Oct 2022 08:38:22 GMT pragma: no-cache cache-control: no-cache, private, must-revalidate accept-ranges: bytes content-length: 43 server: ATS age: 0 strict-transport-security: max-age=31536000 expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options: DENY x-content-type-options: nosniff referrer-policy: strict-origin-when-cross-origin content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic set-cookie: A3=d=AQABBH79VGMCEJOj3bEObY2NyL76N87TEn4FEgEBAQFOVmNeYwAAAAAA_eMAAA&S=AQAAAh5s8wx3TqOVCkyk7Rss95I; Expires=Mon, 23 Oct 2023 14:38:22 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: bff56ce49dd485d195fdfa0a02342568 Sha1: 74fb4071deab7d3ab083562067b735df32c43397 Sha256: 0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /1600946604/dist/landing/videoback/eval.js HTTP/1.1 Host: lms-static.wgcdn.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Moz: prefetch Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: lms-static.wgcdn.co/1600946604/dist/landing/videoback/e (...) FQDN: lms-static.wgcdn.co IP: 92.223.84.84 HASH: a6b484f867056eb70f872f3e159a26591e2c653581553f9667946642f1c0759a 92.223.84.84 HTTP/2 200 OK content-type: application/javascript server: nginx date: Sun, 23 Oct 2022 08:38:23 GMT content-length: 177 last-modified: Fri, 01 Jul 2022 12:11:16 GMT etag: "62bee464-b1" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: * cache: HIT x-cached-since: 2022-09-22T18:23:00+00:00 x-id: sto5-up-gc10 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 177 Md5: ab56a375dc50a8ab25c09dd2116ebcd0 Sha1: 19ee177c451c354bedf9d355a34476134464d0be Sha256: a6b484f867056eb70f872f3e159a26591e2c653581553f9667946642f1c0759a
GET /1600946604/dist/landing/videoback/sha3.js HTTP/1.1 Host: lms-static.wgcdn.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Moz: prefetch Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: lms-static.wgcdn.co/1600946604/dist/landing/videoback/s (...) FQDN: lms-static.wgcdn.co IP: 92.223.84.84 HASH: 5b981dbced691785495a8e32bfa6d2a4efc4f5d360fe2108c008cce54d259c89 92.223.84.84 HTTP/2 200 OK content-type: application/javascript server: nginx date: Sun, 23 Oct 2022 08:38:23 GMT last-modified: Fri, 01 Jul 2022 12:11:16 GMT vary: Accept-Encoding etag: W/"62bee464-1704" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: * content-encoding: gzip cache: HIT x-cached-since: 2022-09-22T18:23:00+00:00 x-id: sto5-up-gc10 X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 2447 Md5: 35a6527a525906870dc0368a0a45b352 Sha1: 46abbe73604bcebcb61e643b4eb81ffd9828b17c Sha256: 5b981dbced691785495a8e32bfa6d2a4efc4f5d360fe2108c008cce54d259c89
GET /c.gif HTTP/1.1 Host: c.clarity.ms User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: c.clarity.ms/c.gif FQDN: c.clarity.ms IP: 20.234.93.27 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 20.234.93.27 HTTP/2 302 Found cache-control: private, no-cache, proxy-revalidate, no-store pragma: no-cache location: https://c.bing.com/c.gif?CtsSyncId=78AE7EBF3E5D4A869CA776C9BE9CDD96&RedC=c.clarity.ms&MXFR=0B15A37EDDA664991407B138D9A66AC5 server: Microsoft-IIS/10.0 x-powered-by: ASP.NET p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure; MUID=0B15A37EDDA664991407B138D9A66AC5; domain=.clarity.ms; expires=Fri, 17-Nov-2023 08:38:23 GMT; path=/; SameSite=None; Secure; Priority=High; date: Sun, 23 Oct 2022 08:38:22 GMT content-length: 0 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=78AE7EBF3E5D4A869CA776C9BE9CDD96&RedC=c.clarity.ms&MXFR=0B15A37EDDA664991407B138D9A66AC5 HTTP/1.1 Host: c.bing.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://join.worldoftanks.eu/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: c.bing.com/c.gif?CtsSyncId=78AE7EBF3E5D4A869CA776C9BE9C (...) FQDN: c.bing.com IP: 13.107.21.200 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 13.107.21.200 HTTP/2 302 Found cache-control: private, no-cache, proxy-revalidate, no-store pragma: no-cache location: https://c.clarity.ms/c.gif?CtsSyncId=78AE7EBF3E5D4A869CA776C9BE9CDD96&MUID=2BAEECF047A366941770FEB646566796 p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" set-cookie: SRM_B=2BAEECF047A366941770FEB646566796; domain=c.bing.com; expires=Fri, 17-Nov-2023 08:38:23 GMT; path=/; SameSite=None; Secure; x-powered-by: ASP.NET x-cache: CONFIG_NOCACHE accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref: Ref A: 201CC2663EF54AFEB9327C66A164FE4B Ref B: OSL30EDGE0515 Ref C: 2022-10-23T08:38:23Z date: Sun, 23 Oct 2022 08:38:23 GMT content-length: 0 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=78AE7EBF3E5D4A869CA776C9BE9CDD96&MUID=2BAEECF047A366941770FEB646566796 HTTP/1.1 Host: c.clarity.ms User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://join.worldoftanks.eu/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: c.clarity.ms/c.gif?CtsSyncId=78AE7EBF3E5D4A869CA776C9BE (...) FQDN: c.clarity.ms IP: 20.234.93.27 HASH: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 20.234.93.27 HTTP/2 200 OK content-type: image/gif cache-control: private, no-cache, proxy-revalidate, no-store pragma: no-cache last-modified: Thu, 13 Oct 2022 20:07:05 GMT accept-ranges: bytes etag: "40db785d3fdfd81:0" server: Microsoft-IIS/10.0 x-powered-by: ASP.NET p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Sun, 23-Oct-2022 08:48:23 GMT; path=/; SameSite=None; Secure; date: Sun, 23 Oct 2022 08:38:22 GMT content-length: 42 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 42 Md5: 32023bb33cfb2a1990a4ef2d85b6ac16 Sha1: 23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1 Sha256: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /eus2/s/0.6.43/clarity.js HTTP/1.1 Host: www.clarity.ms User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: www.clarity.ms/eus2/s/0.6.43/clarity.js FQDN: www.clarity.ms IP: 13.107.246.53 HASH: d6c2571ec81a26089e780320513e61f016dfecdd283ba8d54ec31cdbfde21705 13.107.246.53 HTTP/2 200 OK content-type: application/javascript;charset=utf-8 cache-control: public,max-age=86400 content-encoding: br last-modified: Wed, 01 Jun 2022 12:22:22 GMT accept-ranges: bytes etag: "1d8e493fccc944c" vary: Accept-Encoding request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64 x-cache: CONFIG_NOCACHE x-azure-ref: 0fv1UYwAAAACxiRRJyWEFRYiJKF0bhfViU1ZHMjBFREdFMDYxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE= date: Sun, 23 Oct 2022 08:38:21 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (55029) Size: 23642 Md5: 1f1b177be16cbbfa004e309993605c2c Sha1: 9c534d105ef01cd076fae1da85a76b2dcedd368b Sha256: d6c2571ec81a26089e780320513e61f016dfecdd283ba8d54ec31cdbfde21705
GET /quant.js HTTP/1.1 Host: secure.quantserve.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: secure.quantserve.com/quant.js FQDN: secure.quantserve.com IP: 91.228.74.200 91.228.74.200 HTTP/2 200 OK content-type: application/javascript date: Sun, 23 Oct 2022 08:38:22 GMT accept-ranges: bytes cache-control: private, max-age=604800 content-encoding: gzip etag: "cbFpuah7ilcpMTJLYeCgng==" expires: Sun, 30 Oct 2022 08:38:22 GMT vary: Accept-Encoding X-Firefox-Spdy: h2 --- Additional Info ---
GET /1600946604/dist/landing/videoback/riddler.js HTTP/1.1 Host: lms-static.wgcdn.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Moz: prefetch Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: lms-static.wgcdn.co/1600946604/dist/landing/videoback/r (...) FQDN: lms-static.wgcdn.co IP: 92.223.84.84 92.223.84.84 HTTP/2 200 OK content-type: application/javascript server: nginx date: Sun, 23 Oct 2022 08:38:23 GMT last-modified: Fri, 01 Jul 2022 12:11:16 GMT vary: Accept-Encoding etag: W/"62bee464-4391" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: * content-encoding: gzip cache: HIT x-cached-since: 2022-09-22T18:23:00+00:00 x-id: sto5-up-gc10 X-Firefox-Spdy: h2 --- Additional Info ---
GET /css?family=Noto+Sans+KR:400,700\|Roboto+Condensed:400,700&display=swap&subset=cyrillic,greek,vietnamese HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Noto+Sans+KR:400,700\|Ro (...) FQDN: fonts.googleapis.com IP: 142.250.74.10 142.250.74.10 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Sun, 23 Oct 2022 08:38:20 GMT date: Sun, 23 Oct 2022 08:38:20 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---
GET /1600946604/dist/landing/videoback/vendors~app.97349e52.js HTTP/1.1 Host: lms-static.wgcdn.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: lms-static.wgcdn.co/1600946604/dist/landing/videoback/v (...) FQDN: lms-static.wgcdn.co IP: 92.223.84.84 92.223.84.84 HTTP/2 200 OK content-type: application/javascript server: nginx date: Sun, 23 Oct 2022 08:38:20 GMT last-modified: Fri, 01 Jul 2022 12:11:16 GMT vary: Accept-Encoding etag: W/"62bee464-2e3df" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: * content-encoding: gzip cache: HIT x-cached-since: 2022-10-01T16:57:50+00:00 x-id: sto5-up-gc10 X-Firefox-Spdy: h2 --- Additional Info ---
GET /1600946604/dist/landing/videoback/app.e97d588e.js HTTP/1.1 Host: lms-static.wgcdn.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: lms-static.wgcdn.co/1600946604/dist/landing/videoback/a (...) FQDN: lms-static.wgcdn.co IP: 92.223.84.84 92.223.84.84 HTTP/2 200 OK content-type: application/javascript server: nginx date: Sun, 23 Oct 2022 08:38:20 GMT last-modified: Fri, 01 Jul 2022 12:11:16 GMT vary: Accept-Encoding etag: W/"62bee464-14229" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: * content-encoding: gzip cache: HIT x-cached-since: 2022-09-20T10:52:19+00:00 x-id: sto5-up-gc10 X-Firefox-Spdy: h2 --- Additional Info ---
GET /1600946604/dist/landing/videoback/app.9ad664eb.css HTTP/1.1 Host: lms-static.wgcdn.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://join.worldoftanks.eu/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: lms-static.wgcdn.co/1600946604/dist/landing/videoback/a (...) FQDN: lms-static.wgcdn.co IP: 92.223.84.84 92.223.84.84 HTTP/2 200 OK content-type: text/css server: nginx date: Sun, 23 Oct 2022 08:38:20 GMT last-modified: Fri, 01 Jul 2022 12:11:16 GMT vary: Accept-Encoding etag: W/"62bee464-15b6f" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000 access-control-allow-origin: * content-encoding: gzip cache: HIT x-cached-since: 2022-10-01T16:57:50+00:00 x-id: sto5-up-gc10 X-Firefox-Spdy: h2 --- Additional Info ---
GET /collector/is_enabled?pids=22df7ed7-ab83-4fcd-b6a0-e8494aed20d8&tld=eu HTTP/1.1 Host: tr.snapchat.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://join.worldoftanks.eu/ Origin: https://join.worldoftanks.eu Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: tr.snapchat.com/collector/is_enabled?pids=22df7ed7-ab83 (...)

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "310C633350812C064E159275B6DBBDBA6D6A5991A54CCFCC23459320C6513572" 

                                        
                                            
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=15406 

                                        
                                            
Expires: Sun, 23 Oct 2022 12:55:01 GMT 

                                        
                                            
Date: Sun, 23 Oct 2022 08:38:15 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    73c4166ca864f777db2cc1cd8658a7c2

                                                Sha1:   c56b66b0b7c8516d4d5bfafe0c166711c78f3d25

                                                Sha256: 310c633350812c064e159275b6dbbdba6d6a5991a54ccfcc23459320c6513572

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.160.144.191

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: binary/octet-stream

                                        

                                        
                                            
x-amz-id-2: uB+p2WBlH5SRN/24aI2PUSQ16VQooXgnpZTtidg2ucbUSrIckcrbzmtupe/K2ZhbS1Yup0KRrTE= 

                                        
                                            
x-amz-request-id: 9QFKK0BNK8HR6C1J 

                                        
                                            
content-disposition: attachment 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
content-length: 5348 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Sun, 23 Oct 2022 08:08:01 GMT 

                                        
                                            
age: 1815 

                                        
                                            
last-modified: Fri, 30 Sep 2022 18:50:55 GMT 

                                        
                                            
etag: "67d5a988edcda47bc3b3b3f65d32b4b6" 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PEM certificate\012- , ASCII text

                                                Size:   5348

                                                Md5:    67d5a988edcda47bc3b3b3f65d32b4b6

                                                Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f

                                                Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

                                        
                                            GET /v1/tiles HTTP/1.1 

                                        
                                            
Host: contile.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.117.237.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sun, 23 Oct 2022 08:38:16 GMT 

                                        
                                            
content-length: 12 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   12

                                                Md5:    23e88fb7b99543fb33315b29b1fad9d6

                                                Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

                                                Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Content-Length: 329 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                        
                                            
Strict-Transport-Security: max-age=31536000 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Date: Sun, 23 Oct 2022 07:43:40 GMT 

                                        
                                            
Cache-Control: max-age=3600 

                                        
                                            
Expires: Sun, 23 Oct 2022 08:24:41 GMT 

                                        
                                            
ETag: "1648230346554" 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: SZ19l6ICBIQcHxoFvdxN1bOe8XEO-4K-I3UU86RsLR_RKj-koc9JAQ== 

                                        
                                            
Age: 3276 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "61A9C5B0EBB800DD2B380752829AFD8EC5DC95E8EA0CEEB445892E5B08C91D7B" 

                                        
                                            
Last-Modified: Sat, 22 Oct 2022 23:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=6994 

                                        
                                            
Expires: Sun, 23 Oct 2022 10:34:50 GMT 

                                        
                                            
Date: Sun, 23 Oct 2022 08:38:16 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    0eef9ecfc5fd26948b051fdf29ecc862

                                                Sha1:   eb731318d35edf55c1ad4e5bd12380864fffc71c

                                                Sha256: 61a9c5b0ebb800dd2b380752829afd8ec5dc95e8ea0ceeb445892e5b08c91d7b

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 4977 

                                        
                                            
Cache-Control: max-age=89486 

                                        
                                            
Date: Sun, 23 Oct 2022 08:38:16 GMT 

                                        
                                            
Etag: "6353a495-1d7" 

                                        
                                            
Expires: Mon, 24 Oct 2022 09:29:42 GMT 

                                        
                                            
Last-Modified: Sat, 22 Oct 2022 08:06:45 GMT 

                                        
                                            
Server: ECS (ska/F70B) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    fecd12689ba4c6aa556814b7fac0d344

                                                Sha1:   a3005f6333ce5201a73e2857c764a1b0091a91d5

                                                Sha256: 83e0fb564f86df4300e8fc4b5baaf0ed13102c384922d388e02620fb3363a842

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: push.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Sec-WebSocket-Version: 13 

                                        
                                            
Origin: wss://push.services.mozilla.com/ 

                                        
                                            
Sec-WebSocket-Protocol: push-notification 

                                        
                                            
Sec-WebSocket-Extensions: permessage-deflate 

                                        
                                            
Sec-WebSocket-Key: 2iv1aumyoeqHUiEM5DlC/w== 

                                        
                                            
Connection: keep-alive, Upgrade 

                                        
                                            
Sec-Fetch-Dest: websocket 

                                        
                                            
Sec-Fetch-Mode: websocket 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Upgrade: websocket

                                         52.39.57.61

                                        
                                            HTTP/1.1 101 Switching Protocols

                                        

                                        
                                            
Connection: Upgrade 

                                        
                                            
Upgrade: websocket 

                                        
                                            
Sec-WebSocket-Accept: IDOBdaTO+KH3HUULoHf0f/ZTz24= 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "61A9C5B0EBB800DD2B380752829AFD8EC5DC95E8EA0CEEB445892E5B08C91D7B" 

                                        
                                            
Last-Modified: Sat, 22 Oct 2022 23:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=6993 

                                        
                                            
Expires: Sun, 23 Oct 2022 10:34:50 GMT 

                                        
                                            
Date: Sun, 23 Oct 2022 08:38:17 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    0eef9ecfc5fd26948b051fdf29ecc862

                                                Sha1:   eb731318d35edf55c1ad4e5bd12380864fffc71c

                                                Sha256: 61a9c5b0ebb800dd2b380752829afd8ec5dc95e8ea0ceeb445892e5b08c91d7b

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "2A18DBEF5FD383E3D954067DF8989E702A289F5283560803A9CD16436EFC1A09" 

                                        
                                            
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=16777 

                                        
                                            
Expires: Sun, 23 Oct 2022 13:17:54 GMT 

                                        
                                            
Date: Sun, 23 Oct 2022 08:38:17 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    c13e069270e8b0ed16d51faa7fd95a9d

                                                Sha1:   26038333ad32f2cee00e835149f6dacb05b15df6

                                                Sha256: 2a18dbef5fd383e3d954067df8989e702a289f5283560803a9cd16436efc1a09

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1" 

                                        
                                            
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=16155 

                                        
                                            
Expires: Sun, 23 Oct 2022 13:07:33 GMT 

                                        
                                            
Date: Sun, 23 Oct 2022 08:38:18 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    f1b833a135e4d839859e4994f349bb6c

                                                Sha1:   399b607015c4d9200df20084c7396591007dc995

                                                Sha256: 28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1" 

                                        
                                            
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=16155 

                                        
                                            
Expires: Sun, 23 Oct 2022 13:07:33 GMT 

                                        
                                            
Date: Sun, 23 Oct 2022 08:38:18 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    f1b833a135e4d839859e4994f349bb6c

                                                Sha1:   399b607015c4d9200df20084c7396591007dc995

                                                Sha256: 28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F412682e9-14c9-40e4-bfec-f73f656f5e10.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 5348 

                                        
                                            
x-amzn-requestid: d44ded7c-15b6-4c30-a810-4af1edbb9bc3 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: aPYYZEnboAMFcMw= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-634fa102-6bdd3c1a2fa437b106f8ea79;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Wed, 19 Oct 2022 07:02:26 GMT 

                                        
                                            
x-amz-cf-pop: SEA73-P1 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: dx2yJ8T_lM1OMR3h0DUtiV359392U2UyReU6hi4tOxxbvFR0iZ_kAg== 

                                        
                                            
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sat, 22 Oct 2022 22:01:40 GMT 

                                        
                                            
age: 38198 

                                        
                                            
etag: "4b5e283e4397985f837ab28d94c167ddfdb26c7c" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   5348

                                                Md5:    37143b9d51a289f11607b6b0f9ba534a

                                                Sha1:   4b5e283e4397985f837ab28d94c167ddfdb26c7c

                                                Sha256: d664702a83cac4eaee1710fd03ca41e35d62ae699224490367e605b529e45566

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0856e94c-65e7-489a-95b5-cc37407bf90f.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 12031 

                                        
                                            
x-amzn-requestid: 38ca5b87-35e4-46d5-aa1a-15433660ab86 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: aZGifEXzIAMFdHw= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63538476-6c2e5d980616d50c0ef8698a;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 22 Oct 2022 05:49:42 GMT 

                                        
                                            
x-amz-cf-pop: SEA73-P1 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: DpE5uiagdaNLvVqbkou7bVNaLYPZ9vhYawucSE36lWIp65bga3gN2w== 

                                        
                                            
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sun, 23 Oct 2022 08:04:17 GMT 

                                        
                                            
age: 2041 

                                        
                                            
etag: "50d9f1642c3c47504fb2d4086a40ae8fb9479b50" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   12031

                                                Md5:    208445a6f07a7259b8a420c062a81998

                                                Sha1:   50d9f1642c3c47504fb2d4086a40ae8fb9479b50

                                                Sha256: 607a81c5d0210faaa103d09fba1e0b9dde333c5142969272b0b5351a779acfa4

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd19113d-c1df-4109-b7c9-1d4ed544d9d8.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 8639 

                                        
                                            
x-amzn-requestid: e598ff88-e152-4b9e-af16-aa30dcf452a8 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: aX-m5HlMoAMFvjQ= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6353115f-7f17a59522afc40e64ac216d;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:39 GMT 

                                        
                                            
x-amz-cf-pop: SEA73-P1 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: b760bBSu62p--j9lUv-AHR8xZKOPskf1LmXb-lJ_DSiM8k_usKOmwA== 

                                        
                                            
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sat, 22 Oct 2022 22:01:36 GMT 

                                        
                                            
age: 38202 

                                        
                                            
etag: "715f72710799f828e2c06932c33919d8f23844f5" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   8639

                                                Md5:    97e9c05ece38dedeaa752c612029c78d

                                                Sha1:   715f72710799f828e2c06932c33919d8f23844f5

                                                Sha256: 29408c0bd34660a836f59a7abb61c7c2b1f864b31194787ddf4d178314184b96

                                        
                                            GET /zcvisitor/0abb2f27-52ae-11ed-be52-12ff7df229bb/1091bff0-8a8a-11ec-80f2-0a0a528900a9?campaignid=06d8a3f0-48cd-11ed-a334-0a918cbcbb97 HTTP/1.1 

                                        
                                            
Host: bilqi-omv.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                         35.174.150.83

                                        
                                            HTTP/1.1 200  

                                        
                                            
Content-Type: text/html;charset=UTF-8

                                        

                                        
                                            
Date: Sun, 23 Oct 2022 08:38:18 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cache-Control: no-store, no-cache, pre-check=0, post-check=0 

                                        
                                            
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 

                                        
                                            
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 

                                        
                                            
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Allow-Methods: GET,POST,OPTIONS 

                                        
                                            
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag 

                                        
                                            
Server: ajCHvhjZ 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text

                                                Size:   996

                                                Md5:    0048b4d3eff6c4a2888cef5896278d72

                                                Sha1:   b54aa54591ca910705e97d1139156018fb882b71

                                                Sha256: 9b225534997712b08ada7d5c6f0d0efc5d0ddcf95d9969b57b20205fea0948a2

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "D8A9B9361037F474C59EA60DDD5CDCE5172A6C474D9205D347AC3BA2B2F4C71D" 

                                        
                                            
Last-Modified: Fri, 21 Oct 2022 13:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=8946 

                                        
                                            
Expires: Sun, 23 Oct 2022 11:07:25 GMT 

                                        
                                            
Date: Sun, 23 Oct 2022 08:38:19 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    6bec2efbacb4420b536dbb10dc1cc93e

                                                Sha1:   b0bf72b4f3ca363e941a616d55b43534621c11e6

                                                Sha256: d8a9b9361037f474c59ea60ddd5cdce5172a6c474d9205d347ac3ba2b2f4c71d

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sectigo.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         104.18.32.68

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sun, 23 Oct 2022 08:38:19 GMT 

                                        
                                            
Content-Length: 472 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Last-Modified: Sat, 22 Oct 2022 22:25:06 GMT 

                                        
                                            
Expires: Sat, 29 Oct 2022 22:25:05 GMT 

                                        
                                            
Etag: "cfacf43717b7f1d77314dae8390737274d913315" 

                                        
                                            
Cache-Control: max-age=567405,s-maxage=1800,public,no-transform,must-revalidate 

                                        
                                            
X-CCACDN-Proxy-ID: mcdpinlb2 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
CF-Cache-Status: DYNAMIC 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 75e927e1bf12b512-OSL 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    4b4947263357a5cf383a519dcca40228

                                                Sha1:   cfacf43717b7f1d77314dae8390737274d913315

                                                Sha256: 3edf03c09f18dfb6c8677c751e99f9ab6e26890c438338338dcfb218b8d7162a

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 6592 

                                        
                                            
Cache-Control: max-age=93285 

                                        
                                            
Date: Sun, 23 Oct 2022 08:38:19 GMT 

                                        
                                            
Etag: "6353ad20-1d7" 

                                        
                                            
Expires: Mon, 24 Oct 2022 10:33:04 GMT 

                                        
                                            
Last-Modified: Sat, 22 Oct 2022 08:43:12 GMT 

                                        
                                            
Server: ECS (ska/F70B) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    6f804641bcceec9ce007426a49d15975

                                                Sha1:   d41dd39ef11b315898f7f1ed8f110baadc41a15a

                                                Sha256: 6c7c97b56f330b0d83d8396d0338f168eb78eb1c1000d06c246b07cd9aef766b

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 3386 

                                        
                                            
Cache-Control: max-age=100833 

                                        
                                            
Date: Sun, 23 Oct 2022 08:38:20 GMT 

                                        
                                            
Etag: "6353d723-1d7" 

                                        
                                            
Expires: Mon, 24 Oct 2022 12:38:53 GMT 

                                        
                                            
Last-Modified: Sat, 22 Oct 2022 11:42:27 GMT 

                                        
                                            
Server: ECS (ska/F70B) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    edccb62d4a0c76b2e42e2fbd6b8219be

                                                Sha1:   6f4bc89bda5c5ae3e5adca96f9b8b1bce8fb95d2

                                                Sha256: 663e3b8be7d2220f78e321fb42449d80d361ddae47b40559a59579e8cead8034

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sun, 23 Oct 2022 08:38:20 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    ea20460028066b7fba2f10b51d883192

                                                Sha1:   a73b8263a4477aceeda349c7beff7050de9df38b

                                                Sha256: f933a7ff2c6ec9189ba29fdf09da9125ac59d9c03b4a14e14e9f1b5fa5322b1c

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 3713 

                                        
                                            
Cache-Control: max-age=171062 

                                        
                                            
Date: Sun, 23 Oct 2022 08:38:20 GMT 

                                        
                                            
Etag: "6354e831-1d7" 

                                        
                                            
Expires: Tue, 25 Oct 2022 08:09:22 GMT 

                                        
                                            
Last-Modified: Sun, 23 Oct 2022 07:07:29 GMT 

                                        
                                            
Server: ECS (ska/F708) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    c0aa31dd7e786d185b1499d9e8c44c28

                                                Sha1:   2eb00fbd3903548f81ff5a551d23f8eaf0c89747

                                                Sha256: dca521bce5873b86ee71c9dc427b18a275a28ee6f2da06a02dc38a343b2a55b9

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 4792 

                                        
                                            
Cache-Control: max-age=85742 

                                        
                                            
Date: Sun, 23 Oct 2022 08:38:20 GMT 

                                        
                                            
Etag: "635396b2-1d7" 

                                        
                                            
Expires: Mon, 24 Oct 2022 08:27:22 GMT 

                                        
                                            
Last-Modified: Sat, 22 Oct 2022 07:07:30 GMT 

                                        
                                            
Server: ECS (ska/F709) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    3a41b43aec3777baa49530dcbd917494

                                                Sha1:   820e411f8d835bfb7398ea2483a4f78b848c423a

                                                Sha256: c4c2b67e4db5c0f26e2d73ca6853c63d0cb8a542a79c417e180dc56cd2594187

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 3713 

                                        
                                            
Cache-Control: max-age=171062 

                                        
                                            
Date: Sun, 23 Oct 2022 08:38:20 GMT 

                                        
                                            
Etag: "6354e831-1d7" 

                                        
                                            
Expires: Tue, 25 Oct 2022 08:09:22 GMT 

                                        
                                            
Last-Modified: Sun, 23 Oct 2022 07:07:29 GMT 

                                        
                                            
Server: ECS (ska/F708) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    c0aa31dd7e786d185b1499d9e8c44c28

                                                Sha1:   2eb00fbd3903548f81ff5a551d23f8eaf0c89747

                                                Sha256: dca521bce5873b86ee71c9dc427b18a275a28ee6f2da06a02dc38a343b2a55b9

                                        
                                            GET /videoback-ongoing-eu-wothq-1691/9a3147f7202207fd86f303867669af7c_1600947283.png HTTP/1.1 

                                        
                                            
Host: lms-static.wgcdn.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://join.worldoftanks.eu/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         92.223.84.84

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sun, 23 Oct 2022 08:38:20 GMT 

                                        
                                            
content-length: 1572 

                                        
                                            
last-modified: Thu, 24 Sep 2020 11:34:43 GMT 

                                        
                                            
etag: "5f6c8453-624" 

                                        
                                            
expires: Thu, 31 Dec 2037 23:55:55 GMT 

                                        
                                            
cache-control: max-age=315360000 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cache: HIT 

                                        
                                            
x-cached-since: 2022-07-11T09:20:16+00:00 

                                        
                                            
x-id: sto5-up-gc10 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 26 x 25, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   1572

                                                Md5:    65952e9526844e297b5ed12b51af3073

                                                Sha1:   ab06c5be859a20aea602c95a592d366152f66fda

                                                Sha256: 0eb8340c0b3fc3e36cd816cb9ce8e819b64b40ded2504741eb4662bb10eea015

                                        
                                            GET /videoback-ongoing-eu-wothq-1691/04b0ba212e17098cc7786c56bca5d832_1600946934.png HTTP/1.1 

                                        
                                            
Host: lms-static.wgcdn.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://join.worldoftanks.eu/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         92.223.84.84

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sun, 23 Oct 2022 08:38:20 GMT 

                                        
                                            
content-length: 6662 

                                        
                                            
last-modified: Thu, 24 Sep 2020 11:28:54 GMT 

                                        
                                            
etag: "5f6c82f6-1a06" 

                                        
                                            
expires: Thu, 31 Dec 2037 23:55:55 GMT 

                                        
                                            
cache-control: max-age=315360000 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cache: HIT 

                                        
                                            
x-cached-since: 2022-07-11T09:20:16+00:00 

                                        
                                            
x-id: sto5-up-gc10 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 248 x 110, 8-bit colormap, non-interlaced\012- data

                                                Size:   6662

                                                Md5:    91f01fe893320cb394fc52461a1b24a5

                                                Sha1:   f43616cd9e85af6a2a73a914a44085662d123807

                                                Sha256: 3038bb7d8adebbe73e330bbea5739b04efe6b04d5a1d81db314bd29251813967

                                        
                                            GET /videoback-ongoing-eu-wothq-1691/ba06c381ed267fb7dfd6b007931ed0bf_1639483823.png HTTP/1.1 

                                        
                                            
Host: lms-static.wgcdn.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://join.worldoftanks.eu/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         92.223.84.84

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sun, 23 Oct 2022 08:38:20 GMT 

                                        
                                            
content-length: 30233 

                                        
                                            
last-modified: Tue, 14 Dec 2021 12:10:23 GMT 

                                        
                                            
etag: "61b889af-7619" 

                                        
                                            
expires: Thu, 31 Dec 2037 23:55:55 GMT 

                                        
                                            
cache-control: max-age=315360000 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cache: HIT 

                                        
                                            
x-cached-since: 2022-07-11T11:30:21+00:00 

                                        
                                            
x-id: sto5-up-gc10 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 219 x 220, 8-bit grayscale, non-interlaced\012- data

                                                Size:   30233

                                                Md5:    e15fed82b2db8b2e31de05ab2a5601f4

                                                Sha1:   405cbff152f965bdbf3a72faabbff5cafa4bcc14

                                                Sha256: 549b0b011eb72bfb724708d7caeb637c1411be84c32ccbb5a9d7a76afc8b30bd

                                        
                                            GET /videoback-ongoing-eu-wothq-1691/a3c86a67f4c5bb1c6cdb50b1092c0761_1600946860.jpg HTTP/1.1 

                                        
                                            
Host: lms-static.wgcdn.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://join.worldoftanks.eu/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         92.223.84.84

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sun, 23 Oct 2022 08:38:20 GMT 

                                        
                                            
content-length: 373020 

                                        
                                            
last-modified: Thu, 24 Sep 2020 11:27:40 GMT 

                                        
                                            
etag: "5f6c82ac-5b11c" 

                                        
                                            
expires: Thu, 31 Dec 2037 23:55:55 GMT 

                                        
                                            
cache-control: max-age=315360000 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cache: HIT 

                                        
                                            
x-cached-since: 2022-09-19T12:11:21+00:00 

                                        
                                            
x-id: sto5-up-gc10 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data

                                                Size:   373020

                                                Md5:    6baad877e262149d8eea54bb33563765

                                                Sha1:   e4584c51785969af9c25718cff399e0e444af9a9

                                                Sha256: f6a40920a81d3a3489189bbb747f7d3e1b2a87f7568361e4872353bc2cb082b2

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sun, 23 Oct 2022 08:38:20 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    05ee461624e2ec37f65e859afe6543ba

                                                Sha1:   b99dcb558535d3d35d140e730aeeb41587622b30

                                                Sha256: 576b3bf619d0a152889cc44165a229ad0100ccc319cf4d9044b2f26d4b676658

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sun, 23 Oct 2022 08:38:20 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    9f84a11cd39c014fffc187f2a8b0d8df

                                                Sha1:   1875e117dec3fc707db902e87df9ec691b2cc763

                                                Sha256: bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sun, 23 Oct 2022 08:38:20 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    9f84a11cd39c014fffc187f2a8b0d8df

                                                Sha1:   1875e117dec3fc707db902e87df9ec691b2cc763

                                                Sha256: bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1

                                        
                                            GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1 

                                        
                                            
Host: fonts.gstatic.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Origin: https://join.worldoftanks.eu 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fonts.googleapis.com/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         216.58.207.195

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: font/woff2

                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="apps-themes" 

                                        
                                            
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-length: 15700 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Fri, 21 Oct 2022 16:04:44 GMT 

                                        
                                            
expires: Sat, 21 Oct 2023 16:04:44 GMT 

                                        
                                            
cache-control: public, max-age=31536000 

                                        
                                            
age: 146016 

                                        
                                            
last-modified: Tue, 19 Apr 2022 18:51:55 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data

                                                Size:   15700

                                                Md5:    3d7f7413fca69bff4d231ebdc50aaab0

                                                Sha1:   cb18e7943b6a8a0e3672d7242197c19a226b92e8

                                                Sha256: 6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

                                        
                                            GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19G7DRs5.woff2 HTTP/1.1 

                                        
                                            
Host: fonts.gstatic.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Origin: https://join.worldoftanks.eu 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fonts.googleapis.com/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         216.58.207.195

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: font/woff2

                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="apps-themes" 

                                        
                                            
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-length: 7120 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Thu, 20 Oct 2022 17:23:54 GMT 

                                        
                                            
expires: Fri, 20 Oct 2023 17:23:54 GMT 

                                        
                                            
cache-control: public, max-age=31536000 

                                        
                                            
age: 227666 

                                        
                                            
last-modified: Tue, 19 Apr 2022 18:54:03 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format (Version 2), TrueType, length 7120, version 1.0\012- data

                                                Size:   7120

                                                Md5:    1e58a6b01c300f7c84abdacf53503eaf

                                                Sha1:   ed6f0d2f1564e5d763e07a8fde2f16c5e911f32f

                                                Sha256: 85f70e68e3ba976fbfee39a96c5275550eb881f302c7dedf91aa7d0a802ba5f6

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sun, 23 Oct 2022 08:38:20 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    9f84a11cd39c014fffc187f2a8b0d8df

                                                Sha1:   1875e117dec3fc707db902e87df9ec691b2cc763

                                                Sha256: bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1

                                        
                                            GET /videoback-ongoing-eu-wothq-1691/50e485b431d538125efcbfa8fc76a665_1600946565.png HTTP/1.1 

                                        
                                            
Host: lms-static.wgcdn.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://join.worldoftanks.eu/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         92.223.84.84

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sun, 23 Oct 2022 08:38:20 GMT 

                                        
                                            
content-length: 5124 

                                        
                                            
last-modified: Thu, 24 Sep 2020 11:22:45 GMT 

                                        
                                            
etag: "5f6c8185-1404" 

                                        
                                            
expires: Thu, 31 Dec 2037 23:55:55 GMT 

                                        
                                            
cache-control: max-age=315360000 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cache: HIT 

                                        
                                            
x-cached-since: 2022-07-11T09:20:19+00:00 

                                        
                                            
x-id: sto5-up-gc10 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   5124

                                                Md5:    c28eb738166485ff11b13d9e74a52be8

                                                Sha1:   dd161225ce2e844e2d6f05753e5210d922934ec6

                                                Sha256: 2e9c3e61433c5952bd3b7d963ae90d9789c262a67411447bbaa1b598f53c2411

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 6496 

                                        
                                            
Cache-Control: max-age=149337 

                                        
                                            
Date: Sun, 23 Oct 2022 08:38:22 GMT 

                                        
                                            
Etag: "63548877-1d7" 

                                        
                                            
Expires: Tue, 25 Oct 2022 02:07:19 GMT 

                                        
                                            
Last-Modified: Sun, 23 Oct 2022 00:19:03 GMT 

                                        
                                            
Server: ECS (ska/F713) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    aaa41c3017784be7bfe3937bb4975afb

                                                Sha1:   9c2314e6f23bb7d42c71b334b32abf87ab59e314

                                                Sha256: 1e715af11344f63c3a22960250d1f8d6bcbd0f262adc34a5fab2652840406a17

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sun, 23 Oct 2022 08:38:21 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 471 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    aaa80dd51eaef47c83770b112b9e286c

                                                Sha1:   bfd081a3ad2267e522a20b45695cd8a0860b4ad3

                                                Sha256: 049ff9ce34cf51144dd1c80c0155d98ef0fa3c50234431de3c3c691624f840bd

                                        
                                            GET /en_US/fbevents.js HTTP/1.1 

                                        
                                            
Host: connect.facebook.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://join.worldoftanks.eu/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         31.13.72.12

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/x-javascript; charset=utf-8

                                        

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-encoding: gzip 

                                        
                                            
x-fb-rlafr: 0 

                                        
                                            
document-policy: force-load-at-top 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin-allow-popups 

                                        
                                            
pragma: public 

                                        
                                            
cache-control: public, max-age=1200 

                                        
                                            
expires: Sat, 01 Jan 2000 00:00:00 GMT 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
strict-transport-security: max-age=31536000; preload; includeSubDomains 

                                        
                                            
x-fb-debug: kqu/tw7+jCwPZ+HuDv5bqsh/CBG/7v8O5//uSArmSzISD7siXa4z8QBQDKItAQlcsa5WJZFlc149d/lHDUJv5Q== 

                                        
                                            
content-length: 27027 

                                        
                                            
x-fb-trip-id: 1904183273 

                                        
                                            
date: Sun, 23 Oct 2022 08:38:22 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (64348)

                                                Size:   27027

                                                Md5:    71875f848896ee82a106224e048bd060

                                                Sha1:   277a624e507dff2cd9cff104aa0c5618ca76e105

                                                Sha256: a22635e404a419027fc88eee705d254910d05d481953733d5e1fda4bc6ab3c5b

                                        
                                            GET /bat.js HTTP/1.1 

                                        
                                            
Host: bat.bing.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://join.worldoftanks.eu/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         13.107.21.200

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
cache-control: private,max-age=1800 

                                        
                                            
content-length: 11367 

                                        
                                            
content-encoding: gzip 

                                        
                                            
last-modified: Thu, 28 Jul 2022 17:32:37 GMT 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
etag: "80a8697a8a2d81:0" 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
set-cookie: MUID=28B0AC0DC9D269610305BE4BC8276844; domain=.bing.com; expires=Fri, 17-Nov-2023 08:38:22 GMT; path=/; SameSite=None; Secure; Priority=High; 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains; preload 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-cache: CONFIG_NOCACHE 

                                        
                                            
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version 

                                        
                                            
x-msedge-ref: Ref A: 871AAF91F79946488F5964AA2B97F91E Ref B: OSL30EDGE0515 Ref C: 2022-10-23T08:38:21Z 

                                        
                                            
date: Sun, 23 Oct 2022 08:38:21 GMT 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Unicode text, UTF-8 text, with very long lines (38826), with no line terminators

                                                Size:   11367

                                                Md5:    293ae3e0fc8b0d5c143fdf9d8490228d

                                                Sha1:   3976c659b908e70818a3a1ac71860b497fe2d1a9

                                                Sha256: 04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab

                                        
                                            GET /jump/next.php?r=6359262&sub1=heliotrope-eel&sub2=echo-rid-1ozwpgpq2m HTTP/1.1 

                                        
                                            
Host: adspredictiv.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://go.money616.xyz/ 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         35.190.38.40

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html; charset=utf-8

                                        

                                        
                                            
server: openresty 

                                        
                                            
date: Sun, 23 Oct 2022 08:38:19 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-encoding: gzip 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   3227

                                                Md5:    3b203cb1d5a75556f8c5f6ac45585271

                                                Sha1:   ba56a6008ba8f53c2faae8644e4b654703bf44eb

                                                Sha256: 38338eaf589550157a6c58af71f8243c7a64c5437c66649c66e096ce63643d1e

                                        
                                            GET /wi/ytc.js HTTP/1.1 

                                        
                                            
Host: s.yimg.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://join.worldoftanks.eu/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         87.248.119.252

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
x-amz-id-2: tYV2ePyU8HVdeUYwx1aAo+Ll4uY24xQcUk82Zb7FPTBmaLa70N60AhZRiQTYj9+a0OFiQyChl/U= 

                                        
                                            
x-amz-request-id: PK5M1VYZKWKWQJRM 

                                        
                                            
date: Sun, 23 Oct 2022 08:38:17 GMT 

                                        
                                            
last-modified: Tue, 14 Jun 2022 12:21:31 GMT 

                                        
                                            
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle" 

                                        
                                            
etag: "6a624022b5d271dcefb070b0b6670abc-df" 

                                        
                                            
x-amz-server-side-encryption: AES256 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: ATS 

                                        
                                            
referrer-policy: no-referrer-when-downgrade 

                                        
                                            
vary: Origin, Accept-Encoding 

                                        
                                            
age: 6 

                                        
                                            
content-encoding: gzip 

                                        
                                            
strict-transport-security: max-age=15552000 

                                        
                                            
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   6401

                                                Md5:    ac3c4b53650e700e0ab2cc7fd7e4dd8f

                                                Sha1:   68c58684a4266f077d12bcd658c881ff4b29041e

                                                Sha256: 3daf989b034253ce77e9ba5cb3962d5206361a3946c2c547434196e9596b893a

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sun, 23 Oct 2022 08:38:22 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    e082919080a1a229ac3eec9b7b857933

                                                Sha1:   a5847abc620bd00e87afda17746b0a590e0c9464

                                                Sha256: ca7fa279357206e9e419d5b80281cc14bc5666b20ef262560dea86d31132c729

                                        
                                            GET /pagead/viewthroughconversion/1006839708/?random=1666514318060&cv=9&fst=1666514318060&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgaj0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fjoin.worldoftanks.eu%2F1600946604%2Fno%2F%3Fpub_id%3D6359262%26xid%3D166651429910000TNOTV415326358024Vf9%26xid_param1%3D6359262-2133874209-3759591136%26xid_param2%3D277883820%26sid%3DSIDI9cvlEf5bPlaXd5VUvo5GqRgkInuihNA9RQ_7yrWPEQQW6frmTigpT8eWQN4-eu2XUzUjm-DPvb0sFXEUZGK5Yy5eOJ8A-sZpG3wj8Kp-GJciK9Abc9OUnEjBwMOlfQnXhiYvY01OXc%26enctid%3Dcnt60kdm7mds%26lpsn%3DWOT%2520ONGOING%2520WW%2520Videoback%2520LMS%2520WOTHQ-1691%26foris%3D1%26teclient%3D1666514299990552217%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dsfangt2l%26utm_content%3D6359262&tiba=World%20of%20Tanks%E2%80%94Gratis%20%C3%A5%20spille%20tanksaction%20MMO.%20Last%20ned%20n%C3%A5%20og%20spill%20gratis!&auid=122829167.1666514317&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1 

                                        
                                            
Host: googleads.g.doubleclick.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://join.worldoftanks.eu/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         216.58.207.226

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/javascript; charset=UTF-8

                                        

                                        
                                            
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
date: Sun, 23 Oct 2022 08:38:22 GMT 

                                        
                                            
pragma: no-cache 

                                        
                                            
expires: Fri, 01 Jan 1990 00:00:00 GMT 

                                        
                                            
cache-control: no-cache, must-revalidate 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-disposition: attachment; filename="f.txt" 

                                        
                                            
content-encoding: gzip 

                                        
                                            
server: cafe 

                                        
                                            
content-length: 1447 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
set-cookie: test_cookie=CheckForPermission; expires=Sun, 23-Oct-2022 08:53:22 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (3460), with no line terminators

                                                Size:   1447

                                                Md5:    be2f066e2c1842f77db4dd47f8943386

                                                Sha1:   09e53b4c4b0ae8cc47d3bc7dfe6a2cc03e30b666

                                                Sha256: 1381f7f589b29353f8f7ee31da652dd3a9e5b4824047398e2ff37bcf4f1a4099

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sun, 23 Oct 2022 08:38:22 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    32b18cf6617f4e930872c1470af05703

                                                Sha1:   4c07ce8749baf89e9812de6bb45deb0a3fc5013e

                                                Sha256: 23481ba8ebf19debe4a6119d605ad31c0589a08bbc253a6428938ac9a84d5b22

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sun, 23 Oct 2022 08:38:22 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    e082919080a1a229ac3eec9b7b857933

                                                Sha1:   a5847abc620bd00e87afda17746b0a590e0c9464

                                                Sha256: ca7fa279357206e9e419d5b80281cc14bc5666b20ef262560dea86d31132c729

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 2778 

                                        
                                            
Cache-Control: max-age=165420 

                                        
                                            
Date: Sun, 23 Oct 2022 08:38:22 GMT 

                                        
                                            
Etag: "6354d5d0-1d7" 

                                        
                                            
Expires: Tue, 25 Oct 2022 06:35:22 GMT 

                                        
                                            
Last-Modified: Sun, 23 Oct 2022 05:49:04 GMT 

                                        
                                            
Server: ECS (ska/F713) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    824126ba460978b26e51bbefa77ba83e

                                                Sha1:   1118bf44441420936c009f69db0f1f96883d30f0

                                                Sha256: 3d0a942268e4987a05a4c449f0b67685225112e30f75c5c30fb58e5a839bafd9

                                        
                                            GET /cm/i?pid=22df7ed7-ab83-4fcd-b6a0-e8494aed20d8&u_scsid=0b78d537-317f-4761-873f-911ec3b20c55&u_sclid=ed0fec1d-553b-43c7-9cec-083586dca394 HTTP/1.1 

                                        
                                            
Host: tr.snapchat.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://join.worldoftanks.eu/ 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: iframe 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         35.190.43.134

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html

                                        

                                        
                                            
date: Sun, 23 Oct 2022 08:38:22 GMT 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains; preload 

                                        
                                            
content-length: 0 

                                        
                                            
x-envoy-upstream-service-time: 1 

                                        
                                            
server: API Gateway 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /p/action/26043906.js HTTP/1.1 

                                        
                                            
Host: bat.bing.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://join.worldoftanks.eu/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         13.107.21.200

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=utf-8

                                        

                                        
                                            
cache-control: private,max-age=60 

                                        
                                            
content-length: 1423 

                                        
                                            
content-encoding: gzip 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
set-cookie: MUID=31C2B6E848766BB13188A4AE49836AB5; domain=.bing.com; expires=Fri, 17-Nov-2023 08:38:22 GMT; path=/; SameSite=None; Secure; Priority=High; 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains; preload 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-cache: CONFIG_NOCACHE 

                                        
                                            
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version 

                                        
                                            
x-msedge-ref: Ref A: FEDB1A8416754096A8E3F73BCB2323C0 Ref B: OSL30EDGE0515 Ref C: 2022-10-23T08:38:22Z 

                                        
                                            
date: Sun, 23 Oct 2022 08:38:22 GMT 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with CRLF line terminators

                                                Size:   1423

                                                Md5:    5ccab94753771a3d9f34c937a0edda89

                                                Sha1:   0e4f16622e090eaa09fc6c910fbe979ca4fb0a65

                                                Sha256: 2f60750d4aadf9925d7d1a28a1c94ffb13c7e6a851af89805440b7d57a5832aa

                                        
                                            GET /init?pids=22df7ed7-ab83-4fcd-b6a0-e8494aed20d8 HTTP/1.1 

                                        
                                            
Host: tr.snapchat.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://join.worldoftanks.eu/ 

                                        
                                            
Origin: https://join.worldoftanks.eu 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         35.190.43.134

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
date: Sun, 23 Oct 2022 08:38:22 GMT 

                                        
                                            
access-control-allow-origin: https://join.worldoftanks.eu 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains; preload 

                                        
                                            
x-envoy-upstream-service-time: 0 

                                        
                                            
content-encoding: gzip 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: API Gateway 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   129

                                                Md5:    08175f93be41576390e91ec665509fcf

                                                Sha1:   01c7a04cbcda6d039543aef4740d4df7aa141ad8

                                                Sha256: 001648221631680bcc5682b0b4fe6543b4929f1a560200bf7f08f338afa2a233

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sun, 23 Oct 2022 08:38:22 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    e3ae8884dbbabf14b5929dbc3b512794

                                                Sha1:   de6193115a075ac52ce357860db2e2ef9a83be8f

                                                Sha256: b28c05d5d828380e6afebdb13654fa0c2acdd6a074df31f17930612195eae656

                                        
                                            GET /ddm/activity/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1600946604/no/;u3=WOT%20ONGOING%20WW%20Videoback%20LMS%20WOTHQ-1691;u4=affiliate;u5=sfangt2l;match_id=1666514299990552217;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=373207989 HTTP/1.1 

                                        
                                            
Host: ad.doubleclick.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://join.worldoftanks.eu/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.102

                                        
                                            HTTP/2 302 Found 

                                        
                                            
content-type: text/html; charset=UTF-8

                                        

                                        
                                            
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
date: Sun, 23 Oct 2022 08:38:22 GMT 

                                        
                                            
pragma: no-cache 

                                        
                                            
expires: Fri, 01 Jan 1990 00:00:00 GMT 

                                        
                                            
cache-control: no-cache, must-revalidate 

                                        
                                            
location: https://adservice.google.com/ddm/fls/p/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1600946604/no/;u3=WOT%20ONGOING%20WW%20Videoback%20LMS%20WOTHQ-1691;u4=affiliate;u5=sfangt2l;match_id=1666514299990552217;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=373207989;~oref=https://join.worldoftanks.eu/ 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: cafe 

                                        
                                            
content-length: 0 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
set-cookie: test_cookie=CheckForPermission; expires=Sun, 23-Oct-2022 08:53:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sun, 23 Oct 2022 08:38:22 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    e3ae8884dbbabf14b5929dbc3b512794

                                                Sha1:   de6193115a075ac52ce357860db2e2ef9a83be8f

                                                Sha256: b28c05d5d828380e6afebdb13654fa0c2acdd6a074df31f17930612195eae656

                                        
                                            GET /banners/scripts/st/trackpoint-async.js HTTP/1.1 

                                        
                                            
Host: s2.adform.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://join.worldoftanks.eu/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         37.157.2.247

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sun, 23 Oct 2022 08:38:22 GMT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
last-modified: Wed, 05 Oct 2022 12:23:24 GMT 

                                        
                                            
x-rgw-object-type: Normal 

                                        
                                            
etag: W/"4cb8e818a3c8dda5fd80d6d9a55d958d" 

                                        
                                            
x-amz-request-id: tx00000655b730b984fd408-006354fb05-329385b8-default 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cache-control: public, max-age=604800 

                                        
                                            
x-cache-status: HIT 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   30865

                                                Md5:    2c4c8842224309163b2c49196f8edd8b

                                                Sha1:   da58d1c9e6e196158924f54ca6d6f53cc02435ea

                                                Sha256: ad23a6310a683184c3295f88e4c7d08ffe62427aba93d132004f1789be3b331d

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-150089307-6&cid=183657958.1666514318&jid=1552453867&gjid=289938983&_gid=1981571764.1666514318&_u=YGhACEABBAAAACAEO~&z=730434146 HTTP/1.1 

                                        
                                            
Host: stats.g.doubleclick.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: text/plain 

                                        
                                            
Content-Length: 0 

                                        
                                            
Origin: https://join.worldoftanks.eu 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://join.worldoftanks.eu/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         173.194.222.157

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/plain

                                        

                                        
                                            
access-control-allow-origin: https://join.worldoftanks.eu 

                                        
                                            
strict-transport-security: max-age=10886400; includeSubDomains; preload 

                                        
                                            
date: Sun, 23 Oct 2022 08:38:22 GMT 

                                        
                                            
pragma: no-cache 

                                        
                                            
expires: Fri, 01 Jan 1990 00:00:00 GMT 

                                        
                                            
cache-control: no-cache, no-store, must-revalidate 

                                        
                                            
last-modified: Sun, 17 May 1998 03:00:00 GMT 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
server: Golfe2 

                                        
                                            
content-length: 4 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with no line terminators

                                                Size:   4

                                                Md5:    48c0473b7821185d937e685216e2168b

                                                Sha1:   3743e47f8a429a5e87b86cb582d78940733d9d2e

                                                Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

                                        
                                            GET /ddm/fls/p/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1600946604/no/;u3=WOT%20ONGOING%20WW%20Videoback%20LMS%20WOTHQ-1691;u4=affiliate;u5=sfangt2l;match_id=1666514299990552217;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=373207989;~oref=https://join.worldoftanks.eu/ HTTP/1.1 

                                        
                                            
Host: adservice.google.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://join.worldoftanks.eu/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.130

                                        
                                            HTTP/2 302 Found 

                                        
                                            
content-type: text/html; charset=UTF-8

                                        

                                        
                                            
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
date: Sun, 23 Oct 2022 08:38:22 GMT 

                                        
                                            
pragma: no-cache 

                                        
                                            
expires: Fri, 01 Jan 1990 00:00:00 GMT 

                                        
                                            
cache-control: no-cache, must-revalidate 

                                        
                                            
location: https://adservice.google.no/ddm/fls/p/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1600946604/no/;u3=WOT%20ONGOING%20WW%20Videoback%20LMS%20WOTHQ-1691;u4=affiliate;u5=sfangt2l;match_id=1666514299990552217;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=373207989;~oref=https://join.worldoftanks.eu/ 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: cafe 

                                        
                                            
content-length: 0 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /Serving/TrackPoint/?CC=1&pm=2446135&ADFPageName=WOT%20-%20EU%20-%20Landing%20Page&ADFdivider=%7C&ord=730482327784&ADFtpmode=2&loc=https%3A%2F%2Fjoin.worldoftanks.eu%2F1600946604%2Fno%2F%3Fpub_id%3D6359262%26xid%3D166651429910000TNOTV415326358024Vf9%26&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1 

                                        
                                            
Host: a1.adform.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://join.worldoftanks.eu/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         37.157.6.248

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/javascript; charset=utf-8

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sun, 23 Oct 2022 08:38:22 GMT 

                                        
                                            
content-length: 196 

                                        
                                            
cache-control: no-cache, no-store, must-revalidate, no-transform 

                                        
                                            
pragma: no-cache 

                                        
                                            
content-encoding: gzip 

                                        
                                            
expires: -1 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with CRLF line terminators

                                                Size:   196

                                                Md5:    0ede06ce62bcf9e842e1b0f3313e6f83

                                                Sha1:   a1a6675d17c5e308cbf033eb3d53fd8d12272be4

                                                Sha256: b453c48d135033a9f54030c39d0241419c85531378e79ef47a5991ab5d418a97

                                        
                                            GET /pixel;r=1492277718;labels=_fp.event.PageView;source=gtm;event=refresh;rf=0;a=p-UH9pPWqqbvvtC;url=https%3A%2F%2Fjoin.worldoftanks.eu%2F1600946604%2Fno%2F%3Fpub_id%3D6359262%26xid%3D166651429910000TNOTV415326358024Vf9%26xid_param1%3D6359262-2133874209-3759591136%26xid_param2%3D277883820%26sid%3DSIDI9cvlEf5bPlaXd5VUvo5GqRgkInuihNA9RQ_7yrWPEQQW6frmTigpT8eWQN4-eu2XUzUjm-DPvb0sFXEUZGK5Yy5eOJ8A-sZpG3wj8Kp-GJciK9Abc9OUnEjBwMOlfQnXhiYvY01OXc%26enctid%3Dcnt60kdm7mds%26lpsn%3DWOT%2520ONGOING%2520WW%2520Videoback%2520LMS%2520WOTHQ-1691%26foris%3D1%26teclient%3D1666514299990552217%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dsfangt2l%26utm_content%3D6359262;uht=2;fpan=1;fpa=P0-1789652998-1666514318586;pbc=;ns=0;ce=1;qjs=1;qv=7a1cba14-20221011131736;cm=;gdpr=0;ref=;d=worldoftanks.eu;dst=0;et=1666514318586;tzo=0;ogl=;ses=91824062-e030-4eee-b1f4-60e9ff84a4a2 HTTP/1.1 

                                        
                                            
Host: pixel.quantserve.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://join.worldoftanks.eu/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         91.228.74.200

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/gif

                                        

                                        
                                            
date: Sun, 23 Oct 2022 08:38:22 GMT 

                                        
                                            
content-length: 35 

                                        
                                            
cache-control: private, no-cache, no-store, proxy-revalidate 

                                        
                                            
expires: Fri, 04 Aug 1978 12:00:00 GMT 

                                        
                                            
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" 

                                        
                                            
pragma: no-cache 

                                        
                                            
set-cookie: mc=6354fd7e-aaed6-a34cb-1270c; expires=Thu, 23-Nov-2023 08:38:22 GMT; path=/; domain=.quantserve.com 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 89a, 1 x 1\012- data

                                                Size:   35

                                                Md5:    55d25e9dc950d5db4d53a3b195c046c6

                                                Sha1:   75e91ae3e549dab12ed1c9787ade9131aef1c981

                                                Sha256: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

                                        
                                            POST /g/collect?v=2&tid=G-77NSW0BT3P&gtm=2oeaj0&_p=1281840602&_gaz=1&gcs=G1--&cid=183657958.1666514318&ul=en-us&sr=1280x1024&_s=1&sid=1666514318&sct=1&seg=0&dl=https%3A%2F%2Fjoin.worldoftanks.eu%2F1600946604%2Fno%2F%3Fpub_id%3D6359262%26xid%3D166651429910000TNOTV415326358024Vf9%26xid_param1%3D6359262-2133874209-3759591136%26xid_param2%3D277883820%26sid%3DSIDI9cvlEf5bPlaXd5VUvo5GqRgkInuihNA9RQ_7yrWPEQQW6frmTigpT8eWQN4-eu2XUzUjm-DPvb0sFXEUZGK5Yy5eOJ8A-sZpG3wj8Kp-GJciK9Abc9OUnEjBwMOlfQnXhiYvY01OXc%26enctid%3Dcnt60kdm7mds%26lpsn%3DWOT%2520ONGOING%2520WW%2520Videoback%2520LMS%2520WOTHQ-1691%26foris%3D1%26teclient%3D1666514299990552217%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dsfangt2l%26utm_content%3D6359262&dt=World%20of%20Tanks%E2%80%94Gratis%20%C3%A5%20spille%20tanksaction%20MMO.%20Last%20ned%20n%C3%A5%20og%20spill%20gratis!&en=page_view&_fv=1&_ss=1&ep.prod_name=wot&ep.prod_realm=eu&ep.prod_lang=no&ep.prod_type=lp&ep.prod_lptype=videoback%2FWOTHQ-1691%2FACQ%2Freg-wg HTTP/1.1 

                                        
                                            
Host: region1.analytics.google.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: https://join.worldoftanks.eu 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://join.worldoftanks.eu/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Content-Length: 0

                                         216.239.32.36

                                        
                                            HTTP/2 204 No Content 

                                        
                                            
content-type: text/plain

                                        

                                        
                                            
access-control-allow-origin: https://join.worldoftanks.eu 

                                        
                                            
date: Sun, 23 Oct 2022 08:38:22 GMT 

                                        
                                            
pragma: no-cache 

                                        
                                            
expires: Fri, 01 Jan 1990 00:00:00 GMT 

                                        
                                            
cache-control: no-cache, no-store, must-revalidate 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
server: Golfe2 

                                        
                                            
content-length: 0 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /sp.pl?a=10000&b=World%20of%20Tanks%E2%80%94Gratis%20%C3%A5%20spille%20tanksaction%20MMO.%20Last%20ned%20n%C3%A5%20og%20spill%20gratis!&.yp=10180089&f=https%3A%2F%2Fjoin.worldoftanks.eu%2F1600946604%2Fno%2F%3Fpub_id%3D6359262%26xid%3D166651429910000TNOTV415326358024Vf9%26xid_param1%3D6359262-2133874209-3759591136%26xid_param2%3D277883820%26sid%3DSIDI9cvlEf5bPlaXd5VUvo5GqRgkInuihNA9RQ_7yrWPEQQW6frmTigpT8eWQN4-eu2XUzUjm-DPvb0sFXEUZGK5Yy5eOJ8A-sZpG3wj8Kp-GJciK9Abc9OUnEjBwMOlfQnXhiYvY01OXc%26enctid%3Dcnt60kdm7mds%26lpsn%3DWOT%2520ONGOING%2520WW%2520Videoback%2520LMS%2520WOTHQ-1691%26foris%3D1%26teclient%3D1666514299990552217%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dsfangt2l%26utm_content%3D6359262&enc=UTF-8&yv=1.13.0&et=custom&ec=LP%20Interaction&ea=Page%20View&el=Landing%20Page&tagmgr=gtm HTTP/1.1 

                                        
                                            
Host: sp.analytics.yahoo.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://join.worldoftanks.eu/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         98.137.155.8

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/gif

                                        

                                        
                                            
date: Sun, 23 Oct 2022 08:38:22 GMT 

                                        
                                            
expires: Sun, 23 Oct 2022 08:38:22 GMT 

                                        
                                            
pragma: no-cache 

                                        
                                            
cache-control: no-cache, private, must-revalidate 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
content-length: 43 

                                        
                                            
server: ATS 

                                        
                                            
age: 0 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
referrer-policy: strict-origin-when-cross-origin 

                                        
                                            
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic 

                                        
                                            
set-cookie: A3=d=AQABBH79VGMCEOty1enUBG19Dtpht9TjuWoFEgEBAQFOVmNeYwAAAAAA_eMAAA&S=AQAAAlrv0bqkmCDV87xsUeY3-Xs; Expires=Mon, 23 Oct 2023 14:38:22 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 89a, 1 x 1\012- data

                                                Size:   43

                                                Md5:    bff56ce49dd485d195fdfa0a02342568

                                                Sha1:   74fb4071deab7d3ab083562067b735df32c43397

                                                Sha256: 0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

                                        
                                            GET /1600946604/dist/landing/videoback/eval.js HTTP/1.1 

                                        
                                            
Host: lms-static.wgcdn.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
X-Moz: prefetch 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://join.worldoftanks.eu/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         92.223.84.84

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sun, 23 Oct 2022 08:38:23 GMT 

                                        
                                            
content-length: 177 

                                        
                                            
last-modified: Fri, 01 Jul 2022 12:11:16 GMT 

                                        
                                            
etag: "62bee464-b1" 

                                        
                                            
expires: Thu, 31 Dec 2037 23:55:55 GMT 

                                        
                                            
cache-control: max-age=315360000 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cache: HIT 

                                        
                                            
x-cached-since: 2022-09-22T18:23:00+00:00 

                                        
                                            
x-id: sto5-up-gc10 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text

                                                Size:   177

                                                Md5:    ab56a375dc50a8ab25c09dd2116ebcd0

                                                Sha1:   19ee177c451c354bedf9d355a34476134464d0be

                                                Sha256: a6b484f867056eb70f872f3e159a26591e2c653581553f9667946642f1c0759a

                                        
                                            GET /c.gif HTTP/1.1 

                                        
                                            
Host: c.clarity.ms

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://join.worldoftanks.eu/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         20.234.93.27

                                        
                                            HTTP/2 302 Found

                                        

                                        
                                            
cache-control: private, no-cache, proxy-revalidate, no-store 

                                        
                                            
pragma: no-cache 

                                        
                                            
location: https://c.bing.com/c.gif?CtsSyncId=78AE7EBF3E5D4A869CA776C9BE9CDD96&RedC=c.clarity.ms&MXFR=0B15A37EDDA664991407B138D9A66AC5 

                                        
                                            
server: Microsoft-IIS/10.0 

                                        
                                            
x-powered-by: ASP.NET 

                                        
                                            
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" 

                                        
                                            
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=0B15A37EDDA664991407B138D9A66AC5; domain=.clarity.ms; expires=Fri, 17-Nov-2023 08:38:23 GMT; path=/; SameSite=None; Secure; Priority=High; 

                                        
                                            
date: Sun, 23 Oct 2022 08:38:22 GMT 

                                        
                                            
content-length: 0 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /c.gif?CtsSyncId=78AE7EBF3E5D4A869CA776C9BE9CDD96&MUID=2BAEECF047A366941770FEB646566796 HTTP/1.1 

                                        
                                            
Host: c.clarity.ms

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://join.worldoftanks.eu/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         20.234.93.27

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/gif

                                        

                                        
                                            
cache-control: private, no-cache, proxy-revalidate, no-store 

                                        
                                            
pragma: no-cache 

                                        
                                            
last-modified: Thu, 13 Oct 2022 20:07:05 GMT 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
etag: "40db785d3fdfd81:0" 

                                        
                                            
server: Microsoft-IIS/10.0 

                                        
                                            
x-powered-by: ASP.NET 

                                        
                                            
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" 

                                        
                                            
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Sun, 23-Oct-2022 08:48:23 GMT; path=/; SameSite=None; Secure; 

                                        
                                            
date: Sun, 23 Oct 2022 08:38:22 GMT 

                                        
                                            
content-length: 42 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 89a, 1 x 1\012- data

                                                Size:   42

                                                Md5:    32023bb33cfb2a1990a4ef2d85b6ac16

                                                Sha1:   23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1

                                                Sha256: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

                                        
                                            GET /quant.js HTTP/1.1 

                                        
                                            
Host: secure.quantserve.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://join.worldoftanks.eu/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         91.228.74.200

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
date: Sun, 23 Oct 2022 08:38:22 GMT 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
cache-control: private, max-age=604800 

                                        
                                            
content-encoding: gzip 

                                        
                                            
etag: "cbFpuah7ilcpMTJLYeCgng==" 

                                        
                                            
expires: Sun, 30 Oct 2022 08:38:22 GMT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /css?family=Noto+Sans+KR:400,700|Roboto+Condensed:400,700&display=swap&subset=cyrillic,greek,vietnamese HTTP/1.1 

                                        
                                            
Host: fonts.googleapis.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://join.worldoftanks.eu/ 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.10

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css; charset=utf-8

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
expires: Sun, 23 Oct 2022 08:38:20 GMT 

                                        
                                            
date: Sun, 23 Oct 2022 08:38:20 GMT 

                                        
                                            
cache-control: private, max-age=86400 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin-allow-popups 

                                        
                                            
content-encoding: gzip 

                                        
                                            
server: ESF 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
x-frame-options: SAMEORIGIN 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /1600946604/dist/landing/videoback/app.e97d588e.js HTTP/1.1 

                                        
                                            
Host: lms-static.wgcdn.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://join.worldoftanks.eu/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         92.223.84.84

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sun, 23 Oct 2022 08:38:20 GMT 

                                        
                                            
last-modified: Fri, 01 Jul 2022 12:11:16 GMT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
etag: W/"62bee464-14229" 

                                        
                                            
expires: Thu, 31 Dec 2037 23:55:55 GMT 

                                        
                                            
cache-control: max-age=315360000 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-encoding: gzip 

                                        
                                            
cache: HIT 

                                        
                                            
x-cached-since: 2022-09-20T10:52:19+00:00 

                                        
                                            
x-id: sto5-up-gc10 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /collector/is_enabled?pids=22df7ed7-ab83-4fcd-b6a0-e8494aed20d8&tld=eu HTTP/1.1 

                                        
                                            
Host: tr.snapchat.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://join.worldoftanks.eu/ 

                                        
                                            
Origin: https://join.worldoftanks.eu 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

URL	4.us.findthewind.xyz/feed/?link=true&tid=4&subid=4.us&ref=redir.findthewind.xyz&s1=6354fd691ad2662b345359ed
IP	23.235.251.114 (United States)
ASN	#19437 SS-ASH
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-10-23 08:38:27 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	1
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (50)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 23.235.251.114

Last 5 reports on ASN: SS-ASH

Last 5 reports on domain: findthewind.xyz

Last 1 reports with similar screenshot

JavaScript

Executed Scripts (36)

Executed Evals (13)

#1 JavaScript::Eval (size: 119) - SHA256: d5d71526c0b6e323edc7867c5ce5c9039fbc3e6ead5fc79413027bf2a4ff9205

#2 JavaScript::Eval (size: 169) - SHA256: 1ffceafa32673d670fdf2a489fd3e4ecb2d4a3473b0872ca0cb0729085de69c7

#3 JavaScript::Eval (size: 354) - SHA256: b464585d4668229d70ecfaa3c0e2eb6aab371ddd785846ed9487b36a0a32be73

#4 JavaScript::Eval (size: 653) - SHA256: eedad2b22c9b0be9adb56f18ce34061a0c61b2a8258fb8da60845afde84ee46b

#5 JavaScript::Eval (size: 78) - SHA256: eff81132fb0f203a137677636f01cfa5d23de877da9da5d10cb7f353a4260f36

#6 JavaScript::Eval (size: 117) - SHA256: 79ceff1fb21239f4ef954bacdb9b65b29234e8a46c615586b8a688973c74137d

#7 JavaScript::Eval (size: 300) - SHA256: d41e1dcde991113b31463b01bf26258e4a9ff50dc530bd1a66eb61d1c685bb7f

#8 JavaScript::Eval (size: 83) - SHA256: db67f3a811c17993a0388ea2c4679e41f29d21c3a74de4b873ff862df1dfdb07

#9 JavaScript::Eval (size: 117) - SHA256: 411e0bf6ab711dedbac23d0ce83adb04636d05bfba480c90bd9b1ac25383341c

#10 JavaScript::Eval (size: 119) - SHA256: e10da87658d5a9299ef88b0b9dc390bf4d0a3587d6857dec969e5b9fe22caa1d

#11 JavaScript::Eval (size: 311) - SHA256: 83b34ed574c9630f2d800fa605bcc5d84e287907f47456c7bd1be0deabd38901

#12 JavaScript::Eval (size: 3312) - SHA256: fce924847bd5cac2e8b6733110e67e86ef6adbfa84e0d0445e56b4f4209b4569

#13 JavaScript::Eval (size: 80) - SHA256: f8819e0149aae477fbcd1b209f731baa132d59fb251c1c4b3935126cf0bbfc40

Executed Writes (0)

HTTP Transactions (130)

Overview

Domain Summary (50)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 23.235.251.114

Last 5 reports on ASN: SS-ASH

Last 5 reports on domain: findthewind.xyz

Last 1 reports with similar screenshot

JavaScript

Executed Scripts (36)

Executed Evals (13)

#1 JavaScript::Eval (size: 119) - SHA256: d5d71526c0b6e323edc7867c5ce5c9039fbc3e6ead5fc79413027bf2a4ff9205

#2 JavaScript::Eval (size: 169) - SHA256: 1ffceafa32673d670fdf2a489fd3e4ecb2d4a3473b0872ca0cb0729085de69c7

#3 JavaScript::Eval (size: 354) - SHA256: b464585d4668229d70ecfaa3c0e2eb6aab371ddd785846ed9487b36a0a32be73

#4 JavaScript::Eval (size: 653) - SHA256: eedad2b22c9b0be9adb56f18ce34061a0c61b2a8258fb8da60845afde84ee46b

#5 JavaScript::Eval (size: 78) - SHA256: eff81132fb0f203a137677636f01cfa5d23de877da9da5d10cb7f353a4260f36

#6 JavaScript::Eval (size: 117) - SHA256: 79ceff1fb21239f4ef954bacdb9b65b29234e8a46c615586b8a688973c74137d

#7 JavaScript::Eval (size: 300) - SHA256: d41e1dcde991113b31463b01bf26258e4a9ff50dc530bd1a66eb61d1c685bb7f

#8 JavaScript::Eval (size: 83) - SHA256: db67f3a811c17993a0388ea2c4679e41f29d21c3a74de4b873ff862df1dfdb07

#9 JavaScript::Eval (size: 117) - SHA256: 411e0bf6ab711dedbac23d0ce83adb04636d05bfba480c90bd9b1ac25383341c

#10 JavaScript::Eval (size: 119) - SHA256: e10da87658d5a9299ef88b0b9dc390bf4d0a3587d6857dec969e5b9fe22caa1d

#11 JavaScript::Eval (size: 311) - SHA256: 83b34ed574c9630f2d800fa605bcc5d84e287907f47456c7bd1be0deabd38901

#12 JavaScript::Eval (size: 3312) - SHA256: fce924847bd5cac2e8b6733110e67e86ef6adbfa84e0d0445e56b4f4209b4569

#13 JavaScript::Eval (size: 80) - SHA256: f8819e0149aae477fbcd1b209f731baa132d59fb251c1c4b3935126cf0bbfc40

Executed Writes (0)

HTTP Transactions (130)

Network Intrusion Detection Systems