r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6558
Expires: Sat, 26 Nov 2022 07:58:54 GMT
Date: Sat, 26 Nov 2022 06:09:36 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 10730f388c028d64e19b8a48d414768f
e43b104e57e5ea7ff8568835776858cf2ede6f00
f3c30c6d139288f1bfe13fce85c6ddc1514e1639fcf4d31a6012a3309ed1d50d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1111
Cache-Control: max-age=103209
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:09:36 GMT
Etag: "63809972-1d7"
Expires: Sun, 27 Nov 2022 10:49:45 GMT
Last-Modified: Fri, 25 Nov 2022 10:31:14 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14167
Expires: Sat, 26 Nov 2022 10:05:43 GMT
Date: Sat, 26 Nov 2022 06:09:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 05:17:30 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3126
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: N3+5zTJz6aReveLYiwojCW7/mcD/pL8wtP4+Q/GDS08Tx2zmkOHn0nIcjbjPiU85wRLs13XPgalGgyCD0QNVpQ==
x-amz-request-id: 6DZZ8DABVRTY4S50
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 05:41:05 GMT
age: 1711
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
lalangmanis.com/
194.233.68.84301 Moved Permanently 162 B IP 194.233.68.84:0
ASN #141995 Contabo Asia Private Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: lalangmanis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 26 Nov 2022 06:09:36 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://lalangmanis.com/
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:36 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 06:08:54 GMT
cache-control: public,max-age=3600
age: 43
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 52a91ddd199a588d0b66f3d4fcf1dee8
be95aed62062f7acecc2e89abac4b72b07fae41e
422e241916bfb6a3f261dfaea7354861c2744814cd3d25d822daa49195f96b1d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422E241916BFB6A3F261DFAEA7354861C2744814CD3D25D822DAA49195F96B1D"
Last-Modified: Thu, 24 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21599
Expires: Sat, 26 Nov 2022 12:09:36 GMT
Date: Sat, 26 Nov 2022 06:09:37 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash df06e70fc8a35facf1d8db463d18e231
fa8a2975566cc792898f870e48ae7518d3657326
4cef7e704f4d575ce6733f6f2d803d241b597be51ff3fb03f72e5c33a893b504
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4996
Cache-Control: max-age=102030
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:09:37 GMT
Etag: "638085ab-1d7"
Expires: Sun, 27 Nov 2022 10:30:07 GMT
Last-Modified: Fri, 25 Nov 2022 09:06:51 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.210.158.59101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.210.158.59:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MewM8hrDx8MYuC/XQUjxtA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZVmQ4kHeXAA4QUHE4CaiBkj+aJY=
c0.wp.com/c/6.1.1/wp-includes/css/classic-themes.min.css
192.0.77.37200 OK 217 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/css/classic-themes.min.css
IP 192.0.77.37:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
GET /c/6.1.1/wp-includes/css/classic-themes.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:38 GMT
content-type: text/css
content-length: 217
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
expires: Sun, 26 Nov 2023 06:09:38 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3344
Expires: Sat, 26 Nov 2022 07:05:22 GMT
Date: Sat, 26 Nov 2022 06:09:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3344
Expires: Sat, 26 Nov 2022 07:05:22 GMT
Date: Sat, 26 Nov 2022 06:09:38 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:09:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3344
Expires: Sat, 26 Nov 2022 07:05:22 GMT
Date: Sat, 26 Nov 2022 06:09:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3344
Expires: Sat, 26 Nov 2022 07:05:22 GMT
Date: Sat, 26 Nov 2022 06:09:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab1c6bf9-39a7-42ca-a718-a572401add09.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab1c6bf9-39a7-42ca-a718-a572401add09.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b72976b3f013ace345c85b0bdfea5f76
3e9004d90ed72f3034eae5cddd476eb50ac63ea6
068a487b9ae3d7461ef16e04cee8802a7b76a2bce19bf66df48b2b1cdb0c772c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab1c6bf9-39a7-42ca-a718-a572401add09.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6382
x-amzn-requestid: e1e4c180-7f90-4d4b-a5f4-094e5f542a18
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLacUFC4oAMFayA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813de8-09efee9d0604d16c61e3d452;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 22:12:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SR2His1pCOwZHi7bBtnG8QeCtZQsCMeJxs-UCpd79SK_77eM5fWeog==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:24:51 GMT
age: 27887
etag: "3e9004d90ed72f3034eae5cddd476eb50ac63ea6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b25450-4da4-45fe-97c4-620a26a2ac8f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b25450-4da4-45fe-97c4-620a26a2ac8f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f470fab0957e148a9c58dfeedc72463
2f88534696701cfdaf7e2aa78f6d4b8766a2b77f
c2c5617f8fbf3860578a9bcf821dea13e3225ccd02774f29f4bf022e4abd9ff9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b25450-4da4-45fe-97c4-620a26a2ac8f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11186
x-amzn-requestid: 67dbfbd2-ba7f-4540-8d2c-5c2c4de21cae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLUf7HGdIAMFhow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813465-36b0d8fc4bdb5faf328bd99d;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:32:21 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aWg_mLQcRYtCNYfaypt-rqwKNbzd4FOFd3mMT8sSQU_dmO7KP29Rsw==
via: 1.1 7b00c3fd9220034414107b03e53b1b8e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:01:51 GMT
age: 29267
etag: "2f88534696701cfdaf7e2aa78f6d4b8766a2b77f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2f841c6-d0f5-4b9b-9f04-4eee5f479227.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2f841c6-d0f5-4b9b-9f04-4eee5f479227.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a0064a575afa520aa6c112249e7b195a
7387cf7c1f6fae78ce7df10271a0fd2504c71382
37876de2a100c65b70bfd199c8405f3ec282c45786ab08744c64592dc16b0353
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2f841c6-d0f5-4b9b-9f04-4eee5f479227.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9718
x-amzn-requestid: 1b621759-18a2-491a-b44e-f23540e4228c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVC5FLbIAMFzFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813545-78dec425016dc2746242a6c7;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zWdyq64XfAJTwN2HPvv__Q2wm597cilWEJACu8vIDwKUGixYTdUL_g==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:53:21 GMT
age: 29777
etag: "7387cf7c1f6fae78ce7df10271a0fd2504c71382"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ezHvyK3va4SioabOjSittTiLQRs_Q8k4TPxkiGp_svtZ8omDPTUN-A==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 05:04:28 GMT
age: 3910
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a783df85f30f9c555f9df6b99f61744d
61f9bed607e81606be78285596acdc5e0e4f4994
19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3502
x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYUHO5IAMFqDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QS3ZKYetcm87GNwSr34eRPF2d4r8ppwf3fT19aV-u84f7ObX4bU8wQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 08:20:28 GMT
age: 78550
etag: "61f9bed607e81606be78285596acdc5e0e4f4994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9ff3e15-6cd5-46f6-800f-5ad08b71ffbc.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9ff3e15-6cd5-46f6-800f-5ad08b71ffbc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 56d1528e942a2aa2a7f3f6a85f71e277
475980dd8b123ad0acdd54c441271bacad56489f
01f9bd707598d6cb869856ad01d1087f5abc8298727805f61266f6e823814cb8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9ff3e15-6cd5-46f6-800f-5ad08b71ffbc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10209
x-amzn-requestid: e6cf9a8b-bbdc-4978-a186-ffc82b369066
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWINF69oAMF5RA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813701-35f60a7425e3617e672916c9;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:43:29 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: NpYcqTynn1gdtbZInm4lBnTo9N6ev2jp0Rn6ozMhQlh8kVJ9orQWnw==
via: 1.1 6ca7826fb0f4c565b1af9c7737725c48.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:35:20 GMT
age: 27258
etag: "475980dd8b123ad0acdd54c441271bacad56489f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 6b1a4b459d941d2aaaffbbe5380a56ab
80baab10cfc66faa4d439a2bc13d5183d6db5769
e02e8f3109ed9428d40476e6fc7f69eb121655fcb7f647182bf24fd468338c6a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5174
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:09:38 GMT
Last-Modified: Sat, 26 Nov 2022 04:43:24 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:09:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 6b1a4b459d941d2aaaffbbe5380a56ab
80baab10cfc66faa4d439a2bc13d5183d6db5769
e02e8f3109ed9428d40476e6fc7f69eb121655fcb7f647182bf24fd468338c6a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5174
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:09:38 GMT
Last-Modified: Sat, 26 Nov 2022 04:43:24 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 280
lalangmanis.com/
194.233.68.84200 OK 49 kB IP 194.233.68.84:0
ASN #141995 Contabo Asia Private Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (8124), with CRLF, LF line terminators
Hash 5ab2eda89db69ea084a088da784f0e9e
995446178f74b283a2bd0c59bb8fba5b4114e3a3
0622e71b6ec2d08c5084fb87aaa88a48716e040b590fd9483993ce9ae66f8fb6
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: lalangmanis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:38 GMT
content-type: text/html; charset=UTF-8
content-length: 49160
link: <https://lalangmanis.com/wp-json/>; rel="https://api.w.org/", <https://lalangmanis.com/wp-json/wp/v2/pages/102578>; rel="alternate"; type="application/json", <https://lalangmanis.com/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2
lalangmanis.com/wp-content/plugins/td-composer/legacy/Newspaper/includes/demos/gadgets_pro/demo_style.css?ver=11.5
194.233.68.84200 OK 231 B URL HTTP/2 lalangmanis.com/wp-content/plugins/td-composer/legacy/Newspaper/includes/demos/gadgets_pro/demo_style.css?ver=11.5
IP 194.233.68.84:0
ASN #141995 Contabo Asia Private Limited
Hash 69c158794e26bebce90a488a686282b6
16bac9601837958703c610ce4040212473430244
527c9fbcd1e155844e774788a81cd18644120e7750b48ae58abf1e041e2689f5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/td-composer/legacy/Newspaper/includes/demos/gadgets_pro/demo_style.css?ver=11.5 HTTP/1.1
Host: lalangmanis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:38 GMT
content-type: text/css
content-length: 231
x-accel-version: 0.01
last-modified: Sun, 15 May 2022 10:27:18 GMT
etag: "1fe-5df0a5a1dd83f-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
lalangmanis.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=6ea45b81e47c58269b68289d05535e19
194.233.68.84200 OK 4.9 kB URL HTTP/2 lalangmanis.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=6ea45b81e47c58269b68289d05535e19
IP 194.233.68.84:0
ASN #141995 Contabo Asia Private Limited
File type ASCII text, with very long lines (37612), with no line terminators
Hash 28139112f346cff81e1572348d7c6a2e
266437d99eabc4f4b08d8b4e80400e9044a1d802
35cbcdb2622b2d9ac1a843ec16a7737a9a552f2a7c1ed3cdf0382d17bc8762c2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=6ea45b81e47c58269b68289d05535e19 HTTP/1.1
Host: lalangmanis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:38 GMT
content-type: text/css
last-modified: Sun, 15 May 2022 10:27:16 GMT
etag: W/"6280d584-92ec"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
lalangmanis.com/wp-content/uploads/2021/06/logo-lalang-manis-2.jpeg
194.233.68.84200 OK 11 kB URL HTTP/2 lalangmanis.com/wp-content/uploads/2021/06/logo-lalang-manis-2.jpeg
IP 194.233.68.84:0
ASN #141995 Contabo Asia Private Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x306, components 3\012- data
Hash 4db057f8e33ce71d65dab2832a7022fa
2777f38686cf37b4803cebd3f9eeb95289c06f0f
6fa159a0764a855c37539572f84f23483805b21af97843f6b97865b981d0f09d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2021/06/logo-lalang-manis-2.jpeg HTTP/1.1
Host: lalangmanis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:38 GMT
content-type: image/jpeg
content-length: 11308
last-modified: Wed, 30 Jun 2021 15:30:33 GMT
etag: "60dc8e19-2c2c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
news.weatherplllatform.com/counter.js
89.22.228.250200 OK 1.5 kB URL HTTP/1.1 news.weatherplllatform.com/counter.js
IP 89.22.228.250:0
File type ASCII text, with very long lines (4140), with no line terminators
Hash 8ecb46e68d7ee2b249a6f0bd4ecabc88
e0d5a9f07ca629f4c4ac7154095bd419826ed245
16f62d801d81aa35dcebf8da2b88904663904c38d6ae8830be4f5db1d66bd22f
GET /counter.js HTTP/1.1
Host: news.weatherplllatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 06:09:39 GMT
Content-Type: application/javascript
Last-Modified: Fri, 25 Nov 2022 04:49:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"63804953-102c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
c0.wp.com/p/jetpack/10.9/css/jetpack.css
192.0.77.37200 OK 63 kB URL HTTP/2 c0.wp.com/p/jetpack/10.9/css/jetpack.css
IP 192.0.77.37:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 3534ab672fb9dd13a3113d9af6b21b4f
764fa9064bdced2c5199ddc6b476589a137d311b
9abb5b8976c21e51045877f28f874bfc1d51dd2c968408a7d44a9697b17a6c87
GET /p/jetpack/10.9/css/jetpack.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:38 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 12 Apr 2022 17:20:54 GMT
content-encoding: br
expires: Sun, 26 Nov 2023 06:09:38 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
lalangmanis.com/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=4173294bcf58591c4439ff8ccd792f1e
194.233.68.84200 OK 55 kB URL HTTP/2 lalangmanis.com/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=4173294bcf58591c4439ff8ccd792f1e
IP 194.233.68.84:0
ASN #141995 Contabo Asia Private Limited
File type ASCII text, with very long lines (543)
Hash 77dc8eb85f297be4e33f1a0e75ca7bdf
ec55ec54838252c07b7dfb68a587ed374af53e6d
a7cc09f78f1ae07c0b71835d2b469b5cdbb9d2d4a45a15e352fad84bbb10ae69
GET /wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=4173294bcf58591c4439ff8ccd792f1e HTTP/1.1
Host: lalangmanis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:39 GMT
content-type: application/javascript
last-modified: Sun, 15 May 2022 10:28:44 GMT
etag: W/"6280d5dc-14a0"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
lalangmanis.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=6ea45b81e47c58269b68289d05535e19
194.233.68.84200 OK 58 kB URL HTTP/2 lalangmanis.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=6ea45b81e47c58269b68289d05535e19
IP 194.233.68.84:0
ASN #141995 Contabo Asia Private Limited
Hash 63886e595bd315785312cc20c0eff87f
1c4556eb95af544bd17d662a4898b4ebe5867fb4
92796032a7d360b503dd3682060dbc1cc4912204541e26e91caf11a5b0425f81
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=6ea45b81e47c58269b68289d05535e19 HTTP/1.1
Host: lalangmanis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:38 GMT
content-type: text/css
last-modified: Sun, 15 May 2022 10:27:19 GMT
etag: W/"6280d587-27b2d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:09:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
192.0.77.37200 OK 21 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP 192.0.77.37:0
File type ASCII text, with very long lines (11256), with no line terminators
Hash e4a593053132343eef716985cb7f815e
b7bcb7c5b52cf9849043660fdfe7e21748708f5c
4e9c51a875e4fcb1151204c298bb49743017d8ac0abf1a62a61f4674cac24921
GET /c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:38 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Sun, 26 Nov 2023 06:09:38 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
lalangmanis.com/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=4173294bcf58591c4439ff8ccd792f1e
194.233.68.84200 OK 9.5 kB URL HTTP/2 lalangmanis.com/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=4173294bcf58591c4439ff8ccd792f1e
IP 194.233.68.84:0
ASN #141995 Contabo Asia Private Limited
File type ASCII text, with very long lines (1037)
Hash 579604e8a7e5eff616fb1080866d94c5
733b3d14e72ada0787bcb4d76f2c9991e9ab5f06
7b2770d3310f1bca1e933b3917f1cac3ad00cff49c58bc43326383c9d904062d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=4173294bcf58591c4439ff8ccd792f1e HTTP/1.1
Host: lalangmanis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:39 GMT
content-type: application/javascript
last-modified: Sun, 15 May 2022 10:28:44 GMT
etag: W/"6280d5dc-a461"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lalangmanis.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 213350
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/volkhov/v17/SlGQmQieoJcKemNecTUEhQ.woff2
216.58.207.195200 OK 27 kB URL HTTP/2 fonts.gstatic.com/s/volkhov/v17/SlGQmQieoJcKemNecTUEhQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 27436, version 1.0\012- data
Hash 060850edfe9d2f31b8b10875d3d8c5f5
6f9bb2d51ee4cdff5835b31ceb5c459e95a23270
772fa5a279ecad537bea7d71690183408a9aff38f71a094a2dff5698c724d9f8
GET /s/volkhov/v17/SlGQmQieoJcKemNecTUEhQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lalangmanis.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27436
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 23:30:38 GMT
expires: Thu, 23 Nov 2023 23:30:38 GMT
cache-control: public, max-age=31536000
age: 196741
last-modified: Wed, 27 Apr 2022 16:56:33 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C800%7CRoboto%3A400%2C500%2C700%2C800%7CRoboto+Condensed%3A700%2C400%7CMontserrat%3A800%2C700%2C400%2C600%7CVolkhov%3A400&display=swap&ver=11.5
142.250.74.10200 OK 32 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C800%7CRoboto%3A400%2C500%2C700%2C800%7CRoboto+Condensed%3A700%2C400%7CMontserrat%3A800%2C700%2C400%2C600%7CVolkhov%3A400&display=swap&ver=11.5
IP 142.250.74.10:0
Hash fe66b0a3e817768bb5d5bf67ea488fba
fed93ae52d3471b095d1e18d7ce431e616d6cf87
e7dd1cb23fae8ea4d39ee6b7f0e4eef7c7200cc37c105cb9f5118795e571f7e0
GET /css?family=Open+Sans%3A400%2C600%2C700%2C800%7CRoboto%3A400%2C500%2C700%2C800%7CRoboto+Condensed%3A700%2C400%7CMontserrat%3A800%2C700%2C400%2C600%7CVolkhov%3A400&display=swap&ver=11.5 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 26 Nov 2022 06:09:38 GMT
date: Sat, 26 Nov 2022 06:09:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lalangmanis.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 14:07:32 GMT
expires: Thu, 23 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 230527
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lalangmanis.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=32b0396dacab6790bdbb765eba5d6338
194.233.68.84200 OK 99 kB URL HTTP/2 lalangmanis.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=32b0396dacab6790bdbb765eba5d6338
IP 194.233.68.84:0
ASN #141995 Contabo Asia Private Limited
Hash 54322a9a043e7f32ab624b857f67ee67
2a6d97946f7d87c36e0e288c13260317d2c4e650
aa4bfc71fbcb10a64851d6b63b1c1cec7b3602465e5d24662871b021875e1e1a
GET /wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=32b0396dacab6790bdbb765eba5d6338 HTTP/1.1
Host: lalangmanis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:38 GMT
content-type: text/css
last-modified: Sun, 15 May 2022 10:30:35 GMT
etag: W/"6280d64b-b2ccc"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:09:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lalangmanis.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?20
194.233.68.84200 OK 29 kB URL HTTP/2 lalangmanis.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?20
IP 194.233.68.84:0
ASN #141995 Contabo Asia Private Limited
File type Web Open Font Format, TrueType, length 28732, version 0.0\012- data
Hash 2192d5f834e8b672a73d67cad66e79f6
ddf3eb377defc2ca0a2a09d3f41da2d006303e13
c70da34747fb31860fa118ff5d6736f81661838a0f50f077aa29d63ad7b00e4a
GET /wp-content/themes/Newspaper/images/icons/newspaper.woff?20 HTTP/1.1
Host: lalangmanis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://lalangmanis.com/wp-content/themes/Newspaper/style.css?ver=11.5
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:39 GMT
content-type: font/woff
content-length: 28732
last-modified: Thu, 12 May 2022 02:15:10 GMT
etag: "627c6dae-703c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=ext&j=1%3A10.9&blog=206584768&post=102578&tz=8&srv=lalangmanis.com&host=lalangmanis.com&ref=&fcp=3195&rand=0.5718620496363702
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&j=1%3A10.9&blog=206584768&post=102578&tz=8&srv=lalangmanis.com&host=lalangmanis.com&ref=&fcp=3195&rand=0.5718620496363702
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&j=1%3A10.9&blog=206584768&post=102578&tz=8&srv=lalangmanis.com&host=lalangmanis.com&ref=&fcp=3195&rand=0.5718620496363702 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:39 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
s-img.mgid.com/g/5523136/492x328/87x0x866x577/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0L2QyNzY3OGZkNDVjOGJjMGU3MjhiMTQwZTkxZmE3NjQwLmpwZWc.webp?v=1669442979-z36Tcl1TuLiLKDvDbKhXdthcdAAmrQZZtUo_rrNTRiU
104.19.132.78200 OK 14 kB URL HTTP/2 s-img.mgid.com/g/5523136/492x328/87x0x866x577/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0L2QyNzY3OGZkNDVjOGJjMGU3MjhiMTQwZTkxZmE3NjQwLmpwZWc.webp?v=1669442979-z36Tcl1TuLiLKDvDbKhXdthcdAAmrQZZtUo_rrNTRiU
IP 104.19.132.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x328, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ddc8b04d829e67069052b513fe8d9fc3
f32c5833ec656a7a16d37d3c418de235a1d0fcdf
86783dff37d1b310ec269dff6a1dbcad30102172244f5b7ea7121b527d8e48eb
GET /g/5523136/492x328/87x0x866x577/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0L2QyNzY3OGZkNDVjOGJjMGU3MjhiMTQwZTkxZmE3NjQwLmpwZWc.webp?v=1669442979-z36Tcl1TuLiLKDvDbKhXdthcdAAmrQZZtUo_rrNTRiU HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lalangmanis.com
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 06:09:39 GMT
content-type: image/webp
content-length: 14206
x-mg-request-uuid: 852de62b-e3af-48ef-b605-8adc19885a11
access-control-allow-origin: *
last-modified: Wed, 10 Aug 2022 14:35:17 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 2707009
accept-ranges: bytes
set-cookie: __cf_bm=UCyYU8ydDtLckTEEf6csZodRlDGpwou1.quF7Dik1SA-1669442979-0-AbXL5TRCuh4V8rupmibrVpPhpmSXtaQIqg7S8Z7/XD5gPduYQ/ionjOpAn2EZ+s9s3tsq0O2AAVbQhoVoA+csmA=; path=/; expires=Sat, 26-Nov-22 06:39:39 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770074e07aa9b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.mgid.com/g/3805441/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDUtMjQvMTAxOTI0LzVjOTFlMDQ1NWNmOGEzMDJjOTA2N2Q2Y2ZmODJkNTg2LmpwZw.webp?v=1669442979-C87XCnBP_9YHvnaG00Zgmbjqadu3Kl4LK7_KAIqBojQ
104.19.132.78200 OK 19 kB URL HTTP/2 s-img.mgid.com/g/3805441/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDUtMjQvMTAxOTI0LzVjOTFlMDQ1NWNmOGEzMDJjOTA2N2Q2Y2ZmODJkNTg2LmpwZw.webp?v=1669442979-C87XCnBP_9YHvnaG00Zgmbjqadu3Kl4LK7_KAIqBojQ
IP 104.19.132.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x328, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash eb66d25745d0ca0061333584eb118f3a
7df21d6066d63e11ec29c775aaff9ad05c558693
d18ad6633c3cf1501c50821df7f0f98f9bb74cd14c379fad49872c834383b06b
GET /g/3805441/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDUtMjQvMTAxOTI0LzVjOTFlMDQ1NWNmOGEzMDJjOTA2N2Q2Y2ZmODJkNTg2LmpwZw.webp?v=1669442979-C87XCnBP_9YHvnaG00Zgmbjqadu3Kl4LK7_KAIqBojQ HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lalangmanis.com
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 06:09:39 GMT
content-type: image/webp
content-length: 19444
x-mg-request-uuid: 26b7e85c-a316-4e90-a648-15de6b8d1a6e
access-control-allow-origin: *
last-modified: Wed, 10 Aug 2022 17:28:02 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 2706361
accept-ranges: bytes
set-cookie: __cf_bm=QCMNsQpMMsX7KZVgUag2GO12olqeQV_hmuC7ZMmL3dU-1669442979-0-AbwrdQmas6FcPPqGdhnAq/7O/LeRpWfdltuz2eM+2B11AhMLtgUDdhasY1WSd8/hyIMVQgbvcBtNDEOr7rO48bU=; path=/; expires=Sat, 26-Nov-22 06:39:39 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770074e08aaab511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2d1bd75817b2167e5748d0d8ec5279c4
e6616a05a299362940b17a2293319f84c72cee06
fecebb71718e97c966ea5af89d253209b82c2a546f9ae2cd9c97086c8aaaa4ac
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2544
Cache-Control: max-age=152506
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:09:39 GMT
Etag: "6381546d-117"
Expires: Mon, 28 Nov 2022 00:31:25 GMT
Last-Modified: Fri, 25 Nov 2022 23:49:01 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2d1bd75817b2167e5748d0d8ec5279c4
e6616a05a299362940b17a2293319f84c72cee06
fecebb71718e97c966ea5af89d253209b82c2a546f9ae2cd9c97086c8aaaa4ac
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2545
Cache-Control: max-age=152506
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:09:40 GMT
Etag: "6381546d-117"
Expires: Mon, 28 Nov 2022 00:31:26 GMT
Last-Modified: Fri, 25 Nov 2022 23:49:01 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
cl.imghosts.com/imgh/image/fetch/ar_3:2,c_fill,f_mp4,fl_lossy,g_xy_center,w_680,x_180,y_187/http%3A%2F%2Fimghosts.com%2Ft%2F2022-06%2F101924%2Fd097023f4605e47c7ca048684c64e086.gif?v=1669442979-6DrV51OdzWwmUzeY_PCXzLuqOjUt_Z-ApjWW-ED897s
172.64.144.64206 Partial Content 128 kB URL HTTP/2 cl.imghosts.com/imgh/image/fetch/ar_3:2,c_fill,f_mp4,fl_lossy,g_xy_center,w_680,x_180,y_187/http%3A%2F%2Fimghosts.com%2Ft%2F2022-06%2F101924%2Fd097023f4605e47c7ca048684c64e086.gif?v=1669442979-6DrV51OdzWwmUzeY_PCXzLuqOjUt_Z-ApjWW-ED897s
IP 172.64.144.64:0
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 128 kB (128469 bytes)
Hash 07a27865fbccbd8f273f669e05a0f72a
7615e5f547712ef2061167991bcfb08ac658d9ae
c3d8b679f30ea44138daca2a9162b08ef2690ade2a21843e5f3da98fa333d1e1
GET /imgh/image/fetch/ar_3:2,c_fill,f_mp4,fl_lossy,g_xy_center,w_680,x_180,y_187/http%3A%2F%2Fimghosts.com%2Ft%2F2022-06%2F101924%2Fd097023f4605e47c7ca048684c64e086.gif?v=1669442979-6DrV51OdzWwmUzeY_PCXzLuqOjUt_Z-ApjWW-ED897s HTTP/1.1
Host: cl.imghosts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
date: Sat, 26 Nov 2022 06:09:40 GMT
content-type: video/mp4
content-length: 128469
etag: "07a27865fbccbd8f273f669e05a0f72a"
last-modified: Tue, 25 Oct 2022 21:10:52 GMT
x-request-id: 372e1725267ef76a0cef8c31e1bc59e8
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
server-timing: fastly;dur=3770;cpu=0;start=2022-10-25T21:54:29.775Z;desc=miss,rtt;dur=0,cloudinary;dur=3765;start=2022-10-25T21:54:29.775Z,cld-id;desc=372e1725267ef76a0cef8c31e1bc59e8
timing-allow-origin: *
access-control-allow-origin: *
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cf-cache-status: HIT
age: 2707696
expires: Sun, 26 Nov 2023 06:09:40 GMT
content-range: bytes 0-128468/128469
server: cloudflare
cf-ray: 770074e10fb9b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cl.imghosts.com/imgh/image/fetch/ar_3:2,c_fill,f_mp4,fl_lossy,g_faces:auto,w_680/http%3A%2F%2Fimghosts.com%2Ft%2F2022-07%2F101924%2Fce6774ae8463b9cf6ef85dbb3e4139fc.gif?v=1669442979-vQf0W97ZtAT6vOlTMqNWlD2kPCsvxijt6gC5G3rNgCM
172.64.144.64206 Partial Content 136 kB URL HTTP/2 cl.imghosts.com/imgh/image/fetch/ar_3:2,c_fill,f_mp4,fl_lossy,g_faces:auto,w_680/http%3A%2F%2Fimghosts.com%2Ft%2F2022-07%2F101924%2Fce6774ae8463b9cf6ef85dbb3e4139fc.gif?v=1669442979-vQf0W97ZtAT6vOlTMqNWlD2kPCsvxijt6gC5G3rNgCM
IP 172.64.144.64:0
Size 136 kB (136304 bytes)
Hash b4ddc4161b10fe1618b008155c24b221
ec6e1ca654f870bce4c0b67768938087ca829b07
346c19c312d187a5f06e585fbe551b481a6aa673f613e9ba955248615607d85f
GET /imgh/image/fetch/ar_3:2,c_fill,f_mp4,fl_lossy,g_faces:auto,w_680/http%3A%2F%2Fimghosts.com%2Ft%2F2022-07%2F101924%2Fce6774ae8463b9cf6ef85dbb3e4139fc.gif?v=1669442979-vQf0W97ZtAT6vOlTMqNWlD2kPCsvxijt6gC5G3rNgCM HTTP/1.1
Host: cl.imghosts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
date: Sat, 26 Nov 2022 06:09:40 GMT
content-type: video/mp4
content-length: 134789
etag: "bf61d1bfde2fa0d346cd7f30cfe21f24"
last-modified: Tue, 25 Oct 2022 21:43:08 GMT
x-request-id: 8573b1080472222c8668fe61da8c4b6a
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
server-timing: fastly;dur=2300;cpu=1;start=2022-10-25T21:54:37.830Z;desc=miss,rtt;dur=0,cloudinary;dur=2288;start=2022-10-25T21:54:37.833Z,cld-id;desc=8573b1080472222c8668fe61da8c4b6a
timing-allow-origin: *
access-control-allow-origin: *
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cf-cache-status: HIT
age: 2707720
expires: Sun, 26 Nov 2023 06:09:40 GMT
content-range: bytes 0-134788/134789
server: cloudflare
cf-ray: 770074e11fc5b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2d1bd75817b2167e5748d0d8ec5279c4
e6616a05a299362940b17a2293319f84c72cee06
fecebb71718e97c966ea5af89d253209b82c2a546f9ae2cd9c97086c8aaaa4ac
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2545
Cache-Control: max-age=152506
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:09:40 GMT
Etag: "6381546d-117"
Expires: Mon, 28 Nov 2022 00:31:26 GMT
Last-Modified: Fri, 25 Nov 2022 23:49:01 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 4da08cb244c2e2e0f5ae0184027e477e
61b5e29f119729f511a9bb01845f3dd13d464b0d
992da1fff3545770d423f0327192963487e3c6ab20a569b853129626d508cfc0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5849
Cache-Control: max-age=115497
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:09:40 GMT
Etag: "6380b6f4-118"
Expires: Sun, 27 Nov 2022 14:14:37 GMT
Last-Modified: Fri, 25 Nov 2022 12:37:08 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b6a8d7314bd2bdf43d1a5f6fe75d0cda
eced9f4efda12d22970bbaa7a3330bb7167e5d06
5affb4c2aae7ca3993899ae7784dbd74151275301515ddb73e14b357c9153563
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5AFFB4C2AAE7CA3993899AE7784DBD74151275301515DDB73E14B357C9153563"
Last-Modified: Fri, 25 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14269
Expires: Sat, 26 Nov 2022 10:07:29 GMT
Date: Sat, 26 Nov 2022 06:09:40 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 966255e8eae5f73b5fe45aab88646f99
57eadbf09ae6a8170cdfe3b0691b908f49e2c08d
a99ecadf4c294cebf0c392ea036f508443cb471c44773cc5ea0212ab86074cbe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5599
Cache-Control: max-age=88956
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:09:40 GMT
Etag: "63805041-1d7"
Expires: Sun, 27 Nov 2022 06:52:16 GMT
Last-Modified: Fri, 25 Nov 2022 05:18:57 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:09:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:09:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_GB/sdk.js
31.13.72.12200 OK 2.2 kB URL HTTP/2 connect.facebook.net/en_GB/sdk.js
IP 31.13.72.12:0
Hash 7275e34098fbb36a7123b5f5c9058269
f1cce3953ebcb67a53a36f1a60cfd231e05623c0
74113b2218186ab806527af089ac91039209d8bf9eb007f1e6152bfca5492963
GET /en_GB/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lalangmanis.com
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 5b2c4de912e3293552e3faecf3d0dfeb
etag: "1694d50246114a564510b588942c8556"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sat, 26 Nov 2022 06:26:21 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: YzE3g55rPiXm29+g1v6w5A==
x-fb-debug: 7GuEpy34I4ClTFSbDpkN7WJeGBslrNEGWZTwAkzLvMqmNmlCkXFLf1eo1ZNqjNUgHzkrbl0c0IH09LLnFzuWcw==
content-length: 1687
x-fb-trip-id: 1904183273
date: Sat, 26 Nov 2022 06:09:40 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:09:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 966255e8eae5f73b5fe45aab88646f99
57eadbf09ae6a8170cdfe3b0691b908f49e2c08d
a99ecadf4c294cebf0c392ea036f508443cb471c44773cc5ea0212ab86074cbe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5599
Cache-Control: max-age=88956
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:09:40 GMT
Etag: "63805041-1d7"
Expires: Sun, 27 Nov 2022 06:52:16 GMT
Last-Modified: Fri, 25 Nov 2022 05:18:57 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.162200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.162:0
File type ASCII text, with very long lines (4885)
Hash 4fea837c8322fd1eb34cc6d218e45cc6
1230efbb2fe447bddd31b058a704c09308a1d56d
5b29979bbe2d7b6dee9e671741cc8b5de2a9f2a1c48f313349e594733a11b2f3
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 26 Nov 2022 06:09:40 GMT
expires: Sat, 26 Nov 2022 06:09:40 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 3591951170754736790
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49413
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:09:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js.interestmoments.com/scripts/count.js
193.169.194.63200 OK 1.7 kB URL HTTP/1.1 js.interestmoments.com/scripts/count.js
IP 193.169.194.63:0
ASN #50321 FOP Reznichenko Sergey Mykolayovich
File type ASCII text, with very long lines (4587), with no line terminators
Hash 604404f904668bba5c2412748523a5b2
fb364d5fdabc9781a35d270f72502c3329bd7e43
cf4051550888255f110d596d59a1ecf8c5c961c32322d844604c6affc2f6f9fe
GET /scripts/count.js HTTP/1.1
Host: js.interestmoments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 06:09:40 GMT
Content-Type: application/javascript
Last-Modified: Fri, 25 Nov 2022 05:06:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63804d4a-11eb"
Expires: Tue, 06 Dec 2022 06:09:40 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
connect.facebook.net/en_GB/sdk.js?hash=49e827eb42e8b05045593fbe444e25a2
31.13.72.12200 OK 88 kB URL HTTP/2 connect.facebook.net/en_GB/sdk.js?hash=49e827eb42e8b05045593fbe444e25a2
IP 31.13.72.12:0
File type ASCII text, with very long lines (17777)
Hash 9e93ee2f02bbfeb75261852c77a62e7a
dbbe645ffb06a1a4547c1b349a95c263543b3663
b98f807c6550a3906e8472da9924562f0995725e9853c3f45d36740804d1bfed
GET /en_GB/sdk.js?hash=49e827eb42e8b05045593fbe444e25a2 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lalangmanis.com
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 289423a888b3d691a700fbcd0d07d893
etag: "c5e6e54f210398985cf9b1d45cb499da"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 26 Nov 2023 04:46:17 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: npPuLwK7/rdSYYUsd6Yueg==
x-fb-debug: 8MS6ex9izfJWCUxBmiVJKbpjWLVEmEz0HSQH27LNHEbJ2Wh0PYlFIlCLReueXl4mZjoHkdo8fi9rpxwYmsqUEw==
content-length: 88343
x-fb-trip-id: 1904183273
date: Sat, 26 Nov 2022 06:09:40 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
i0.wp.com/lalangmanis.com/wp-content/uploads/2021/06/logo-lalang-manis-2.jpeg?fit=188%2C192&ssl=1
192.0.77.2200 OK 2.2 kB URL HTTP/2 i0.wp.com/lalangmanis.com/wp-content/uploads/2021/06/logo-lalang-manis-2.jpeg?fit=188%2C192&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 188x192, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ce965ccf35402909ed5871c8d6cb4fef
e097d76ef48a85288d93c8da0fad1f1cdee7360f
b347f53efb5a524d65d6111f84b16d7fdf67c25592ac342f6d99f520f05d5da9
GET /lalangmanis.com/wp-content/uploads/2021/06/logo-lalang-manis-2.jpeg?fit=188%2C192&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:40 GMT
content-type: image/webp
content-length: 2246
last-modified: Mon, 14 Nov 2022 12:08:05 GMT
expires: Thu, 14 Nov 2024 00:08:05 GMT
cache-control: public, max-age=63115200
link: <https://lalangmanis.com/wp-content/uploads/2021/06/logo-lalang-manis-2.jpeg>; rel="canonical"
x-content-type-options: nosniff
etag: "3c0f93a8614ba20e"
vary: Accept
x-nc: HIT arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/lalangmanis.com/wp-content/uploads/2021/06/logo-lalang-manis-2.jpeg?fit=32%2C32&ssl=1
192.0.77.2200 OK 488 B URL HTTP/2 i0.wp.com/lalangmanis.com/wp-content/uploads/2021/06/logo-lalang-manis-2.jpeg?fit=32%2C32&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 31x32, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d7e2bba52906903a7099cec149239a0d
60e9307dd3faf03983e39f4bfef28dcd60b28898
1550d02ab8c5e1001f3466d925871e1fe22a02f2dd560e23ef21d7ead2b9b8e6
GET /lalangmanis.com/wp-content/uploads/2021/06/logo-lalang-manis-2.jpeg?fit=32%2C32&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:40 GMT
content-type: image/webp
content-length: 488
last-modified: Mon, 14 Nov 2022 12:08:05 GMT
expires: Thu, 14 Nov 2024 00:08:05 GMT
cache-control: public, max-age=63115200
link: <https://lalangmanis.com/wp-content/uploads/2021/06/logo-lalang-manis-2.jpeg>; rel="canonical"
x-content-type-options: nosniff
etag: "f033cbe0d6c4baea"
vary: Accept
x-nc: HIT arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 59a8f14d3caa02e3aaca370381778095
2677bfe593d065ba4c183352911e08e99785151c
4a83dab632b9ec8122aa575b084a9b77bc7c304fdd8e32ee778506353775911f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A83DAB632B9EC8122AA575B084A9B77BC7C304FDD8E32EE778506353775911F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19297
Expires: Sat, 26 Nov 2022 11:31:17 GMT
Date: Sat, 26 Nov 2022 06:09:40 GMT
Connection: keep-alive
lb.eu-1-id5-sync.com/lb/v1
162.19.138.82200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP 162.19.138.82:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0d7e0bfd3833a9356b252ccf54d876bb
1c2ad6c05e38ada4d7939f9402e29396c99800c8
687fd45ba10633bd16044b1bd79e8d112c83771903f09b15de37aa98389319c4
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://lalangmanis.com
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://lalangmanis.com
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sat, 26 Nov 2022 06:09:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
lbs.eu-1-id5-sync.com/lbs/v1
162.19.138.117200 OK 34 B URL HTTP/1.1 lbs.eu-1-id5-sync.com/lbs/v1
IP 162.19.138.117:0
File type JSON data\012- , ASCII text, with no line terminators
Hash efb2b491e5de9e785a82d931d189bc5f
9e39c1873e109888bf675731d4999c43af5d55f0
e8bdd3126186f4a2c0b86e9f60c17b1483b0de562ae6583d8159ad7d3fd72ed2
GET /lbs/v1 HTTP/1.1
Host: lbs.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://lalangmanis.com
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Sat, 26 Nov 2022 06:09:40 GMT
access-control-allow-origin: https://lalangmanis.com
vary: Origin
content-type: application/json
content-length: 34
strict-transport-security: max-age=63072000; includeSubDomains; preload
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a01ea4b2c4fbc74e37cf85a5c8d0edd5
c3ab62121f7320f1f90a986143a0bcffe7123329
bc4a105f5fa68a51c7e8491c57887903856055727cc5b6fc64afb6c686b84775
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BC4A105F5FA68A51C7E8491C57887903856055727CC5B6FC64AFB6C686B84775"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3411
Expires: Sat, 26 Nov 2022 07:06:31 GMT
Date: Sat, 26 Nov 2022 06:09:40 GMT
Connection: keep-alive
id5-sync.com/g/v2/231.json
162.19.138.83200 216 B URL HTTP/1.1 id5-sync.com/g/v2/231.json
IP 162.19.138.83:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9a5d944c17d05972231168be55ce75d4
450da0cb61d074453dd5ffc83f9cc6da2ce8fe52
d7aba18edf0a80e6b06f2bbb455d756b2ee69e19ba83d182f11d3a0ca3acabbb
POST /g/v2/231.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 349
Origin: https://lalangmanis.com
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://lalangmanis.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sat, 26 Nov 2022 06:09:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cdn.id5-sync.com/api/1.0/id5-api.js
104.22.53.86200 OK 17 kB URL HTTP/2 cdn.id5-sync.com/api/1.0/id5-api.js
IP 104.22.53.86:0
Hash 0f8f658c76ce8ab6a80c6c6c26835dc8
d0e2ac13afe8e738d04a983bd752e4f49d2221c0
91e6382e96e5368047a9742be6c6173e0a7ec2bcf839341f3a6797ee13eab824
GET /api/1.0/id5-api.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 06:09:40 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: NzzDMQRIzsXNjVR7/B6e4yrrDcazBk60q2/S2QH7YxwqiaX7/iQchWRPdgPY0BswypKEPiqaJg8=
x-amz-request-id: EK159HTWSS7GNBQ8
last-modified: Thu, 24 Nov 2022 12:48:29 GMT
etag: W/"9ee82d693d1e83b3a37ee20226716f78"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 3408
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 770074e28ba6b500-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 24c20c1cea9bf5159f8d40c78cd2257d
72709bf6a4600bd0ba5e9d127ae07be5d8e7ca6c
44248daffbe338834bedb2494130d3f980f8d974a7b8e453e77629d33121c752
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "44248DAFFBE338834BEDB2494130D3F980F8D974A7B8E453E77629D33121C752"
Last-Modified: Fri, 25 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14878
Expires: Sat, 26 Nov 2022 10:17:39 GMT
Date: Sat, 26 Nov 2022 06:09:41 GMT
Connection: keep-alive
long.interestmoments.com/go/away.php?id=9689546-75-934597645&pid=2324&lid=7933345&from=google
193.169.194.63302 Found 0 B URL HTTP/1.1 long.interestmoments.com/go/away.php?id=9689546-75-934597645&pid=2324&lid=7933345&from=google
IP 193.169.194.63:0
ASN #50321 FOP Reznichenko Sergey Mykolayovich
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/away.php?id=9689546-75-934597645&pid=2324&lid=7933345&from=google HTTP/1.1
Host: long.interestmoments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lalangmanis.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 26 Nov 2022 06:09:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://long.interestmoments.com/go/away.php?id=987730385-23-683234&pid=7856&lid=07882367658&jid=67852&from=sIIInisterjack
Access-Control-Allow-Origin: *
long.interestmoments.com/go/away.php?id=987730385-23-683234&pid=7856&lid=07882367658&jid=67852&from=sIIInisterjack
193.169.194.63200 OK 440 B URL HTTP/1.1 long.interestmoments.com/go/away.php?id=987730385-23-683234&pid=7856&lid=07882367658&jid=67852&from=sIIInisterjack
IP 193.169.194.63:0
ASN #50321 FOP Reznichenko Sergey Mykolayovich
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash d282386a919dab7821ecb8af2c2be991
cb29f509dd65f520b4b8d72ee0c2b560a2c360b0
6403ec35140c92ba51786815e1505a33606ae5e76f33d13e5f64ed83ff5c2179
GET /go/away.php?id=987730385-23-683234&pid=7856&lid=07882367658&jid=67852&from=sIIInisterjack HTTP/1.1
Host: long.interestmoments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lalangmanis.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 06:09:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 9918dbd9b77c46609efc2dd7970e3934
bb4e5502892b1fe32a9db93c9529d4331044f23d
eb491175892c00ca50e450dbf09ef64a2e2516f22592ca91a1d6059ec5c2ed79
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 26 Nov 2022 06:09:42 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 25 Nov 2022 21:36:34 GMT
Expires: Sat, 26 Nov 2022 21:36:34 GMT
ETag: "bb4e5502892b1fe32a9db93c9529d4331044f23d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
track.wargaming-aff.com/click?pid=1287&offer_id=24&ref_id=g6otbukkwgarb0r13z4o&sub1=EZ46KGBJ6R
35.204.100.195302 Found 0 B URL HTTP/2 track.wargaming-aff.com/click?pid=1287&offer_id=24&ref_id=g6otbukkwgarb0r13z4o&sub1=EZ46KGBJ6R
IP 35.204.100.195:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=1287&offer_id=24&ref_id=g6otbukkwgarb0r13z4o&sub1=EZ46KGBJ6R HTTP/1.1
Host: track.wargaming-aff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 26 Nov 2022 06:09:42 GMT
content-length: 0
location: https://trck.wargaming.net/kcf6desd/?t=1&pub_id=1287&xid=6381ada689833e00013ba4b3&xid_param1=EZ46KGBJ6R&xid_param_2=
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=6381ada689833e00013ba4b3; expires=Sun, 26 Nov 2023 06:09:42 GMT; secure; SameSite=None
afoffers={"24":1669442982}; expires=Sun, 26 Nov 2023 06:09:42 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cfb6dfae453b6e11537bbc0b3cfd55cf
4ef51ba87aa84595517ea8c9544bd9149fdd5fec
f3de9fabcc7d81c87c2c3a2fa8753d32c94aabf439f51ede0dd406da2532dcff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5863
Cache-Control: max-age=105074
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:09:42 GMT
Etag: "63808e31-1d7"
Expires: Sun, 27 Nov 2022 11:20:56 GMT
Last-Modified: Fri, 25 Nov 2022 09:43:13 GMT
Server: ECS (amb/6B8C)
X-Cache: HIT
Content-Length: 471
trck.wargaming.net/kcf6desd/?t=1&pub_id=1287&xid=6381ada689833e00013ba4b3&xid_param1=EZ46KGBJ6R&xid_param_2=
92.223.23.231301 Moved Permanently 22 B URL HTTP/1.1 trck.wargaming.net/kcf6desd/?t=1&pub_id=1287&xid=6381ada689833e00013ba4b3&xid_param1=EZ46KGBJ6R&xid_param_2=
IP 92.223.23.231:0
ASN #199524 G-Core Labs S.A.
File type ASCII text, with no line terminators
Hash 0e0bf67572311f8a23814419ff24ee9a
78328dfc54708433cdfb3e7857e57f87ec443b08
c5f6c267ba4a2964fff5d304d4a1e79c371ce30d32eaf017b3bb40becccd58d2
GET /kcf6desd/?t=1&pub_id=1287&xid=6381ada689833e00013ba4b3&xid_param1=EZ46KGBJ6R&xid_param_2= HTTP/1.1
Host: trck.wargaming.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 26 Nov 2022 06:09:42 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 22
Connection: keep-alive
Location: https://promo.worldofwarships.eu/glows-34505/eu-no/?t=1&pub_id=1287&xid=6381ada689833e00013ba4b3&xid_param1=EZ46KGBJ6R&xid_param_2=&sid=SID8yMl2_6d4wPzbTy4SoivvSxfGV37_WSFwcpubFcyN-R4jxBKN_i8JHoDuRF6_HD66nMbhbmliwFjzKsx4xKYLtImVetqcNUXZDEOxYXsAlWkq2VOzslzviH0GPFwA3fpFAY26ghuI-Izfw&enctid=com05ag4z6rn&lpsn=WOWS+TMPLT1+CODE+BOOM+global+WITH+BONUS+SUBTITLE&foris=1&teclient=1669442982279948081&utm_source=wlap&utm_medium=affiliate&utm_campaign=kcf6desd&utm_content=1287
Set-Cookie: STIDREFERRAL=SID8yMl2_6d4wPzbTy4SoivvSxfGV37_WSFwcpubFcyN-R4jxBKN_i8JHoDuRF6_HD66nMbhbmliwFjzKsx4xKYLtImVetqcNUXZDEOxYXsAlWkq2VOzslzviH0GPFwA3fpFAY26ghuI-Izfw; Domain=wargaming.net; Max-Age=2592000; Path=/; SameSite=None; Secure
enctid=com05ag4z6rn; Domain=wargaming.net; Max-Age=2592000; Path=/; SameSite=None; Secure
teclient=1669442982279948081; Domain=wargaming.net; Max-Age=315360000; Path=/; SameSite=None; Secure
Cache-Control: no-cache
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cdf90761e5603ef83a02d664498a67d3
2d5f02f5934f4872acb7e4ed9971e29903bb8648
bf7111f5842152be2d01b4264a143c467dc4a11495fe91493a177fe3c45ac3c4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF7111F5842152BE2D01B4264A143C467DC4A11495FE91493A177FE3C45AC3C4"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14765
Expires: Sat, 26 Nov 2022 10:15:47 GMT
Date: Sat, 26 Nov 2022 06:09:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cdf90761e5603ef83a02d664498a67d3
2d5f02f5934f4872acb7e4ed9971e29903bb8648
bf7111f5842152be2d01b4264a143c467dc4a11495fe91493a177fe3c45ac3c4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF7111F5842152BE2D01B4264A143C467DC4A11495FE91493A177FE3C45AC3C4"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14765
Expires: Sat, 26 Nov 2022 10:15:47 GMT
Date: Sat, 26 Nov 2022 06:09:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cdf90761e5603ef83a02d664498a67d3
2d5f02f5934f4872acb7e4ed9971e29903bb8648
bf7111f5842152be2d01b4264a143c467dc4a11495fe91493a177fe3c45ac3c4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF7111F5842152BE2D01B4264A143C467DC4A11495FE91493A177FE3C45AC3C4"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14765
Expires: Sat, 26 Nov 2022 10:15:47 GMT
Date: Sat, 26 Nov 2022 06:09:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cdf90761e5603ef83a02d664498a67d3
2d5f02f5934f4872acb7e4ed9971e29903bb8648
bf7111f5842152be2d01b4264a143c467dc4a11495fe91493a177fe3c45ac3c4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF7111F5842152BE2D01B4264A143C467DC4A11495FE91493A177FE3C45AC3C4"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14765
Expires: Sat, 26 Nov 2022 10:15:47 GMT
Date: Sat, 26 Nov 2022 06:09:42 GMT
Connection: keep-alive
promo-cdn.worldofwarships.com/glows-34505/src/images/wowsl_logo.png
92.223.97.97200 OK 10 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/images/wowsl_logo.png
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 749 x 299, 8-bit colormap, non-interlaced\012- data
Hash 4d9371a87a4f9a0d6a8792e0397aa303
1308b49f8614f0ab05e81698daf5bfc4a2498bf0
68ddcc9fad945493001c241d8de6fb9acdd436bc82bff503302dbffa64f4f5ed
GET /glows-34505/src/images/wowsl_logo.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:42 GMT
content-type: image/png
content-length: 10514
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: "4d9371a87a4f9a0d6a8792e0397aa303"
x-amz-request-id: tx0000000000000001ae8c2-00637ca118-1cf5682d-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-22T10:14:48+00:00
x-id: sto5-up-gc13
accept-ranges: bytes
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/images/doubloons.png
92.223.97.97200 OK 39 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/images/doubloons.png
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 512 x 436, 8-bit colormap, non-interlaced\012- data
Hash 68091925676a9a77a9740b81acd666fe
8cada809874a5f8b6993ed3f913a6f72366b4cc5
c1a9b019676d7156280d39fda63b5b22a3ab53ea4f870c33dc2596d28b9b6f45
GET /glows-34505/src/images/doubloons.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:42 GMT
content-type: image/png
content-length: 39260
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: "68091925676a9a77a9740b81acd666fe"
x-amz-request-id: tx0000000000000016b606f-00637ca118-1bfc3e68-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-22T10:14:48+00:00
x-id: sto5-up-gc10
accept-ranges: bytes
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/images/restless-fire.png
92.223.97.97200 OK 25 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/images/restless-fire.png
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 512 x 436, 8-bit colormap, non-interlaced\012- data
Hash 3043f931ada25f81bca06d4f0ea4dbaa
78f9bdc4a4b037b944687a7ee575793fd531b823
b3605f7cd8f58e9f7381a92d0919354d65c77b6793c14714263659a014a815fc
GET /glows-34505/src/images/restless-fire.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:42 GMT
content-type: image/png
content-length: 25054
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: "3043f931ada25f81bca06d4f0ea4dbaa"
x-amz-request-id: tx000000000000004c1da16-00637ca118-1c8e9cf0-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-22T10:14:48+00:00
x-id: sto5-up-gc12
accept-ranges: bytes
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/images/footer-logo.png
92.223.97.97200 OK 1.9 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/images/footer-logo.png
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 275 x 63, 8-bit colormap, non-interlaced\012- data
Hash 7ce94cd1324102c254e60ced58661dc3
b76e3b4e14cf98aa766788bc8cf4fbc97058fec0
fdd269a537d61d3fafbef167c6c7e22ae7707217427b506674f5f0d2f3caed48
GET /glows-34505/src/images/footer-logo.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:42 GMT
content-type: image/png
content-length: 1939
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: "7ce94cd1324102c254e60ced58661dc3"
x-amz-request-id: tx000000000000004c1da19-00637ca118-1c8e9cf0-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-22T10:14:48+00:00
x-id: sto5-up-gc11
accept-ranges: bytes
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/images/ship-emden.png
92.223.97.97200 OK 60 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/images/ship-emden.png
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 512 x 436, 8-bit colormap, non-interlaced\012- data
Hash b9182e13a30e8408117ea8c4383bd2e7
4964d7625738a00496d6ff495bf8f4c56c738c64
d213e73d4cc6d18a1e37ee13439919b46fd10f4b8e97ad13fe4333992801ebd4
GET /glows-34505/src/images/ship-emden.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:42 GMT
content-type: image/png
content-length: 60180
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: "b9182e13a30e8408117ea8c4383bd2e7"
x-amz-request-id: tx0000000000000016b606e-00637ca118-1bfc3e68-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-22T10:14:48+00:00
x-id: sto5-up-gc10
accept-ranges: bytes
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/images/credits.png
92.223.97.97200 OK 61 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/images/credits.png
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 512 x 436, 8-bit colormap, non-interlaced\012- data
Hash f245ac5b8cd1d7f859b96690b4a220d1
94b1eaa00d2de2928668a89386b425c754e8172f
4cec7b959abf0add7e91cfef60f074a6f8fc8d13470721d121d007f1c3775d30
GET /glows-34505/src/images/credits.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:42 GMT
content-type: image/png
content-length: 60960
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: "f245ac5b8cd1d7f859b96690b4a220d1"
x-amz-request-id: tx00000000000000129a883-00637ca118-1cdfff90-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-22T10:14:48+00:00
x-id: sto5-up-gc12
accept-ranges: bytes
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/images/ship-luis.png
92.223.97.97200 OK 67 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/images/ship-luis.png
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 512 x 436, 8-bit colormap, non-interlaced\012- data
Hash fd8388d631a2faf5d87e73a4c6aab79b
fb194c3ec881e98c1b5fc5cfee2899316ebfc86b
1f78488eb95a277f03cec5474bfb15ef822ce19435bc7efd1f37cbd4cb339a6b
GET /glows-34505/src/images/ship-luis.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:42 GMT
content-type: image/png
content-length: 67245
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: "fd8388d631a2faf5d87e73a4c6aab79b"
x-amz-request-id: tx000000000000004c1da17-00637ca118-1c8e9cf0-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-22T10:14:48+00:00
x-id: sto5-up-gc10
accept-ranges: bytes
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/video/video_bg_poster.jpg
92.223.97.97200 OK 1.1 MB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/video/video_bg_poster.jpg
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size 1.1 MB (1084614 bytes)
Hash 902cd1abfd666f6c0f58461a864305fc
24f6b660a15b03b886218c041af0fc1a20e15bfc
bf04190956fba52b0c074ed9246e904f4ee68772b4792385c6ea75a15b7e10fb
GET /glows-34505/src/video/video_bg_poster.jpg HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:42 GMT
content-type: image/jpeg
content-length: 1084614
last-modified: Tue, 22 Nov 2022 10:14:27 GMT
etag: "902cd1abfd666f6c0f58461a864305fc"
x-amz-request-id: tx000000000000000152a32-00637ca118-1cf7ee3c-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-22T10:14:48+00:00
x-id: sto5-up-gc12
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cfb6dfae453b6e11537bbc0b3cfd55cf
4ef51ba87aa84595517ea8c9544bd9149fdd5fec
f3de9fabcc7d81c87c2c3a2fa8753d32c94aabf439f51ede0dd406da2532dcff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5863
Cache-Control: max-age=105074
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:09:42 GMT
Etag: "63808e31-1d7"
Expires: Sun, 27 Nov 2022 11:20:56 GMT
Last-Modified: Fri, 25 Nov 2022 09:43:13 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
promo-cdn.worldofwarships.com/glows-34505/src/images/premium-7-days.png
92.223.97.97200 OK 92 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/images/premium-7-days.png
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type Web Open Font Format, TrueType, length 92000, version 1.0\012- data
Hash 390bd5d824e087653e297bdd9b369153
98d3f9b6c56788ca8a31212c8edc71e476a97bec
b32cf642f870c95b900ad763b21c6278701e4a4de13ac6f28e2da2a891a1706b
GET /glows-34505/src/images/premium-7-days.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:42 GMT
content-type: image/png
content-length: 49403
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: "98b09a0cd4166bddf0b0f3697c439740"
x-amz-request-id: tx000000000000000c425ae-00637ca118-1ce993ea-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-22T10:14:48+00:00
x-id: sto5-up-gc13
accept-ranges: bytes
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/global_static/age_ratings/v2/pegi_ext-in-game-purchases.svg
92.223.97.97200 OK 17 kB URL HTTP/2 promo-cdn.worldofwarships.com/global_static/age_ratings/v2/pegi_ext-in-game-purchases.svg
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
Hash 34e4c37f9b544b80d1a8abdb34271f6e
362bc2059e60916f41007d586d5549c1048ea508
1a980e47d576ba88da8c3a828fc26fd54b31cf88bd6cac5af3d502a1f6b18095
GET /global_static/age_ratings/v2/pegi_ext-in-game-purchases.svg HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:42 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Feb 2022 22:01:20 GMT
etag: W/"635ea99325f08d75fd8f09201f998f50"
x-amz-request-id: tx0000000000000002a85b2-00633fe0c3-1c445a09-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-24T08:21:48+00:00
x-id: sto5-up-gc11
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7fa4eeb85b180398f0def330311ace06
0328c6c7069c2f14d664d78fb6a330efbdebcf7e
d694a6e6493362c1c0dc702588c4885ce9c98a08238e1720c85c5f58e3fce8b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5364
Cache-Control: max-age=92349
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:09:42 GMT
Etag: "63805e6f-117"
Expires: Sun, 27 Nov 2022 07:48:51 GMT
Last-Modified: Fri, 25 Nov 2022 06:19:27 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
promo-cdn.worldofwarships.com/glows-34505/src/fonts/robotocondensed-bold.woff
92.223.97.97200 OK 92 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/fonts/robotocondensed-bold.woff
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type Web Open Font Format, TrueType, length 92496, version 1.0\012- data
Hash fb69d9cc5aea733510b530ed221b75dc
86276b2f2dfb7b42dc1639730c0bec56aa709be4
3b063cd5ae1793c617df8450a6c4343f7493ad006a574d9c3e9f7e81be9578f8
GET /glows-34505/src/fonts/robotocondensed-bold.woff HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Referer: https://promo-cdn.worldofwarships.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:42 GMT
content-length: 92496
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: "fb69d9cc5aea733510b530ed221b75dc"
x-amz-request-id: tx000000000000000c425dc-00637ca119-1ce993ea-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-22T10:14:49+00:00
x-id: sto5-up-gc15
accept-ranges: bytes
X-Firefox-Spdy: h2
tenor.wargaming.net/assets/campaigns/static/campaign_data_gtm_sender.js
92.223.21.16200 OK 6.6 kB URL HTTP/1.1 tenor.wargaming.net/assets/campaigns/static/campaign_data_gtm_sender.js
IP 92.223.21.16:0
ASN #199524 G-Core Labs S.A.
File type HTML document, ASCII text, with very long lines (7249)
Hash 51b44a9f232d5cec869a12623ae6dbfd
19305e6be93c7944f3e4cd68d778a73bf4a03031
32d957fdbd3debc51e0df55c6af4dbf747c501d19fafdd75731cb9a02cc68107
GET /assets/campaigns/static/campaign_data_gtm_sender.js HTTP/1.1
Host: tenor.wargaming.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 26 Nov 2022 06:09:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=200
Last-Modified: Wed, 09 Nov 2022 09:49:54 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"636b77c2-4ced"
Content-Encoding: gzip
promo-cdn.worldofwarships.com/glows-34505/src/images/logo-main.svg
92.223.97.97200 OK 3.7 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/images/logo-main.svg
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (4855)
Hash f4b9aeea669fcbec9ac7e6ca6189d371
5fc8fc34070da8f4360366b0eae53a5426407be5
7e891f5eebb96dbc6e44932459995e1f3ef2a4ed4c9a93a7ae370e8520d0e167
GET /glows-34505/src/images/logo-main.svg HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:42 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: W/"3205035293624ac8f4502ce6c888db9e"
x-amz-request-id: tx000000000000000cba074-00637ca118-1ce8cb68-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-22T10:14:48+00:00
x-id: sto5-up-gc10
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/otSDKStub.js
104.16.148.64200 OK 7.2 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/otSDKStub.js
IP 104.16.148.64:0
File type ASCII text, with very long lines (21747)
Hash 6ca9058d9138dc07d9a378e6f20a8b7b
ff5f65ad24a8e2b3042cbb0136be7edb52215c1a
1561d36bd995a09ea69c243767e196dd2e76a2753b59b78ecbf999161904f86d
GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 06:09:42 GMT
content-type: application/javascript
content-length: 7151
content-encoding: gzip
content-md5: bKkFjZE43AfZo3jm8gqLew==
last-modified: Fri, 25 Nov 2022 09:17:45 GMT
etag: 0x8DACEC5E9C800F3
x-ms-request-id: 205f9382-f01e-0007-272b-012e63000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 15615
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 770074f1da3f1bfa-OSL
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/libs/oneTrustBanner.js
92.223.97.97200 OK 4.7 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/libs/oneTrustBanner.js
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
Hash f8794f7563b964c59a24f4132b01291e
a0022bc55032d7af5a5d5e31776606aeac1c3569
df20cd2dcd97d6e65d0608a875bd80a8f2d5a7385d1ffb39d9e34fdf3f5a3b17
GET /glows-34505/src/libs/oneTrustBanner.js HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:42 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 22 Nov 2022 10:14:27 GMT
etag: W/"756187d7b894fafd3191e6683d92af26"
x-amz-request-id: tx000000000000001384a84-00637ca117-1cdf9313-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-22T10:14:47+00:00
x-id: sto5-up-gc12
content-encoding: gzip
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/images/bg_nologo.jpg
92.223.97.97200 OK 3.6 MB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/images/bg_nologo.jpg
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:07:23 11:49:21], baseline, precision 8, 3000x1977, components 3\012- data
Size 3.6 MB (3585879 bytes)
Hash 0f02cef4aad43587f3326cf30a6c032b
b618c163db92b11f5ded6af0bc9ae8c1374e2d5f
981dd4fd66bba58a5a94a0694d41e6788025aaf8a9b79872f946500f747c515b
GET /glows-34505/src/images/bg_nologo.jpg HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:42 GMT
content-type: image/jpeg
content-length: 3585879
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: "0f02cef4aad43587f3326cf30a6c032b"
x-amz-request-id: tx000000000000001384ab3-00637ca119-1cdf9313-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-22T10:14:49+00:00
x-id: sto5-up-gc12
accept-ranges: bytes
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/libs/aos.css
92.223.97.97200 OK 124 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/libs/aos.css
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
Size 124 kB (124121 bytes)
Hash 3a28325fcc18b94b82928f565ed471b4
507ebae8bf55ac477c2c8c557195279933514a60
782fc8410e9da2ad22a21bd7d16b917b37b7291241db311fb005deb7229c0675
GET /glows-34505/src/libs/aos.css HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:42 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Tue, 22 Nov 2022 10:14:27 GMT
etag: W/"1691966fad1799cece5fedf5bbd55bfc"
x-amz-request-id: tx00000000000000129a88c-00637ca118-1cdfff90-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-22T10:14:48+00:00
x-id: sto5-up-gc12
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.cookielaw.org/consent/68edbfbe-e009-4939-a55b-f4c65daa640b/68edbfbe-e009-4939-a55b-f4c65daa640b.json
104.16.148.64200 OK 1.9 kB URL HTTP/2 cdn.cookielaw.org/consent/68edbfbe-e009-4939-a55b-f4c65daa640b/68edbfbe-e009-4939-a55b-f4c65daa640b.json
IP 104.16.148.64:0
File type JSON data\012- , ASCII text, with very long lines (5875), with no line terminators
Hash 23b49030e418c340a4d3b3c510f6558d
fd7f8e05f97e7bf21c83782409f6972b172121f1
0f1e442050ca65df6cbaa0371a5097b75cb8bd93d0a7df66dfb88c249ed86b71
GET /consent/68edbfbe-e009-4939-a55b-f4c65daa640b/68edbfbe-e009-4939-a55b-f4c65daa640b.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 06:09:42 GMT
content-type: application/x-javascript
content-length: 1898
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: I7SQMOQYw0Ck07PFEPZVjQ==
last-modified: Fri, 25 Nov 2022 10:09:39 GMT
etag: 0x8DACECD29F68FC0
x-ms-request-id: 22332b09-f01e-0147-73b6-0041d8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 71957
expires: Sun, 27 Nov 2022 06:09:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 770074f38ac41bfa-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:09:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
promo.worldofwarships.eu/glows-34505/eu-no/?t=1&pub_id=1287&xid=6381ada689833e00013ba4b3&xid_param1=EZ46KGBJ6R&xid_param_2=&sid=SID8yMl2_6d4wPzbTy4SoivvSxfGV37_WSFwcpubFcyN-R4jxBKN_i8JHoDuRF6_HD66nMbhbmliwFjzKsx4xKYLtImVetqcNUXZDEOxYXsAlWkq2VOzslzviH0GPFwA3fpFAY26ghuI-Izfw&enctid=com05ag4z6rn&lpsn=WOWS+TMPLT1+CODE+BOOM+global+WITH+BONUS+SUBTITLE&foris=1&teclient=1669442982279948081&utm_source=wlap&utm_medium=affiliate&utm_campaign=kcf6desd&utm_content=1287
92.223.97.97200 OK 9.4 MB URL HTTP/2 promo.worldofwarships.eu/glows-34505/eu-no/?t=1&pub_id=1287&xid=6381ada689833e00013ba4b3&xid_param1=EZ46KGBJ6R&xid_param_2=&sid=SID8yMl2_6d4wPzbTy4SoivvSxfGV37_WSFwcpubFcyN-R4jxBKN_i8JHoDuRF6_HD66nMbhbmliwFjzKsx4xKYLtImVetqcNUXZDEOxYXsAlWkq2VOzslzviH0GPFwA3fpFAY26ghuI-Izfw&enctid=com05ag4z6rn&lpsn=WOWS+TMPLT1+CODE+BOOM+global+WITH+BONUS+SUBTITLE&foris=1&teclient=1669442982279948081&utm_source=wlap&utm_medium=affiliate&utm_campaign=kcf6desd&utm_content=1287
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
Size 9.4 MB (9446333 bytes)
Hash e8465e026a9d4c3bd7bb6d47517cc78d
a1f8406d13e755cc410f78ff9ba899b3308c350d
e4bfe9d2e8db6050e08b958d50085a318c1b00dd00ef997f283ebe3825e9ba13
GET /glows-34505/eu-no/?t=1&pub_id=1287&xid=6381ada689833e00013ba4b3&xid_param1=EZ46KGBJ6R&xid_param_2=&sid=SID8yMl2_6d4wPzbTy4SoivvSxfGV37_WSFwcpubFcyN-R4jxBKN_i8JHoDuRF6_HD66nMbhbmliwFjzKsx4xKYLtImVetqcNUXZDEOxYXsAlWkq2VOzslzviH0GPFwA3fpFAY26ghuI-Izfw&enctid=com05ag4z6rn&lpsn=WOWS+TMPLT1+CODE+BOOM+global+WITH+BONUS+SUBTITLE&foris=1&teclient=1669442982279948081&utm_source=wlap&utm_medium=affiliate&utm_campaign=kcf6desd&utm_content=1287 HTTP/1.1
Host: promo.worldofwarships.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:42 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 17 Nov 2022 12:32:22 GMT
etag: W/"eaf6bef074a5ee6283d9d64ad7bf4660"
x-amz-request-id: tx000000000000000786153-00637a3cb1-1ce8cb68-ed1
cache: HIT
x-cached-since: 2022-11-24T15:41:33+00:00
x-id: sto5-up-gc13
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 775fdc356e7fe199f980a87510417f3b
80e9d8f026be523d1b887e110b2aa4eff1d82a41
deee4d2a2a5488e7240258b9ba907ce2c3b8a96df3345a8a79e3cf059fb95be7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5041
Cache-Control: max-age=112531
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:09:43 GMT
Etag: "6380ae89-117"
Expires: Sun, 27 Nov 2022 13:25:14 GMT
Last-Modified: Fri, 25 Nov 2022 12:01:13 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
tenor.wargaming.net/sid?include=campaign&filter[sid]=SID8yMl2_6d4wPzbTy4SoivvSxfGV37_WSFwcpubFcyN-R4jxBKN_i8JHoDuRF6_HD66nMbhbmliwFjzKsx4xKYLtImVetqcNUXZDEOxYXsAlWkq2VOzslzviH0GPFwA3fpFAY26ghuI-Izfw
92.223.21.16200 OK 485 B URL HTTP/1.1 tenor.wargaming.net/sid?include=campaign&filter[sid]=SID8yMl2_6d4wPzbTy4SoivvSxfGV37_WSFwcpubFcyN-R4jxBKN_i8JHoDuRF6_HD66nMbhbmliwFjzKsx4xKYLtImVetqcNUXZDEOxYXsAlWkq2VOzslzviH0GPFwA3fpFAY26ghuI-Izfw
IP 92.223.21.16:0
ASN #199524 G-Core Labs S.A.
File type JSON data\012- , ASCII text, with very long lines (921), with no line terminators
Hash b23ff51c79ca1f45aee91106a8d2d068
2362afc5703a1cb3f07735700715c35c1ae02866
34bc08ce2df220cf6457dad70632f76eb259093ee5bb888274e2c8aaa7269276
GET /sid?include=campaign&filter[sid]=SID8yMl2_6d4wPzbTy4SoivvSxfGV37_WSFwcpubFcyN-R4jxBKN_i8JHoDuRF6_HD66nMbhbmliwFjzKsx4xKYLtImVetqcNUXZDEOxYXsAlWkq2VOzslzviH0GPFwA3fpFAY26ghuI-Izfw HTTP/1.1
Host: tenor.wargaming.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 26 Nov 2022 06:09:43 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=200
Vary: Accept-Encoding
Access-Control-Expose-Headers: Server,Content-Length,Date
Access-Control-Allow-Origin: https://promo.worldofwarships.eu
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
promo-cdn.worldofwarships.com/global_static/favicon/v2/apple-touch-icon-180x180.png
92.223.97.97200 OK 2.3 kB URL HTTP/2 promo-cdn.worldofwarships.com/global_static/favicon/v2/apple-touch-icon-180x180.png
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 687168d21b7e78dfb6175de97ae3d045
78081e22c1ea9e51a6cac8910d7ce01c319132e1
49f69cf7e37fda7051cd440048ecd5b2ab0973f106dc6e669959ee453b03e5d1
GET /global_static/favicon/v2/apple-touch-icon-180x180.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:43 GMT
content-type: image/png
content-length: 2326
last-modified: Mon, 05 Sep 2022 07:56:20 GMT
etag: "687168d21b7e78dfb6175de97ae3d045"
x-amz-request-id: tx0000000000000002a896d-00633fe0e6-1c4459fa-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-24T08:36:55+00:00
x-id: sto5-up-gc10
accept-ranges: bytes
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/scripts/script.js
92.223.97.97200 OK 1.9 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/scripts/script.js
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
Hash 09fc4de9e9ee0a8543a4f6e965f95fbc
633a5ede27c2a94e64b32e3b5f5806d0c2de9219
bdb3e56db8f241a58bbd3383d8c366c47e04df3ec31e345a864d5bc79947932d
GET /glows-34505/src/scripts/script.js HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:42 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: W/"eab843ce65c0521f3d120a4b09548b66"
x-amz-request-id: tx0000000000000001ae8bd-00637ca117-1cf5682d-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-22T10:14:47+00:00
x-id: sto5-up-gc11
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:09:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:09:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
geolocation.onetrust.com/cookieconsentpub/v1/geo/location
104.18.27.85200 OK 130 B URL HTTP/2 geolocation.onetrust.com/cookieconsentpub/v1/geo/location
IP 104.18.27.85:0
Hash 9eadcbdbfae102853d7ae45f7ae9943d
347ceebff81d3396352ecd4eaa7bc785a35c2da4
ec49114f3c81c443661faee5f89f99ec2955c1e2f7cd4da316a8485f22123fe1
GET /cookieconsentpub/v1/geo/location HTTP/1.1
Host: geolocation.onetrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 06:09:43 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 770074f69f2e0b02-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/viewthroughconversion/1006839708/?random=1669442982364&cv=11&fst=1669442982364&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgb90&gcs=G100&gcd=G100&u_w=1280&u_h=1024&label=H356CMb80IcDEJzPjOAD&hn=www.google.com&frm=0&url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6381ada689833e00013ba4b3%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSID8yMl2_6d4wPzbTy4SoivvSxfGV37_WSFwcpubFcyN-R4jxBKN_i8JHoDuRF6_HD66nMbhbmliwFjzKsx4xKYLtImVetqcNUXZDEOxYXsAlWkq2VOzslzviH0GPFwA3fpFAY26ghuI-Izfw%26enctid%3Dcom05ag4z6rn%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1669442982279948081%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&tiba=World%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high&value=0&bttype=purchase&gcp=1&ct_cookie_present=1
142.250.74.162200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pagead/viewthroughconversion/1006839708/?random=1669442982364&cv=11&fst=1669442982364&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgb90&gcs=G100&gcd=G100&u_w=1280&u_h=1024&label=H356CMb80IcDEJzPjOAD&hn=www.google.com&frm=0&url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6381ada689833e00013ba4b3%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSID8yMl2_6d4wPzbTy4SoivvSxfGV37_WSFwcpubFcyN-R4jxBKN_i8JHoDuRF6_HD66nMbhbmliwFjzKsx4xKYLtImVetqcNUXZDEOxYXsAlWkq2VOzslzviH0GPFwA3fpFAY26ghuI-Izfw%26enctid%3Dcom05ag4z6rn%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1669442982279948081%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&tiba=World%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high&value=0&bttype=purchase&gcp=1&ct_cookie_present=1
IP 142.250.74.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/1006839708/?random=1669442982364&cv=11&fst=1669442982364&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgb90&gcs=G100&gcd=G100&u_w=1280&u_h=1024&label=H356CMb80IcDEJzPjOAD&hn=www.google.com&frm=0&url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6381ada689833e00013ba4b3%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSID8yMl2_6d4wPzbTy4SoivvSxfGV37_WSFwcpubFcyN-R4jxBKN_i8JHoDuRF6_HD66nMbhbmliwFjzKsx4xKYLtImVetqcNUXZDEOxYXsAlWkq2VOzslzviH0GPFwA3fpFAY26ghuI-Izfw%26enctid%3Dcom05ag4z6rn%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1669442982279948081%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dkcf6desd%26utm_content%3D1287&tiba=World%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high&value=0&bttype=purchase&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 06:09:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/libs/jquery.min.js
92.223.97.97200 OK 133 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/libs/jquery.min.js
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type ASCII text, with very long lines (32077)
Size 133 kB (132881 bytes)
Hash ab972572e317ab5929706ec8cdb749cc
161b243f664b5717f98e719000cf9bb2e70978cd
c206b79a4c37182b3460dedaac1fcff257189b24fe38c2707a78c0508ecdc8ba
GET /glows-34505/src/libs/jquery.min.js HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:42 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 22 Nov 2022 10:14:27 GMT
etag: W/"4f252523d4af0b478c810c2547a63e19"
x-amz-request-id: tx0000000000000001ae8d2-00637ca118-1cf5682d-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-22T10:14:48+00:00
x-id: sto5-up-gc14
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.cookielaw.org/consent/68edbfbe-e009-4939-a55b-f4c65daa640b/ad5c42f4-14cd-4309-be4a-e049aeb7b78d/en.json
104.16.148.64200 OK 12 kB URL HTTP/2 cdn.cookielaw.org/consent/68edbfbe-e009-4939-a55b-f4c65daa640b/ad5c42f4-14cd-4309-be4a-e049aeb7b78d/en.json
IP 104.16.148.64:0
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (48198), with no line terminators
Hash b423017d2eccc05cb5e3921d36eeb535
b989dd503a71fa6a448860a5d59c28bbceee910b
b8aab8ba299a063e0e5faacea59d7cc56da466c0fd3b91a8d03480184eaf7495
GET /consent/68edbfbe-e009-4939-a55b-f4c65daa640b/ad5c42f4-14cd-4309-be4a-e049aeb7b78d/en.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 06:09:43 GMT
content-type: application/x-javascript
content-length: 11485
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: tCMBfS7MwFy145IdNu61NQ==
last-modified: Fri, 25 Nov 2022 10:09:21 GMT
etag: 0x8DACECD1F1475FC
x-ms-request-id: ba3e27e9-f01e-00e9-15b6-0024e0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 71957
expires: Sun, 27 Nov 2022 06:09:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 770074f7dc871bfa-OSL
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/libs/aos.js
92.223.97.97200 OK 7.2 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/libs/aos.js
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
File type ASCII text, with very long lines (12414)
Hash 98389d499a1bf15a4c051a7feed5f1c8
efc773e96fae5bf4928376f70ff4c032106baa70
2034d6a8afd4a5da4c1cec7e9965169bf85c391e3ac29bb90aa54c262f506c63
GET /glows-34505/src/libs/aos.js HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:42 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 22 Nov 2022 10:14:27 GMT
etag: W/"7ee92212a3ecbc19d9d71fa3818508af"
x-amz-request-id: tx00000000000000129a87f-00637ca117-1cdfff90-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-22T10:14:47+00:00
x-id: sto5-up-gc15
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/202211.1.0/assets/v2/otPcCenter.json
104.16.148.64200 OK 12 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/202211.1.0/assets/v2/otPcCenter.json
IP 104.16.148.64:0
File type JSON data\012- , ASCII text, with very long lines (50353)
Hash 0cd2fb0fd730954ef2159520d96f1934
d2656260dfdac230479c8e7dc44444e9d5c8faf2
b821093423791675ca31c2d688b528b329737cca90ef62bc44f5c5b39423c8f6
GET /scripttemplates/202211.1.0/assets/v2/otPcCenter.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 06:09:43 GMT
content-type: application/json
content-length: 12540
content-encoding: gzip
content-md5: DNL7D9cwlU7yFZUg2W8ZNA==
last-modified: Thu, 24 Nov 2022 02:58:31 GMT
etag: 0x8DACDC7C529062C
x-ms-request-id: 32e73b5a-401e-0155-5311-0075c4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 71957
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 770074f81c9b1bfa-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/logos/04fe1919-d767-41dc-abd4-f409a111f829/d0c760aa-d1b6-44a8-964c-9ae294f365f3/40885536-3b1f-4688-b7c1-39913d45a61e/wg_logo_secondversion_white1r.png
104.16.148.64200 OK 13 kB URL HTTP/2 cdn.cookielaw.org/logos/04fe1919-d767-41dc-abd4-f409a111f829/d0c760aa-d1b6-44a8-964c-9ae294f365f3/40885536-3b1f-4688-b7c1-39913d45a61e/wg_logo_secondversion_white1r.png
IP 104.16.148.64:0
File type PNG image data, 1000 x 320, 8-bit/color RGBA, non-interlaced\012- data
Hash c90475872d8975dcc4b5ed7db6cc5e28
1e5a413845f5d501c174ae4940e1329a2575067f
e79eb16948cca42e0f7884fad7637fa6ec69117a07dbc04cc8b3ea7ebeaef719
GET /logos/04fe1919-d767-41dc-abd4-f409a111f829/d0c760aa-d1b6-44a8-964c-9ae294f365f3/40885536-3b1f-4688-b7c1-39913d45a61e/wg_logo_secondversion_white1r.png HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 06:09:43 GMT
content-type: image/png
content-length: 13003
content-md5: yQR1hy2JddzEte19tsxeKA==
last-modified: Fri, 02 Oct 2020 14:20:55 GMT
etag: 0x8D866DE604098C2
x-ms-request-id: 80efabc0-001e-0056-516d-c43096000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 77972
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 770074f87cbd1bfa-OSL
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c125eba-03aa-443e-b99e-10c7890258e8.webp
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c125eba-03aa-443e-b99e-10c7890258e8.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 95101ded0fe92a85649a086992948008
afed98649590f2524a9e530c53eebbc1ba36da6a
7f754cb2105494045efe657c47313e77bb26361ca45a6f8cbce1fdb52a15ba01
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c125eba-03aa-443e-b99e-10c7890258e8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9787
x-amzn-requestid: 51d9848a-868c-4e51-b1a8-30596d0108b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLUfxHjToAMFeGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813464-749244df2aa06b23445d675c;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:32:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mSCEUQ3aOXg6rxJV0iWPgFZ6TE2pCucWwOI3KAsdbu_EadcDDa5vwg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:07:47 GMT
age: 28918
etag: "afed98649590f2524a9e530c53eebbc1ba36da6a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 62b8b72bdd7d2a773d9b7e2977205ed4
1dc73fc4d109e62e217063dae01b79e4b2608c3a
d3d4d016edd9e2402f99bf42444ef27e0e7c979e40a0e3d8ac3c0c631b36ca77
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3692
Cache-Control: max-age=120197
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 06:09:45 GMT
Etag: "6380d1c2-118"
Expires: Sun, 27 Nov 2022 15:33:02 GMT
Last-Modified: Fri, 25 Nov 2022 14:31:30 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 280
c0.wp.com/p/jetpack/10.9/_inc/build/photon/photon.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/10.9/_inc/build/photon/photon.min.js
IP 192.0.77.37:0
GET /p/jetpack/10.9/_inc/build/photon/photon.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:39 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
content-encoding: br
expires: Sun, 26 Nov 2023 06:09:39 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/global_static/age_ratings/v2/pegi_ext-violence.svg
92.223.97.97200 OK 0 B URL HTTP/2 promo-cdn.worldofwarships.com/global_static/age_ratings/v2/pegi_ext-violence.svg
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
GET /global_static/age_ratings/v2/pegi_ext-violence.svg HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:42 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Feb 2022 22:01:20 GMT
etag: W/"9a3e2c35d77bd8b96138310eeb6b7f7b"
x-amz-request-id: tx00000000000000080ab06-00633fe0c3-1c4c0c09-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-24T08:21:48+00:00
x-id: sto5-up-gc11
content-encoding: gzip
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/css/dist/block-library/style.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/css/dist/block-library/style.min.css
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:38 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
content-encoding: br
expires: Sun, 26 Nov 2023 06:09:38 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/libs/jquery.fullpage.js
92.223.97.97200 OK 0 B URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/libs/jquery.fullpage.js
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
GET /glows-34505/src/libs/jquery.fullpage.js HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:42 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 22 Nov 2022 10:14:27 GMT
etag: W/"9a854eed59d24b9252aa7e8ff082eda8"
x-amz-request-id: tx0000000000000001ae8db-00637ca118-1cf5682d-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-22T10:14:48+00:00
x-id: sto5-up-gc14
content-encoding: gzip
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/comment-reply.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/comment-reply.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/comment-reply.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:39 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
content-encoding: br
expires: Sun, 26 Nov 2023 06:09:39 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/underscore.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/underscore.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/underscore.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:39 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 27 Sep 2022 15:18:25 GMT
content-encoding: br
expires: Sun, 26 Nov 2023 06:09:39 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/202211.1.0/assets/otCommonStyles.css
104.16.148.64200 OK 0 B URL HTTP/2 cdn.cookielaw.org/scripttemplates/202211.1.0/assets/otCommonStyles.css
IP 104.16.148.64:0
GET /scripttemplates/202211.1.0/assets/otCommonStyles.css HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 06:09:43 GMT
content-type: text/css
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
last-modified: Thu, 24 Nov 2022 02:58:43 GMT
x-ms-request-id: a74e20a8-001e-00d5-3a11-00903b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 71956
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 770074f82c9c1bfa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
thirawogla.com/bm3iVx0.Pj3upevvb/m/V_JqZ-DG0v0/NqTJcEylMqjNApwjLVTsQA1wNJzGIgy/MbDOEu
88.85.94.246200 OK 0 B URL HTTP/2 thirawogla.com/bm3iVx0.Pj3upevvb/m/V_JqZ-DG0v0/NqTJcEylMqjNApwjLVTsQA1wNJzGIgy/MbDOEu
IP 88.85.94.246:0
GET /bm3iVx0.Pj3upevvb/m/V_JqZ-DG0v0/NqTJcEylMqjNApwjLVTsQA1wNJzGIgy/MbDOEu HTTP/1.1
Host: thirawogla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://long.interestmoments.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:41 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
x-frame-options: DENY
referrer-policy: no-referrer
p3p: CP="CUR ADM OUR NOR STA NID"
last-modified: Sat, 26 Nov 2022 06:09:41 GMT
set-cookie: kadCCap=220335:1:1669231427;199455:1:1668245056;219047:1:1667194435;79610:1:1669272875;221398:1:1669325799;219652:1:1669330335;194136:1:1669413157;220790:1:1668460505;218693:1:1667677974;219484:1:1667715065;212269:1:1667199062; max-age=1700978981; path=/
kadACap=419301:1:1669283271;453831:1:1669298989;407100:1:1668246232;445506:1:1669286676;383700:1:1669381502;419321:1:1669324429;419297:1:1669302446;446531:1:1669270846;419323:1:1669432178;190964:1:1669272875;445735:1:1669286676;346327:1:1669416258;451139:1:1669432649;419293:1:1669439385;401659:1:1669300061;451724:1:1669318265;419303:1:1669354741;446013:1:1668228435;419299:1:1669432259;449523:1:1669417312;419295:1:1669362714;424441:1:1669300556; max-age=1700978981; path=/
kadCSCap=194136:1:1669413157; path=/
kadASCap=419293:1:1669439385;383700:1:1669381502;419295:1:1669362714;419323:1:1669432178;451139:1:1669432649;449523:1:1669417312;346327:1:1669416258;419299:1:1669432259; path=/
kadRPixJ=bnVsbA==; max-age=1700978981; path=/
kadUnP3=CAkQpfKEnAYaDQjMyZcCEAEYpfKEnAYaDQj+05cCEAEYmuiBnAYaDQjzwZkBEAEYwoqFnAYaDQivp/4BEAEY4uqFnAYaDQioiJcCEAcYw4yDnAYiCggBEAEY4uqFnAYiCggDEAgYpfKEnAYqDAiSnCgQARil8oScBioMCLqdKBABGJrogZwGKgwIw+kMEAEY4uqFnAYqDAiMvRIQARjCioWcBioMCKSTKBAHGMOMg5wG; max-age=1700978981; path=/
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
lalangmanis.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
194.233.68.84200 OK 0 B URL HTTP/2 lalangmanis.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 194.233.68.84:0
ASN #141995 Contabo Asia Private Limited
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: lalangmanis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:38 GMT
content-type: application/javascript
last-modified: Tue, 22 Nov 2022 08:43:34 GMT
etag: W/"637c8bb6-529a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:38 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
content-encoding: br
expires: Sun, 26 Nov 2023 06:09:38 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
jsc.mgid.com/l/a/lalangmanis.com.1168211.js
104.19.133.78200 OK 0 B URL HTTP/2 jsc.mgid.com/l/a/lalangmanis.com.1168211.js
IP 104.19.133.78:0
GET /l/a/lalangmanis.com.1168211.js HTTP/1.1
Host: jsc.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 06:09:38 GMT
content-type: text/javascript
cf-bgj: minify
cf-polished: origSize=2348
etag: W/"ceaa192d76dd016dba4f1df2cd05f396"
last-modified: Wed, 23 Nov 2022 11:46:57 GMT
x-amz-id-2: 8IQwTbpi/GXd2+TN+NslzmOztAFU9VwfDS7qRGejwaDIMbPWfqPxQ2m8cxMsD3LR6XnGsedJB7Y=
x-amz-request-id: SAP4KJWGXQXH6JBD
x-amz-version-id: vmB1hPYmPMJdl5HjNZ5ulFmwxuPoD9NS
cf-cache-status: HIT
age: 3597
expires: Sat, 26 Nov 2022 09:09:38 GMT
cache-control: public, max-age=10800
set-cookie: __cf_bm=4hEFLWvmwoI_q8uxrC_4NazRwQmtu6WIwmXx7Wz8lZU-1669442978-0-AatglolAE37sihYXduVgtvoeENG19/25dwnGx+m17XTeN0gwPMaBiE0dV1Mpudal1qmOKVTNI4rNGtc/LaJC6wQ=; path=/; expires=Sat, 26-Nov-22 06:39:38 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770074da2bcbb4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lalangmanis.com/wp-content/themes/Newspaper/style.css?ver=11.5
194.233.68.84200 OK 0 B URL HTTP/2 lalangmanis.com/wp-content/themes/Newspaper/style.css?ver=11.5
IP 194.233.68.84:0
ASN #141995 Contabo Asia Private Limited
GET /wp-content/themes/Newspaper/style.css?ver=11.5 HTTP/1.1
Host: lalangmanis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:38 GMT
content-type: text/css
last-modified: Sat, 14 May 2022 22:45:46 GMT
etag: W/"6280311a-26566"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:38 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
content-encoding: br
expires: Sun, 26 Nov 2023 06:09:38 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:38 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Sun, 26 Nov 2023 06:09:38 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/global_static/age_ratings/v2/pegi_rating.svg
92.223.97.97200 OK 0 B URL HTTP/2 promo-cdn.worldofwarships.com/global_static/age_ratings/v2/pegi_rating.svg
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
GET /global_static/age_ratings/v2/pegi_rating.svg HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:42 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Feb 2022 22:01:21 GMT
etag: W/"207ef7e145ba483b342b96f8c2fbf72a"
x-amz-request-id: tx0000000000000002a85f1-00633fe0c3-1c4459fa-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-24T08:22:35+00:00
x-id: sto5-up-gc13
content-encoding: gzip
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/styles/style.css?v=2.2
92.223.97.97200 OK 0 B URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/styles/style.css?v=2.2
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
GET /glows-34505/src/styles/style.css?v=2.2 HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:42 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: W/"c051de716150069a75decab6539edd41"
x-amz-request-id: tx000000000000000c425be-00637ca118-1ce993ea-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-22T10:14:48+00:00
x-id: sto5-up-gc13
content-encoding: gzip
X-Firefox-Spdy: h2
lalangmanis.com/wp-content/plugins/td-newsletter/style.css?ver=11.5
194.233.68.84200 OK 0 B URL HTTP/2 lalangmanis.com/wp-content/plugins/td-newsletter/style.css?ver=11.5
IP 194.233.68.84:0
ASN #141995 Contabo Asia Private Limited
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/td-newsletter/style.css?ver=11.5 HTTP/1.1
Host: lalangmanis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:38 GMT
content-type: text/css
last-modified: Sun, 15 May 2022 10:29:15 GMT
etag: W/"6280d5fb-1558"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
lalangmanis.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.5
194.233.68.84200 OK 0 B URL HTTP/2 lalangmanis.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.5
IP 194.233.68.84:0
ASN #141995 Contabo Asia Private Limited
GET /wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.5 HTTP/1.1
Host: lalangmanis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lalangmanis.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 06:09:39 GMT
content-type: application/javascript
last-modified: Sun, 15 May 2022 10:27:19 GMT
etag: W/"6280d587-44c89"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2