adcryp.com/
301 Moved Permanently 707 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Fri, 09 Dec 2022 04:59:00 GMT
server: LiteSpeed
location: https://adcryp.com/
x-turbo-charged-by: LiteSpeed
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3753
Expires: Fri, 09 Dec 2022 06:01:33 GMT
Date: Fri, 09 Dec 2022 04:59:00 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6693
Expires: Fri, 09 Dec 2022 06:50:33 GMT
Date: Fri, 09 Dec 2022 04:59:00 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 04:08:17 GMT
content-type: application/json
age: 3043
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20444
Expires: Fri, 09 Dec 2022 10:39:44 GMT
Date: Fri, 09 Dec 2022 04:59:00 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 1yeTI4B23XO7/gUYLUrI4kLAPTRAPdYs3ur6NqgjETgj6931lxR5nCW0acB9+AS1uXUDe8GwyYw=
x-amz-request-id: KVQ6JBYDBX434WN4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 04:50:07 GMT
age: 533
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:59:00 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash d0ccd161bfbc294d51507c47532208d3
69813b762b9efb4d1aab83caf67cdada8be6cfb1
f578653619d3f4f686e3d69a389988b674ea1284c97a60b38d44d579a7142951
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:59:00 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 08 Dec 2022 05:00:16 GMT
Expires: Thu, 15 Dec 2022 05:00:15 GMT
Etag: "69813b762b9efb4d1aab83caf67cdada8be6cfb1"
Cache-Control: max-age=517874,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776b2b41ee5d0af6-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 04:07:55 GMT
age: 3066
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
adcryp.com/
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://www.adcryp.com/
x-litespeed-cache: miss
content-length: 0
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/
200 OK 50 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (9458), with CRLF, LF line terminators
Hash e810c141353102afd3bd56f915466a27
edfa829da26f84174c561b7c0d42f98293186420
07b777af44881c4437e4257e187ec985b9c319807c721fdd4db185d3e9d1ceb7
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
link: <https://www.adcryp.com/wp-json/>; rel="https://api.w.org/", <https://www.adcryp.com/wp-json/wp/v2/pages/156>; rel="alternate"; type="application/json", <https://www.adcryp.com/>; rel=shortlink
etag: "23700-1669974154;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 50222
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 992
Cache-Control: max-age=102263
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:01 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 09:23:24 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
www.adcryp.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.7.5
200 OK 1.8 kB URL HTTP/2 www.adcryp.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.7.5
IP
File type ASCII text, with very long lines (10435), with no line terminators
Hash f7237084ac82ea6a4f5bf1448c3a2148
60457635a5e809ee1199c61090d8e33b91e8e1f2
18a1cb7f08c1ace52a79f46d73461ed03bf8cf5c9e8a3687eacc3e04f08e7a09
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.7.5 HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: text/css
last-modified: Thu, 25 Aug 2022 00:12:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1754
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.7.5
200 OK 23 kB URL HTTP/2 www.adcryp.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.7.5
IP
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Hash 0c6730c96c60030ddaf42fcf5daf3b17
feb4c0071f27718582e58d365022a1b559de5765
d996bec53b493bc579754f29f7d6d0b5332f3354c860a3787e2365a79c44f995
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.7.5 HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: text/css
last-modified: Thu, 03 Nov 2022 20:38:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 22871
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-includes/css/classic-themes.min.css?ver=1
200 OK 217 B URL HTTP/2 www.adcryp.com/wp-includes/css/classic-themes.min.css?ver=1
IP
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: text/css
last-modified: Wed, 02 Nov 2022 08:04:22 GMT
accept-ranges: bytes
content-length: 217
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
200 OK 12 kB URL HTTP/2 www.adcryp.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP
File type ASCII text, with very long lines (47826)
Hash c4d7cc056b49b00e05cc29cc59aa3d5a
48c426bec60099d2a8628df430ed682c72aab42a
8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: text/css
last-modified: Tue, 15 Nov 2022 20:04:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
200 OK 848 B URL HTTP/2 www.adcryp.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP
Hash c962ba8e7d42ff9da18392b41dad5151
7b89bc5e6ad161df2e6d7f7fb3ad894aa04b827f
322a4949c5bdd82eb80c13bbbd407ce30a7ad226685c54270d246cb6960e524e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: text/css
last-modified: Mon, 11 Oct 2021 13:40:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 848
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=7.1.0
200 OK 2.3 kB URL HTTP/2 www.adcryp.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=7.1.0
IP
File type ASCII text, with very long lines (17809), with no line terminators
Hash 09d93f4de720fc11a2944fea38fcafcd
e46cf6a8d3373c7fa5feba0b30cd9b9983f719b2
cf900721be13309b96cf6c6f56b1c0a40194e8aea1b0a0361739219c9c0f9998
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=7.1.0 HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: text/css
last-modified: Wed, 22 Dec 2021 00:24:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2329
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=7.1.0
200 OK 8.4 kB URL HTTP/2 www.adcryp.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=7.1.0
IP
File type Unicode text, UTF-8 text, with very long lines (62781), with no line terminators
Hash 6688cf6da7f8e77fce4b23ecd4fa64d4
b787949222758071c1a6221f698cad9bf9b1db2e
1b0db771c94b550d2e2eb123523a8357529aa8ec8869be9e8aabb2595055f438
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=7.1.0 HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: text/css
last-modified: Tue, 01 Nov 2022 23:29:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8434
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/plugins/td-newsletter/style.css?ver=11.5.1
200 OK 1.2 kB URL HTTP/2 www.adcryp.com/wp-content/plugins/td-newsletter/style.css?ver=11.5.1
IP
File type ASCII text, with very long lines (5464), with no line terminators
Hash 6acb1567632c06b1676a9fd945898bed
402fbd83c8432140ef37293364327aa48c4d1911
f3159bc5bf44e430ca4b4a54fcb3565987df694ab2b600dd197894e3a4f584dd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/td-newsletter/style.css?ver=11.5.1 HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: text/css
last-modified: Fri, 17 Jun 2022 14:20:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1214
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=6ea45b81e47c58269b68289d05535e19x
200 OK 4.4 kB URL HTTP/2 www.adcryp.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=6ea45b81e47c58269b68289d05535e19x
IP
File type ASCII text, with very long lines (37612), with no line terminators
Hash 4df29c95b736edeeeb33bc7693a99b37
2c41e37aedc03a40d919cba6c90029082d222899
6b7be65cdd77f9d800f56a7c4827f598b866f0fde41a6bd5d297d3bbeb5aedf7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=6ea45b81e47c58269b68289d05535e19x HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: text/css
last-modified: Sat, 11 Jun 2022 09:34:15 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4410
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d61883097c47c0fcb4a15cafc5bdbdfc
54411aba43093cafd1cb2acea7c2b4c69184611f
0aef2b974544f530bd591dd0201909a9c2a6b3f4451c69288bafc126d9a37e2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.adcryp.com/wp-content/plugins/td-subscription/assets/css/tds-front.css?ver=1.3.1
200 OK 5.9 kB URL HTTP/2 www.adcryp.com/wp-content/plugins/td-subscription/assets/css/tds-front.css?ver=1.3.1
IP
File type ASCII text, with very long lines (1273)
Hash 31e795cb1bac18356fe9c8d03ab326ac
6584299ea71446c907beed3610d38dd0db55c1d5
bfb3d763514fd59722696163ea196bc6568f194eb7a7b82c0e6296996fa43832
GET /wp-content/plugins/td-subscription/assets/css/tds-front.css?ver=1.3.1 HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: text/css
last-modified: Fri, 17 Jun 2022 14:20:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5878
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/themes/Newspaper/style.css?ver=11.5.1
200 OK 24 kB URL HTTP/2 www.adcryp.com/wp-content/themes/Newspaper/style.css?ver=11.5.1
IP
File type ASCII text, with very long lines (378)
Hash 73a81e49111a6b3e5c477111f2687bca
05af1a4ed04a36d89871640163f912143b5ab61e
6960a5bcf7eceba66da9c9a8a9b18a95d90055c88a3200aec9aa4b10c3f9a471
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Newspaper/style.css?ver=11.5.1 HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: text/css
last-modified: Sat, 11 Jun 2022 09:34:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 24019
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
200 OK 30 kB URL HTTP/2 www.adcryp.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
File type ASCII text, with very long lines (65447)
Hash 3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 08:04:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/uploads/2022/06/newspaper-rec728.jpg
200 OK 14 kB URL HTTP/2 www.adcryp.com/wp-content/uploads/2022/06/newspaper-rec728.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 728x90, components 3\012- data
Hash 157d6ec791e95db88da37069c2270a15
7f7a10158c1b28ffa76f301acba965394fb9d142
295877512c0e2f157bcd52c90fa6f854ad6353826ba27b0b933832e0fe720b8b
GET /wp-content/uploads/2022/06/newspaper-rec728.jpg HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: image/jpeg
last-modified: Sat, 11 Jun 2022 08:23:43 GMT
accept-ranges: bytes
content-length: 14298
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=6ea45b81e47c58269b68289d05535e19x
200 OK 23 kB URL HTTP/2 www.adcryp.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=6ea45b81e47c58269b68289d05535e19x
IP
Hash 70a20362ee876fa98945ebefcac79f2a
513be3cadaf66f2dd0a7e5071d3b1bc9a9327d44
86aad8e8e06f7add22519ada2dd449a988af6b2b1741de702b4a592f7964e211
GET /wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=6ea45b81e47c58269b68289d05535e19x HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: text/css
last-modified: Sat, 11 Jun 2022 09:34:15 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 23083
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/uploads/2022/06/140x48-1.png
200 OK 7.4 kB URL HTTP/2 www.adcryp.com/wp-content/uploads/2022/06/140x48-1.png
IP
File type PNG image data, 140 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 84d31ab6be282466c2d40f7287f06e44
0a8661c3632f9adfd0bc9f9bffdf294357e0a3c1
1edb37c7fceba079120b449ba916ad9a18b1a964f4db9b0bfcde598270e09a89
GET /wp-content/uploads/2022/06/140x48-1.png HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: image/png
last-modified: Sat, 11 Jun 2022 10:48:49 GMT
accept-ranges: bytes
content-length: 7351
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
200 OK 4.6 kB URL HTTP/2 www.adcryp.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 15:26:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/uploads/2022/06/adcryplogo-1.png
200 OK 5.9 kB URL HTTP/2 www.adcryp.com/wp-content/uploads/2022/06/adcryplogo-1.png
IP
File type PNG image data, 272 x 90, 8-bit colormap, non-interlaced\012- data
Hash 15a9ca65ad90d509e640a582b71acd8f
7b6476b39a288813e2a134878a957fa52f2b4f95
769f0f9f82fc0b6f07529e4656a1a92c0960c90364eea0196c624ff411d1822d
GET /wp-content/uploads/2022/06/adcryplogo-1.png HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: image/png
last-modified: Sat, 11 Jun 2022 10:02:05 GMT
accept-ranges: bytes
content-length: 5872
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/plugins/featured-image-from-url/includes/html/css/woo.css?ver=4.2.1
200 OK 76 B URL HTTP/2 www.adcryp.com/wp-content/plugins/featured-image-from-url/includes/html/css/woo.css?ver=4.2.1
IP
Hash 5af8a2f8eb524e0c5ac1020b9c2cf464
b17367b8000987c444fbc2cf5195ffb6240df49a
0414033fcf612b5f7da12c2ec3c6ad1289929a7dd8c8650e6a8918cf714cff73
GET /wp-content/plugins/featured-image-from-url/includes/html/css/woo.css?ver=4.2.1 HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: text/css
last-modified: Thu, 24 Nov 2022 18:48:42 GMT
accept-ranges: bytes
content-length: 76
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/plugins/td-woo/assets/css/td-woo-front.css?ver=cc2aece1db4d5219b16cec92ca9c4ee2x
200 OK 2.6 kB URL HTTP/2 www.adcryp.com/wp-content/plugins/td-woo/assets/css/td-woo-front.css?ver=cc2aece1db4d5219b16cec92ca9c4ee2x
IP
Hash bf5501f68bb81b9c66a1b7e2986978e0
280ddfed02c58f36db6368c4a8ccab576afbb778
48e5c03b301781e6a2f06f301fe807bcd0f468e9d81e1c08412d4bc2f014afc8
GET /wp-content/plugins/td-woo/assets/css/td-woo-front.css?ver=cc2aece1db4d5219b16cec92ca9c4ee2x HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: text/css
last-modified: Fri, 17 Jun 2022 14:20:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2570
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/uploads/2022/06/140x48.png
200 OK 7.4 kB URL HTTP/2 www.adcryp.com/wp-content/uploads/2022/06/140x48.png
IP
File type PNG image data, 140 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 84d31ab6be282466c2d40f7287f06e44
0a8661c3632f9adfd0bc9f9bffdf294357e0a3c1
1edb37c7fceba079120b449ba916ad9a18b1a964f4db9b0bfcde598270e09a89
GET /wp-content/uploads/2022/06/140x48.png HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: image/png
last-modified: Sat, 11 Jun 2022 10:25:39 GMT
accept-ranges: bytes
content-length: 7351
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
200 OK 3.7 kB URL HTTP/2 www.adcryp.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP
File type HTML document, ASCII text, with very long lines (12310), with no line terminators
Hash dc6411bfa6891b75944f0074c945752d
03c1a8b686c287068c61ab90f58d905496d65085
96abeabc9cc7b4c2b7d46579f2827c67ccd02fbaef0343ae052f71accd381b0d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: application/javascript
last-modified: Wed, 19 Oct 2022 13:16:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3706
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
200 OK 4.0 kB URL HTTP/2 www.adcryp.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=32b0396dacab6790bdbb765eba5d6338
200 OK 58 kB URL HTTP/2 www.adcryp.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=32b0396dacab6790bdbb765eba5d6338
IP
Hash de688ca7c013942b6c9632fc754e1077
d279a4b705e46c5669cafd14111b5a2a6d381aa9
f08a5a3b69e3224bdc857fb3749c1327c73cef2beada9b26c894ccc78265fb1c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=32b0396dacab6790bdbb765eba5d6338 HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: text/css
last-modified: Sat, 11 Jun 2022 09:34:35 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 58372
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
200 OK 2.8 kB URL HTTP/2 www.adcryp.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP
File type ASCII text, with very long lines (9937), with no line terminators
Hash 4317b1c024df372435f6482deadddeb3
5c8824a17e40a44ea8fc51568b98bdb1e2e7fab5
3798fb16289ba55459fb6d3b2efa915e3c019c5942759abb7bd19a0ef622b85d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: application/javascript
last-modified: Wed, 19 Oct 2022 13:16:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2817
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.1.0
200 OK 677 B URL HTTP/2 www.adcryp.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.1.0
IP
File type ASCII text, with very long lines (2139), with no line terminators
Hash a43fc0dde8fdd69656ad0957e62849c7
4b07cf702ac8a770c8cbffc22b9a788b6e5389ba
1ce3d0493424870c81deec0ec41de0592d2af9f91cd8081cd40a1d7ea89b614f
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.1.0 HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: application/javascript
last-modified: Tue, 18 May 2021 21:00:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 677
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.1.0
200 OK 972 B URL HTTP/2 www.adcryp.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.1.0
IP
File type HTML document, ASCII text, with very long lines (3029), with no line terminators
Hash 5ed77e0c59800f40061b5c322cff21fa
ced9d401d300dd1fc676a673bbf7e6360beb402d
3b284b8a096256e6cd0d9cbf2cb4b36505e71c0d7b2227fcd3132dddbeea18cc
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.1.0 HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: application/javascript
last-modified: Wed, 19 Oct 2022 00:34:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 972
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.1.0
200 OK 899 B URL HTTP/2 www.adcryp.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.1.0
IP
File type ASCII text, with very long lines (1668)
Hash 22d65ba38528349e705d912ce26bf8ac
c89ba006009043d93b88ff155b4fec8797330550
6253bcb85e4267ad3ba843145534e729ee2c1d7e85e5b4ab5b2e074ae636bca3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.1.0 HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: application/javascript
last-modified: Wed, 20 Jan 2021 04:55:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 899
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0
200 OK 3.2 kB URL HTTP/2 www.adcryp.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0
IP
File type ASCII text, with very long lines (9111)
Hash 078e27719ab2b91e57a3d06d05bf24d8
ee2c8af72d9dbb148d4101a374f6026d0c9c3044
1c8b599f3f7bfa8d7950d95a171f2c873d051960a91c91e22304293596e5b890
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0 HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: application/javascript
last-modified: Wed, 19 Oct 2022 00:34:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3247
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-includes/js/underscore.min.js?ver=1.13.4
200 OK 7.2 kB URL HTTP/2 www.adcryp.com/wp-includes/js/underscore.min.js?ver=1.13.4
IP
File type ASCII text, with very long lines (18798)
Hash f4bb18d2e152ba945cb63980362f40e9
925f93a6c4ee411e97d8dc3186f9d66c4b5169ab
16ab496a6c74f5f272f7a5c31e9cb69c753fea994396ef6deacf641180ad317b
GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 08:04:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7179
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=4173294bcf58591c4439ff8ccd792f1ex
200 OK 1.9 kB URL HTTP/2 www.adcryp.com/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=4173294bcf58591c4439ff8ccd792f1ex
IP
File type ASCII text, with very long lines (543)
Hash 4edbc729d471a199d42fcdf85bda8867
20c0716dffdb5e2bce8083056dad81dbeec41730
2fed1eb5bc5274920feef94c205ed209f94d23953cff4ab014dad6206f8733c3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=4173294bcf58591c4439ff8ccd792f1ex HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: application/javascript
last-modified: Sat, 11 Jun 2022 09:34:21 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1853
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0
200 OK 934 B URL HTTP/2 www.adcryp.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0
IP
File type ASCII text, with very long lines (2938), with no line terminators
Hash cf25dd071a208312bdc07f34d2cee027
76119563119eaae392ecc8903c989d98d0b93002
8635ba2cad8f887e72779bd526f8738ff6343c74cba715caf2eddea383ba7ce6
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0 HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: application/javascript
last-modified: Wed, 24 Nov 2021 03:30:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 934
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-includes/js/comment-reply.min.js?ver=6.1.1
200 OK 1.2 kB URL HTTP/2 www.adcryp.com/wp-includes/js/comment-reply.min.js?ver=6.1.1
IP
File type ASCII text, with very long lines (2946)
Hash 7d8acf37582bf5212cbf4e31105de2ac
19581f31ceed66b11804eb6a2b3d00d43f73f071
d48d28cdb9d3dd8b812129663e5cc8b373b67629e2e65988d2b274960f7b847f
GET /wp-includes/js/comment-reply.min.js?ver=6.1.1 HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: application/javascript
last-modified: Sat, 09 Apr 2022 05:37:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1228
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.5.1
200 OK 62 kB URL HTTP/2 www.adcryp.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.5.1
IP
File type ASCII text, with very long lines (670)
Hash 59ce4486311c4c3b21e271477855e4d9
7cb4990ec57034172c7c3505cd6b3923ded550c5
51d72e5eef64bd08d5a601c7c40ca84e11dcecf95e5ba6b5c36a095dce231e86
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.5.1 HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: application/javascript
last-modified: Sat, 11 Jun 2022 09:34:15 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 61906
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/plugins/td-subscription/assets/js/js_files_for_front.min.js?ver=1.3.1
200 OK 7.7 kB URL HTTP/2 www.adcryp.com/wp-content/plugins/td-subscription/assets/js/js_files_for_front.min.js?ver=1.3.1
IP
File type ASCII text, with very long lines (545)
Hash ef6d8050fcf1a3d07694692be9ecb1b8
02746c8f495c1e68a1b959f6060a58b4ea97b065
74da44019313a12bced599cc8bcb0514cbb7cbbc787954def1f50bf9118fd504
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/td-subscription/assets/js/js_files_for_front.min.js?ver=1.3.1 HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: application/javascript
last-modified: Fri, 17 Jun 2022 14:20:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7734
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/plugins/td-woo/assets/js/js_external_files_for_front.min.js?ver=cc2aece1db4d5219b16cec92ca9c4ee2x
200 OK 7.4 kB URL HTTP/2 www.adcryp.com/wp-content/plugins/td-woo/assets/js/js_external_files_for_front.min.js?ver=cc2aece1db4d5219b16cec92ca9c4ee2x
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (598)
Hash 549515df24f8cfe60f7f6b6c411ea4a9
3a91cf30b5236341dd316ac3150cd60ef77928d8
484048c9a4d406fb1f6d7d3fff6793230fb9f3474c8d0668f45b5ff81a79cb9a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/td-woo/assets/js/js_external_files_for_front.min.js?ver=cc2aece1db4d5219b16cec92ca9c4ee2x HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: application/javascript
last-modified: Fri, 17 Jun 2022 14:20:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7411
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=4173294bcf58591c4439ff8ccd792f1ex
200 OK 9.0 kB URL HTTP/2 www.adcryp.com/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=4173294bcf58591c4439ff8ccd792f1ex
IP
File type ASCII text, with very long lines (1037)
Hash e24128fd989ee54c9eeff9dc203a5646
80b5712c9582a58a0859c9f36ceb0485ac9ea2b3
3fa56992db69ba418aaf28aeeda23dd2384c723d6a119bd6eef1d251b4a6617f
GET /wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=4173294bcf58591c4439ff8ccd792f1ex HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: application/javascript
last-modified: Sat, 11 Jun 2022 09:34:21 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9022
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/plugins/td-woo/assets/js/js_files_for_front.min.js?ver=cc2aece1db4d5219b16cec92ca9c4ee2x
200 OK 6.5 kB URL HTTP/2 www.adcryp.com/wp-content/plugins/td-woo/assets/js/js_files_for_front.min.js?ver=cc2aece1db4d5219b16cec92ca9c4ee2x
IP
File type ASCII text, with very long lines (552)
Hash ff16bf40a52c825c2e44dd4d2708fd83
fcebd62cfd9db9b3fcf39f721debad0b277898cc
fc05d773c4a102ffe46b6e8f33d36aa2f696bace735929cb52ae152a883d3596
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/td-woo/assets/js/js_files_for_front.min.js?ver=cc2aece1db4d5219b16cec92ca9c4ee2x HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: application/javascript
last-modified: Fri, 17 Jun 2022 14:20:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6467
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=4.2.1
200 OK 918 B URL HTTP/2 www.adcryp.com/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=4.2.1
IP
Hash ff98a2d5f2f2ad26eb5e4ac74aa9702b
83bf52f910c78babbe737914acc7e36a8b0f35df
9158326d8570a2ac4ecf0d34c7befd54bb857a0c139a3e19dd19bf894642ec89
GET /wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=4.2.1 HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 18:48:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 918
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: b3venSp23LwIpvNEW9AcNw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 09m03B2O6njOC/+oKpQyd9Mo+Ek=
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d61883097c47c0fcb4a15cafc5bdbdfc
54411aba43093cafd1cb2acea7c2b4c69184611f
0aef2b974544f530bd591dd0201909a9c2a6b3f4451c69288bafc126d9a37e2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.adcryp.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=7.1.0
200 OK 1.1 kB URL HTTP/2 www.adcryp.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=7.1.0
IP
File type ASCII text, with very long lines (7043), with no line terminators
Hash 398489038b789364a5c83f044e11974d
d5caf5f64c45693de65b5c0a801bfbf83a325485
32365dde0c909abbb02d8b6a8d9938056ba47f325d51e75082e3d265ce5f76d5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=7.1.0 HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: text/css
last-modified: Wed, 17 Feb 2021 04:11:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1058
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/uploads/2022/06/mobile-bg.jpg
200 OK 44 kB URL HTTP/2 www.adcryp.com/wp-content/uploads/2022/06/mobile-bg.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 380x600, components 3\012- data
Hash f4165b73eb595d2368fcfa906eee0a02
98c7a137aee2b0fcf75459f5682dc3adabd4d1d0
f132a3b6e8c8de07e8491ce98f184a952823c139df20446f61a1a9daca060a49
GET /wp-content/uploads/2022/06/mobile-bg.jpg HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: image/jpeg
last-modified: Sat, 11 Jun 2022 08:23:49 GMT
accept-ranges: bytes
content-length: 43989
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png
200 OK 4.1 kB URL HTTP/2 www.adcryp.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png
IP
File type PNG image data, 90 x 2100, 8-bit colormap, non-interlaced\012- data
Hash be2df2724b9e7f4c7eb78bf6bc57d9e2
5ba841b8b7cf210ada1a45d80bfb5c6d12ff2b81
277c84697b5039a7583a843ba2e6b784354925898a15056c8d975b696d2e7c2c
GET /wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=6ea45b81e47c58269b68289d05535e19x
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: image/png
last-modified: Sat, 11 Jun 2022 09:34:15 GMT
accept-ranges: bytes
content-length: 4149
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?20
200 OK 29 kB URL HTTP/2 www.adcryp.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?20
IP
File type Web Open Font Format, TrueType, length 28732, version 0.0\012- data
Hash 2192d5f834e8b672a73d67cad66e79f6
ddf3eb377defc2ca0a2a09d3f41da2d006303e13
c70da34747fb31860fa118ff5d6736f81661838a0f50f077aa29d63ad7b00e4a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Newspaper/images/icons/newspaper.woff?20 HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.adcryp.com/wp-content/themes/Newspaper/style.css?ver=11.5.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: font/woff
last-modified: Sat, 11 Jun 2022 09:34:08 GMT
accept-ranges: bytes
content-length: 28732
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.adcryp.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:52:41 GMT
expires: Tue, 05 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 295580
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.adcryp.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:34:15 GMT
expires: Thu, 07 Dec 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 120286
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.adcryp.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:54 GMT
expires: Thu, 07 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 120308
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.adcryp.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:34:15 GMT
expires: Thu, 07 Dec 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 120287
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.adcryp.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:56 GMT
expires: Thu, 07 Dec 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 120306
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 16248, version 1.0\012- data
Hash 32716a5cfa3f66cf0e1d74d60694c4ad
ba7958726a7c60abfe42b469c3ce5a7074e4b8fb
ea1b915d9a1f79eefb62e5c9c1af97e12adacc44deac97601105bdd2d2c46798
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.adcryp.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 21:04:21 GMT
expires: Tue, 05 Dec 2023 21:04:21 GMT
cache-control: public, max-age=31536000
age: 287681
last-modified: Mon, 15 Aug 2022 18:11:29 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/uploads/2022/06/500x500-300x300.png
200 OK 30 kB URL HTTP/2 www.adcryp.com/wp-content/uploads/2022/06/500x500-300x300.png
IP
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash f0e40e7358398290e3cd4f2e17ddd0d8
578739c86626d7bf84f2bd4340109921d0929d8e
1c9fdac8df81f8d638b521d712e1bc2c87eb8f24a3fce8496fec98b90d9b017b
GET /wp-content/uploads/2022/06/500x500-300x300.png HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:02 GMT
content-type: image/png
last-modified: Sun, 26 Jun 2022 03:34:26 GMT
accept-ranges: bytes
content-length: 30424
date: Fri, 09 Dec 2022 04:59:02 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/uploads/2022/06/500x500-100x100.png
200 OK 5.5 kB URL HTTP/2 www.adcryp.com/wp-content/uploads/2022/06/500x500-100x100.png
IP
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash fbec35b76501de319e1c53917ea44806
f25db7490726ece19ed0bead3f39aa59c9a16a25
cc0d08ea6dd076aff77795d50b9b719f70b9fc48fa48ef7731daa92cde1530ef
GET /wp-content/uploads/2022/06/500x500-100x100.png HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:02 GMT
content-type: image/png
last-modified: Sun, 26 Jun 2022 03:34:26 GMT
accept-ranges: bytes
content-length: 5510
date: Fri, 09 Dec 2022 04:59:02 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash eb55f39db4f2d0f259015f45c8844e10
00d0b4829e4e06845ff716495d8e527acec207bb
7c62d339eaa22d9f36d58b85678bc3ae4ff4915c862aba744c34ccc4f26e4c12
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C62D339EAA22D9F36D58B85678BC3AE4FF4915C862ABA744C34CCC4F26E4C12"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3656
Expires: Fri, 09 Dec 2022 05:59:58 GMT
Date: Fri, 09 Dec 2022 04:59:02 GMT
Connection: keep-alive
news.weatherplllatform.com/counters.js?v=11.23
200 OK 1.5 kB URL HTTP/1.1 news.weatherplllatform.com/counters.js?v=11.23
IP
File type ASCII text, with very long lines (4140), with no line terminators
Hash 8ecb46e68d7ee2b249a6f0bd4ecabc88
e0d5a9f07ca629f4c4ac7154095bd419826ed245
16f62d801d81aa35dcebf8da2b88904663904c38d6ae8830be4f5db1d66bd22f
GET /counters.js?v=11.23 HTTP/1.1
Host: news.weatherplllatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 04:59:02 GMT
Content-Type: application/javascript
Last-Modified: Fri, 25 Nov 2022 04:49:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"63804953-102c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
www.adcryp.com/?wc-ajax=get_refreshed_fragments
200 OK 258 B URL HTTP/2 www.adcryp.com/?wc-ajax=get_refreshed_fragments
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash a53c9e21433ddd55d24702925a2e6aba
053fb53f5ed76ddc3e791bbce6a1f5651307e030
cf3385ae2cddc139c22ec8c9bdeb5055825a52c2bdbf8ecb158e093020c05a6f
Analyzer Verdict Alert fortinet Malware
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://www.adcryp.com
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.adcryp.com
access-control-allow-credentials: true
x-content-type-options: nosniff
x-robots-tag: noindex
x-litespeed-tag: bfd_HTTP.200,bfd_HTTP.200
content-type: application/json; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-litespeed-cache-control: no-cache
content-length: 258
date: Fri, 09 Dec 2022 04:59:02 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6e04ee5a73ab6de4d6bc1ab7b8f73618
4c1d83b3a9182631b40571c0f555870b8282f43e
4569091916a887e37a770e54d629744b7ead410d5cd39816af269e89fd136251
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4569091916A887E37A770E54D629744B7EAD410D5CD39816AF269E89FD136251"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6039
Expires: Fri, 09 Dec 2022 06:39:41 GMT
Date: Fri, 09 Dec 2022 04:59:02 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4995
Expires: Fri, 09 Dec 2022 06:22:17 GMT
Date: Fri, 09 Dec 2022 04:59:02 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4995
Expires: Fri, 09 Dec 2022 06:22:17 GMT
Date: Fri, 09 Dec 2022 04:59:02 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4995
Expires: Fri, 09 Dec 2022 06:22:17 GMT
Date: Fri, 09 Dec 2022 04:59:02 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg
200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eb00a2a503a690cee3e4dd729b5bc9bd
cfb1e5bcab2148a777889680e6e36b9d7e8917ec
7e4583ae78ab597639f53669ac2d67d1ebd26be3278c2fc3fc95af934178c116
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7960
x-amzn-requestid: beadd240-39d0-407d-a890-6a095657cac3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEd8HC0oAMFUag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb459-44d4f63c62f58684782ef14a;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kTEbkncBnAJmQE8cdAqvDtejiwaetpRBsVcpLXy1h52lO4iUkzmOGA==
via: 1.1 74aa91fe819001bcedd882694f52b436.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 16:28:48 GMT
age: 45014
etag: "cfb1e5bcab2148a777889680e6e36b9d7e8917ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06514ce96ae21cb01f526a5febdcbeb4
ebb97e5b97f394e8c67098f55581d5329ce819a2
4099a2fb6ddc4feaa30f357a180d64aeb7c9fc73f115fc762d5fe5c221d2e89e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5169
x-amzn-requestid: 277a1b04-4e19-4313-8aac-5f9ab9076305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEdkFGrIAMFvHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb456-5b21edd57297665012d536cc;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xi-bshsYa4LlKbJgAt0h-lPnB_5uQbqln5JGBRE8io2Fp1y41cS9xg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:08:48 GMT
age: 3014
etag: "ebb97e5b97f394e8c67098f55581d5329ce819a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45e0c1638ad919bde19731f7987ab064
1e492807c665e6e6b24ec6ce19035fdfc6f23b92
f0d3738ec8406958470c8fd152a02a123d7654c30f974c1df5c4977a380c2d62
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10205
x-amzn-requestid: c5704c7a-60c4-402b-8018-5885a8dae971
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F9BIAMF3ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-3e9573d900714e3250f43e17;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mLTL7L808-OguYGrl3FUvwmFmPQjBPRj7PVfgEheFHWg4g4skoBvOg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 00:33:39 GMT
age: 15923
etag: "1e492807c665e6e6b24ec6ce19035fdfc6f23b92"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7b1b2f1-0b18-4097-a282-a7ddd9b33b97.jpeg
200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7b1b2f1-0b18-4097-a282-a7ddd9b33b97.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3cb7655c8fe89a83f0096c51684aa21c
4946fcab2a99d926c45abaecf8f97b6214dee0cd
60a3066f2dcc2f696413ecec56ef1d0c1a9392f6845fac5c4319b8b9e02074fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7b1b2f1-0b18-4097-a282-a7ddd9b33b97.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6637
x-amzn-requestid: a1b14c0b-ceb5-4a3e-9dec-2503a0841bd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZPMEQJoAMF6uQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2d-1aec46bb5d73f0c47c824174;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rft2LEct9jDCAiIawPp0pGAg7S-bDRqXWxzM4H28FFqN2bS6TYwV7A==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:59:55 GMT
age: 25147
etag: "4946fcab2a99d926c45abaecf8f97b6214dee0cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c8ed2c5-144c-4fce-bb57-7d9918c1ab31.jpeg
200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c8ed2c5-144c-4fce-bb57-7d9918c1ab31.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 44ed82780732ed682ee46b2df52b3ca2
0b3fe77e142178561b28c93b94b1aea2e1c395a5
383da5ca2927044c69ff1d10b630fe3439ca48f1845031ef1b6607fcd054c54b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c8ed2c5-144c-4fce-bb57-7d9918c1ab31.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4049
x-amzn-requestid: dbde9a26-7609-43b7-a9a5-6e4d2f559989
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpwRFHIooAMFVmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d60d3-5f5131b8315a458d18cdc70f;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6_KiAcPwtB6XJyanlunX6qvT9jdlEgMPMdGHM10HmJwQ2Ue_pDsCXg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 12:37:33 GMT
age: 58889
etag: "0b3fe77e142178561b28c93b94b1aea2e1c395a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F042317d8-45b6-4c5f-8767-ff9367c24193.jpeg
200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F042317d8-45b6-4c5f-8767-ff9367c24193.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 46275ec87d8221804dbb99f95b035131
c47af4e5770daad212f4290527b00321285105f8
2118ec68c738683d8f7e11b95239ca92fda2b9b5054aa7b128267eec0d0634c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F042317d8-45b6-4c5f-8767-ff9367c24193.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8803
x-amzn-requestid: e8516be3-5ce9-4f15-b522-c81c1e57a0e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjtK9GavoAMFjpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af579-538cc8f300938698004f2241;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:06:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MiOdXHxd9Vmeji8Yqd8LG_EqYoMGf0YBy6by9bhfjb12y1OxKVvvqw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 12:36:28 GMT
age: 58954
etag: "c47af4e5770daad212f4290527b00321285105f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
js.interestmoments.com/scripts/count.js
200 OK 1.7 kB URL HTTP/1.1 js.interestmoments.com/scripts/count.js
IP
ASN #50321 FOP Reznichenko Sergey Mykolayovich
File type ASCII text, with very long lines (4587), with no line terminators
Hash 604404f904668bba5c2412748523a5b2
fb364d5fdabc9781a35d270f72502c3329bd7e43
cf4051550888255f110d596d59a1ecf8c5c961c32322d844604c6affc2f6f9fe
GET /scripts/count.js HTTP/1.1
Host: js.interestmoments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 04:59:02 GMT
Content-Type: application/javascript
Last-Modified: Fri, 25 Nov 2022 05:06:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63804d4a-11eb"
Expires: Mon, 19 Dec 2022 04:59:02 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4c016f47c9f5f4d879a4d01089fee585
6f9b5b2fe48c9769401ea5367d33cb51f57ea7e6
6f7dd84273e1ffb40ce8a97996038af95d949a2cfe6031feb866cb9d73fc54db
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6F7DD84273E1FFB40CE8A97996038AF95D949A2CFE6031FEB866CB9D73FC54DB"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2037
Expires: Fri, 09 Dec 2022 05:33:00 GMT
Date: Fri, 09 Dec 2022 04:59:03 GMT
Connection: keep-alive
long.interestmoments.com/go/away.php?id=9689546-75-934597645&pid=2324&lid=7933345&from=google
302 Found 0 B URL HTTP/1.1 long.interestmoments.com/go/away.php?id=9689546-75-934597645&pid=2324&lid=7933345&from=google
IP
ASN #50321 FOP Reznichenko Sergey Mykolayovich
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/away.php?id=9689546-75-934597645&pid=2324&lid=7933345&from=google HTTP/1.1
Host: long.interestmoments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 09 Dec 2022 04:59:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://long.interestmoments.com/go/away.php?id=987730385-23-683234&pid=7856&lid=07882367658&jid=67852&from=Spaniel
Access-Control-Allow-Origin: *
long.interestmoments.com/go/away.php?id=987730385-23-683234&pid=7856&lid=07882367658&jid=67852&from=Spaniel
200 OK 440 B URL HTTP/1.1 long.interestmoments.com/go/away.php?id=987730385-23-683234&pid=7856&lid=07882367658&jid=67852&from=Spaniel
IP
ASN #50321 FOP Reznichenko Sergey Mykolayovich
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash d282386a919dab7821ecb8af2c2be991
cb29f509dd65f520b4b8d72ee0c2b560a2c360b0
6403ec35140c92ba51786815e1505a33606ae5e76f33d13e5f64ed83ff5c2179
GET /go/away.php?id=987730385-23-683234&pid=7856&lid=07882367658&jid=67852&from=Spaniel HTTP/1.1
Host: long.interestmoments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.adcryp.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 04:59:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash c04f51cc41113a5b6da0a567c833fe9d
40ea8909f2aac96032417bb8fb892e4146e3ba89
3608749bb21624365f699232f44c1cb4d316c97c39008d0514f70d5968b21a4b
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 09 Dec 2022 04:59:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 08 Dec 2022 21:59:17 GMT
Expires: Fri, 09 Dec 2022 21:59:17 GMT
ETag: "40ea8909f2aac96032417bb8fb892e4146e3ba89"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
track.wg-aff.com/click?pid=1287&offer_id=79&ref_id=i0t495jkwe4935d8qj7d&sub1=EZ46KGBJ6R
302 Found 0 B URL HTTP/2 track.wg-aff.com/click?pid=1287&offer_id=79&ref_id=i0t495jkwe4935d8qj7d&sub1=EZ46KGBJ6R
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=1287&offer_id=79&ref_id=i0t495jkwe4935d8qj7d&sub1=EZ46KGBJ6R HTTP/1.1
Host: track.wg-aff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 09 Dec 2022 04:59:04 GMT
content-length: 0
location: https://trck.wargaming.net/dyrd6ukh/?t=1&pub_id=1287&xid=6392c09853cc3e0001d5e460&xid_param1=EZ46KGBJ6R&xid_param_2=
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=6392c09853cc3e0001d5e460; expires=Sat, 09 Dec 2023 04:59:04 GMT; secure; SameSite=None
afoffers={"79":1670561944}; expires=Sat, 09 Dec 2023 04:59:04 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 29ee0a76851abb56bc5a46a9bb0903b6
35fc7bbca8c74b10c88f08ea12a0dddbe5badffe
4022c7570f45a317c8f027ada807695a87b2dca9aa18b1c97669dc34cacf3a5f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6411
Cache-Control: max-age=109870
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:04 GMT
Etag: "6391b1bb-1d7"
Expires: Sat, 10 Dec 2022 11:30:14 GMT
Last-Modified: Thu, 08 Dec 2022 09:43:23 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
trck.wargaming.net/dyrd6ukh/?t=1&pub_id=1287&xid=6392c09853cc3e0001d5e460&xid_param1=EZ46KGBJ6R&xid_param_2=
301 Moved Permanently 22 B URL HTTP/1.1 trck.wargaming.net/dyrd6ukh/?t=1&pub_id=1287&xid=6392c09853cc3e0001d5e460&xid_param1=EZ46KGBJ6R&xid_param_2=
IP
ASN #199524 G-Core Labs S.A.
File type ASCII text, with no line terminators
Hash 0e0bf67572311f8a23814419ff24ee9a
78328dfc54708433cdfb3e7857e57f87ec443b08
c5f6c267ba4a2964fff5d304d4a1e79c371ce30d32eaf017b3bb40becccd58d2
GET /dyrd6ukh/?t=1&pub_id=1287&xid=6392c09853cc3e0001d5e460&xid_param1=EZ46KGBJ6R&xid_param_2= HTTP/1.1
Host: trck.wargaming.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 09 Dec 2022 04:59:04 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 22
Connection: keep-alive
Location: https://join.worldoftanks.eu/1648131357/no/?t=1&pub_id=1287&xid=6392c09853cc3e0001d5e460&xid_param1=EZ46KGBJ6R&xid_param_2=&sid=SIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg&enctid=cox0sal9a4ex&lpsn=WOT+WW+LMS+Videoback+Neutral+TP+542839&foris=1&teclient=1670561944488626193&utm_source=wlap&utm_medium=affiliate&utm_campaign=dyrd6ukh&utm_content=1287
Set-Cookie: STIDREFERRAL=SIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg; Domain=wargaming.net; Max-Age=2592000; Path=/; SameSite=None; Secure
enctid=cox0sal9a4ex; Domain=wargaming.net; Max-Age=2592000; Path=/; SameSite=None; Secure
teclient=1670561944488626193; Domain=wargaming.net; Max-Age=315360000; Path=/; SameSite=None; Secure
Cache-Control: no-cache
ocsp.digicert.com/
200 OK 471 B IP
Hash e8ee1f12461ceb53a3f9ea48d5038e80
3f8d6a85777e272f42dc0d4b333888dd59a896b6
f60b175e83d9b9409883b9026f681435d20e4e77a787e457e286fb35d0a6135e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3374
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:04 GMT
Etag: "63919c99-1d7"
Last-Modified: Fri, 09 Dec 2022 04:02:50 GMT
Server: ECS (amb/6BB1)
X-Cache: HIT
Content-Length: 471
join.worldoftanks.eu/1648131357/no/?t=1&pub_id=1287&xid=6392c09853cc3e0001d5e460&xid_param1=EZ46KGBJ6R&xid_param_2=&sid=SIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg&enctid=cox0sal9a4ex&lpsn=WOT+WW+LMS+Videoback+Neutral+TP+542839&foris=1&teclient=1670561944488626193&utm_source=wlap&utm_medium=affiliate&utm_campaign=dyrd6ukh&utm_content=1287
200 OK 14 kB URL HTTP/1.1 join.worldoftanks.eu/1648131357/no/?t=1&pub_id=1287&xid=6392c09853cc3e0001d5e460&xid_param1=EZ46KGBJ6R&xid_param_2=&sid=SIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg&enctid=cox0sal9a4ex&lpsn=WOT+WW+LMS+Videoback+Neutral+TP+542839&foris=1&teclient=1670561944488626193&utm_source=wlap&utm_medium=affiliate&utm_campaign=dyrd6ukh&utm_content=1287
IP
ASN #199524 G-Core Labs S.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (46383)
Hash 714c16a53bf8b896d468f121d899d66b
9b4d7d05af6899df050ebd27f8eef0f7f234af26
35247c047d94856416e9ae51f0f0efcc83ebda2fdc778d38f9e38d33c2bd0ca0
GET /1648131357/no/?t=1&pub_id=1287&xid=6392c09853cc3e0001d5e460&xid_param1=EZ46KGBJ6R&xid_param_2=&sid=SIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg&enctid=cox0sal9a4ex&lpsn=WOT+WW+LMS+Videoback+Neutral+TP+542839&foris=1&teclient=1670561944488626193&utm_source=wlap&utm_medium=affiliate&utm_campaign=dyrd6ukh&utm_content=1287 HTTP/1.1
Host: join.worldoftanks.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 04:59:04 GMT
Content-Type: text/html
Last-Modified: Fri, 01 Jul 2022 12:07:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62bee382-e8bf"
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d61883097c47c0fcb4a15cafc5bdbdfc
54411aba43093cafd1cb2acea7c2b4c69184611f
0aef2b974544f530bd591dd0201909a9c2a6b3f4451c69288bafc126d9a37e2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash bf8858fa52de668b0013cf9ce66d290c
9c319173ee6a48c6e717e9e8764008564aabe7ba
93df528ead5887cbbcf51f83c9e6ffa451861ae3145296ab3dfc269067080933
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash a41e24cdf52863488ce3f726e924a75b
196943c8d670dacc72fc0bc7bdf6abaac2ac62d3
1cb7532573d30a43c24bd116e5da820ad8aa4afbc779271bf7ef02b0c33e2f2b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6478
Cache-Control: max-age=104178
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:04 GMT
Etag: "63919b3d-1d7"
Expires: Sat, 10 Dec 2022 09:55:22 GMT
Last-Modified: Thu, 08 Dec 2022 08:07:25 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash a41e24cdf52863488ce3f726e924a75b
196943c8d670dacc72fc0bc7bdf6abaac2ac62d3
1cb7532573d30a43c24bd116e5da820ad8aa4afbc779271bf7ef02b0c33e2f2b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6478
Cache-Control: max-age=104178
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:04 GMT
Etag: "63919b3d-1d7"
Expires: Sat, 10 Dec 2022 09:55:22 GMT
Last-Modified: Thu, 08 Dec 2022 08:07:25 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash a41e24cdf52863488ce3f726e924a75b
196943c8d670dacc72fc0bc7bdf6abaac2ac62d3
1cb7532573d30a43c24bd116e5da820ad8aa4afbc779271bf7ef02b0c33e2f2b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6241
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:04 GMT
Last-Modified: Fri, 09 Dec 2022 03:15:03 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash a41e24cdf52863488ce3f726e924a75b
196943c8d670dacc72fc0bc7bdf6abaac2ac62d3
1cb7532573d30a43c24bd116e5da820ad8aa4afbc779271bf7ef02b0c33e2f2b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4061
Cache-Control: max-age=101762
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:04 GMT
Etag: "63919b3d-1d7"
Expires: Sat, 10 Dec 2022 09:15:06 GMT
Last-Modified: Thu, 08 Dec 2022 08:07:25 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash a41e24cdf52863488ce3f726e924a75b
196943c8d670dacc72fc0bc7bdf6abaac2ac62d3
1cb7532573d30a43c24bd116e5da820ad8aa4afbc779271bf7ef02b0c33e2f2b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1414
Cache-Control: max-age=99115
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:04 GMT
Etag: "63919b3d-1d7"
Expires: Sat, 10 Dec 2022 08:30:59 GMT
Last-Modified: Thu, 08 Dec 2022 08:07:25 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
www.googletagmanager.com/gtm.js?id=GTM-58QVDL8
200 OK 107 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-58QVDL8
IP
File type ASCII text, with very long lines (46280)
Size 107 kB (107395 bytes)
Hash cd2e2cd92534f00dfcae1234cd3296cc
c58f4144c57ede18345e5e94bd4c3403027906e6
d777259e30a4061483306f6a79874acfc174420cd32a17ecf560c2dcaf77bcb1
GET /gtm.js?id=GTM-58QVDL8 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Dec 2022 04:59:04 GMT
expires: Fri, 09 Dec 2022 04:59:04 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 107395
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lms-static.wgcdn.co/videoback-ongoing-eu-wothq-1691/04b0ba212e17098cc7786c56bca5d832_1600946934.png
200 OK 6.7 kB URL HTTP/2 lms-static.wgcdn.co/videoback-ongoing-eu-wothq-1691/04b0ba212e17098cc7786c56bca5d832_1600946934.png
IP
ASN #199524 G-Core Labs S.A.
File type PNG image data, 248 x 110, 8-bit colormap, non-interlaced\012- data
Hash 91f01fe893320cb394fc52461a1b24a5
f43616cd9e85af6a2a73a914a44085662d123807
3038bb7d8adebbe73e330bbea5739b04efe6b04d5a1d81db314bd29251813967
GET /videoback-ongoing-eu-wothq-1691/04b0ba212e17098cc7786c56bca5d832_1600946934.png HTTP/1.1
Host: lms-static.wgcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:59:04 GMT
content-type: image/png
content-length: 6662
last-modified: Thu, 24 Sep 2020 11:28:54 GMT
etag: "5f6c82f6-1a06"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-23T11:39:40+00:00
x-id: sto5-up-gc11
accept-ranges: bytes
X-Firefox-Spdy: h2
lms-static.wgcdn.co/videoback-ongoing-eu-wothq-1691/f649b2f12a074726bf8db29fe5633628_1639483774.png
200 OK 14 kB URL HTTP/2 lms-static.wgcdn.co/videoback-ongoing-eu-wothq-1691/f649b2f12a074726bf8db29fe5633628_1639483774.png
IP
ASN #199524 G-Core Labs S.A.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 208x208, components 3\012- data
Hash 87d3c37b826fc0c8237c8e716934f6b2
79632ce4b4f0f1cbe6a0ac9081dba9924b4d0cd0
5dd52ce85650d9cc13997187633c865d7284e628f3f28af2ce38896d8d7d3da0
GET /videoback-ongoing-eu-wothq-1691/f649b2f12a074726bf8db29fe5633628_1639483774.png HTTP/1.1
Host: lms-static.wgcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:59:04 GMT
content-type: image/png
content-length: 13892
last-modified: Tue, 14 Dec 2021 12:09:34 GMT
etag: "61b8897e-3644"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-05T09:11:22+00:00
x-id: sto5-up-gc11
accept-ranges: bytes
X-Firefox-Spdy: h2
lms-static.wgcdn.co/videoback-ongoing-eu-wothq-1691/518e6d6bd45d6086554daa0295291ee1_1639483949.png
200 OK 3.0 kB URL HTTP/2 lms-static.wgcdn.co/videoback-ongoing-eu-wothq-1691/518e6d6bd45d6086554daa0295291ee1_1639483949.png
IP
ASN #199524 G-Core Labs S.A.
File type PNG image data, 123 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 5b1962befd8938b36c48ed62ca7c04f5
4e3e0524f822003a2567d04501b9d5e7d55d7d06
cd2a2481818213f1c1b4e065ead65f83ff50d25a5b63a4a8cf515614f3ad05cf
GET /videoback-ongoing-eu-wothq-1691/518e6d6bd45d6086554daa0295291ee1_1639483949.png HTTP/1.1
Host: lms-static.wgcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:59:04 GMT
content-type: image/png
content-length: 2976
last-modified: Tue, 14 Dec 2021 12:12:29 GMT
etag: "61b88a2d-ba0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-05T09:11:22+00:00
x-id: sto5-up-gc11
accept-ranges: bytes
X-Firefox-Spdy: h2
lms-static.wgcdn.co/videoback-ongoing-eu-wothq-1691/2aef0c94f5bc198cba6f45ee06d503a0_1639484015.png
200 OK 29 kB URL HTTP/2 lms-static.wgcdn.co/videoback-ongoing-eu-wothq-1691/2aef0c94f5bc198cba6f45ee06d503a0_1639484015.png
IP
ASN #199524 G-Core Labs S.A.
File type PNG image data, 1174 x 363, 8-bit/color RGBA, non-interlaced\012- data
Hash 5ce0d2852121a1cd85a26c2426a40dae
474a69d1816e7d29cea432b640e43e5acff39450
07871f75a6f4007f7f7d9adf5382f953c1dce8407149662dd88617a1d8d4055a
GET /videoback-ongoing-eu-wothq-1691/2aef0c94f5bc198cba6f45ee06d503a0_1639484015.png HTTP/1.1
Host: lms-static.wgcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:59:04 GMT
content-type: image/png
content-length: 29062
last-modified: Tue, 14 Dec 2021 12:13:35 GMT
etag: "61b88a6f-7186"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-23T11:38:28+00:00
x-id: sto5-up-gc11
accept-ranges: bytes
X-Firefox-Spdy: h2
lms-static.wgcdn.co/videoback-ongoing-eu-wothq-1691/ba06c381ed267fb7dfd6b007931ed0bf_1639483823.png
200 OK 30 kB URL HTTP/2 lms-static.wgcdn.co/videoback-ongoing-eu-wothq-1691/ba06c381ed267fb7dfd6b007931ed0bf_1639483823.png
IP
ASN #199524 G-Core Labs S.A.
File type PNG image data, 219 x 220, 8-bit grayscale, non-interlaced\012- data
Hash e15fed82b2db8b2e31de05ab2a5601f4
405cbff152f965bdbf3a72faabbff5cafa4bcc14
549b0b011eb72bfb724708d7caeb637c1411be84c32ccbb5a9d7a76afc8b30bd
GET /videoback-ongoing-eu-wothq-1691/ba06c381ed267fb7dfd6b007931ed0bf_1639483823.png HTTP/1.1
Host: lms-static.wgcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:59:04 GMT
content-type: image/png
content-length: 30233
last-modified: Tue, 14 Dec 2021 12:10:23 GMT
etag: "61b889af-7619"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-05T09:11:22+00:00
x-id: sto5-up-gc11
accept-ranges: bytes
X-Firefox-Spdy: h2
lms-static.wgcdn.co/videoback-ongoing-eu-neutral/861989a540f9cda9dd7f06e020a9531d_1649168344.jpg
200 OK 240 kB URL HTTP/2 lms-static.wgcdn.co/videoback-ongoing-eu-neutral/861989a540f9cda9dd7f06e020a9531d_1649168344.jpg
IP
ASN #199524 G-Core Labs S.A.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1876x976, components 3\012- data
Size 240 kB (240016 bytes)
Hash 9e152996312fe48423bb90d3102bff12
7f1a80e5a568fe1782cfdeec0055bdaff44ab250
57a227a1106a0389209aae8a7e971c48351dd6aa32c39553817cc1f1323b8c85
GET /videoback-ongoing-eu-neutral/861989a540f9cda9dd7f06e020a9531d_1649168344.jpg HTTP/1.1
Host: lms-static.wgcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:59:04 GMT
content-type: image/jpeg
content-length: 240016
last-modified: Tue, 05 Apr 2022 14:19:04 GMT
etag: "624c4fd8-3a990"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-23T11:43:59+00:00
x-id: sto5-up-gc11
accept-ranges: bytes
X-Firefox-Spdy: h2
lms-static.wgcdn.co/1648131357/dist/landing/videoback/app.e97d588e.js
200 OK 18 kB URL HTTP/2 lms-static.wgcdn.co/1648131357/dist/landing/videoback/app.e97d588e.js
IP
ASN #199524 G-Core Labs S.A.
Hash d45d88a9704e8a8b1f996fba98e09160
41118be231ed4e4b85600741425301740b921106
8f98621fa2a9b4e370ab851e758abb2229bebfe2f08d62c8b71edf62b34562c0
GET /1648131357/dist/landing/videoback/app.e97d588e.js HTTP/1.1
Host: lms-static.wgcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:59:04 GMT
content-type: application/javascript
last-modified: Fri, 01 Jul 2022 12:07:22 GMT
vary: Accept-Encoding
etag: W/"62bee37a-14229"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: gzip
cache: HIT
x-cached-since: 2022-11-23T11:43:59+00:00
x-id: sto5-up-gc11
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15660, version 1.0\012- data
Hash d7b0b953a50fddaa88089b5b787cf719
2f85bc568b27659a3d6452f58f9fd7678450326d
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://join.worldoftanks.eu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 22:14:50 GMT
expires: Wed, 06 Dec 2023 22:14:50 GMT
cache-control: public, max-age=31536000
age: 197055
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data
Hash 3d7f7413fca69bff4d231ebdc50aaab0
cb18e7943b6a8a0e3672d7242197c19a226b92e8
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://join.worldoftanks.eu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 15:42:33 GMT
expires: Wed, 06 Dec 2023 15:42:33 GMT
cache-control: public, max-age=31536000
age: 220592
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lms-static.wgcdn.co/1648131357/dist/landing/videoback/app.9ad664eb.css
200 OK 35 kB URL HTTP/2 lms-static.wgcdn.co/1648131357/dist/landing/videoback/app.9ad664eb.css
IP
ASN #199524 G-Core Labs S.A.
Hash 940f27463df8ed62aaf1a5bd351f8ea0
08c828cccceeb6611be379f3313527fc9688a2ba
8bf4f28167daba942a2520720d6237b549987decf12aff57e37612f16d9813cf
GET /1648131357/dist/landing/videoback/app.9ad664eb.css HTTP/1.1
Host: lms-static.wgcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:59:04 GMT
content-type: text/css
last-modified: Fri, 01 Jul 2022 12:07:22 GMT
vary: Accept-Encoding
etag: W/"62bee37a-15b6f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: gzip
cache: HIT
x-cached-since: 2022-11-23T11:43:59+00:00
x-id: sto5-up-gc11
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19G7DRs5.woff2
200 OK 7.1 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19G7DRs5.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 7120, version 1.0\012- data
Hash 1e58a6b01c300f7c84abdacf53503eaf
ed6f0d2f1564e5d763e07a8fde2f16c5e911f32f
85f70e68e3ba976fbfee39a96c5275550eb881f302c7dedf91aa7d0a802ba5f6
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19G7DRs5.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://join.worldoftanks.eu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7120
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 15:57:45 GMT
expires: Wed, 06 Dec 2023 15:57:45 GMT
cache-control: public, max-age=31536000
age: 219680
last-modified: Tue, 19 Apr 2022 18:54:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2
200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 11816, version 1.0\012- data
Hash 7fa68490a833a8fa395e5f3bffafc052
1880e3743548106319713b937e7769eee6b1ce21
30fa70635379ae1b58491bc41572760c1f3c8445265436a5fec4c36a197e4121
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://join.worldoftanks.eu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 23:10:51 GMT
expires: Wed, 06 Dec 2023 23:10:51 GMT
cache-control: public, max-age=31536000
age: 193694
last-modified: Tue, 19 Apr 2022 18:52:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn2wotcom.gcdn.co/promo_web/lp_video/UK_Campaign/UK_LP.webm
206 Partial Content 6.8 MB URL HTTP/2 cdn2wotcom.gcdn.co/promo_web/lp_video/UK_Campaign/UK_LP.webm
IP
ASN #199524 G-Core Labs S.A.
File type WebM\012- EBML file, creator webmB\20\012- data
Size 6.8 MB (6753005 bytes)
Hash 241ad0c565c539d384619150683f103b
f0a0e7792dbe86e96e89ff6284b3e92bb10e61d3
79c064239fc4465d3f12988b064e4d1c5a2db554198798aa4c16792fcd61c9dd
GET /promo_web/lp_video/UK_Campaign/UK_LP.webm HTTP/1.1
Host: cdn2wotcom.gcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx
date: Fri, 09 Dec 2022 04:59:05 GMT
content-type: video/webm
content-length: 6753005
last-modified: Fri, 25 Sep 2020 14:44:41 GMT
etag: "670aed-5b0245b528840"
cache-control: max-age=290304000, public
expires: Thu, 13 Apr 2023 09:05:41 GMT
cache: HIT
x-cached-since: 2022-04-13T09:05:41+00:00
x-id: sto5-up-gc15
content-range: bytes 0-6753004/6753005
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 29ee0a76851abb56bc5a46a9bb0903b6
35fc7bbca8c74b10c88f08ea12a0dddbe5badffe
4022c7570f45a317c8f027ada807695a87b2dca9aa18b1c97669dc34cacf3a5f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6412
Cache-Control: max-age=109870
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:05 GMT
Etag: "6391b1bb-1d7"
Expires: Sat, 10 Dec 2022 11:30:15 GMT
Last-Modified: Thu, 08 Dec 2022 09:43:23 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
tenor.wargaming.net/assets/device/static/collect.js
200 OK 5.4 kB URL HTTP/1.1 tenor.wargaming.net/assets/device/static/collect.js
IP
ASN #199524 G-Core Labs S.A.
File type HTML document, ASCII text, with very long lines (7249)
Hash 026f62fad760986ddac0bb642b46db1d
934e6b4936e4c044e0e68ebe8243a3c38a2763ca
76c6cf4c397fcca4cf8000908a09bae78997b814b1a3b345279bc8e178aa2900
GET /assets/device/static/collect.js HTTP/1.1
Host: tenor.wargaming.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 09 Dec 2022 04:59:05 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=200
Last-Modified: Wed, 09 Nov 2022 09:49:54 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"636b77c2-3ac2"
Content-Encoding: gzip
lms-static.wgcdn.co/videoback-ongoing-eu-wothq-1691/50e485b431d538125efcbfa8fc76a665_1600946565.png
200 OK 5.1 kB URL HTTP/2 lms-static.wgcdn.co/videoback-ongoing-eu-wothq-1691/50e485b431d538125efcbfa8fc76a665_1600946565.png
IP
ASN #199524 G-Core Labs S.A.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash c28eb738166485ff11b13d9e74a52be8
dd161225ce2e844e2d6f05753e5210d922934ec6
2e9c3e61433c5952bd3b7d963ae90d9789c262a67411447bbaa1b598f53c2411
GET /videoback-ongoing-eu-wothq-1691/50e485b431d538125efcbfa8fc76a665_1600946565.png HTTP/1.1
Host: lms-static.wgcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:59:05 GMT
content-type: image/png
content-length: 5124
last-modified: Thu, 24 Sep 2020 11:22:45 GMT
etag: "5f6c8185-1404"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-23T11:39:41+00:00
x-id: sto5-up-gc11
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 615fddb7dcff0826f0a7dd4140f370b6
06d26c99fcf20516839a656c4c5b023088eb4eaa
f561bef7be5b58a820d37e40135c8bc83511ae9298e6317bf1761f7cc24941bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4982
Cache-Control: max-age=132543
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:05 GMT
Etag: "63920fe2-1d7"
Expires: Sat, 10 Dec 2022 17:48:08 GMT
Last-Modified: Thu, 08 Dec 2022 16:25:06 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 09 Dec 2022 04:46:55 GMT
expires: Fri, 09 Dec 2022 06:46:55 GMT
cache-control: public, max-age=7200
age: 730
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 32d90ff0cc366730c3633c1201b4c058
f4175292b607197a15085e14bf69df301dff6706
b4b2f80fbe9b02f3d54dc35a3738c31a4d7cb5a5e528fcbce50263d8c458231a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/bat.js
200 OK 12 kB IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39124), with no line terminators
Hash b77f77f4f821a11c0a501be8d6a19659
7bba3d65db27d7c0e050bbf2294021433221de5d
e80b6b1a2f792de4681310088abf8d9172a81ee10a54965c8eb602fae2d92319
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11472
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ranges: bytes
etag: "027e538cd8d91:0"
vary: Accept-Encoding
set-cookie: MUID=276C4A73224762551081580623106321; domain=.bing.com; expires=Wed, 03-Jan-2024 04:59:05 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B0107F612B39473A828BFA12B47A6CEF Ref B: OSL30EDGE0321 Ref C: 2022-12-09T04:59:05Z
date: Fri, 09 Dec 2022 04:59:05 GMT
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: NauKDVy7Isaeot+inEHUFw+Nz+Fim0DJNTqG8fgH0UkBYcY+y971TfeuEQenkp3foypWSLH4EHdVz+HXV5C5eQ==
content-length: 27340
x-fb-trip-id: 1904183273
date: Fri, 09 Dec 2022 04:59:05 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-77NSW0BT3P&cid=1283161516.1670561945>m=2oebu0&aip=1&z=219322745
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-77NSW0BT3P&cid=1283161516.1670561945>m=2oebu0&aip=1&z=219322745
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-77NSW0BT3P&cid=1283161516.1670561945>m=2oebu0&aip=1&z=219322745 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 04:59:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1006839708/?random=1670561944475&cv=11&fst=1670561944475&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fjoin.worldoftanks.eu%2F1648131357%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392c09853cc3e0001d5e460%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg%26enctid%3Dcox0sal9a4ex%26lpsn%3DWOT%2520WW%2520LMS%2520Videoback%2520Neutral%2520TP%2520542839%26foris%3D1%26teclient%3D1670561944488626193%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Ddyrd6ukh%26utm_content%3D1287&tiba=World%20of%20Tanks%E2%80%94Gratis%20%C3%A5%20spille%20tanksaction%20MMO.%20Last%20ned%20n%C3%A5%20og%20spill%20gratis!&auid=305303138.1670561944&rfmt=3&fmt=4
200 OK 1.3 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1006839708/?random=1670561944475&cv=11&fst=1670561944475&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fjoin.worldoftanks.eu%2F1648131357%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392c09853cc3e0001d5e460%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg%26enctid%3Dcox0sal9a4ex%26lpsn%3DWOT%2520WW%2520LMS%2520Videoback%2520Neutral%2520TP%2520542839%26foris%3D1%26teclient%3D1670561944488626193%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Ddyrd6ukh%26utm_content%3D1287&tiba=World%20of%20Tanks%E2%80%94Gratis%20%C3%A5%20spille%20tanksaction%20MMO.%20Last%20ned%20n%C3%A5%20og%20spill%20gratis!&auid=305303138.1670561944&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2995), with no line terminators
Hash 9517b5ff206b3fcd0b91fc78025f12e2
0e8b7bbe8f99094023f70926be43d76b0e8efa23
2bf7d5fc2a241863e7a5605b2c6baa919afd9c2f465ad9825b4c9440debb3cfd
GET /pagead/viewthroughconversion/1006839708/?random=1670561944475&cv=11&fst=1670561944475&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fjoin.worldoftanks.eu%2F1648131357%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392c09853cc3e0001d5e460%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg%26enctid%3Dcox0sal9a4ex%26lpsn%3DWOT%2520WW%2520LMS%2520Videoback%2520Neutral%2520TP%2520542839%26foris%3D1%26teclient%3D1670561944488626193%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Ddyrd6ukh%26utm_content%3D1287&tiba=World%20of%20Tanks%E2%80%94Gratis%20%C3%A5%20spille%20tanksaction%20MMO.%20Last%20ned%20n%C3%A5%20og%20spill%20gratis!&auid=305303138.1670561944&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 04:59:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1263
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 09-Dec-2022 05:14:05 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 615fddb7dcff0826f0a7dd4140f370b6
06d26c99fcf20516839a656c4c5b023088eb4eaa
f561bef7be5b58a820d37e40135c8bc83511ae9298e6317bf1761f7cc24941bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5548
Cache-Control: max-age=133109
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:05 GMT
Etag: "63920fe2-1d7"
Expires: Sat, 10 Dec 2022 17:57:34 GMT
Last-Modified: Thu, 08 Dec 2022 16:25:06 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ad.doubleclick.net/ddm/activity/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1648131357/no/;u3=WOT%20WW%20LMS%20Videoback%20Neutral%20TP%20542839;u4=affiliate;u5=dyrd6ukh;u6=1670561944488626193;u7=undefined;match_id=1670561944488626193;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1810890010
302 Found 0 B URL HTTP/2 ad.doubleclick.net/ddm/activity/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1648131357/no/;u3=WOT%20WW%20LMS%20Videoback%20Neutral%20TP%20542839;u4=affiliate;u5=dyrd6ukh;u6=1670561944488626193;u7=undefined;match_id=1670561944488626193;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1810890010
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/activity/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1648131357/no/;u3=WOT%20WW%20LMS%20Videoback%20Neutral%20TP%20542839;u4=affiliate;u5=dyrd6ukh;u6=1670561944488626193;u7=undefined;match_id=1670561944488626193;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1810890010 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 04:59:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.com/ddm/fls/p/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1648131357/no/;u3=WOT%20WW%20LMS%20Videoback%20Neutral%20TP%20542839;u4=affiliate;u5=dyrd6ukh;u6=1670561944488626193;u7=undefined;match_id=1670561944488626193;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1810890010;~oref=https://join.worldoftanks.eu/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 09-Dec-2022 05:14:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.redditstatic.com/ads/pixel.js
200 OK 7.7 kB URL HTTP/2 www.redditstatic.com/ads/pixel.js
IP
File type ASCII text, with very long lines (25224)
Hash 3528fd00b652f61a266eb584d96f4fcc
d89e16aa1323c6c4f1ed3941122020684a599361
77efa9f2ddfdca7a45df37bbcd22fdaeb7b97161a2acd87e21eb78bdeaad1332
GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 07 Nov 2022 16:45:46 GMT
etag: "3528fd00b652f61a266eb584d96f4fcc"
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 09 Dec 2022 04:59:05 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7722
X-Firefox-Spdy: h2
tenor.wargaming.net/cf
200 OK 0 B IP
ASN #199524 G-Core Labs S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /cf HTTP/1.1
Host: tenor.wargaming.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://join.worldoftanks.eu/
Origin: https://join.worldoftanks.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 09 Dec 2022 04:59:05 GMT
Content-Type: application/octet-stream
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=200
Access-Control-Allow-Origin: https://join.worldoftanks.eu
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: CONTENT-TYPE
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 32d90ff0cc366730c3633c1201b4c058
f4175292b607197a15085e14bf69df301dff6706
b4b2f80fbe9b02f3d54dc35a3738c31a4d7cb5a5e528fcbce50263d8c458231a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dcb0ed86727c359c48d60000d5ce055b
f7e736e0e1f78ec89eacaa08fd5648e1cf47d4fc
68713a99b06419fcaa5ee2c4b2b1a2772ff6a47df9ca0f5dda78189fefa108a7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tenor.wargaming.net/cf
204 No Content 0 B IP
ASN #199524 G-Core Labs S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cf HTTP/1.1
Host: tenor.wargaming.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://join.worldoftanks.eu/
Content-Type: application/json
Origin: https://join.worldoftanks.eu
Content-Length: 311
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: openresty
Date: Fri, 09 Dec 2022 04:59:05 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 2
Connection: keep-alive
Keep-Alive: timeout=200
Access-Control-Expose-Headers: Server,Content-Length,Date
Access-Control-Allow-Origin: https://join.worldoftanks.eu
Access-Control-Allow-Credentials: true
ocsp.digicert.com/
200 OK 471 B IP
Hash 835f17b15cc8623fe0c65ccbef72c084
e0b3f6daa2cbc515f461cd65c856f3c0e85f25da
950f2646856281db9391c79e9eb4d927e69af9ba999b9e96bcf61d42d45a52eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 502
Cache-Control: max-age=140264
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:06 GMT
Etag: "63923f8c-1d7"
Expires: Sat, 10 Dec 2022 19:56:51 GMT
Last-Modified: Thu, 08 Dec 2022 19:48:28 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
bat.bing.com/action/0?ti=26043906&tm=gtm002&Ver=2&mid=ab8a99fb-3fec-46b7-a529-988e0c9059d5&sid=34a2fae0777e11edbfc0bd95de1faa64&vid=34a33710777e11eda4c72fde924ee27b&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=World%20of%20Tanks%E2%80%94Gratis%20%C3%A5%20spille%20tanksaction%20MMO.%20Last%20ned%20n%C3%A5%20og%20spill%20gratis!&p=https%3A%2F%2Fjoin.worldoftanks.eu%2F1648131357%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392c09853cc3e0001d5e460%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg%26enctid%3Dcox0sal9a4ex%26lpsn%3DWOT%2520WW%2520LMS%2520Videoback%2520Neutral%2520TP%2520542839%26foris%3D1%26teclient%3D1670561944488626193%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Ddyrd6ukh%26utm_content%3D1287&r=<=1653&evt=pageLoad&sv=1&rn=347258
204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=26043906&tm=gtm002&Ver=2&mid=ab8a99fb-3fec-46b7-a529-988e0c9059d5&sid=34a2fae0777e11edbfc0bd95de1faa64&vid=34a33710777e11eda4c72fde924ee27b&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=World%20of%20Tanks%E2%80%94Gratis%20%C3%A5%20spille%20tanksaction%20MMO.%20Last%20ned%20n%C3%A5%20og%20spill%20gratis!&p=https%3A%2F%2Fjoin.worldoftanks.eu%2F1648131357%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392c09853cc3e0001d5e460%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg%26enctid%3Dcox0sal9a4ex%26lpsn%3DWOT%2520WW%2520LMS%2520Videoback%2520Neutral%2520TP%2520542839%26foris%3D1%26teclient%3D1670561944488626193%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Ddyrd6ukh%26utm_content%3D1287&r=<=1653&evt=pageLoad&sv=1&rn=347258
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=26043906&tm=gtm002&Ver=2&mid=ab8a99fb-3fec-46b7-a529-988e0c9059d5&sid=34a2fae0777e11edbfc0bd95de1faa64&vid=34a33710777e11eda4c72fde924ee27b&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=World%20of%20Tanks%E2%80%94Gratis%20%C3%A5%20spille%20tanksaction%20MMO.%20Last%20ned%20n%C3%A5%20og%20spill%20gratis!&p=https%3A%2F%2Fjoin.worldoftanks.eu%2F1648131357%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392c09853cc3e0001d5e460%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg%26enctid%3Dcox0sal9a4ex%26lpsn%3DWOT%2520WW%2520LMS%2520Videoback%2520Neutral%2520TP%2520542839%26foris%3D1%26teclient%3D1670561944488626193%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Ddyrd6ukh%26utm_content%3D1287&r=<=1653&evt=pageLoad&sv=1&rn=347258 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=0E73B24BE9E46DE9269DA03EE8B36C7E; domain=.bing.com; expires=Wed, 03-Jan-2024 04:59:06 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9638F3CD61024D748D429563C3C58270 Ref B: OSL30EDGE0321 Ref C: 2022-12-09T04:59:06Z
date: Fri, 09 Dec 2022 04:59:05 GMT
X-Firefox-Spdy: h2
bat.bing.com/p/action/26043906.js
200 OK 1.4 kB URL HTTP/2 bat.bing.com/p/action/26043906.js
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 617b16ee2cc02f80ed3728495ecc2282
8dd2e70d54ca6dc9c3cbbcc8c83aa3359a4fd031
6db033fae32be614bd64b08e78f0cad9583aa152b0aa86eaf7154c68abbf98ff
GET /p/action/26043906.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private,max-age=60
content-length: 1446
content-type: application/javascript; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: MUID=2839CE647D396C8633F5DC117C6E6D84; domain=.bing.com; expires=Wed, 03-Jan-2024 04:59:06 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 08481C92076C466F8BE8B8465315961E Ref B: OSL30EDGE0321 Ref C: 2022-12-09T04:59:06Z
date: Fri, 09 Dec 2022 04:59:05 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 23f0fed6cb9af080a75d8b899ae5bd84
2c02a8cb4a6e70d8ba58696fd709838656d443c3
b1102b6924fcffe1f07a07385010a47aa142435d4efc79b338e50f8258a4d5da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash d5aa0473ca0e4dd53153e63f03136515
ba1ac38727f37f625d6fd5c1a85f341188d745d8
3c3ff11f446d4d177df3c948264722e20da8c87141ae3906b2035d590192d418
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6493
Cache-Control: max-age=140159
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:06 GMT
Etag: "639227bc-1d7"
Expires: Sat, 10 Dec 2022 19:55:05 GMT
Last-Modified: Thu, 08 Dec 2022 18:06:52 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
www.google.com/pagead/1p-user-list/1006839708/?random=1670561944475&cv=11&fst=1670558400000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fjoin.worldoftanks.eu%2F1648131357%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392c09853cc3e0001d5e460%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg%26enctid%3Dcox0sal9a4ex%26lpsn%3DWOT%2520WW%2520LMS%2520Videoback%2520Neutral%2520TP%2520542839%26foris%3D1%26teclient%3D1670561944488626193%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Ddyrd6ukh%26utm_content%3D1287&tiba=World%20of%20Tanks%E2%80%94Gratis%20%C3%A5%20spille%20tanksaction%20MMO.%20Last%20ned%20n%C3%A5%20og%20spill%20gratis!&fmt=3&is_vtc=1&random=4133603905&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/1006839708/?random=1670561944475&cv=11&fst=1670558400000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fjoin.worldoftanks.eu%2F1648131357%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392c09853cc3e0001d5e460%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg%26enctid%3Dcox0sal9a4ex%26lpsn%3DWOT%2520WW%2520LMS%2520Videoback%2520Neutral%2520TP%2520542839%26foris%3D1%26teclient%3D1670561944488626193%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Ddyrd6ukh%26utm_content%3D1287&tiba=World%20of%20Tanks%E2%80%94Gratis%20%C3%A5%20spille%20tanksaction%20MMO.%20Last%20ned%20n%C3%A5%20og%20spill%20gratis!&fmt=3&is_vtc=1&random=4133603905&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1006839708/?random=1670561944475&cv=11&fst=1670558400000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fjoin.worldoftanks.eu%2F1648131357%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392c09853cc3e0001d5e460%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg%26enctid%3Dcox0sal9a4ex%26lpsn%3DWOT%2520WW%2520LMS%2520Videoback%2520Neutral%2520TP%2520542839%26foris%3D1%26teclient%3D1670561944488626193%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Ddyrd6ukh%26utm_content%3D1287&tiba=World%20of%20Tanks%E2%80%94Gratis%20%C3%A5%20spille%20tanksaction%20MMO.%20Last%20ned%20n%C3%A5%20og%20spill%20gratis!&fmt=3&is_vtc=1&random=4133603905&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 04:59:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8585fe73b51c643ee300c3df9313bfe1
c184ce0c12fbfc0f17a81ad0e0bdaad5503bceb1
807b590f961c83886bbd27c879dfbf03a3336005cdabbba42d4d63bdcb11bf51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/ddm/fls/p/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1648131357/no/;u3=WOT%20WW%20LMS%20Videoback%20Neutral%20TP%20542839;u4=affiliate;u5=dyrd6ukh;u6=1670561944488626193;u7=undefined;match_id=1670561944488626193;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1810890010;~oref=https://join.worldoftanks.eu/
302 Found 0 B URL HTTP/2 adservice.google.com/ddm/fls/p/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1648131357/no/;u3=WOT%20WW%20LMS%20Videoback%20Neutral%20TP%20542839;u4=affiliate;u5=dyrd6ukh;u6=1670561944488626193;u7=undefined;match_id=1670561944488626193;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1810890010;~oref=https://join.worldoftanks.eu/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/fls/p/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1648131357/no/;u3=WOT%20WW%20LMS%20Videoback%20Neutral%20TP%20542839;u4=affiliate;u5=dyrd6ukh;u6=1670561944488626193;u7=undefined;match_id=1670561944488626193;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1810890010;~oref=https://join.worldoftanks.eu/ HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://join.worldoftanks.eu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 04:59:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.no/ddm/fls/p/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1648131357/no/;u3=WOT%20WW%20LMS%20Videoback%20Neutral%20TP%20542839;u4=affiliate;u5=dyrd6ukh;u6=1670561944488626193;u7=undefined;match_id=1670561944488626193;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1810890010;~oref=https://join.worldoftanks.eu/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8585fe73b51c643ee300c3df9313bfe1
c184ce0c12fbfc0f17a81ad0e0bdaad5503bceb1
807b590f961c83886bbd27c879dfbf03a3336005cdabbba42d4d63bdcb11bf51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=722630277830558&ev=PageView&dl=https%3A%2F%2Fjoin.worldoftanks.eu%2F1648131357%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392c09853cc3e0001d5e460%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg%26enctid%3Dcox0sal9a4ex%26lpsn%3DWOT%2520WW%2520LMS%2520Videoback%2520Neutral%2520TP%2520542839%26foris%3D1%26teclient%3D1670561944488626193%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Ddyrd6ukh%26utm_content%3D1287&rl=&if=false&ts=1670561945284&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1670561945284.1842245063&it=1670561945091&coo=false&tm=1&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=722630277830558&ev=PageView&dl=https%3A%2F%2Fjoin.worldoftanks.eu%2F1648131357%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392c09853cc3e0001d5e460%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg%26enctid%3Dcox0sal9a4ex%26lpsn%3DWOT%2520WW%2520LMS%2520Videoback%2520Neutral%2520TP%2520542839%26foris%3D1%26teclient%3D1670561944488626193%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Ddyrd6ukh%26utm_content%3D1287&rl=&if=false&ts=1670561945284&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1670561945284.1842245063&it=1670561945091&coo=false&tm=1&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=722630277830558&ev=PageView&dl=https%3A%2F%2Fjoin.worldoftanks.eu%2F1648131357%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392c09853cc3e0001d5e460%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg%26enctid%3Dcox0sal9a4ex%26lpsn%3DWOT%2520WW%2520LMS%2520Videoback%2520Neutral%2520TP%2520542839%26foris%3D1%26teclient%3D1670561944488626193%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Ddyrd6ukh%26utm_content%3D1287&rl=&if=false&ts=1670561945284&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1670561945284.1842245063&it=1670561945091&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 09 Dec 2022 04:59:06 GMT
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-77NSW0BT3P>m=2oebu0&_p=258225568&_gaz=1&gcs=G1--&cid=1283161516.1670561945&ul=en-us&sr=1280x1024&_s=1&sid=1670561944&sct=1&seg=0&dl=https%3A%2F%2Fjoin.worldoftanks.eu%2F1648131357%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392c09853cc3e0001d5e460%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg%26enctid%3Dcox0sal9a4ex%26lpsn%3DWOT%2520WW%2520LMS%2520Videoback%2520Neutral%2520TP%2520542839%26foris%3D1%26teclient%3D1670561944488626193%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Ddyrd6ukh%26utm_content%3D1287&dt=World%20of%20Tanks%E2%80%94Gratis%20%C3%A5%20spille%20tanksaction%20MMO.%20Last%20ned%20n%C3%A5%20og%20spill%20gratis!&en=page_view&_fv=1&_nsi=1&_ss=1&ep.prod_name=wot&ep.prod_realm=eu&ep.prod_lang=no&ep.prod_type=lp&ep.prod_lptype=videoback%2FWOTHQ-1691%2FACQ%2Freg-wg
204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-77NSW0BT3P>m=2oebu0&_p=258225568&_gaz=1&gcs=G1--&cid=1283161516.1670561945&ul=en-us&sr=1280x1024&_s=1&sid=1670561944&sct=1&seg=0&dl=https%3A%2F%2Fjoin.worldoftanks.eu%2F1648131357%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392c09853cc3e0001d5e460%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg%26enctid%3Dcox0sal9a4ex%26lpsn%3DWOT%2520WW%2520LMS%2520Videoback%2520Neutral%2520TP%2520542839%26foris%3D1%26teclient%3D1670561944488626193%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Ddyrd6ukh%26utm_content%3D1287&dt=World%20of%20Tanks%E2%80%94Gratis%20%C3%A5%20spille%20tanksaction%20MMO.%20Last%20ned%20n%C3%A5%20og%20spill%20gratis!&en=page_view&_fv=1&_nsi=1&_ss=1&ep.prod_name=wot&ep.prod_realm=eu&ep.prod_lang=no&ep.prod_type=lp&ep.prod_lptype=videoback%2FWOTHQ-1691%2FACQ%2Freg-wg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-77NSW0BT3P>m=2oebu0&_p=258225568&_gaz=1&gcs=G1--&cid=1283161516.1670561945&ul=en-us&sr=1280x1024&_s=1&sid=1670561944&sct=1&seg=0&dl=https%3A%2F%2Fjoin.worldoftanks.eu%2F1648131357%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392c09853cc3e0001d5e460%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg%26enctid%3Dcox0sal9a4ex%26lpsn%3DWOT%2520WW%2520LMS%2520Videoback%2520Neutral%2520TP%2520542839%26foris%3D1%26teclient%3D1670561944488626193%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Ddyrd6ukh%26utm_content%3D1287&dt=World%20of%20Tanks%E2%80%94Gratis%20%C3%A5%20spille%20tanksaction%20MMO.%20Last%20ned%20n%C3%A5%20og%20spill%20gratis!&en=page_view&_fv=1&_nsi=1&_ss=1&ep.prod_name=wot&ep.prod_realm=eu&ep.prod_lang=no&ep.prod_type=lp&ep.prod_lptype=videoback%2FWOTHQ-1691%2FACQ%2Freg-wg HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://join.worldoftanks.eu
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://join.worldoftanks.eu
date: Fri, 09 Dec 2022 04:59:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 48487c86e61361cb1055f9ab315d3b4e
8bb6ce1c9bbd0315b9bf8173ba6d2c21f2c120ef
9899e720c3cf6f0b777190c161de072637351830d45236355ae08db668a98eba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rules.quantcount.com/rules-p-UH9pPWqqbvvtC.js
200 OK 222 B URL HTTP/2 rules.quantcount.com/rules-p-UH9pPWqqbvvtC.js
IP
Hash 1fc3544f525a98ae3bb01abe95ecbd2b
9a9379f992c3660aec966f7fccb478ec0796b0af
fe56ee11ce8e8046f4e968b897e8a013642cb70381a7e8b7ca51d21f2d19ec42
GET /rules-p-UH9pPWqqbvvtC.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 222
last-modified: Thu, 13 Oct 2022 14:48:45 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Fri, 09 Dec 2022 04:48:56 GMT
cache-control: max-age=3600
etag: "1fc3544f525a98ae3bb01abe95ecbd2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RrzmVVBFObPJ6BHHWcN3rzV3eXkpTuI3rMSW3BBzwU5uURwQsW5z5Q==
age: 1980
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-150089307-6&cid=1283161516.1670561945&jid=1256637751&gjid=376863740&_gid=299898571.1670561945&_u=YChACEABBAAAACAEO~&z=2124523167
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-150089307-6&cid=1283161516.1670561945&jid=1256637751&gjid=376863740&_gid=299898571.1670561945&_u=YChACEABBAAAACAEO~&z=2124523167
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-150089307-6&cid=1283161516.1670561945&jid=1256637751&gjid=376863740&_gid=299898571.1670561945&_u=YChACEABBAAAACAEO~&z=2124523167 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://join.worldoftanks.eu
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://join.worldoftanks.eu
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 09 Dec 2022 04:59:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
a1.adform.net/Serving/TrackPoint/?CC=1&pm=2446135&ADFPageName=WOT%20-%20EU%20-%20Landing%20Page&ADFdivider=%7C&ord=142127157364&ADFtpmode=2&loc=https%3A%2F%2Fjoin.worldoftanks.eu%2F1648131357%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392c09853cc3e0001d5e460%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg%26enctid%3Dcox0sal9a4ex%26lpsn%3DWOT%2520WW%2520LMS%2520Videoback%2520Neutral%2520TP%2520542839%26foris%3D1%26teclient%3D1670561944488626193%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Ddyrd6ukh%26utm_content%3D1287&Set1=en-US%7Cen-US%7C1280x1024%7C24
200 OK 196 B URL HTTP/2 a1.adform.net/Serving/TrackPoint/?CC=1&pm=2446135&ADFPageName=WOT%20-%20EU%20-%20Landing%20Page&ADFdivider=%7C&ord=142127157364&ADFtpmode=2&loc=https%3A%2F%2Fjoin.worldoftanks.eu%2F1648131357%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392c09853cc3e0001d5e460%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg%26enctid%3Dcox0sal9a4ex%26lpsn%3DWOT%2520WW%2520LMS%2520Videoback%2520Neutral%2520TP%2520542839%26foris%3D1%26teclient%3D1670561944488626193%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Ddyrd6ukh%26utm_content%3D1287&Set1=en-US%7Cen-US%7C1280x1024%7C24
IP
File type ASCII text, with CRLF line terminators
Hash 0ede06ce62bcf9e842e1b0f3313e6f83
a1a6675d17c5e308cbf033eb3d53fd8d12272be4
b453c48d135033a9f54030c39d0241419c85531378e79ef47a5991ab5d418a97
GET /Serving/TrackPoint/?CC=1&pm=2446135&ADFPageName=WOT%20-%20EU%20-%20Landing%20Page&ADFdivider=%7C&ord=142127157364&ADFtpmode=2&loc=https%3A%2F%2Fjoin.worldoftanks.eu%2F1648131357%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392c09853cc3e0001d5e460%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg%26enctid%3Dcox0sal9a4ex%26lpsn%3DWOT%2520WW%2520LMS%2520Videoback%2520Neutral%2520TP%2520542839%26foris%3D1%26teclient%3D1670561944488626193%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Ddyrd6ukh%26utm_content%3D1287&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1
Host: a1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://join.worldoftanks.eu/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:59:06 GMT
content-type: text/javascript; charset=utf-8
content-length: 196
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-40205758-4&cid=1283161516.1670561945&jid=552238712&gjid=1397604803&_gid=1065485327.1670561945&_u=YChACEABBAAAACAFO~&z=1972831781
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-40205758-4&cid=1283161516.1670561945&jid=552238712&gjid=1397604803&_gid=1065485327.1670561945&_u=YChACEABBAAAACAFO~&z=1972831781
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-40205758-4&cid=1283161516.1670561945&jid=552238712&gjid=1397604803&_gid=1065485327.1670561945&_u=YChACEABBAAAACAFO~&z=1972831781 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://join.worldoftanks.eu
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://join.worldoftanks.eu
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 09 Dec 2022 04:59:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-77NSW0BT3P&cid=1283161516.1670561945>m=2oebu0&aip=1
204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-77NSW0BT3P&cid=1283161516.1670561945>m=2oebu0&aip=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-77NSW0BT3P&cid=1283161516.1670561945>m=2oebu0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://join.worldoftanks.eu
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://join.worldoftanks.eu
date: Fri, 09 Dec 2022 04:59:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-150089307-8&cid=1283161516.1670561945&jid=2009937412&gjid=1953611046&_gid=1468728105.1670561945&_u=YChACEAABAAAACAEO~&z=2136389927
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-150089307-8&cid=1283161516.1670561945&jid=2009937412&gjid=1953611046&_gid=1468728105.1670561945&_u=YChACEAABAAAACAEO~&z=2136389927
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-150089307-8&cid=1283161516.1670561945&jid=2009937412&gjid=1953611046&_gid=1468728105.1670561945&_u=YChACEAABAAAACAEO~&z=2136389927 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://join.worldoftanks.eu
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://join.worldoftanks.eu
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 09 Dec 2022 04:59:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/p/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1648131357/no/;u3=WOT%20WW%20LMS%20Videoback%20Neutral%20TP%20542839;u4=affiliate;u5=dyrd6ukh;u6=1670561944488626193;u7=undefined;match_id=1670561944488626193;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1810890010;~oref=https://join.worldoftanks.eu/
200 OK 42 B URL HTTP/2 adservice.google.no/ddm/fls/p/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1648131357/no/;u3=WOT%20WW%20LMS%20Videoback%20Neutral%20TP%20542839;u4=affiliate;u5=dyrd6ukh;u6=1670561944488626193;u7=undefined;match_id=1670561944488626193;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1810890010;~oref=https://join.worldoftanks.eu/
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ddm/fls/p/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1648131357/no/;u3=WOT%20WW%20LMS%20Videoback%20Neutral%20TP%20542839;u4=affiliate;u5=dyrd6ukh;u6=1670561944488626193;u7=undefined;match_id=1670561944488626193;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1810890010;~oref=https://join.worldoftanks.eu/ HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://join.worldoftanks.eu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 04:59:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 795e67bdfadc3c890a663080413b56b7
fdefde3befb6aceac3c337c34c8d738f5091908c
8375b55cfc13989b0cf96293b7bead2ce5811a993b3445da1776ca7015c36985
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:59:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pixel.quantserve.com/pixel;r=1694952456;labels=_fp.event.PageView;source=gtm;event=refresh;rf=0;a=p-UH9pPWqqbvvtC;url=https%3A%2F%2Fjoin.worldoftanks.eu%2F1648131357%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392c09853cc3e0001d5e460%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg%26enctid%3Dcox0sal9a4ex%26lpsn%3DWOT%2520WW%2520LMS%2520Videoback%2520Neutral%2520TP%2520542839%26foris%3D1%26teclient%3D1670561944488626193%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Ddyrd6ukh%26utm_content%3D1287;uht=2;fpan=1;fpa=P0-720816941-1670561945294;pbc=;ns=0;ce=1;qjs=1;qv=b2bd41b7-20221206125257;cm=;gdpr=0;ref=;d=worldoftanks.eu;dst=0;et=1670561945401;tzo=0;ogl=;ses=86532c27-8d1c-447e-aa2b-0ba7b8fb08eb
200 OK 35 B URL HTTP/2 pixel.quantserve.com/pixel;r=1694952456;labels=_fp.event.PageView;source=gtm;event=refresh;rf=0;a=p-UH9pPWqqbvvtC;url=https%3A%2F%2Fjoin.worldoftanks.eu%2F1648131357%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392c09853cc3e0001d5e460%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg%26enctid%3Dcox0sal9a4ex%26lpsn%3DWOT%2520WW%2520LMS%2520Videoback%2520Neutral%2520TP%2520542839%26foris%3D1%26teclient%3D1670561944488626193%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Ddyrd6ukh%26utm_content%3D1287;uht=2;fpan=1;fpa=P0-720816941-1670561945294;pbc=;ns=0;ce=1;qjs=1;qv=b2bd41b7-20221206125257;cm=;gdpr=0;ref=;d=worldoftanks.eu;dst=0;et=1670561945401;tzo=0;ogl=;ses=86532c27-8d1c-447e-aa2b-0ba7b8fb08eb
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel;r=1694952456;labels=_fp.event.PageView;source=gtm;event=refresh;rf=0;a=p-UH9pPWqqbvvtC;url=https%3A%2F%2Fjoin.worldoftanks.eu%2F1648131357%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392c09853cc3e0001d5e460%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg%26enctid%3Dcox0sal9a4ex%26lpsn%3DWOT%2520WW%2520LMS%2520Videoback%2520Neutral%2520TP%2520542839%26foris%3D1%26teclient%3D1670561944488626193%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Ddyrd6ukh%26utm_content%3D1287;uht=2;fpan=1;fpa=P0-720816941-1670561945294;pbc=;ns=0;ce=1;qjs=1;qv=b2bd41b7-20221206125257;cm=;gdpr=0;ref=;d=worldoftanks.eu;dst=0;et=1670561945401;tzo=0;ogl=;ses=86532c27-8d1c-447e-aa2b-0ba7b8fb08eb HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:59:06 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=6392c09a-430d7-0fc7c-e40c6; expires=Tue, 09-Jan-2024 04:59:06 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
s2.adform.net/banners/scripts/st/trackpoint-async.js
200 OK 31 kB URL HTTP/2 s2.adform.net/banners/scripts/st/trackpoint-async.js
IP
Hash 3b1f4a230c51f0510fcd6c17abc3c887
c8113548ebd610dd2e2acbe3aa18eb9dab3d1490
dc37642fd1eda5e67f06ef7cf299834c6387cbbd5c6da253b6523eb07f4ec5c0
GET /banners/scripts/st/trackpoint-async.js HTTP/1.1
Host: s2.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:59:06 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 29 Nov 2022 10:23:25 GMT
x-rgw-object-type: Normal
etag: W/"83eb5fafaa212c785f7393188ff817aa"
x-amz-request-id: tx000000e32f6eeaf17bca7-006385e0d4-32941e2b-default
access-control-allow-origin: *
cache-control: public, max-age=604800
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
sp.analytics.yahoo.com/sp.pl?a=10000&b=World%20of%20Tanks%E2%80%94Gratis%20%C3%A5%20spille%20tanksaction%20MMO.%20Last%20ned%20n%C3%A5%20og%20spill%20gratis!&.yp=10180089&f=https%3A%2F%2Fjoin.worldoftanks.eu%2F1648131357%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392c09853cc3e0001d5e460%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg%26enctid%3Dcox0sal9a4ex%26lpsn%3DWOT%2520WW%2520LMS%2520Videoback%2520Neutral%2520TP%2520542839%26foris%3D1%26teclient%3D1670561944488626193%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Ddyrd6ukh%26utm_content%3D1287&enc=UTF-8&yv=1.13.0&et=custom&ec=LP%20Interaction&ea=Page%20View&el=Landing%20Page&tagmgr=gtm
200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&b=World%20of%20Tanks%E2%80%94Gratis%20%C3%A5%20spille%20tanksaction%20MMO.%20Last%20ned%20n%C3%A5%20og%20spill%20gratis!&.yp=10180089&f=https%3A%2F%2Fjoin.worldoftanks.eu%2F1648131357%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392c09853cc3e0001d5e460%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg%26enctid%3Dcox0sal9a4ex%26lpsn%3DWOT%2520WW%2520LMS%2520Videoback%2520Neutral%2520TP%2520542839%26foris%3D1%26teclient%3D1670561944488626193%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Ddyrd6ukh%26utm_content%3D1287&enc=UTF-8&yv=1.13.0&et=custom&ec=LP%20Interaction&ea=Page%20View&el=Landing%20Page&tagmgr=gtm
IP
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&b=World%20of%20Tanks%E2%80%94Gratis%20%C3%A5%20spille%20tanksaction%20MMO.%20Last%20ned%20n%C3%A5%20og%20spill%20gratis!&.yp=10180089&f=https%3A%2F%2Fjoin.worldoftanks.eu%2F1648131357%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392c09853cc3e0001d5e460%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg%26enctid%3Dcox0sal9a4ex%26lpsn%3DWOT%2520WW%2520LMS%2520Videoback%2520Neutral%2520TP%2520542839%26foris%3D1%26teclient%3D1670561944488626193%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Ddyrd6ukh%26utm_content%3D1287&enc=UTF-8&yv=1.13.0&et=custom&ec=LP%20Interaction&ea=Page%20View&el=Landing%20Page&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:59:06 GMT
expires: Fri, 09 Dec 2022 04:59:06 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBJrAkmMCECvaVZIqoyjEE8Mh532RfTMFEgEBAQESlGOcYwAAAAAA_eMAAA&S=AQAAAu9z0jleyfSrQHAu0YJMYrU; Expires=Sat, 9 Dec 2023 10:59:06 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
200 OK 10 kB URL HTTP/2 secure.quantserve.com/quant.js
IP
Hash 533df77fd1a26e304e87f202c78c5b0e
cf218bf75da92abeba439635a63f2f5998cde4b1
0e39a2435ffc3a31c884b65fac990d80ea2c525c98fdbf093472d9ac9ebbfc9d
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:59:06 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "KvGSi9leJgKNKEGESzHjYw=="
expires: Fri, 16 Dec 2022 04:59:06 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2009%20Dec%202022%2004%3A59%3A05%20GMT&n=0&b=World%20of%20Tanks%E2%80%94Gratis%20%C3%A5%20spille%20tanksaction%20MMO.%20Last%20ned%20n%C3%A5%20og%20spill%20gratis!&.yp=10180089&f=https%3A%2F%2Fjoin.worldoftanks.eu%2F1648131357%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392c09853cc3e0001d5e460%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg%26enctid%3Dcox0sal9a4ex%26lpsn%3DWOT%2520WW%2520LMS%2520Videoback%2520Neutral%2520TP%2520542839%26foris%3D1%26teclient%3D1670561944488626193%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Ddyrd6ukh%26utm_content%3D1287&enc=UTF-8&yv=1.13.0&tagmgr=gtm
200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2009%20Dec%202022%2004%3A59%3A05%20GMT&n=0&b=World%20of%20Tanks%E2%80%94Gratis%20%C3%A5%20spille%20tanksaction%20MMO.%20Last%20ned%20n%C3%A5%20og%20spill%20gratis!&.yp=10180089&f=https%3A%2F%2Fjoin.worldoftanks.eu%2F1648131357%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392c09853cc3e0001d5e460%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg%26enctid%3Dcox0sal9a4ex%26lpsn%3DWOT%2520WW%2520LMS%2520Videoback%2520Neutral%2520TP%2520542839%26foris%3D1%26teclient%3D1670561944488626193%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Ddyrd6ukh%26utm_content%3D1287&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&d=Fri%2C%2009%20Dec%202022%2004%3A59%3A05%20GMT&n=0&b=World%20of%20Tanks%E2%80%94Gratis%20%C3%A5%20spille%20tanksaction%20MMO.%20Last%20ned%20n%C3%A5%20og%20spill%20gratis!&.yp=10180089&f=https%3A%2F%2Fjoin.worldoftanks.eu%2F1648131357%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392c09853cc3e0001d5e460%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg%26enctid%3Dcox0sal9a4ex%26lpsn%3DWOT%2520WW%2520LMS%2520Videoback%2520Neutral%2520TP%2520542839%26foris%3D1%26teclient%3D1670561944488626193%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Ddyrd6ukh%26utm_content%3D1287&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:59:06 GMT
expires: Fri, 09 Dec 2022 04:59:06 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBJrAkmMCENuPjtrQyDykQ04r_vgZGkIFEgEBAQESlGOcYwAAAAAA_eMAAA&S=AQAAAtY0VgcH9zP4QYDRT83XUOg; Expires=Sat, 9 Dec 2023 10:59:06 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
alb.reddit.com/rp.gif?ts=1670561945118&id=t2_a043ik42&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=6a11fcd7-d7a8-4f52-bb4e-19ab7e0a8c19&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
200 OK 42 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1670561945118&id=t2_a043ik42&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=6a11fcd7-d7a8-4f52-bb4e-19ab7e0a8c19&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rp.gif?ts=1670561945118&id=t2_a043ik42&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=6a11fcd7-d7a8-4f52-bb4e-19ab7e0a8c19&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Fri, 09 Dec 2022 04:59:06 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
lms-static.wgcdn.co/1648131357/dist/landing/videoback/eval.js
200 OK 177 B URL HTTP/2 lms-static.wgcdn.co/1648131357/dist/landing/videoback/eval.js
IP
ASN #199524 G-Core Labs S.A.
Hash ab56a375dc50a8ab25c09dd2116ebcd0
19ee177c451c354bedf9d355a34476134464d0be
a6b484f867056eb70f872f3e159a26591e2c653581553f9667946642f1c0759a
GET /1648131357/dist/landing/videoback/eval.js HTTP/1.1
Host: lms-static.wgcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:59:07 GMT
content-type: application/javascript
content-length: 177
last-modified: Fri, 01 Jul 2022 12:07:22 GMT
etag: "62bee37a-b1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-23T11:43:59+00:00
x-id: sto5-up-gc11
accept-ranges: bytes
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
302 Found 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=193606C12CB846AAA8B74EAB6D411B97&RedC=c.clarity.ms&MXFR=3D8AD923301B6B5419C6CB56341B6582
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=3D8AD923301B6B5419C6CB56341B6582; domain=.clarity.ms; expires=Wed, 03-Jan-2024 04:59:07 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Fri, 09 Dec 2022 04:59:06 GMT
content-length: 0
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=193606C12CB846AAA8B74EAB6D411B97&RedC=c.clarity.ms&MXFR=3D8AD923301B6B5419C6CB56341B6582
302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=193606C12CB846AAA8B74EAB6D411B97&RedC=c.clarity.ms&MXFR=3D8AD923301B6B5419C6CB56341B6582
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=193606C12CB846AAA8B74EAB6D411B97&RedC=c.clarity.ms&MXFR=3D8AD923301B6B5419C6CB56341B6582 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://join.worldoftanks.eu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=193606C12CB846AAA8B74EAB6D411B97&MUID=3C658E87B95E605E04D39CF2B8096107
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=3C658E87B95E605E04D39CF2B8096107; domain=c.bing.com; expires=Wed, 03-Jan-2024 04:59:07 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 329C846CDDF74A1C8AA3E725BE706A8A Ref B: OSL30EDGE0321 Ref C: 2022-12-09T04:59:07Z
date: Fri, 09 Dec 2022 04:59:07 GMT
content-length: 0
X-Firefox-Spdy: h2
lms-static.wgcdn.co/1648131357/dist/landing/videoback/sha3.js
200 OK 2.5 kB URL HTTP/2 lms-static.wgcdn.co/1648131357/dist/landing/videoback/sha3.js
IP
ASN #199524 G-Core Labs S.A.
Hash 982f446f7af0a64b220f050373bc6ae8
eac9a330cfc7e312238c1ef7b81f5fdb8ea445ed
dcee2eee687473350950e9dc4f8f4a6643d6f34e57a0beb7e06feee923ea551f
GET /1648131357/dist/landing/videoback/sha3.js HTTP/1.1
Host: lms-static.wgcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:59:07 GMT
content-type: application/javascript
last-modified: Fri, 01 Jul 2022 12:07:22 GMT
vary: Accept-Encoding
etag: W/"62bee37a-1704"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: gzip
cache: HIT
x-cached-since: 2022-11-28T18:17:45+00:00
x-id: sto5-up-gc11
X-Firefox-Spdy: h2
b.clarity.ms/collect
204 No Content 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1862
Origin: https://join.worldoftanks.eu
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://join.worldoftanks.eu
access-control-allow-credentials: true
date: Fri, 09 Dec 2022 04:59:08 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F111d6163-0ce5-4897-9a84-a9cefa74d2a9.jpeg
200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F111d6163-0ce5-4897-9a84-a9cefa74d2a9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e00cf5825452b2f69b0ac859dccb64ab
60aed079c48181cf46cef4d1aaa1c316a7ef7048
3aea2aa14407b6ac9d64d0f35111fec50f51632adfc39047c15bde4afd148a78
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F111d6163-0ce5-4897-9a84-a9cefa74d2a9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7694
x-amzn-requestid: 0c67138c-1a6d-49ef-bd43-f9a7176679ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c2LZjFjrIAMFUSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63925909-764272151a0a4d284c6cb1bb;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 21:37:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aaEYG20Wueg557qEBq46sSUl3-_HxgZA73s-kPo3GmYgWgrGgFPl_Q==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:59:58 GMT
age: 25151
etag: "60aed079c48181cf46cef4d1aaa1c316a7ef7048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.clarity.ms/tag/uet/26043906
200 OK 0 B URL HTTP/2 www.clarity.ms/tag/uet/26043906
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
GET /tag/uet/26043906 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=336bb37cf24f4b0f98dda624f266df23.20221209.20231209; expires=Sat, 09 Dec 2023 04:59:07 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
x-cache: CONFIG_NOCACHE
x-azure-ref: 0m8CSYwAAAACF1ex2NHNbQKkgEaz/TBMYU1ZHMjBFREdFMDUyMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Fri, 09 Dec 2022 04:59:07 GMT
X-Firefox-Spdy: h2
lms-static.wgcdn.co/1648131357/dist/landing/videoback/riddler.js
200 OK 0 B URL HTTP/2 lms-static.wgcdn.co/1648131357/dist/landing/videoback/riddler.js
IP
ASN #199524 G-Core Labs S.A.
GET /1648131357/dist/landing/videoback/riddler.js HTTP/1.1
Host: lms-static.wgcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:59:07 GMT
content-type: application/javascript
last-modified: Fri, 01 Jul 2022 12:07:22 GMT
vary: Accept-Encoding
etag: W/"62bee37a-4391"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: gzip
cache: HIT
x-cached-since: 2022-11-28T18:17:45+00:00
x-id: sto5-up-gc11
X-Firefox-Spdy: h2
www.adcryp.com/wp-content/uploads/2022/06/newspaper-rec300@2x.jpg
200 OK 0 B URL HTTP/2 www.adcryp.com/wp-content/uploads/2022/06/newspaper-rec300@2x.jpg
IP
GET /wp-content/uploads/2022/06/newspaper-rec300@2x.jpg HTTP/1.1
Host: www.adcryp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:59:01 GMT
content-type: image/jpeg
last-modified: Sat, 11 Jun 2022 08:23:43 GMT
accept-ranges: bytes
content-length: 264843
date: Fri, 09 Dec 2022 04:59:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
thirawogla.com/bm3iVx0.Pj3upevvb/m/V_JqZ-DG0v0/NqTJcEylMqjNApwjLVTsQA1wNJzGIgy/MbDOEu
200 OK 0 B URL HTTP/2 thirawogla.com/bm3iVx0.Pj3upevvb/m/V_JqZ-DG0v0/NqTJcEylMqjNApwjLVTsQA1wNJzGIgy/MbDOEu
IP
GET /bm3iVx0.Pj3upevvb/m/V_JqZ-DG0v0/NqTJcEylMqjNApwjLVTsQA1wNJzGIgy/MbDOEu HTTP/1.1
Host: thirawogla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://long.interestmoments.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:59:03 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
last-modified: Fri, 09 Dec 2022 04:59:03 GMT
x-frame-options: DENY
referrer-policy: no-referrer
p3p: CP="CUR ADM OUR NOR STA NID"
set-cookie: kadCCap=218665:1:1670219511;222582:1:1669973958;221398:1:1670525489;194136:1:1669413157;219047:1:1667194435;223255:1:1670393482;222513:1:1670219541;215297:1:1669786163;199455:1:1668245056;79610:1:1669272875;221352:1:1670163762;132751:1:1669884292;219484:1:1667715065;218693:1:1669515516;220335:1:1670435916;219652:1:1669330335;222775:1:1670485741;212269:1:1667199062;220790:1:1668460505; max-age=1702097943; path=/
kadACap=419303:1:1670398063;453831:1:1670506915;451724:1:1669565807;346329:1:1670226206;458045:1:1670528140;445506:1:1669286676;442019:1:1670498208;419291:1:1670459724;446714:1:1669965428;419299:1:1669735589;410252:1:1670471005;419295:1:1670440857;446013:1:1668228435;444748:1:1669841678;190964:1:1669272875;449523:1:1670210030;419293:1:1669526430;445499:1:1670164226;451139:1:1669898733;445735:1:1669286676;401659:1:1670416416;407100:1:1668246232;346327:1:1670484781;419323:1:1669947125;445788:1:1669918420;419301:1:1670560919;383700:1:1670440962;419321:1:1670561943;458041:1:1670526590;419297:1:1670425925;450649:1:1670060949;272913:1:1670219562;424441:1:1670396486;446531:1:1669270846; max-age=1702097943; path=/
kadCSCap=222775:1:1670485741;221398:1:1670525489; path=/
kadASCap=346327:1:1670484781;458041:1:1670526590;458045:1:1670528140;419301:1:1670560919;453831:1:1670506915;442019:1:1670498208;419321:1:1670561943; path=/
kadRPixJ=bnVsbA==; max-age=1702097943; path=/
kadUnP3=CAIQl/nKnAYaDQioiJcCEAIYi6nInAYaDQi4wZcCEAEYseTInAYaDQjgrZgCEAMYo9PHnAYaDQjzwZkBEAEYrabGnAYaDQj2iP8BEAIY/uzInAYaDQiatZYCEAEY7a3GnAYiCggDEAsYrabGnAYqDAiKqSgQAxij08ecBioMCIy9EhABGK2mxpwGKgwIuI4lEAIY/uzInAYqDAjoiCgQARjtrcacBioMCKSTKBACGIupyJwGKgwI/5ooEAEYseTInAY=; max-age=1702097943; path=/
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
lms-static.wgcdn.co/1648131357/dist/landing/videoback/vendors~app.97349e52.js
200 OK 0 B URL HTTP/2 lms-static.wgcdn.co/1648131357/dist/landing/videoback/vendors~app.97349e52.js
IP
ASN #199524 G-Core Labs S.A.
GET /1648131357/dist/landing/videoback/vendors~app.97349e52.js HTTP/1.1
Host: lms-static.wgcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:59:04 GMT
content-type: application/javascript
last-modified: Fri, 01 Jul 2022 12:07:22 GMT
vary: Accept-Encoding
etag: W/"62bee37a-2e3df"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: gzip
cache: HIT
x-cached-since: 2022-11-23T11:43:59+00:00
x-id: sto5-up-gc11
X-Firefox-Spdy: h2
s.yimg.com/wi/ytc.js
200 OK 0 B IP
GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Y3Gz9FlAhSDg+gV//NrkEYDrdbpUL1a4mCh8guPC64sw2a+2Gd1yhOZEfbVOC9c88RRE1HFekKs=
x-amz-request-id: V5PX5ZYMQZQRSP4V
date: Fri, 09 Dec 2022 04:28:02 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 1864
content-encoding: gzip
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.6.43/clarity.js
200 OK 0 B URL HTTP/2 www.clarity.ms/eus2/s/0.6.43/clarity.js
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
GET /eus2/s/0.6.43/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d9082948124e4c"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-azure-ref-originshield: 0Cw+SYwAAAABSSno95Ts3SIZgm9AMvk8DQU1TMDRFREdFMTkxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-azure-ref: 0m8CSYwAAAAAVMXQn5vcjQ4xH7kiA+38HU1ZHMjBFREdFMDUyMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Fri, 09 Dec 2022 04:59:07 GMT
X-Firefox-Spdy: h2
a1.adform.net/Serving/TrackPoint/?pm=2446135&ADFPageName=WOT%20-%20EU%20-%20Landing%20Page&ADFdivider=%7C&ord=142127157364&ADFtpmode=2&loc=https%3A%2F%2Fjoin.worldoftanks.eu%2F1648131357%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392c09853cc3e0001d5e460%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg%26enctid%3Dcox0sal9a4ex%26lpsn%3DWOT%2520WW%2520LMS%2520Videoback%2520Neutral%2520TP%2520542839%26foris%3D1%26teclient%3D1670561944488626193%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Ddyrd6ukh%26utm_content%3D1287&Set1=en-US%7Cen-US%7C1280x1024%7C24
302 Found 0 B URL HTTP/2 a1.adform.net/Serving/TrackPoint/?pm=2446135&ADFPageName=WOT%20-%20EU%20-%20Landing%20Page&ADFdivider=%7C&ord=142127157364&ADFtpmode=2&loc=https%3A%2F%2Fjoin.worldoftanks.eu%2F1648131357%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392c09853cc3e0001d5e460%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg%26enctid%3Dcox0sal9a4ex%26lpsn%3DWOT%2520WW%2520LMS%2520Videoback%2520Neutral%2520TP%2520542839%26foris%3D1%26teclient%3D1670561944488626193%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Ddyrd6ukh%26utm_content%3D1287&Set1=en-US%7Cen-US%7C1280x1024%7C24
IP
GET /Serving/TrackPoint/?pm=2446135&ADFPageName=WOT%20-%20EU%20-%20Landing%20Page&ADFdivider=%7C&ord=142127157364&ADFtpmode=2&loc=https%3A%2F%2Fjoin.worldoftanks.eu%2F1648131357%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392c09853cc3e0001d5e460%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg%26enctid%3Dcox0sal9a4ex%26lpsn%3DWOT%2520WW%2520LMS%2520Videoback%2520Neutral%2520TP%2520542839%26foris%3D1%26teclient%3D1670561944488626193%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Ddyrd6ukh%26utm_content%3D1287&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1
Host: a1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 09 Dec 2022 04:59:06 GMT
content-type: text/html; charset=utf-8
location: https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2446135&ADFPageName=WOT%20-%20EU%20-%20Landing%20Page&ADFdivider=%7C&ord=142127157364&ADFtpmode=2&loc=https%3A%2F%2Fjoin.worldoftanks.eu%2F1648131357%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D6392c09853cc3e0001d5e460%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDbiPjV4lFefAAHK6Nal4dNoLIHWjgphQ9NtELrriWfRO5mgFBDZomQNmVDi_0y_xGah-oWhypZhj6BPibwzFsgr6DurMOTJvj9XOp5Pjm88P-4BRuqFUWbHtvKHD_XV7gpERx81ftvf9zvg%26enctid%3Dcox0sal9a4ex%26lpsn%3DWOT%2520WW%2520LMS%2520Videoback%2520Neutral%2520TP%2520542839%26foris%3D1%26teclient%3D1670561944488626193%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Ddyrd6ukh%26utm_content%3D1287&Set1=en-US%7Cen-US%7C1280x1024%7C24
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Mon, 09-Jan-2023 04:59:06 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=11.5.1
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=11.5.1
IP
GET /css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=11.5.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.adcryp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 04:59:01 GMT
date: Fri, 09 Dec 2022 04:59:01 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Noto+Sans+KR:400,700|Roboto+Condensed:400,700&display=swap&subset=cyrillic,greek,vietnamese
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Noto+Sans+KR:400,700|Roboto+Condensed:400,700&display=swap&subset=cyrillic,greek,vietnamese
IP
GET /css?family=Noto+Sans+KR:400,700|Roboto+Condensed:400,700&display=swap&subset=cyrillic,greek,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 04:59:04 GMT
date: Fri, 09 Dec 2022 04:59:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
185.61.154.55
142.250.74.131
37.157.5.72
193.169.194.63
92.223.84.84
31.13.72.12
23.36.77.32
212.82.100.181
104.18.32.68
35.204.100.195
89.22.228.250