r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b782882bdabaf3b08e64120922b4a4b7
2035ed7fc9fb5b6ee9715601ba43de5f94d0c0e9
3fe7d1a9a55b86ec25d02634749ccfae11f3477033ba8cd7ac4131b7948ba619
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FE7D1A9A55B86EC25D02634749CCFAE11F3477033BA8CD7AC4131B7948BA619"
Last-Modified: Sat, 07 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16490
Expires: Mon, 09 Jan 2023 07:50:41 GMT
Date: Mon, 09 Jan 2023 03:15:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e4bdd77c0369662aa71ce2d01fd3edab
0ab1c5857e200e7e7946424c2c844537bfbb9775
a163c19fcc8fcf985e8df6ad4bd7ce73912b3df892d8236c70f9bc80820b26da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A163C19FCC8FCF985E8DF6AD4BD7CE73912B3DF892D8236C70F9BC80820B26DA"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19434
Expires: Mon, 09 Jan 2023 08:39:45 GMT
Date: Mon, 09 Jan 2023 03:15:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 89a058935fd04697c87e9441fbb466a9
59b5b08119374b1da34cff7e43a7c6dc80103f6e
3a3261f495323ff0f60067b2930b8d0e5e4e5cd6ae9b14929a88047587b735da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A3261F495323FF0F60067B2930B8D0E5E4E5CD6AE9B14929A88047587B735DA"
Last-Modified: Sat, 07 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2942
Expires: Mon, 09 Jan 2023 04:04:53 GMT
Date: Mon, 09 Jan 2023 03:15:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 09 Jan 2023 02:41:36 GMT
content-type: application/json
age: 2055
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: VCemO5jXMWJq6qr1nUm7W9RCa38QxZS4yuBBrfLVrZWi1dBOd1WHJydmR49BIZEcXDsHtZfGXF75bQOkjukKYg==
x-amz-request-id: W68CTM7WJP6MG5Y6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 09 Jan 2023 02:16:01 GMT
age: 3590
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 03:15:51 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ahlulbayt.pt/
217.160.0.111301 Moved Permanently 0 B IP 217.160.0.111:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: ahlulbayt.pt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Date: Mon, 09 Jan 2023 03:15:51 GMT
Server: Apache
X-Pingback: http://ahlulbayt.pt/xmlrpc.php
X-Redirect-By: WordPress
Location: https://ahlulbayt.pt/
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 09 Jan 2023 02:17:21 GMT
age: 3510
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 54ac41a005cad66e958c904071ea1d4f
66932889be57eb15ab99237a69d292b12090c68d
52545e144a7ca5c37c5369d5f5b566b4e5e820b1920ab7fe8e413e7fe022e21b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6495
Cache-Control: max-age=113953
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:15:52 GMT
Etag: "63ba87aa-1d7"
Expires: Tue, 10 Jan 2023 10:55:05 GMT
Last-Modified: Sun, 08 Jan 2023 09:06:50 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.160.184.41101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.184.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lJAOfRbgz5FXYEo5KeFSWg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: y7MeTwJHKUPGG7mWcRywB8WvAGs=
ahlulbayt.pt/wp-content/themes/smartline-lite/css/custom-fonts.css?ver=20180413
217.160.0.111200 OK 3.4 kB URL HTTP/2 ahlulbayt.pt/wp-content/themes/smartline-lite/css/custom-fonts.css?ver=20180413
IP 217.160.0.111:0
Hash bc7602e82f399255c995dfafb828ef41
f1580d1bb451aee4af8bcf481ee2deb6e2d061a3
9e392074b161453ffc42a1d02e9d11c17fe93eb8fa9c480dfff5a6a7fc371301
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/smartline-lite/css/custom-fonts.css?ver=20180413 HTTP/1.1
Host: ahlulbayt.pt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahlulbayt.pt/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 3402
date: Mon, 09 Jan 2023 03:15:52 GMT
server: Apache
last-modified: Wed, 04 May 2022 11:48:19 GMT
etag: "d4a-5de2e339f0502"
accept-ranges: bytes
X-Firefox-Spdy: h2
ahlulbayt.pt/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
217.160.0.111200 OK 95 kB URL HTTP/2 ahlulbayt.pt/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 217.160.0.111:0
File type ASCII text, with very long lines (47826)
Hash 71d925864153f0edf91037f3d31048e8
cc16a0524ac63b5ce29f703a66412224f0dd771a
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: ahlulbayt.pt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahlulbayt.pt/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 94889
date: Mon, 09 Jan 2023 03:15:52 GMT
server: Apache
last-modified: Wed, 16 Nov 2022 00:42:42 GMT
etag: "172a9-5ed8bc019e41a"
accept-ranges: bytes
X-Firefox-Spdy: h2
ahlulbayt.pt/wp-includes/css/classic-themes.min.css?ver=1
217.160.0.111200 OK 217 B URL HTTP/2 ahlulbayt.pt/wp-includes/css/classic-themes.min.css?ver=1
IP 217.160.0.111:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: ahlulbayt.pt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahlulbayt.pt/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 217
date: Mon, 09 Jan 2023 03:15:52 GMT
server: Apache
last-modified: Wed, 02 Nov 2022 12:29:35 GMT
etag: "d9-5ec7bfe50e473"
accept-ranges: bytes
X-Firefox-Spdy: h2
ahlulbayt.pt/wp-content/themes/smartline-lite/style.css?ver=1.6.7
217.160.0.111200 OK 48 kB URL HTTP/2 ahlulbayt.pt/wp-content/themes/smartline-lite/style.css?ver=1.6.7
IP 217.160.0.111:0
File type ASCII text, with very long lines (332)
Hash c7a439e4fb2ced848ef4e647c3d606b2
59b51b6dc15e6161deae67f223e0759b2621ebde
4f741233015f27f1063f36e8e18a3b9aae70415c7aa3be1e2d4d2d1701a486c9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/smartline-lite/style.css?ver=1.6.7 HTTP/1.1
Host: ahlulbayt.pt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahlulbayt.pt/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 47950
date: Mon, 09 Jan 2023 03:15:52 GMT
server: Apache
last-modified: Wed, 04 May 2022 11:48:19 GMT
etag: "bb4e-5de2e33a21241"
accept-ranges: bytes
X-Firefox-Spdy: h2
ahlulbayt.pt/wp-content/themes/smartline-lite/css/genericons/genericons.css?ver=3.4.1
217.160.0.111200 OK 28 kB URL HTTP/2 ahlulbayt.pt/wp-content/themes/smartline-lite/css/genericons/genericons.css?ver=3.4.1
IP 217.160.0.111:0
File type ASCII text, with very long lines (18732)
Hash 13a6500ddf36c6dd581877aefc78d34d
3ab844aaad6045edbe2da9e78c3c9f41599b67d6
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/smartline-lite/css/genericons/genericons.css?ver=3.4.1 HTTP/1.1
Host: ahlulbayt.pt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahlulbayt.pt/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 28266
date: Mon, 09 Jan 2023 03:15:52 GMT
server: Apache
last-modified: Wed, 04 May 2022 11:48:19 GMT
etag: "6e6a-5de2e339f0502"
accept-ranges: bytes
X-Firefox-Spdy: h2
ahlulbayt.pt/
217.160.0.111200 OK 16 kB IP 217.160.0.111:0
Hash 86cdff8832895f69be9cb976fce5acf7
bcb0c24625fa317715639bf28d3a35cc6dd74f51
7281c516cc350c21307373985a78fba64e691f15cece33eae62dd62cff7b5f26
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: ahlulbayt.pt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Mon, 09 Jan 2023 03:15:51 GMT
server: Apache
x-pingback: https://ahlulbayt.pt/xmlrpc.php
link: <https://ahlulbayt.pt/wp-json/>; rel="https://api.w.org/", <https://ahlulbayt.pt/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json", <https://ahlulbayt.pt/>; rel=shortlink
content-encoding: gzip
X-Firefox-Spdy: h2
ahlulbayt.pt/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
217.160.0.111200 OK 11 kB URL HTTP/2 ahlulbayt.pt/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 217.160.0.111:0
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: ahlulbayt.pt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahlulbayt.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 11224
date: Mon, 09 Jan 2023 03:15:52 GMT
server: Apache
last-modified: Wed, 02 Nov 2022 12:29:36 GMT
etag: "2bd8-5ec7bfe5e51f6"
accept-ranges: bytes
X-Firefox-Spdy: h2
ahlulbayt.pt/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
217.160.0.111200 OK 93 kB URL HTTP/2 ahlulbayt.pt/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 217.160.0.111:0
File type ASCII text, with very long lines (62390)
Hash ebaca2974217e59e78d51a96bfd5137b
ce4723ad69f5f008ddbecd87bfa4b733b46c4458
52f444118d7a1a4cb1ba7c947b7b26fc130584b35e8dc8bc7b2b6c4ab28ed272
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: ahlulbayt.pt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahlulbayt.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 92741
date: Mon, 09 Jan 2023 03:15:52 GMT
server: Apache
last-modified: Sat, 19 Nov 2022 18:04:05 GMT
etag: "16a45-5edd6a5e5b383"
accept-ranges: bytes
X-Firefox-Spdy: h2
ahlulbayt.pt/wp-content/themes/smartline-lite/js/navigation.js?ver=20210324
217.160.0.111200 OK 3.7 kB URL HTTP/2 ahlulbayt.pt/wp-content/themes/smartline-lite/js/navigation.js?ver=20210324
IP 217.160.0.111:0
Hash 86c44c32608dd9264d6640f28e0df7d2
e4568a6ab0afaa6e183badf34e6f954595d715bc
df1cd897a8fcbbbdb29751a0c5456a95d0883f9b68bd5cc5ddc4d052ed576c89
GET /wp-content/themes/smartline-lite/js/navigation.js?ver=20210324 HTTP/1.1
Host: ahlulbayt.pt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahlulbayt.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3690
date: Mon, 09 Jan 2023 03:15:52 GMT
server: Apache
last-modified: Wed, 04 May 2022 11:48:19 GMT
etag: "e6a-5de2e33a0aae1"
accept-ranges: bytes
X-Firefox-Spdy: h2
ahlulbayt.pt/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=14.1.4.1
217.160.0.111200 OK 14 kB URL HTTP/2 ahlulbayt.pt/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=14.1.4.1
IP 217.160.0.111:0
File type ASCII text, with very long lines (1003)
Hash ef3c5f6aad28fe4ab35afb15dc877673
5a2d5bc00843567703ca2ad699b2a5ecefc6a960
b44b18e9a6cced6ba24a25855c23095283dba1ddfad87bc68859d87463eac07f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=14.1.4.1 HTTP/1.1
Host: ahlulbayt.pt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahlulbayt.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 13817
date: Mon, 09 Jan 2023 03:15:52 GMT
server: Apache
last-modified: Tue, 01 Nov 2022 00:10:50 GMT
etag: "35f9-5ec5d8e83da89"
accept-ranges: bytes
X-Firefox-Spdy: h2
ahlulbayt.pt/wp-content/plugins/real-time-auto-find-and-replace/assets/js/rtafar.local.js?ver=1.4.2
217.160.0.111200 OK 19 B URL HTTP/2 ahlulbayt.pt/wp-content/plugins/real-time-auto-find-and-replace/assets/js/rtafar.local.js?ver=1.4.2
IP 217.160.0.111:0
File type ASCII text, with no line terminators
Hash 8102dc9eee0565de28649497220d8d17
a32963be36656f3dd149892540138913bc88de6c
51ff2b4b46acab057eba32dc5fbd0bcf410f0ad2bb75d7a92b230bc627d930d6
GET /wp-content/plugins/real-time-auto-find-and-replace/assets/js/rtafar.local.js?ver=1.4.2 HTTP/1.1
Host: ahlulbayt.pt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahlulbayt.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 19
date: Mon, 09 Jan 2023 03:15:52 GMT
server: Apache
last-modified: Mon, 21 Nov 2022 14:48:38 GMT
etag: "13-5edfc26903d9a"
accept-ranges: bytes
X-Firefox-Spdy: h2
ahlulbayt.pt/wp-content/plugins/real-time-auto-find-and-replace/assets/js/rtafar.app.min.js?ver=1.4.2
217.160.0.111200 OK 284 B URL HTTP/2 ahlulbayt.pt/wp-content/plugins/real-time-auto-find-and-replace/assets/js/rtafar.app.min.js?ver=1.4.2
IP 217.160.0.111:0
File type ASCII text, with no line terminators
Hash ee8d027af6413658e42eec5c8b2773e6
6f4d09aa64412ddeed152635b803b114e90aab5a
70664b2f62a87e01985064566c6f36eb4d27e071c9fefda7848303786b01c42b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/real-time-auto-find-and-replace/assets/js/rtafar.app.min.js?ver=1.4.2 HTTP/1.1
Host: ahlulbayt.pt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahlulbayt.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 284
date: Mon, 09 Jan 2023 03:15:52 GMT
server: Apache
last-modified: Mon, 21 Nov 2022 14:48:38 GMT
etag: "11c-5edfc26902dfa"
accept-ranges: bytes
X-Firefox-Spdy: h2
ahlulbayt.pt/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=14.1.4.1
217.160.0.111200 OK 3.1 kB URL HTTP/2 ahlulbayt.pt/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=14.1.4.1
IP 217.160.0.111:0
File type HTML document, ASCII text, with very long lines (3102)
Hash eb4b89beeb46187d0fe50838c2cfdc4d
784d1bf5af84c22ef434ce64ed4c20a9ad19929b
d8be3a402a3b2ad808402cea111ba3d286239d88e06c8e2969c84f46050dc88a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=14.1.4.1 HTTP/1.1
Host: ahlulbayt.pt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahlulbayt.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3103
date: Mon, 09 Jan 2023 03:15:52 GMT
server: Apache
last-modified: Tue, 01 Nov 2022 00:10:50 GMT
etag: "c1f-5ec5d8e83bb49"
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4a6cb290a02dd826275da6a74cb19bc7
26356170f32dcaae95cbc61d25d62f576e9000ea
4d975717252ff37d70cf1b7d3675449f845ffedf62af0220207d2668c9a38c60
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D975717252FF37D70CF1B7D3675449F845FFEDF62AF0220207D2668C9A38C60"
Last-Modified: Fri, 06 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21571
Expires: Mon, 09 Jan 2023 09:15:23 GMT
Date: Mon, 09 Jan 2023 03:15:52 GMT
Connection: keep-alive
record.findtrustclicks.com/sort.js?v=7.2.2
89.22.228.250200 OK 1.6 kB URL HTTP/1.1 record.findtrustclicks.com/sort.js?v=7.2.2
IP 89.22.228.250:0
File type ASCII text, with very long lines (4204), with no line terminators
Hash 240955a18e7f3ae327e2306c896cd951
0a1fe7f61b4989c537940a3bdfce3621edae23cc
28c95c49023d438a63df21c7f7d717fcc571628860a3a3be361932f80af668f6
GET /sort.js?v=7.2.2 HTTP/1.1
Host: record.findtrustclicks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahlulbayt.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 03:15:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Last-Modified: Fri, 09 Dec 2022 11:46:49 GMT
ETag: W/"106c-5ef63b57c68ec"
Content-Encoding: gzip
ahlulbayt.pt/wp-content/themes/smartline-lite/images/background.png
217.160.0.111200 OK 2.8 kB URL HTTP/2 ahlulbayt.pt/wp-content/themes/smartline-lite/images/background.png
IP 217.160.0.111:0
File type PNG image data, 1 x 2, 8-bit/color RGBA, non-interlaced\012- data
Hash 97ca6b6c6f423cb895b7871ad8c07cec
19636816d1f9993f816c0d6944d3d5a3f8de0528
97212b12104c856919d44f21b8cbecd7397e7ef9e698fa6a14b692a5408c302a
GET /wp-content/themes/smartline-lite/images/background.png HTTP/1.1
Host: ahlulbayt.pt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahlulbayt.pt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2798
date: Mon, 09 Jan 2023 03:15:52 GMT
server: Apache
last-modified: Wed, 04 May 2022 11:48:19 GMT
etag: "aee-5de2e339f91a2"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 53e4963971e19408d4cf264bd653599d
271fa6d9b5843b97d579a713fbb48b388c61eba0
c3245e3793f7aab542ba2b4b719f5145a45ba29d536456ad629a364ab2df400b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:15:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ahlulbayt.pt/wp-content/themes/smartline-lite/fonts/bitter-v12-latin-ext_latin-regular.woff2
217.160.0.111200 OK 30 kB URL HTTP/2 ahlulbayt.pt/wp-content/themes/smartline-lite/fonts/bitter-v12-latin-ext_latin-regular.woff2
IP 217.160.0.111:0
File type Web Open Font Format (Version 2), TrueType, length 29908, version 1.0\012- data
Hash 42271593e6fa7095137bc58b7bb1dd64
edeaa4a18332f8b4760152f8c25a8f2ee1d00843
bfa6a79991e41c418410bb1a54ade84eb30c783d6c72e382256f10716b82d312
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/smartline-lite/fonts/bitter-v12-latin-ext_latin-regular.woff2 HTTP/1.1
Host: ahlulbayt.pt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ahlulbayt.pt/wp-content/themes/smartline-lite/css/custom-fonts.css?ver=20180413
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-length: 29908
date: Mon, 09 Jan 2023 03:15:52 GMT
server: Apache
last-modified: Wed, 04 May 2022 11:48:19 GMT
etag: "74d4-5de2e339f62c2"
accept-ranges: bytes
X-Firefox-Spdy: h2
ahlulbayt.pt/wp-content/themes/smartline-lite/fonts/raleway-v12-latin-ext_latin-regular.woff2
217.160.0.111200 OK 32 kB URL HTTP/2 ahlulbayt.pt/wp-content/themes/smartline-lite/fonts/raleway-v12-latin-ext_latin-regular.woff2
IP 217.160.0.111:0
File type Web Open Font Format (Version 2), TrueType, length 32100, version 1.0\012- data
Hash c1bd33e805a88f721aff01ca0b5d6acb
a8f76b89be9e9384802db04cf35a93a9fd47964d
704d418b7b3efa6f1870d409134b9c6b80fc5f5f38b46a68aee496388a6bbd48
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/smartline-lite/fonts/raleway-v12-latin-ext_latin-regular.woff2 HTTP/1.1
Host: ahlulbayt.pt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ahlulbayt.pt/wp-content/themes/smartline-lite/css/custom-fonts.css?ver=20180413
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-length: 32100
date: Mon, 09 Jan 2023 03:15:52 GMT
server: Apache
last-modified: Wed, 04 May 2022 11:48:19 GMT
etag: "7d64-5de2e339f7262"
accept-ranges: bytes
X-Firefox-Spdy: h2
ahlulbayt.pt/wp-content/themes/smartline-lite/fonts/bitter-v12-latin-ext_latin-700.woff2
217.160.0.111200 OK 9.9 kB URL HTTP/2 ahlulbayt.pt/wp-content/themes/smartline-lite/fonts/bitter-v12-latin-ext_latin-700.woff2
IP 217.160.0.111:0
File type Web Open Font Format (Version 2), TrueType, length 9864, version 1.0\012- data
Hash a1544858bf891763c54dd5b46b72d572
04d8e8f6832e9bacd128834032d321556b20348b
7e6537ea312b530bc7790d19a283e1baa54fa2c1cfa61f17c8d5794bff159e9a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/smartline-lite/fonts/bitter-v12-latin-ext_latin-700.woff2 HTTP/1.1
Host: ahlulbayt.pt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ahlulbayt.pt/wp-content/themes/smartline-lite/css/custom-fonts.css?ver=20180413
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-length: 9864
date: Mon, 09 Jan 2023 03:15:52 GMT
server: Apache
last-modified: Wed, 04 May 2022 11:48:19 GMT
etag: "2688-5de2e339f62c2"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.youtube.com/s/player/e5f6cbd5/www-player.css
142.250.74.46200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/e5f6cbd5/www-player.css
IP 142.250.74.46:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6b1464acd0042e69d9b42545b2475ade
fbb758851b19297ae248005196ce125af86bbceb
a41ea67f5651721d99d5af76b63d8286da883c9a5c8de0b06ad590cf35099740
GET /s/player/e5f6cbd5/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/kZ9ouChqfKQ?enablejsapi=1&autoplay=1&cc_load_policy=0&cc_lang_pref=&iv_load_policy=1&loop=0&modestbranding=1&rel=1&fs=1&playsinline=0&autohide=2&theme=dark&color=red&controls=1&
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49906
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 09 Jan 2023 00:04:45 GMT
expires: Tue, 09 Jan 2024 00:04:45 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
content-type: text/css
age: 11467
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/www-embed-player.js
142.250.74.46200 OK 109 kB URL HTTP/2 www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (679)
Size 109 kB (109069 bytes)
Hash de70cca71a002835d2d2e36d34adc509
19df5ef5e91da5a7ac9ac6d58ed26eb39aa65425
53068fee4e27a994ee67cea47396a03452d3fa6e8b63fe6ca2e110c2f36f5e43
GET /s/player/e5f6cbd5/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/kZ9ouChqfKQ?enablejsapi=1&autoplay=1&cc_load_policy=0&cc_lang_pref=&iv_load_policy=1&loop=0&modestbranding=1&rel=1&fs=1&playsinline=0&autohide=2&theme=dark&color=red&controls=1&
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 109069
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 08 Jan 2023 15:14:36 GMT
expires: Mon, 08 Jan 2024 15:14:36 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
content-type: text/javascript
age: 43276
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/e5f6cbd5/fetch-polyfill.vflset/fetch-polyfill.js
142.250.74.46200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/e5f6cbd5/fetch-polyfill.vflset/fetch-polyfill.js
IP 142.250.74.46:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/e5f6cbd5/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/kZ9ouChqfKQ?enablejsapi=1&autoplay=1&cc_load_policy=0&cc_lang_pref=&iv_load_policy=1&loop=0&modestbranding=1&rel=1&fs=1&playsinline=0&autohide=2&theme=dark&color=red&controls=1&
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 08 Jan 2023 12:03:23 GMT
expires: Mon, 08 Jan 2024 12:03:23 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
content-type: text/javascript
age: 54749
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/en_US/base.js
142.250.74.46200 OK 610 kB URL HTTP/2 www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/en_US/base.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (517)
Size 610 kB (610118 bytes)
Hash a13da9969baf95d1681d9628b5e4b2d5
e4eec7bb9a5e8ffce24b8f2de3d2e201d71850e5
4ceb577159cf250ae9a1e90a381eb3eefbef311f948947feaef3d40429cc8810
GET /s/player/e5f6cbd5/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/kZ9ouChqfKQ?enablejsapi=1&autoplay=1&cc_load_policy=0&cc_lang_pref=&iv_load_policy=1&loop=0&modestbranding=1&rel=1&fs=1&playsinline=0&autohide=2&theme=dark&color=red&controls=1&
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 610118
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 07 Jan 2023 02:43:13 GMT
expires: Sun, 07 Jan 2024 02:43:13 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
content-type: text/javascript
age: 174759
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e1e48825c32b95b588d0b4407f9f5026
c153d356925c190e81795092baae537623f7ef45
134f6c0acbf287dbf28633f2ddbb060fba42f6bbfdb923b16c2bdd1de855c518
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "134F6C0ACBF287DBF28633F2DDBB060FBA42F6BBFDB923B16C2BDD1DE855C518"
Last-Modified: Fri, 06 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14620
Expires: Mon, 09 Jan 2023 07:19:32 GMT
Date: Mon, 09 Jan 2023 03:15:52 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 53e4963971e19408d4cf264bd653599d
271fa6d9b5843b97d579a713fbb48b388c61eba0
c3245e3793f7aab542ba2b4b719f5145a45ba29d536456ad629a364ab2df400b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:15:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:15:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:15:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jan 2023 21:48:03 GMT
expires: Fri, 05 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 278869
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jan 2023 16:40:43 GMT
expires: Fri, 05 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 297309
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:15:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
way.specialblueitems.com/qqJVYyyv?&se_referrer=&default_keyword=Ahlulbayt%20Association%20%E2%80%93%20All%20your%20solutions%20in%20a%20box!&&frm639317151a8ac=script639317151a8ae&_cid=cd0fa365-cd5a-1ed9-e213-8e1ce3b6bb97
159.69.234.10200 OK 961 B URL HTTP/1.1 way.specialblueitems.com/qqJVYyyv?&se_referrer=&default_keyword=Ahlulbayt%20Association%20%E2%80%93%20All%20your%20solutions%20in%20a%20box!&&frm639317151a8ac=script639317151a8ae&_cid=cd0fa365-cd5a-1ed9-e213-8e1ce3b6bb97
IP 159.69.234.10:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2108), with no line terminators
Hash 33841c02138297a900cbd2fa27d9d0cb
605e6ecd07f1a2033f68fb0973d7e9fc9503c89d
436a0cbd784ad7d0e905acb0a67ec40a1f4195701de513935947854c9a313014
GET /qqJVYyyv?&se_referrer=&default_keyword=Ahlulbayt%20Association%20%E2%80%93%20All%20your%20solutions%20in%20a%20box!&&frm639317151a8ac=script639317151a8ae&_cid=cd0fa365-cd5a-1ed9-e213-8e1ce3b6bb97 HTTP/1.1
Host: way.specialblueitems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahlulbayt.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 03:15:52 GMT
Content-Type: application/javascript
Content-Length: 961
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Expires: 0
Pragma: no-cache
Set-Cookie: _subid=s8hnpa1ujh64;Expires=Thursday, 09-Feb-2023 03:15:52 GMT;Max-Age=2678400;Path=/
674be=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjZcIjoxNjczMjM0MTUyfSxcImNhbXBhaWduc1wiOntcIjJcIjoxNjczMjM0MTUyfSxcInRpbWVcIjoxNjczMjM0MTUyfSJ9.pDDvALs9abDeX2dyqryrPImO8utwxZexk0f3oxY1F-Q;Expires=Saturday, 18-Jan-2076 06:31:44 GMT;Max-Age=1673320552;Path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
ahlulbayt.pt/wp-content/uploads/2022/08/cropped-AAP-Logo-4-192x192.png
217.160.0.111200 OK 15 kB URL HTTP/2 ahlulbayt.pt/wp-content/uploads/2022/08/cropped-AAP-Logo-4-192x192.png
IP 217.160.0.111:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 1d76df3e901dca793e07cf1c8ceaebfc
62c8b3479312eb9d54dfc635a428ca8106f039eb
fdf95e97a0b08b6ec791ca9391f76cb6789b53e4df740d566794437f8af84ae1
GET /wp-content/uploads/2022/08/cropped-AAP-Logo-4-192x192.png HTTP/1.1
Host: ahlulbayt.pt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahlulbayt.pt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 14774
date: Mon, 09 Jan 2023 03:15:52 GMT
server: Apache
last-modified: Sat, 27 Aug 2022 13:10:53 GMT
etag: "39b6-5e738c2a9de8f"
accept-ranges: bytes
X-Firefox-Spdy: h2
ahlulbayt.pt/wp-content/uploads/2022/08/cropped-AAP-Logo-4-32x32.png
217.160.0.111200 OK 977 B URL HTTP/2 ahlulbayt.pt/wp-content/uploads/2022/08/cropped-AAP-Logo-4-32x32.png
IP 217.160.0.111:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash f5b9cb2326b47e2cd5161dbdc8754ed3
1a8595393ea4df3f3370c96a44fb4d5ffbeee01c
5186e12158bad70dd4a2f28fa041bc008067c771af903e78380b015e50ec40b6
GET /wp-content/uploads/2022/08/cropped-AAP-Logo-4-32x32.png HTTP/1.1
Host: ahlulbayt.pt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahlulbayt.pt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 977
date: Mon, 09 Jan 2023 03:15:52 GMT
server: Apache
last-modified: Sat, 27 Aug 2022 13:10:53 GMT
etag: "3d1-5e738c2aa5b8f"
accept-ranges: bytes
X-Firefox-Spdy: h2
way.specialblueitems.com/rs1TzB?&se_referrer=&default_keyword=Ahlulbayt%20Association%20%E2%80%93%20All%20your%20solutions%20in%20a%20box!&&frm63a6f90168315=script63a6f90168317&_cid=af444712-52bd-97d0-fa32-a615f5029a09
159.69.234.10200 OK 2.2 kB URL HTTP/1.1 way.specialblueitems.com/rs1TzB?&se_referrer=&default_keyword=Ahlulbayt%20Association%20%E2%80%93%20All%20your%20solutions%20in%20a%20box!&&frm63a6f90168315=script63a6f90168317&_cid=af444712-52bd-97d0-fa32-a615f5029a09
IP 159.69.234.10:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (6273), with no line terminators
Hash 8a1de5a404ee1415da04c2d25703fbf1
6c72689d2d3d6c65ed8aaafb36c5196bcd1681f5
fd76767b7cc9c3185049d88d70f76d5ba89f9f2776839e6a85a38d5ec3bfa4d3
GET /rs1TzB?&se_referrer=&default_keyword=Ahlulbayt%20Association%20%E2%80%93%20All%20your%20solutions%20in%20a%20box!&&frm63a6f90168315=script63a6f90168317&_cid=af444712-52bd-97d0-fa32-a615f5029a09 HTTP/1.1
Host: way.specialblueitems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahlulbayt.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 03:15:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Expires: 0
Pragma: no-cache
Set-Cookie: _subid=s8hnpa1ujh69;Expires=Thursday, 09-Feb-2023 03:15:52 GMT;Max-Age=2678400;Path=/
674be=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4XCI6MTY3MzIzNDE1Mn0sXCJjYW1wYWlnbnNcIjp7XCI2XCI6MTY3MzIzNDE1Mn0sXCJ0aW1lXCI6MTY3MzIzNDE1Mn0ifQ.Nsif19pjCffJkkpBAzHUaAWjeiOLEqjnGM1fygtFplk;Expires=Saturday, 18-Jan-2076 06:31:44 GMT;Max-Age=1673320552;Path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14844
Expires: Mon, 09 Jan 2023 07:23:17 GMT
Date: Mon, 09 Jan 2023 03:15:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14844
Expires: Mon, 09 Jan 2023 07:23:17 GMT
Date: Mon, 09 Jan 2023 03:15:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14844
Expires: Mon, 09 Jan 2023 07:23:17 GMT
Date: Mon, 09 Jan 2023 03:15:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14844
Expires: Mon, 09 Jan 2023 07:23:17 GMT
Date: Mon, 09 Jan 2023 03:15:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca7956cf-b613-4307-88cb-8cc1a3fda11c.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca7956cf-b613-4307-88cb-8cc1a3fda11c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa9ed964b2f5f08ec571b525992f1566
9de0dfe9d1018726f1504b26964629f419700a49
d75747ac8726cbbe7583c48c2522cecc0c3ed6a0fa3694513c694876847b5944
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca7956cf-b613-4307-88cb-8cc1a3fda11c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9594
x-amzn-requestid: 7844d69e-b683-47ed-8ad8-a26f67916de1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eJ4BbFjnIAMFhSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b3d3a2-6da6fede0b33969b774aab38;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 07:05:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1h_UiB89mG6qQdHyosgLG4MYT3KBOyDxLsBCuKuK7smmTWAiEsncxw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 11:12:45 GMT
age: 57788
etag: "9de0dfe9d1018726f1504b26964629f419700a49"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ahlulbayt.pt/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
217.160.0.111200 OK 13 kB URL HTTP/2 ahlulbayt.pt/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 217.160.0.111:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0b75a93b9f0106516f046eb424b0c8d9
c9509f976390441bbd3bd7521cb1848f4f481fd0
0b69fd368ef68510387a871acfffe82afc4414163c661f76e574dffdcc94104a
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: ahlulbayt.pt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahlulbayt.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 21674
date: Mon, 09 Jan 2023 03:15:52 GMT
server: Apache
last-modified: Sat, 19 Nov 2022 18:04:07 GMT
etag: "54aa-5edd6a5fb7da7"
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3da56b86-257e-4200-9c4e-d78ca75d157a.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3da56b86-257e-4200-9c4e-d78ca75d157a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05c925afd89f8c0dd28b53c14962f226
52330772956e0f43c5547af9ba001fd11e97e7a7
085b951245d279ef8722476a94c6217aa5806b35a133c3b2e97bc631529ed515
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3da56b86-257e-4200-9c4e-d78ca75d157a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7391
x-amzn-requestid: 30586447-c1cd-4865-aee3-9cc3326268e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWhuGGZsoAMFl4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8e326-5b9b050a19f5fcdc578a78fc;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 03:12:38 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: sfWW94XIo92bKb3Cu-MHbEY8y2z2fGVcQMgCUO8vdsOCZLE4PCBfPQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 50faaaa196a6b0875217ef7827f97d7c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 03:31:56 GMT
age: 85437
etag: "52330772956e0f43c5547af9ba001fd11e97e7a7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e2e4caa-f18f-43f7-bbce-461d21b07be2.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e2e4caa-f18f-43f7-bbce-461d21b07be2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2afe6c3864f4dd4661cdf28d845e8a95
431f560fc40b5de4881e5e4692672c977915afd1
040f2289b10935f9c7fc054092153a02e5cb132cbe72f6a53802eab9a2415c4d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e2e4caa-f18f-43f7-bbce-461d21b07be2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8929
x-amzn-requestid: b13a1539-130b-4a12-94e8-3e624eb12e8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eJ4FdHNkIAMFlnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b3d3bc-43ec5dcf3921d6247324f994;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 07:05:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QSEl29JtaoxSMIoqxodoFcSbo1muCHaYN-j0HzVCs9a-XgFYHdA6GQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 12:25:51 GMT
age: 53402
etag: "431f560fc40b5de4881e5e4692672c977915afd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a23d61d610c7b55d943fcb2636a01b65
82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065
28bf3039cc8c1213e64893c71bc150eda573223feb2cc15ad0814a44960d434a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9539
x-amzn-requestid: 9f388939-cfb7-432e-a921-e9188736bb45
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eTw5QGZ6oAMFxQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7c83b-4f9d5bfc30e5ee126333d54e;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 07:05:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: b85TTh5GZmQqmHRmmdz9bAw6COe0CeTyHotfElj0qpL9H051dywT3Q==
via: 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 09:29:35 GMT
age: 63978
etag: "82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f2b50a0-7eb4-4513-84d9-bef528bd99f3.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f2b50a0-7eb4-4513-84d9-bef528bd99f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 23b87f42d40f3cc7bc9f46964e83d787
400474fb7b7d241935f5a5745281e6d95902581c
5a2818d70f4304bb2ed26ad0fe1658bc130aff43e11c60e0abac8be6e51836c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f2b50a0-7eb4-4513-84d9-bef528bd99f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8284
x-amzn-requestid: 5c9f2c93-3275-489c-9583-0e339a1f6fcb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWhZ8FhcIAMFy-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8e2a5-500bb3d46026ba1f5371f98f;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 03:10:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 6rp8e_-TjvGBEgszRGgfln9tZHhN4TBXjjmWEE2-hy2uJAtOiO-b3Q==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 04:06:10 GMT
age: 83383
etag: "400474fb7b7d241935f5a5745281e6d95902581c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 71f1ea27bae2b2487abec94bf0cb2437
e23d2bd931d72c7bc3a1ed0ed1bfaf90a0316cf1
eb3d71db2a2b8b4d2cffc06b3137c4a06a7ea192ac9e1d20bfad8b23a3e2191c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB3D71DB2A2B8B4D2CFFC06B3137C4A06A7EA192AC9E1D20BFAD8B23A3E2191C"
Last-Modified: Fri, 06 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10208
Expires: Mon, 09 Jan 2023 06:06:01 GMT
Date: Mon, 09 Jan 2023 03:15:53 GMT
Connection: keep-alive
long.interestmoments.com/go/fl-way.php?id=8568-11-4563432&pid=098
193.169.194.63302 Found 0 B URL HTTP/1.1 long.interestmoments.com/go/fl-way.php?id=8568-11-4563432&pid=098
IP 193.169.194.63:0
ASN #50321 FOP Reznichenko Sergey Mykolayovich
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/fl-way.php?id=8568-11-4563432&pid=098 HTTP/1.1
Host: long.interestmoments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahlulbayt.pt/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 09 Jan 2023 03:15:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://long.interestmoments.com/go/away.php?id=16477-22-569654345
Access-Control-Allow-Origin: *
long.interestmoments.com/go/away.php?id=16477-22-569654345
193.169.194.63302 Found 0 B URL HTTP/1.1 long.interestmoments.com/go/away.php?id=16477-22-569654345
IP 193.169.194.63:0
ASN #50321 FOP Reznichenko Sergey Mykolayovich
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/away.php?id=16477-22-569654345 HTTP/1.1
Host: long.interestmoments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ahlulbayt.pt/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 09 Jan 2023 03:15:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://long.interestmoments.com/go/away.php?id=987730385-23-683234&pid=7856&lid=07882367658&jid=67852&from=Spaniel
Access-Control-Allow-Origin: *
long.interestmoments.com/go/away.php?id=987730385-23-683234&pid=7856&lid=07882367658&jid=67852&from=Spaniel
193.169.194.63200 OK 440 B URL HTTP/1.1 long.interestmoments.com/go/away.php?id=987730385-23-683234&pid=7856&lid=07882367658&jid=67852&from=Spaniel
IP 193.169.194.63:0
ASN #50321 FOP Reznichenko Sergey Mykolayovich
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash d282386a919dab7821ecb8af2c2be991
cb29f509dd65f520b4b8d72ee0c2b560a2c360b0
6403ec35140c92ba51786815e1505a33606ae5e76f33d13e5f64ed83ff5c2179
GET /go/away.php?id=987730385-23-683234&pid=7856&lid=07882367658&jid=67852&from=Spaniel HTTP/1.1
Host: long.interestmoments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ahlulbayt.pt/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 03:15:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash e9f049054f4b5a76149be189184292d5
a4fcaa71da2ef40ebb1d86cc88309e9314554374
de35a7ce22ec13e4f9b8f98ae5a061e70ab26c92e8503a97b6ac05d9d9d70f34
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 09 Jan 2023 03:15:54 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 08 Jan 2023 22:20:30 GMT
Expires: Mon, 09 Jan 2023 22:20:30 GMT
ETag: "a4fcaa71da2ef40ebb1d86cc88309e9314554374"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
track.wg-aff.com/click?pid=1287&offer_id=29&ref_id=iv8hu2tz159uh0c6podj&sub1=EZ46KGBJ6R
35.204.100.195302 Found 0 B URL HTTP/2 track.wg-aff.com/click?pid=1287&offer_id=29&ref_id=iv8hu2tz159uh0c6podj&sub1=EZ46KGBJ6R
IP 35.204.100.195:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=1287&offer_id=29&ref_id=iv8hu2tz159uh0c6podj&sub1=EZ46KGBJ6R HTTP/1.1
Host: track.wg-aff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 09 Jan 2023 03:15:54 GMT
content-length: 0
location: https://trck.wargaming.net/tuiznkdg/?t=1&pub_id=1287&xid=63bb86ea4676e70001a6e804&xid_param1=EZ46KGBJ6R&xid_param_2=
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=63bb86ea4676e70001a6e804; expires=Tue, 09 Jan 2024 03:15:54 GMT; secure; SameSite=None
afoffers={"29":1673234154}; expires=Tue, 09 Jan 2024 03:15:54 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 001d496ab3b628f4e0325970b8c4f4e6
a7eb0b8753903abcfbba40f880e7bc659e6a5f44
43fe54a285e45bbdf8255aef427e96f493531c4830fda73b2a143ba1eba1b8c3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6042
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:15:54 GMT
Last-Modified: Mon, 09 Jan 2023 01:35:13 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
trck.wargaming.net/tuiznkdg/?t=1&pub_id=1287&xid=63bb86ea4676e70001a6e804&xid_param1=EZ46KGBJ6R&xid_param_2=
92.223.23.231301 Moved Permanently 22 B URL HTTP/1.1 trck.wargaming.net/tuiznkdg/?t=1&pub_id=1287&xid=63bb86ea4676e70001a6e804&xid_param1=EZ46KGBJ6R&xid_param_2=
IP 92.223.23.231:0
ASN #199524 G-Core Labs S.A.
File type ASCII text, with no line terminators
Hash 0e0bf67572311f8a23814419ff24ee9a
78328dfc54708433cdfb3e7857e57f87ec443b08
c5f6c267ba4a2964fff5d304d4a1e79c371ce30d32eaf017b3bb40becccd58d2
GET /tuiznkdg/?t=1&pub_id=1287&xid=63bb86ea4676e70001a6e804&xid_param1=EZ46KGBJ6R&xid_param_2= HTTP/1.1
Host: trck.wargaming.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 09 Jan 2023 03:15:54 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 22
Connection: keep-alive
Location: https://join.worldoftanks.eu/1631088899/no/?t=1&pub_id=1287&xid=63bb86ea4676e70001a6e804&xid_param1=EZ46KGBJ6R&xid_param_2=&sid=SIDcIA3jCDY1UqJmB41X3CQC_GAfS8KHKzHAwCY37enkM2qnWDBuf_AaLHfWH1VEADE0HRxfW-XdDSUa8fF-SpzcsgAOFKqZWFjqAB4Fc9UJGuDn7TqXI6f9unLh4bY8BcWYr4SpMCpo06ZpBI&enctid=cpnc074n78n3&lpsn=WOT+ONGOING+LMS+WW+ACQ+Invite+Code+4+WOTHQ-2294&foris=1&teclient=1673234154949453359&utm_source=wlap&utm_medium=affiliate&utm_campaign=tuiznkdg&utm_content=1287
Set-Cookie: STIDREFERRAL=SIDcIA3jCDY1UqJmB41X3CQC_GAfS8KHKzHAwCY37enkM2qnWDBuf_AaLHfWH1VEADE0HRxfW-XdDSUa8fF-SpzcsgAOFKqZWFjqAB4Fc9UJGuDn7TqXI6f9unLh4bY8BcWYr4SpMCpo06ZpBI; Domain=wargaming.net; Max-Age=2592000; Path=/; SameSite=None; Secure
enctid=cpnc074n78n3; Domain=wargaming.net; Max-Age=2592000; Path=/; SameSite=None; Secure
teclient=1673234154949453359; Domain=wargaming.net; Max-Age=315360000; Path=/; SameSite=None; Secure
Cache-Control: no-cache
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8e08b420206329c85ad5993ac0fde0fe
37caaa802d13b200bb993b509265c0a4ce9677cd
d7f4d155f515e8def780d9a0ccb0cf88c01c2cdedb16ecd7c3f3e9cea2d21103
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 355
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:15:55 GMT
Etag: "63ba7b11-1d7"
Last-Modified: Mon, 09 Jan 2023 03:10:01 GMT
Server: ECS (amb/6B87)
X-Cache: HIT
Content-Length: 471
join.worldoftanks.eu/1631088899/no/?t=1&pub_id=1287&xid=63bb86ea4676e70001a6e804&xid_param1=EZ46KGBJ6R&xid_param_2=&sid=SIDcIA3jCDY1UqJmB41X3CQC_GAfS8KHKzHAwCY37enkM2qnWDBuf_AaLHfWH1VEADE0HRxfW-XdDSUa8fF-SpzcsgAOFKqZWFjqAB4Fc9UJGuDn7TqXI6f9unLh4bY8BcWYr4SpMCpo06ZpBI&enctid=cpnc074n78n3&lpsn=WOT+ONGOING+LMS+WW+ACQ+Invite+Code+4+WOTHQ-2294&foris=1&teclient=1673234154949453359&utm_source=wlap&utm_medium=affiliate&utm_campaign=tuiznkdg&utm_content=1287
92.223.51.163200 OK 28 kB URL HTTP/1.1 join.worldoftanks.eu/1631088899/no/?t=1&pub_id=1287&xid=63bb86ea4676e70001a6e804&xid_param1=EZ46KGBJ6R&xid_param_2=&sid=SIDcIA3jCDY1UqJmB41X3CQC_GAfS8KHKzHAwCY37enkM2qnWDBuf_AaLHfWH1VEADE0HRxfW-XdDSUa8fF-SpzcsgAOFKqZWFjqAB4Fc9UJGuDn7TqXI6f9unLh4bY8BcWYr4SpMCpo06ZpBI&enctid=cpnc074n78n3&lpsn=WOT+ONGOING+LMS+WW+ACQ+Invite+Code+4+WOTHQ-2294&foris=1&teclient=1673234154949453359&utm_source=wlap&utm_medium=affiliate&utm_campaign=tuiznkdg&utm_content=1287
IP 92.223.51.163:0
ASN #199524 G-Core Labs S.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (49612)
Hash a89b708a66d7ec5f6d00c7f741ec666e
0c8ec9bdfe94198742bd43bc01690a361378cf91
ae9727b3341bf4169e4a48a7ec6c749fc38beaa267154cf6933e31bdca94a6b7
GET /1631088899/no/?t=1&pub_id=1287&xid=63bb86ea4676e70001a6e804&xid_param1=EZ46KGBJ6R&xid_param_2=&sid=SIDcIA3jCDY1UqJmB41X3CQC_GAfS8KHKzHAwCY37enkM2qnWDBuf_AaLHfWH1VEADE0HRxfW-XdDSUa8fF-SpzcsgAOFKqZWFjqAB4Fc9UJGuDn7TqXI6f9unLh4bY8BcWYr4SpMCpo06ZpBI&enctid=cpnc074n78n3&lpsn=WOT+ONGOING+LMS+WW+ACQ+Invite+Code+4+WOTHQ-2294&foris=1&teclient=1673234154949453359&utm_source=wlap&utm_medium=affiliate&utm_campaign=tuiznkdg&utm_content=1287 HTTP/1.1
Host: join.worldoftanks.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 03:15:55 GMT
Content-Type: text/html
Last-Modified: Fri, 01 Jul 2022 12:19:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62bee63b-183e5"
Content-Encoding: gzip
join.worldoftanks.eu/1631088899/no/riddler.js
92.223.51.163200 OK 5.3 kB URL HTTP/1.1 join.worldoftanks.eu/1631088899/no/riddler.js
IP 92.223.51.163:0
ASN #199524 G-Core Labs S.A.
File type ASCII text, with very long lines (17296)
Hash d605bee6aa9860288798aaa56089dfbb
336d139b794f47d64a45a9ddc236f74e83303dd1
b35841d26e1d241305a28379b3c6bf7a505372dfeaa150684b8df0b68438188f
GET /1631088899/no/riddler.js HTTP/1.1
Host: join.worldoftanks.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/1631088899/no/?t=1&pub_id=1287&xid=63bb86ea4676e70001a6e804&xid_param1=EZ46KGBJ6R&xid_param_2=&sid=SIDcIA3jCDY1UqJmB41X3CQC_GAfS8KHKzHAwCY37enkM2qnWDBuf_AaLHfWH1VEADE0HRxfW-XdDSUa8fF-SpzcsgAOFKqZWFjqAB4Fc9UJGuDn7TqXI6f9unLh4bY8BcWYr4SpMCpo06ZpBI&enctid=cpnc074n78n3&lpsn=WOT+ONGOING+LMS+WW+ACQ+Invite+Code+4+WOTHQ-2294&foris=1&teclient=1673234154949453359&utm_source=wlap&utm_medium=affiliate&utm_campaign=tuiznkdg&utm_content=1287
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 09 Jan 2023 03:15:55 GMT
Content-Type: application/javascript
Last-Modified: Fri, 01 Jul 2022 12:19:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62bee63b-4391"
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash cd1d39135eb079c9842a1696f1c3bacf
ee41d3b22fed5948c20a6d1639b6955a4252fc11
c1f219c13b6c6e622515b78d1549a1dacdc6fab1a2109d540e30d07a52990db5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:15:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 315edeafe1715f46de7d38be371473a8
25e357166d0ddfff3e60f9042d56f37c1ab7163a
9869582721de4f610dca5030b9a703863d2eae2667061b2f722aebdaf60468e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:15:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b937d3a22e41b9287e47381fae60c84
4dfa738c644b3aae27ccf725c84c545bc4e68a8f
33dacf9c3e5d6850c874469e8881e9d3d4c7eb8f5105c82b8a35fc5ef9e9c3f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6473
Cache-Control: max-age=110363
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:15:55 GMT
Etag: "63ba79bd-1d7"
Expires: Tue, 10 Jan 2023 09:55:18 GMT
Last-Modified: Sun, 08 Jan 2023 08:07:25 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b937d3a22e41b9287e47381fae60c84
4dfa738c644b3aae27ccf725c84c545bc4e68a8f
33dacf9c3e5d6850c874469e8881e9d3d4c7eb8f5105c82b8a35fc5ef9e9c3f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6473
Cache-Control: max-age=110363
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:15:55 GMT
Etag: "63ba79bd-1d7"
Expires: Tue, 10 Jan 2023 09:55:18 GMT
Last-Modified: Sun, 08 Jan 2023 08:07:25 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b937d3a22e41b9287e47381fae60c84
4dfa738c644b3aae27ccf725c84c545bc4e68a8f
33dacf9c3e5d6850c874469e8881e9d3d4c7eb8f5105c82b8a35fc5ef9e9c3f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4622
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:15:55 GMT
Last-Modified: Mon, 09 Jan 2023 01:58:53 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b937d3a22e41b9287e47381fae60c84
4dfa738c644b3aae27ccf725c84c545bc4e68a8f
33dacf9c3e5d6850c874469e8881e9d3d4c7eb8f5105c82b8a35fc5ef9e9c3f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6559
Cache-Control: max-age=110449
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:15:55 GMT
Etag: "63ba79bd-1d7"
Expires: Tue, 10 Jan 2023 09:56:44 GMT
Last-Modified: Sun, 08 Jan 2023 08:07:25 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b937d3a22e41b9287e47381fae60c84
4dfa738c644b3aae27ccf725c84c545bc4e68a8f
33dacf9c3e5d6850c874469e8881e9d3d4c7eb8f5105c82b8a35fc5ef9e9c3f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5004
Cache-Control: max-age=108894
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:15:55 GMT
Etag: "63ba79bd-1d7"
Expires: Tue, 10 Jan 2023 09:30:49 GMT
Last-Modified: Sun, 08 Jan 2023 08:07:25 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
lms-static.wgcdn.co/WOT-ONGOING-EU-Invite-Code-4-WOTHQ-2294/2aef0c94f5bc198cba6f45ee06d503a0_1639488505.png
92.223.84.84200 OK 29 kB URL HTTP/2 lms-static.wgcdn.co/WOT-ONGOING-EU-Invite-Code-4-WOTHQ-2294/2aef0c94f5bc198cba6f45ee06d503a0_1639488505.png
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 1174 x 363, 8-bit/color RGBA, non-interlaced\012- data
Hash 5ce0d2852121a1cd85a26c2426a40dae
474a69d1816e7d29cea432b640e43e5acff39450
07871f75a6f4007f7f7d9adf5382f953c1dce8407149662dd88617a1d8d4055a
GET /WOT-ONGOING-EU-Invite-Code-4-WOTHQ-2294/2aef0c94f5bc198cba6f45ee06d503a0_1639488505.png HTTP/1.1
Host: lms-static.wgcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 03:15:55 GMT
content-type: image/png
content-length: 29062
last-modified: Tue, 14 Dec 2021 13:28:25 GMT
etag: "61b89bf9-7186"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-23T15:56:44+00:00
x-id: sto5-up-gc13
accept-ranges: bytes
X-Firefox-Spdy: h2
lms-static.wgcdn.co/Influencer-OnlineCinemas-RU-WOTHQ-1987/92bb1f82a326cb424384f8778435bafd_1615373590.png
92.223.84.84200 OK 1.7 kB URL HTTP/2 lms-static.wgcdn.co/Influencer-OnlineCinemas-RU-WOTHQ-1987/92bb1f82a326cb424384f8778435bafd_1615373590.png
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 194 x 38, 8-bit colormap, non-interlaced\012- data
Hash 1224a915920466ded1bbf496e39939a8
8c1f54a1f838d93aaafc2c87a2aae1c96ae80531
6a81ee25f19cf5438048941ef19bc12f5996ca4439600d5dce26b24140ea6fec
GET /Influencer-OnlineCinemas-RU-WOTHQ-1987/92bb1f82a326cb424384f8778435bafd_1615373590.png HTTP/1.1
Host: lms-static.wgcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 03:15:55 GMT
content-type: image/png
content-length: 1722
last-modified: Wed, 10 Mar 2021 10:53:10 GMT
etag: "6048a516-6ba"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-23T11:56:21+00:00
x-id: sto5-up-gc13
accept-ranges: bytes
X-Firefox-Spdy: h2
lms-static.wgcdn.co/WOT-ONGOING-EU-Invite-Code-4-WOTHQ-2294/518e6d6bd45d6086554daa0295291ee1_1639488574.png
92.223.84.84200 OK 3.0 kB URL HTTP/2 lms-static.wgcdn.co/WOT-ONGOING-EU-Invite-Code-4-WOTHQ-2294/518e6d6bd45d6086554daa0295291ee1_1639488574.png
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 123 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 5b1962befd8938b36c48ed62ca7c04f5
4e3e0524f822003a2567d04501b9d5e7d55d7d06
cd2a2481818213f1c1b4e065ead65f83ff50d25a5b63a4a8cf515614f3ad05cf
GET /WOT-ONGOING-EU-Invite-Code-4-WOTHQ-2294/518e6d6bd45d6086554daa0295291ee1_1639488574.png HTTP/1.1
Host: lms-static.wgcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 03:15:55 GMT
content-type: image/png
content-length: 2976
last-modified: Tue, 14 Dec 2021 13:29:34 GMT
etag: "61b89c3e-ba0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-27T04:10:55+00:00
x-id: sto5-up-gc13
accept-ranges: bytes
X-Firefox-Spdy: h2
lms-static.wgcdn.co/influencer/046c15822fd624200beeb7d80dd5f907_1605097146.png
92.223.84.84200 OK 474 B URL HTTP/2 lms-static.wgcdn.co/influencer/046c15822fd624200beeb7d80dd5f907_1605097146.png
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 25 x 25, 8-bit colormap, non-interlaced\012- data
Hash c3dba256e278e8d66b5220dbe2b021a9
a44da94d1e6290da933fbc15e8b4a9a4e0585f7f
b833944cdc6c2ff9f66d9b9c27084dd921213d2d7e32451dcfa6302bcaabc36a
GET /influencer/046c15822fd624200beeb7d80dd5f907_1605097146.png HTTP/1.1
Host: lms-static.wgcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 03:15:55 GMT
content-type: image/png
content-length: 474
last-modified: Mon, 16 Nov 2020 11:19:33 GMT
etag: "5fb26045-1da"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-23T11:56:21+00:00
x-id: sto5-up-gc13
accept-ranges: bytes
X-Firefox-Spdy: h2
lms-static.wgcdn.co/WOT-ONGOING-EU-Invite-Code-4-WOTHQ-2294/f649b2f12a074726bf8db29fe5633628_1639488372.png
92.223.84.84200 OK 14 kB URL HTTP/2 lms-static.wgcdn.co/WOT-ONGOING-EU-Invite-Code-4-WOTHQ-2294/f649b2f12a074726bf8db29fe5633628_1639488372.png
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 208x208, components 3\012- data
Hash 87d3c37b826fc0c8237c8e716934f6b2
79632ce4b4f0f1cbe6a0ac9081dba9924b4d0cd0
5dd52ce85650d9cc13997187633c865d7284e628f3f28af2ce38896d8d7d3da0
GET /WOT-ONGOING-EU-Invite-Code-4-WOTHQ-2294/f649b2f12a074726bf8db29fe5633628_1639488372.png HTTP/1.1
Host: lms-static.wgcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 03:15:55 GMT
content-type: image/png
content-length: 13892
last-modified: Tue, 14 Dec 2021 13:26:12 GMT
etag: "61b89b74-3644"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-27T04:10:56+00:00
x-id: sto5-up-gc13
accept-ranges: bytes
X-Firefox-Spdy: h2
lms-static.wgcdn.co/WOT-ONGOING-EU-Invite-Code-4-WOTHQ-2294/ba06c381ed267fb7dfd6b007931ed0bf_1639488451.png
92.223.84.84200 OK 30 kB URL HTTP/2 lms-static.wgcdn.co/WOT-ONGOING-EU-Invite-Code-4-WOTHQ-2294/ba06c381ed267fb7dfd6b007931ed0bf_1639488451.png
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 219 x 220, 8-bit grayscale, non-interlaced\012- data
Hash e15fed82b2db8b2e31de05ab2a5601f4
405cbff152f965bdbf3a72faabbff5cafa4bcc14
549b0b011eb72bfb724708d7caeb637c1411be84c32ccbb5a9d7a76afc8b30bd
GET /WOT-ONGOING-EU-Invite-Code-4-WOTHQ-2294/ba06c381ed267fb7dfd6b007931ed0bf_1639488451.png HTTP/1.1
Host: lms-static.wgcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 03:15:55 GMT
content-type: image/png
content-length: 30233
last-modified: Tue, 14 Dec 2021 13:27:31 GMT
etag: "61b89bc3-7619"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-12-27T04:10:56+00:00
x-id: sto5-up-gc13
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash cd1d39135eb079c9842a1696f1c3bacf
ee41d3b22fed5948c20a6d1639b6955a4252fc11
c1f219c13b6c6e622515b78d1549a1dacdc6fab1a2109d540e30d07a52990db5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:15:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-58QVDL8
142.250.74.168200 OK 110 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-58QVDL8
IP 142.250.74.168:0
File type ASCII text, with very long lines (46627)
Size 110 kB (110398 bytes)
Hash 629a6053fd1131c9d7f915fd0d11a1a9
baa1211dcda7e3896bdc09b2d80eac86aefc61b7
059b362ce594f31695ebc0fd2e096154eb6b47572306f1df93bd261e92e15129
GET /gtm.js?id=GTM-58QVDL8 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 09 Jan 2023 03:15:55 GMT
expires: Mon, 09 Jan 2023 03:15:55 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 110398
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 315edeafe1715f46de7d38be371473a8
25e357166d0ddfff3e60f9042d56f37c1ab7163a
9869582721de4f610dca5030b9a703863d2eae2667061b2f722aebdaf60468e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:15:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lms-static.wgcdn.co/1631088899/dist/landing/influencer/glow.18967414.png
92.223.84.84200 OK 57 kB URL HTTP/2 lms-static.wgcdn.co/1631088899/dist/landing/influencer/glow.18967414.png
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 1303 x 1077, 8-bit colormap, non-interlaced\012- data
Hash 18967414cb6de3a0e44da9af5ceeceba
2e3b0e4e7c6fa9de0065bb964570ec86dba33c44
dbb098de250aa41b915be901513f56a812ad12f744c6d949b5cdc2400d450735
GET /1631088899/dist/landing/influencer/glow.18967414.png HTTP/1.1
Host: lms-static.wgcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lms-static.wgcdn.co/1631088899/dist/landing/influencer/app.c6d09eba.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 03:15:55 GMT
content-type: image/png
content-length: 57146
last-modified: Fri, 01 Jul 2022 12:19:00 GMT
etag: "62bee634-df3a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-23T15:56:45+00:00
x-id: sto5-up-gc13
accept-ranges: bytes
X-Firefox-Spdy: h2
lms-static.wgcdn.co/wothq-2294-for-HR-localization/41c92c321fee04cf99156fcafe41e10a_1630672820.jpg
92.223.84.84200 OK 427 kB URL HTTP/2 lms-static.wgcdn.co/wothq-2294-for-HR-localization/41c92c321fee04cf99156fcafe41e10a_1630672820.jpg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size 427 kB (426828 bytes)
Hash ffd396197a01d58ebe0a79038ed9a166
b04f4354ec95e2030d3cd98353352672b77ab9c5
f2f51127eb71fa55d81d645726ec69eda606314556a1f7d96dddbe72a40412ce
GET /wothq-2294-for-HR-localization/41c92c321fee04cf99156fcafe41e10a_1630672820.jpg HTTP/1.1
Host: lms-static.wgcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 03:15:55 GMT
content-type: image/jpeg
content-length: 426828
last-modified: Fri, 03 Sep 2021 12:40:20 GMT
etag: "613217b4-6834c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-23T11:56:21+00:00
x-id: sto5-up-gc13
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:15:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:15:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15660, version 1.0\012- data
Hash d7b0b953a50fddaa88089b5b787cf719
2f85bc568b27659a3d6452f58f9fd7678450326d
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://join.worldoftanks.eu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 03 Jan 2023 22:14:50 GMT
expires: Wed, 03 Jan 2024 22:14:50 GMT
cache-control: public, max-age=31536000
age: 450065
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:15:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2
216.58.207.227200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11816, version 1.0\012- data
Hash 7fa68490a833a8fa395e5f3bffafc052
1880e3743548106319713b937e7769eee6b1ce21
30fa70635379ae1b58491bc41572760c1f3c8445265436a5fec4c36a197e4121
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://join.worldoftanks.eu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 08 Jan 2023 07:39:05 GMT
expires: Mon, 08 Jan 2024 07:39:05 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:52:18 GMT
content-type: font/woff2
age: 70610
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data
Hash 3d7f7413fca69bff4d231ebdc50aaab0
cb18e7943b6a8a0e3672d7242197c19a226b92e8
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://join.worldoftanks.eu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 03 Jan 2023 15:42:33 GMT
expires: Wed, 03 Jan 2024 15:42:33 GMT
cache-control: public, max-age=31536000
age: 473602
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lms-static.wgcdn.co/WOT-ONGOING-EU-Invite-Code-3-WOTHQ-2294/ada53304c5b9e4a839615b6e8f908eb6_1631023676.png
92.223.84.84200 OK 1.5 kB URL HTTP/2 lms-static.wgcdn.co/WOT-ONGOING-EU-Invite-Code-3-WOTHQ-2294/ada53304c5b9e4a839615b6e8f908eb6_1631023676.png
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 26 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 763437d7b2f59f1ad05fd4d8a727c11c
89ab025401da2f06256c93c6b6ad3f261059aec4
5f5404a2345518bc08619fbbd46035c35b338d09e2568d61d062073d16922365
GET /WOT-ONGOING-EU-Invite-Code-3-WOTHQ-2294/ada53304c5b9e4a839615b6e8f908eb6_1631023676.png HTTP/1.1
Host: lms-static.wgcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 03:15:55 GMT
content-type: image/png
content-length: 1510
last-modified: Tue, 07 Sep 2021 14:07:56 GMT
etag: "6137723c-5e6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-23T15:56:46+00:00
x-id: sto5-up-gc13
accept-ranges: bytes
X-Firefox-Spdy: h2
lms-static.wgcdn.co/wothq-2294-for-HR-localization/f860ba666ed657944d19ca051e58cd2c_1630673079.png
92.223.84.84200 OK 1.1 kB URL HTTP/2 lms-static.wgcdn.co/wothq-2294-for-HR-localization/f860ba666ed657944d19ca051e58cd2c_1630673079.png
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 20 x 17, 8-bit/color RGBA, non-interlaced\012- data
Hash bac1e968c3c790268d7e53abeeacd89c
744519a693eeadf7ff201b79aa0070f21876e3a7
34b94ae3e43cf45ac91e8882cf2d7fcd48f70609de989792ced9b2b3a62a0794
GET /wothq-2294-for-HR-localization/f860ba666ed657944d19ca051e58cd2c_1630673079.png HTTP/1.1
Host: lms-static.wgcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 03:15:55 GMT
content-type: image/png
content-length: 1061
last-modified: Fri, 03 Sep 2021 12:44:39 GMT
etag: "613218b7-425"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-23T11:56:22+00:00
x-id: sto5-up-gc13
accept-ranges: bytes
X-Firefox-Spdy: h2
lms-static.wgcdn.co/WOT-ONGOING-EU-Invite-Code-3-WOTHQ-2294/aa15b9243a9f99d122d5803606e3c4df_1631023644.png
92.223.84.84200 OK 61 kB URL HTTP/2 lms-static.wgcdn.co/WOT-ONGOING-EU-Invite-Code-3-WOTHQ-2294/aa15b9243a9f99d122d5803606e3c4df_1631023644.png
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 547 x 547, 8-bit colormap, non-interlaced\012- data
Hash 6ca3723f9f610c6dc0e2a42854af6506
606dfa36fab5ed73a855f8d7b2efd1f556d9b1fe
dc46b67641fc9192ef5af4f7b9ffe21c874bce5aeef76faab391a2ebfc570646
GET /WOT-ONGOING-EU-Invite-Code-3-WOTHQ-2294/aa15b9243a9f99d122d5803606e3c4df_1631023644.png HTTP/1.1
Host: lms-static.wgcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 03:15:55 GMT
content-type: image/png
content-length: 60671
last-modified: Tue, 07 Sep 2021 14:07:24 GMT
etag: "6137721c-ecff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-23T15:56:46+00:00
x-id: sto5-up-gc13
accept-ranges: bytes
X-Firefox-Spdy: h2
lms-static.wgcdn.co/WOT-ONGOING-EU-Invite-Code-2-WOTHQ-2294/e07e81c20cf5935f5225765f0af81755_1631008644.png
92.223.84.84200 OK 76 kB URL HTTP/2 lms-static.wgcdn.co/WOT-ONGOING-EU-Invite-Code-2-WOTHQ-2294/e07e81c20cf5935f5225765f0af81755_1631008644.png
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 486 x 486, 8-bit colormap, non-interlaced\012- data
Hash 52c6165673bcd0fc73540ac1a8c58773
35758946a6822f03d96aaaf861a86a5574344570
bdcc184b850370eeb8c0dbaf34338862ad1edec631bc46223295fe6809f87057
GET /WOT-ONGOING-EU-Invite-Code-2-WOTHQ-2294/e07e81c20cf5935f5225765f0af81755_1631008644.png HTTP/1.1
Host: lms-static.wgcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 03:15:55 GMT
content-type: image/png
content-length: 76432
last-modified: Tue, 07 Sep 2021 09:57:24 GMT
etag: "61373784-12a90"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-23T15:56:46+00:00
x-id: sto5-up-gc13
accept-ranges: bytes
X-Firefox-Spdy: h2
lms-static.wgcdn.co/WOT-ONGOING-EU-Invite-Code-4-WOTHQ-2294/bebb8c73abc1c63656f9f2c1dce4cd2f_1631089203.png
92.223.84.84200 OK 64 kB URL HTTP/2 lms-static.wgcdn.co/WOT-ONGOING-EU-Invite-Code-4-WOTHQ-2294/bebb8c73abc1c63656f9f2c1dce4cd2f_1631089203.png
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 243 x 243, 8-bit/color RGBA, non-interlaced\012- data
Hash 53b0d319f6e17de12b2ff5b4e87fd0f2
3ff7a8140efd763b089d34c5c72c13eeba56404f
b0bcc02fdf01b57fd8e8a58c486dd18483bbd53d6045bbdb2a321f2bccce1b0a
GET /WOT-ONGOING-EU-Invite-Code-4-WOTHQ-2294/bebb8c73abc1c63656f9f2c1dce4cd2f_1631089203.png HTTP/1.1
Host: lms-static.wgcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 03:15:55 GMT
content-type: image/png
content-length: 63954
last-modified: Wed, 08 Sep 2021 08:20:03 GMT
etag: "61387233-f9d2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-23T15:56:46+00:00
x-id: sto5-up-gc13
accept-ranges: bytes
X-Firefox-Spdy: h2
lms-static.wgcdn.co/Influencer-OnlineCinemas-RU-WOTHQ-1987/8447cc7c55c287cfe893783003d9dc77_1615371500.png
92.223.84.84200 OK 5.1 kB URL HTTP/2 lms-static.wgcdn.co/Influencer-OnlineCinemas-RU-WOTHQ-1987/8447cc7c55c287cfe893783003d9dc77_1615371500.png
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash c28eb738166485ff11b13d9e74a52be8
dd161225ce2e844e2d6f05753e5210d922934ec6
2e9c3e61433c5952bd3b7d963ae90d9789c262a67411447bbaa1b598f53c2411
GET /Influencer-OnlineCinemas-RU-WOTHQ-1987/8447cc7c55c287cfe893783003d9dc77_1615371500.png HTTP/1.1
Host: lms-static.wgcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 03:15:55 GMT
content-type: image/png
content-length: 5124
last-modified: Wed, 10 Mar 2021 10:18:20 GMT
etag: "60489cec-1404"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-23T11:56:26+00:00
x-id: sto5-up-gc13
accept-ranges: bytes
X-Firefox-Spdy: h2
lms-static.wgcdn.co/1631088899/dist/landing/influencer/eval.js
92.223.84.84200 OK 177 B URL HTTP/2 lms-static.wgcdn.co/1631088899/dist/landing/influencer/eval.js
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash ab56a375dc50a8ab25c09dd2116ebcd0
19ee177c451c354bedf9d355a34476134464d0be
a6b484f867056eb70f872f3e159a26591e2c653581553f9667946642f1c0759a
GET /1631088899/dist/landing/influencer/eval.js HTTP/1.1
Host: lms-static.wgcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 03:15:55 GMT
content-type: application/javascript
content-length: 177
last-modified: Fri, 01 Jul 2022 12:19:00 GMT
etag: "62bee634-b1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-23T18:50:04+00:00
x-id: sto5-up-gc13
accept-ranges: bytes
X-Firefox-Spdy: h2
lms-static.wgcdn.co/1631088899/dist/landing/influencer/app.1a3b5482.js
92.223.84.84200 OK 133 kB URL HTTP/2 lms-static.wgcdn.co/1631088899/dist/landing/influencer/app.1a3b5482.js
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Size 133 kB (133181 bytes)
Hash e5c0a16438454a5621a3a342a505addb
0f932d3240a90aa9036eb54549ceeccba12962ed
f8b09a589652508572accb6d7a99ddf93cc5c32c372ead0aba66dbb1ce805ab7
GET /1631088899/dist/landing/influencer/app.1a3b5482.js HTTP/1.1
Host: lms-static.wgcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 03:15:55 GMT
content-type: application/javascript
last-modified: Fri, 01 Jul 2022 12:19:00 GMT
vary: Accept-Encoding
etag: W/"62bee634-25f47"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: gzip
cache: HIT
x-cached-since: 2022-11-23T15:56:44+00:00
x-id: sto5-up-gc13
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 001d496ab3b628f4e0325970b8c4f4e6
a7eb0b8753903abcfbba40f880e7bc659e6a5f44
43fe54a285e45bbdf8255aef427e96f493531c4830fda73b2a143ba1eba1b8c3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6044
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:15:56 GMT
Last-Modified: Mon, 09 Jan 2023 01:35:13 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
www.youtube.com/embed/kZ9ouChqfKQ?enablejsapi=1&autoplay=1&cc_load_policy=0&cc_lang_pref=&iv_load_policy=1&loop=0&modestbranding=1&rel=1&fs=1&playsinline=0&autohide=2&theme=dark&color=red&controls=1&
142.250.74.46200 OK 34 kB URL HTTP/2 www.youtube.com/embed/kZ9ouChqfKQ?enablejsapi=1&autoplay=1&cc_load_policy=0&cc_lang_pref=&iv_load_policy=1&loop=0&modestbranding=1&rel=1&fs=1&playsinline=0&autohide=2&theme=dark&color=red&controls=1&
IP 142.250.74.46:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58644)
Hash 2d535578e650a5ba777894743b3683b5
ecf640117c15eda96d0e974459a1c9a47ffc570a
5968d5d0aac57361cb2ec3dbb756447e05566c9bdf5434e57ec0f7be9dcc15e6
GET /embed/kZ9ouChqfKQ?enablejsapi=1&autoplay=1&cc_load_policy=0&cc_lang_pref=&iv_load_policy=1&loop=0&modestbranding=1&rel=1&fs=1&playsinline=0&autohide=2&theme=dark&color=red&controls=1& HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahlulbayt.pt/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 09 Jan 2023 03:15:52 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=Y4GjsKS4jwE; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=uPYn5tO13PA; Domain=.youtube.com; Expires=Sat, 08-Jul-2023 03:15:52 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU0TmpRNE5UazJNalk0TWpjd01qYzJOZz09EOiN7p0GGOiN7p0G; Domain=.youtube.com; Expires=Sat, 08-Jul-2023 03:15:52 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+222; expires=Wed, 08-Jan-2025 03:15:52 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 826d11723a9433383ea51213b7028fb6
54d410f01a0fdeeb01801e76f2a0e52593451b0f
e3e3e309324799d76d4edb746eba71628bca18c080f1d628e1ba1eac871cbecd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5654
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:15:56 GMT
Last-Modified: Mon, 09 Jan 2023 01:41:42 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
216.58.207.206200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.58.207.206:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 09 Jan 2023 02:41:08 GMT
expires: Mon, 09 Jan 2023 04:41:08 GMT
cache-control: public, max-age=7200
age: 2088
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 27d78738a9609be605b9885f7a5f90e1
cc0794b5d6eff980221081c785662ffa3f770f13
388060a0450ea600c005936f51fbb7e7779ab49eb33044141926cfdb2cf01be3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:15:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 4aa5723e20bb937995d58baee63ccef3
4f4451ce70e0f1174447f509b9ecfae0030d69b8
a442ce52f0330fe4e1d6e25a76d9cf569cf7e649416caf201d0570a1cadf7de8
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: hOEyNfHq4mMcnAQVpRAWwDW1R+DUZQeUYMwcmEvmNZNWkigF3hvE0VCAaMopIRodCFHEb+uot09FJ7/aMP67cA==
priority: u=3,i
content-length: 27613
x-fb-trip-id: 1904183273
date: Mon, 09 Jan 2023 03:15:56 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
bat.bing.com/bat.js
204.79.197.200200 OK 12 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39124), with no line terminators
Hash d925a898de26295fdebfc90203ef46fa
77dd3f5893b76530e08058d50e8f9aef017e80c7
8f4a413fec7e48f5ac290f4596fef33b6396e7fb31080ec0203a5ec817d140c8
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11460
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ranges: bytes
etag: "027e538cd8d91:0"
vary: Accept-Encoding
set-cookie: MUID=29B8B8DCFB67688E0173AA48FA9269D3; domain=.bing.com; expires=Sat, 03-Feb-2024 03:15:56 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6A38781352B44EC4950205B3507FDD71 Ref B: OSL30EDGE0113 Ref C: 2023-01-09T03:15:56Z
date: Mon, 09 Jan 2023 03:15:55 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 8fd95f99c767ca2559dfa76e78fa1ddd
1bcfa611a72225e6cd9cfedf6d03a43aa525946f
01595b34ecb16f26e964615a0b43bc3a886e2c15a027314af991d4ccd56e64cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:15:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/1006839708/?random=1673234143279&cv=11&fst=1673234143279&bg=ffffff&guid=ON&async=1>m=2wg120&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fjoin.worldoftanks.eu%2F1631088899%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63bb86ea4676e70001a6e804%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDcIA3jCDY1UqJmB41X3CQC_GAfS8KHKzHAwCY37enkM2qnWDBuf_AaLHfWH1VEADE0HRxfW-XdDSUa8fF-SpzcsgAOFKqZWFjqAB4Fc9UJGuDn7TqXI6f9unLh4bY8BcWYr4SpMCpo06ZpBI%26enctid%3Dcpnc074n78n3%26lpsn%3DWOT%2520ONGOING%2520LMS%2520WW%2520ACQ%2520Invite%2520Code%25204%2520WOTHQ-2294%26foris%3D1%26teclient%3D1673234154949453359%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dtuiznkdg%26utm_content%3D1287&tiba=World%20of%20Tanks%E2%80%94det%20ultimate%20strategiske%20skytespillet.%20Spill%20gratis!&auid=285251823.1673234143&rfmt=3&fmt=4
142.250.74.130200 OK 1.3 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1006839708/?random=1673234143279&cv=11&fst=1673234143279&bg=ffffff&guid=ON&async=1>m=2wg120&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fjoin.worldoftanks.eu%2F1631088899%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63bb86ea4676e70001a6e804%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDcIA3jCDY1UqJmB41X3CQC_GAfS8KHKzHAwCY37enkM2qnWDBuf_AaLHfWH1VEADE0HRxfW-XdDSUa8fF-SpzcsgAOFKqZWFjqAB4Fc9UJGuDn7TqXI6f9unLh4bY8BcWYr4SpMCpo06ZpBI%26enctid%3Dcpnc074n78n3%26lpsn%3DWOT%2520ONGOING%2520LMS%2520WW%2520ACQ%2520Invite%2520Code%25204%2520WOTHQ-2294%26foris%3D1%26teclient%3D1673234154949453359%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dtuiznkdg%26utm_content%3D1287&tiba=World%20of%20Tanks%E2%80%94det%20ultimate%20strategiske%20skytespillet.%20Spill%20gratis!&auid=285251823.1673234143&rfmt=3&fmt=4
IP 142.250.74.130:0
File type ASCII text, with very long lines (2973), with no line terminators
Hash 35a0580db09cd0b975e10399c5686145
dd33774b67e6a4c3eb21e608afe88f7a7f1b529c
74d0883a75388f6a5854121cc3b598a1da23ad9655805dc965a0bd770a14067c
GET /pagead/viewthroughconversion/1006839708/?random=1673234143279&cv=11&fst=1673234143279&bg=ffffff&guid=ON&async=1>m=2wg120&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fjoin.worldoftanks.eu%2F1631088899%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63bb86ea4676e70001a6e804%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDcIA3jCDY1UqJmB41X3CQC_GAfS8KHKzHAwCY37enkM2qnWDBuf_AaLHfWH1VEADE0HRxfW-XdDSUa8fF-SpzcsgAOFKqZWFjqAB4Fc9UJGuDn7TqXI6f9unLh4bY8BcWYr4SpMCpo06ZpBI%26enctid%3Dcpnc074n78n3%26lpsn%3DWOT%2520ONGOING%2520LMS%2520WW%2520ACQ%2520Invite%2520Code%25204%2520WOTHQ-2294%26foris%3D1%26teclient%3D1673234154949453359%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dtuiznkdg%26utm_content%3D1287&tiba=World%20of%20Tanks%E2%80%94det%20ultimate%20strategiske%20skytespillet.%20Spill%20gratis!&auid=285251823.1673234143&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 03:15:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1252
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 09-Jan-2023 03:30:56 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 826d11723a9433383ea51213b7028fb6
54d410f01a0fdeeb01801e76f2a0e52593451b0f
e3e3e309324799d76d4edb746eba71628bca18c080f1d628e1ba1eac871cbecd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1328
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:15:56 GMT
Last-Modified: Mon, 09 Jan 2023 02:53:48 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-77NSW0BT3P&cid=1280162845.1673234143>m=2oe120&aip=1&z=319139265
142.250.74.131200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-77NSW0BT3P&cid=1280162845.1673234143>m=2oe120&aip=1&z=319139265
IP 142.250.74.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-77NSW0BT3P&cid=1280162845.1673234143>m=2oe120&aip=1&z=319139265 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 03:15:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.redditstatic.com/ads/pixel.js
151.101.193.140200 OK 7.7 kB URL HTTP/2 www.redditstatic.com/ads/pixel.js
IP 151.101.193.140:0
File type ASCII text, with very long lines (25224)
Hash 3528fd00b652f61a266eb584d96f4fcc
d89e16aa1323c6c4f1ed3941122020684a599361
77efa9f2ddfdca7a45df37bbcd22fdaeb7b97161a2acd87e21eb78bdeaad1332
GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 07 Nov 2022 16:45:46 GMT
etag: "3528fd00b652f61a266eb584d96f4fcc"
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 09 Jan 2023 03:15:56 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7722
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 27d78738a9609be605b9885f7a5f90e1
cc0794b5d6eff980221081c785662ffa3f770f13
388060a0450ea600c005936f51fbb7e7779ab49eb33044141926cfdb2cf01be3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:15:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tenor.wargaming.net/cf
92.223.21.16200 OK 0 B IP 92.223.21.16:0
ASN #199524 G-Core Labs S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /cf HTTP/1.1
Host: tenor.wargaming.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://join.worldoftanks.eu/
Origin: https://join.worldoftanks.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Mon, 09 Jan 2023 03:15:56 GMT
Content-Type: application/octet-stream
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=200
Access-Control-Allow-Origin: https://join.worldoftanks.eu
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: CONTENT-TYPE
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 8fd95f99c767ca2559dfa76e78fa1ddd
1bcfa611a72225e6cd9cfedf6d03a43aa525946f
01595b34ecb16f26e964615a0b43bc3a886e2c15a027314af991d4ccd56e64cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:15:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tenor.wargaming.net/cf
92.223.21.16204 No Content 0 B IP 92.223.21.16:0
ASN #199524 G-Core Labs S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cf HTTP/1.1
Host: tenor.wargaming.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://join.worldoftanks.eu/
Content-Type: application/json
Origin: https://join.worldoftanks.eu
Content-Length: 311
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: openresty
Date: Mon, 09 Jan 2023 03:15:56 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 2
Connection: keep-alive
Keep-Alive: timeout=200
Access-Control-Expose-Headers: Server,Content-Length,Date
Access-Control-Allow-Origin: https://join.worldoftanks.eu
Access-Control-Allow-Credentials: true
bat.bing.com/action/0?ti=26043906&tm=gtm002&Ver=2&mid=89a21e35-ccb3-46dc-8712-c42c6bad47c5&sid=e7137e808fcb11ed94ca599b765034a3&vid=e713adb08fcb11ed93427377c42d8a94&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=World%20of%20Tanks%E2%80%94det%20ultimate%20strategiske%20skytespillet.%20Spill%20gratis!&p=https%3A%2F%2Fjoin.worldoftanks.eu%2F1631088899%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63bb86ea4676e70001a6e804%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDcIA3jCDY1UqJmB41X3CQC_GAfS8KHKzHAwCY37enkM2qnWDBuf_AaLHfWH1VEADE0HRxfW-XdDSUa8fF-SpzcsgAOFKqZWFjqAB4Fc9UJGuDn7TqXI6f9unLh4bY8BcWYr4SpMCpo06ZpBI%26enctid%3Dcpnc074n78n3%26lpsn%3DWOT%2520ONGOING%2520LMS%2520WW%2520ACQ%2520Invite%2520Code%25204%2520WOTHQ-2294%26foris%3D1%26teclient%3D1673234154949453359%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dtuiznkdg%26utm_content%3D1287&r=<=1720&evt=pageLoad&sv=1&rn=769998
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=26043906&tm=gtm002&Ver=2&mid=89a21e35-ccb3-46dc-8712-c42c6bad47c5&sid=e7137e808fcb11ed94ca599b765034a3&vid=e713adb08fcb11ed93427377c42d8a94&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=World%20of%20Tanks%E2%80%94det%20ultimate%20strategiske%20skytespillet.%20Spill%20gratis!&p=https%3A%2F%2Fjoin.worldoftanks.eu%2F1631088899%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63bb86ea4676e70001a6e804%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDcIA3jCDY1UqJmB41X3CQC_GAfS8KHKzHAwCY37enkM2qnWDBuf_AaLHfWH1VEADE0HRxfW-XdDSUa8fF-SpzcsgAOFKqZWFjqAB4Fc9UJGuDn7TqXI6f9unLh4bY8BcWYr4SpMCpo06ZpBI%26enctid%3Dcpnc074n78n3%26lpsn%3DWOT%2520ONGOING%2520LMS%2520WW%2520ACQ%2520Invite%2520Code%25204%2520WOTHQ-2294%26foris%3D1%26teclient%3D1673234154949453359%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dtuiznkdg%26utm_content%3D1287&r=<=1720&evt=pageLoad&sv=1&rn=769998
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=26043906&tm=gtm002&Ver=2&mid=89a21e35-ccb3-46dc-8712-c42c6bad47c5&sid=e7137e808fcb11ed94ca599b765034a3&vid=e713adb08fcb11ed93427377c42d8a94&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=World%20of%20Tanks%E2%80%94det%20ultimate%20strategiske%20skytespillet.%20Spill%20gratis!&p=https%3A%2F%2Fjoin.worldoftanks.eu%2F1631088899%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63bb86ea4676e70001a6e804%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDcIA3jCDY1UqJmB41X3CQC_GAfS8KHKzHAwCY37enkM2qnWDBuf_AaLHfWH1VEADE0HRxfW-XdDSUa8fF-SpzcsgAOFKqZWFjqAB4Fc9UJGuDn7TqXI6f9unLh4bY8BcWYr4SpMCpo06ZpBI%26enctid%3Dcpnc074n78n3%26lpsn%3DWOT%2520ONGOING%2520LMS%2520WW%2520ACQ%2520Invite%2520Code%25204%2520WOTHQ-2294%26foris%3D1%26teclient%3D1673234154949453359%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dtuiznkdg%26utm_content%3D1287&r=<=1720&evt=pageLoad&sv=1&rn=769998 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=181A209DDC366EED080A3209DDC36FF4; domain=.bing.com; expires=Sat, 03-Feb-2024 03:15:56 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E79C7800612346F58FC148EA7182D2DA Ref B: OSL30EDGE0113 Ref C: 2023-01-09T03:15:56Z
date: Mon, 09 Jan 2023 03:15:55 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8b33ebf66adf8ea748d256ed5248639a
54f661bd5cdfe8ec55371d0d7d63437abc1d54b7
d7b4bf07bc0c94009920239a1136dfdafa898ac2efab9d4131e68682f826e76b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:15:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash e137d91ff1d52f2f3b37045da9db2690
58c93405e90f191e6405bb09b75b6b795a033e4e
fd8ab1fc158dc32f9754fa9866d43b040baf45796feac5bdd96e9d1cc9336b72
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:15:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ad.doubleclick.net/ddm/activity/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1631088899/no/;u3=WOT%20ONGOING%20LMS%20WW%20ACQ%20Invite%20Code%204%20WOTHQ-2294;u4=affiliate;u5=tuiznkdg;u6=1673234154949453359;u7=undefined;match_id=1673234154949453359;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=485029790
216.58.207.230302 Found 0 B URL HTTP/2 ad.doubleclick.net/ddm/activity/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1631088899/no/;u3=WOT%20ONGOING%20LMS%20WW%20ACQ%20Invite%20Code%204%20WOTHQ-2294;u4=affiliate;u5=tuiznkdg;u6=1673234154949453359;u7=undefined;match_id=1673234154949453359;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=485029790
IP 216.58.207.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/activity/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1631088899/no/;u3=WOT%20ONGOING%20LMS%20WW%20ACQ%20Invite%20Code%204%20WOTHQ-2294;u4=affiliate;u5=tuiznkdg;u6=1673234154949453359;u7=undefined;match_id=1673234154949453359;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=485029790 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 03:15:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.com/ddm/fls/p/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1631088899/no/;u3=WOT%20ONGOING%20LMS%20WW%20ACQ%20Invite%20Code%204%20WOTHQ-2294;u4=affiliate;u5=tuiznkdg;u6=1673234154949453359;u7=undefined;match_id=1673234154949453359;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=485029790;~oref=https://join.worldoftanks.eu/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 09-Jan-2023 03:30:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 58d9c6f30a369eddec282c039f596292
5b2833ed28483cc656637e71f646064a29dea7d3
8e0bed93d9000e00d535292bbcb51ee864b9b1396357d5deed65cbcdccbe8be4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1511
Cache-Control: max-age=141364
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:15:56 GMT
Etag: "63bb0639-1d7"
Expires: Tue, 10 Jan 2023 18:32:00 GMT
Last-Modified: Sun, 08 Jan 2023 18:06:49 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
www.google.com/pagead/1p-user-list/1006839708/?random=1673234143279&cv=11&fst=1673233200000&bg=ffffff&guid=ON&async=1>m=2wg120&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fjoin.worldoftanks.eu%2F1631088899%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63bb86ea4676e70001a6e804%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDcIA3jCDY1UqJmB41X3CQC_GAfS8KHKzHAwCY37enkM2qnWDBuf_AaLHfWH1VEADE0HRxfW-XdDSUa8fF-SpzcsgAOFKqZWFjqAB4Fc9UJGuDn7TqXI6f9unLh4bY8BcWYr4SpMCpo06ZpBI%26enctid%3Dcpnc074n78n3%26lpsn%3DWOT%2520ONGOING%2520LMS%2520WW%2520ACQ%2520Invite%2520Code%25204%2520WOTHQ-2294%26foris%3D1%26teclient%3D1673234154949453359%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dtuiznkdg%26utm_content%3D1287&tiba=World%20of%20Tanks%E2%80%94det%20ultimate%20strategiske%20skytespillet.%20Spill%20gratis!&fmt=3&is_vtc=1&random=1639978921&rmt_tld=0&ipr=y
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/1006839708/?random=1673234143279&cv=11&fst=1673233200000&bg=ffffff&guid=ON&async=1>m=2wg120&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fjoin.worldoftanks.eu%2F1631088899%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63bb86ea4676e70001a6e804%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDcIA3jCDY1UqJmB41X3CQC_GAfS8KHKzHAwCY37enkM2qnWDBuf_AaLHfWH1VEADE0HRxfW-XdDSUa8fF-SpzcsgAOFKqZWFjqAB4Fc9UJGuDn7TqXI6f9unLh4bY8BcWYr4SpMCpo06ZpBI%26enctid%3Dcpnc074n78n3%26lpsn%3DWOT%2520ONGOING%2520LMS%2520WW%2520ACQ%2520Invite%2520Code%25204%2520WOTHQ-2294%26foris%3D1%26teclient%3D1673234154949453359%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dtuiznkdg%26utm_content%3D1287&tiba=World%20of%20Tanks%E2%80%94det%20ultimate%20strategiske%20skytespillet.%20Spill%20gratis!&fmt=3&is_vtc=1&random=1639978921&rmt_tld=0&ipr=y
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1006839708/?random=1673234143279&cv=11&fst=1673233200000&bg=ffffff&guid=ON&async=1>m=2wg120&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fjoin.worldoftanks.eu%2F1631088899%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63bb86ea4676e70001a6e804%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDcIA3jCDY1UqJmB41X3CQC_GAfS8KHKzHAwCY37enkM2qnWDBuf_AaLHfWH1VEADE0HRxfW-XdDSUa8fF-SpzcsgAOFKqZWFjqAB4Fc9UJGuDn7TqXI6f9unLh4bY8BcWYr4SpMCpo06ZpBI%26enctid%3Dcpnc074n78n3%26lpsn%3DWOT%2520ONGOING%2520LMS%2520WW%2520ACQ%2520Invite%2520Code%25204%2520WOTHQ-2294%26foris%3D1%26teclient%3D1673234154949453359%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dtuiznkdg%26utm_content%3D1287&tiba=World%20of%20Tanks%E2%80%94det%20ultimate%20strategiske%20skytespillet.%20Spill%20gratis!&fmt=3&is_vtc=1&random=1639978921&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 03:15:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/p/action/26043906.js
204.79.197.200200 OK 1.4 kB URL HTTP/2 bat.bing.com/p/action/26043906.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 617b16ee2cc02f80ed3728495ecc2282
8dd2e70d54ca6dc9c3cbbcc8c83aa3359a4fd031
6db033fae32be614bd64b08e78f0cad9583aa152b0aa86eaf7154c68abbf98ff
GET /p/action/26043906.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private,max-age=60
content-length: 1446
content-type: application/javascript; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: MUID=0931BA43CCDC6FF61F81A8D7CD296E51; domain=.bing.com; expires=Sat, 03-Feb-2024 03:15:56 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AEBEEC5CECF24778AE26CB0BA09E5C47 Ref B: OSL30EDGE0113 Ref C: 2023-01-09T03:15:56Z
date: Mon, 09 Jan 2023 03:15:55 GMT
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-40205758-4&cid=1280162845.1673234143&jid=924736990&gjid=467506034&_gid=103249272.1673234144&_u=YChACEABBAAAACAFO~&z=1072786733
74.125.131.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-40205758-4&cid=1280162845.1673234143&jid=924736990&gjid=467506034&_gid=103249272.1673234144&_u=YChACEABBAAAACAFO~&z=1072786733
IP 74.125.131.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-40205758-4&cid=1280162845.1673234143&jid=924736990&gjid=467506034&_gid=103249272.1673234144&_u=YChACEABBAAAACAFO~&z=1072786733 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://join.worldoftanks.eu
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://join.worldoftanks.eu
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 09 Jan 2023 03:15:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-150089307-8&cid=1280162845.1673234143&jid=885849185&gjid=236703497&_gid=1638992606.1673234144&_u=YChACEAABAAAACAEO~&z=668019707
74.125.131.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-150089307-8&cid=1280162845.1673234143&jid=885849185&gjid=236703497&_gid=1638992606.1673234144&_u=YChACEAABAAAACAEO~&z=668019707
IP 74.125.131.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-150089307-8&cid=1280162845.1673234143&jid=885849185&gjid=236703497&_gid=1638992606.1673234144&_u=YChACEAABAAAACAEO~&z=668019707 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://join.worldoftanks.eu
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://join.worldoftanks.eu
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 09 Jan 2023 03:15:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.yimg.com/wi/config/10180089.json
87.248.119.252200 OK 46 B URL HTTP/2 s.yimg.com/wi/config/10180089.json
IP 87.248.119.252:0
ASN #203220 Yahoo! UK Services Limited
File type JSON data\012- , ASCII text, with no line terminators
Hash c6ded5892a90c67512603a071c819e4e
b0db884308ecef9f44d5c38bacf96702096d5830
c63fe9a284f1b9cfd799a123c1a92a566f22bd5cd0be03d5af3a3fbf0936e226
GET /wi/config/10180089.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://join.worldoftanks.eu
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: FORs3qOWo7tHvNrDbjU99SpndXHsuhnYiEtsu4ImJgfSLvf9wgUOgBJlk3Hds9fLpBHO8qmrdEI=
x-amz-request-id: ZHN6GSR1Y4Z07AKC
date: Sun, 08 Jan 2023 22:29:36 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Wed, 16 Mar 2022 15:56:22 GMT
x-amz-expiration: expiry-date="Fri, 21 Apr 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "c6ded5892a90c67512603a071c819e4e"
x-amz-server-side-encryption: AES256
x-amz-version-id: hucc9FIkp5UShj6EZB33GhrqRv4Mo1tn
accept-ranges: bytes
content-type: application/json
server: ATS
content-length: 46
referrer-policy: no-referrer-when-downgrade
age: 17181
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash e137d91ff1d52f2f3b37045da9db2690
58c93405e90f191e6405bb09b75b6b795a033e4e
fd8ab1fc158dc32f9754fa9866d43b040baf45796feac5bdd96e9d1cc9336b72
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:15:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
alb.reddit.com/rp.gif?ts=1673234143646&id=t2_a043ik42&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=faaa192c-ac31-40d8-aa46-0398916eaaee&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
151.101.193.140200 OK 42 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1673234143646&id=t2_a043ik42&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=faaa192c-ac31-40d8-aa46-0398916eaaee&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
IP 151.101.193.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rp.gif?ts=1673234143646&id=t2_a043ik42&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=faaa192c-ac31-40d8-aa46-0398916eaaee&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Mon, 09 Jan 2023 03:15:56 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 53e4963971e19408d4cf264bd653599d
271fa6d9b5843b97d579a713fbb48b388c61eba0
c3245e3793f7aab542ba2b4b719f5145a45ba29d536456ad629a364ab2df400b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:15:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-40205758-4&cid=1280162845.1673234143&jid=924736990&_u=YChACEABBAAAACAFO~&z=1805351295
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-40205758-4&cid=1280162845.1673234143&jid=924736990&_u=YChACEABBAAAACAFO~&z=1805351295
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-40205758-4&cid=1280162845.1673234143&jid=924736990&_u=YChACEABBAAAACAFO~&z=1805351295 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 03:15:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/p/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1631088899/no/;u3=WOT%20ONGOING%20LMS%20WW%20ACQ%20Invite%20Code%204%20WOTHQ-2294;u4=affiliate;u5=tuiznkdg;u6=1673234154949453359;u7=undefined;match_id=1673234154949453359;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=485029790;~oref=https://join.worldoftanks.eu/
142.250.74.66302 Found 0 B URL HTTP/2 adservice.google.com/ddm/fls/p/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1631088899/no/;u3=WOT%20ONGOING%20LMS%20WW%20ACQ%20Invite%20Code%204%20WOTHQ-2294;u4=affiliate;u5=tuiznkdg;u6=1673234154949453359;u7=undefined;match_id=1673234154949453359;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=485029790;~oref=https://join.worldoftanks.eu/
IP 142.250.74.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/fls/p/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1631088899/no/;u3=WOT%20ONGOING%20LMS%20WW%20ACQ%20Invite%20Code%204%20WOTHQ-2294;u4=affiliate;u5=tuiznkdg;u6=1673234154949453359;u7=undefined;match_id=1673234154949453359;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=485029790;~oref=https://join.worldoftanks.eu/ HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://join.worldoftanks.eu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 03:15:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.no/ddm/fls/p/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1631088899/no/;u3=WOT%20ONGOING%20LMS%20WW%20ACQ%20Invite%20Code%204%20WOTHQ-2294;u4=affiliate;u5=tuiznkdg;u6=1673234154949453359;u7=undefined;match_id=1673234154949453359;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=485029790;~oref=https://join.worldoftanks.eu/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rules.quantcount.com/rules-p-UH9pPWqqbvvtC.js
54.230.111.33200 OK 222 B URL HTTP/2 rules.quantcount.com/rules-p-UH9pPWqqbvvtC.js
IP 54.230.111.33:0
Hash 1fc3544f525a98ae3bb01abe95ecbd2b
9a9379f992c3660aec966f7fccb478ec0796b0af
fe56ee11ce8e8046f4e968b897e8a013642cb70381a7e8b7ca51d21f2d19ec42
GET /rules-p-UH9pPWqqbvvtC.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 222
last-modified: Thu, 13 Oct 2022 14:48:45 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Mon, 09 Jan 2023 02:25:43 GMT
cache-control: max-age=3600
etag: "1fc3544f525a98ae3bb01abe95ecbd2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sXoovZ9CwI3YsT1MQdibsKjqevyCubUnQx4IzxtgR0FCf3L1JWCN7Q==
age: 3014
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/p/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1631088899/no/;u3=WOT%20ONGOING%20LMS%20WW%20ACQ%20Invite%20Code%204%20WOTHQ-2294;u4=affiliate;u5=tuiznkdg;u6=1673234154949453359;u7=undefined;match_id=1673234154949453359;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=485029790;~oref=https://join.worldoftanks.eu/
216.58.211.2200 OK 42 B URL HTTP/2 adservice.google.no/ddm/fls/p/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1631088899/no/;u3=WOT%20ONGOING%20LMS%20WW%20ACQ%20Invite%20Code%204%20WOTHQ-2294;u4=affiliate;u5=tuiznkdg;u6=1673234154949453359;u7=undefined;match_id=1673234154949453359;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=485029790;~oref=https://join.worldoftanks.eu/
IP 216.58.211.2:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ddm/fls/p/src=9463992;type=acqpa00;cat=woteu000;u2=https://join.worldoftanks.eu/1631088899/no/;u3=WOT%20ONGOING%20LMS%20WW%20ACQ%20Invite%20Code%204%20WOTHQ-2294;u4=affiliate;u5=tuiznkdg;u6=1673234154949453359;u7=undefined;match_id=1673234154949453359;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=485029790;~oref=https://join.worldoftanks.eu/ HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://join.worldoftanks.eu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 03:15:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pixel.quantserve.com/pixel;r=1745763420;labels=_fp.event.PageView;source=gtm;event=refresh;rf=0;a=p-UH9pPWqqbvvtC;url=https%3A%2F%2Fjoin.worldoftanks.eu%2F1631088899%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63bb86ea4676e70001a6e804%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDcIA3jCDY1UqJmB41X3CQC_GAfS8KHKzHAwCY37enkM2qnWDBuf_AaLHfWH1VEADE0HRxfW-XdDSUa8fF-SpzcsgAOFKqZWFjqAB4Fc9UJGuDn7TqXI6f9unLh4bY8BcWYr4SpMCpo06ZpBI%26enctid%3Dcpnc074n78n3%26lpsn%3DWOT%2520ONGOING%2520LMS%2520WW%2520ACQ%2520Invite%2520Code%25204%2520WOTHQ-2294%26foris%3D1%26teclient%3D1673234154949453359%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dtuiznkdg%26utm_content%3D1287;uht=2;fpan=1;fpa=P0-1571768320-1673234143820;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20230104143059;cm=;gdpr=0;ref=;d=worldoftanks.eu;dst=0;et=1673234143903;tzo=0;ogl=title.World%20of%20Tanks%E2%80%94det%20ultimate%20strategiske%20skytespillet%252E%20Spill%20gratis!%2Cdescription.Omgi%20deg%20selv%20med%20pansret%20tankskrigf%C3%B8ring%20i%20World%20of%20Tanks%252C%20et%20lagbasert%20multisp%2Cimage.https%3A%2F%2Flms-static%252Ewgcdn%252Eco%2FInfluencer-with-hidden-invite-CIS%2Fa3c86a67f4c5bb1c6c;ses=4f50c9e2-2944-4998-aa4b-52a95571d10d
91.228.74.159200 OK 35 B URL HTTP/2 pixel.quantserve.com/pixel;r=1745763420;labels=_fp.event.PageView;source=gtm;event=refresh;rf=0;a=p-UH9pPWqqbvvtC;url=https%3A%2F%2Fjoin.worldoftanks.eu%2F1631088899%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63bb86ea4676e70001a6e804%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDcIA3jCDY1UqJmB41X3CQC_GAfS8KHKzHAwCY37enkM2qnWDBuf_AaLHfWH1VEADE0HRxfW-XdDSUa8fF-SpzcsgAOFKqZWFjqAB4Fc9UJGuDn7TqXI6f9unLh4bY8BcWYr4SpMCpo06ZpBI%26enctid%3Dcpnc074n78n3%26lpsn%3DWOT%2520ONGOING%2520LMS%2520WW%2520ACQ%2520Invite%2520Code%25204%2520WOTHQ-2294%26foris%3D1%26teclient%3D1673234154949453359%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dtuiznkdg%26utm_content%3D1287;uht=2;fpan=1;fpa=P0-1571768320-1673234143820;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20230104143059;cm=;gdpr=0;ref=;d=worldoftanks.eu;dst=0;et=1673234143903;tzo=0;ogl=title.World%20of%20Tanks%E2%80%94det%20ultimate%20strategiske%20skytespillet%252E%20Spill%20gratis!%2Cdescription.Omgi%20deg%20selv%20med%20pansret%20tankskrigf%C3%B8ring%20i%20World%20of%20Tanks%252C%20et%20lagbasert%20multisp%2Cimage.https%3A%2F%2Flms-static%252Ewgcdn%252Eco%2FInfluencer-with-hidden-invite-CIS%2Fa3c86a67f4c5bb1c6c;ses=4f50c9e2-2944-4998-aa4b-52a95571d10d
IP 91.228.74.159:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel;r=1745763420;labels=_fp.event.PageView;source=gtm;event=refresh;rf=0;a=p-UH9pPWqqbvvtC;url=https%3A%2F%2Fjoin.worldoftanks.eu%2F1631088899%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63bb86ea4676e70001a6e804%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDcIA3jCDY1UqJmB41X3CQC_GAfS8KHKzHAwCY37enkM2qnWDBuf_AaLHfWH1VEADE0HRxfW-XdDSUa8fF-SpzcsgAOFKqZWFjqAB4Fc9UJGuDn7TqXI6f9unLh4bY8BcWYr4SpMCpo06ZpBI%26enctid%3Dcpnc074n78n3%26lpsn%3DWOT%2520ONGOING%2520LMS%2520WW%2520ACQ%2520Invite%2520Code%25204%2520WOTHQ-2294%26foris%3D1%26teclient%3D1673234154949453359%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dtuiznkdg%26utm_content%3D1287;uht=2;fpan=1;fpa=P0-1571768320-1673234143820;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20230104143059;cm=;gdpr=0;ref=;d=worldoftanks.eu;dst=0;et=1673234143903;tzo=0;ogl=title.World%20of%20Tanks%E2%80%94det%20ultimate%20strategiske%20skytespillet%252E%20Spill%20gratis!%2Cdescription.Omgi%20deg%20selv%20med%20pansret%20tankskrigf%C3%B8ring%20i%20World%20of%20Tanks%252C%20et%20lagbasert%20multisp%2Cimage.https%3A%2F%2Flms-static%252Ewgcdn%252Eco%2FInfluencer-with-hidden-invite-CIS%2Fa3c86a67f4c5bb1c6c;ses=4f50c9e2-2944-4998-aa4b-52a95571d10d HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 03:15:56 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=63bb86ec-ad2a5-ced9d-903c5; expires=Fri, 09-Feb-2024 03:15:56 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-77NSW0BT3P>m=2oe120&_p=1287978226&_gaz=1&gcs=G1--&cid=1280162845.1673234143&ul=en-us&sr=1280x1024&_s=1&sid=1673234143&sct=1&seg=0&dl=https%3A%2F%2Fjoin.worldoftanks.eu%2F1631088899%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63bb86ea4676e70001a6e804%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDcIA3jCDY1UqJmB41X3CQC_GAfS8KHKzHAwCY37enkM2qnWDBuf_AaLHfWH1VEADE0HRxfW-XdDSUa8fF-SpzcsgAOFKqZWFjqAB4Fc9UJGuDn7TqXI6f9unLh4bY8BcWYr4SpMCpo06ZpBI%26enctid%3Dcpnc074n78n3%26lpsn%3DWOT%2520ONGOING%2520LMS%2520WW%2520ACQ%2520Invite%2520Code%25204%2520WOTHQ-2294%26foris%3D1%26teclient%3D1673234154949453359%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dtuiznkdg%26utm_content%3D1287&dt=World%20of%20Tanks%E2%80%94det%20ultimate%20strategiske%20skytespillet.%20Spill%20gratis!&en=page_view&_fv=1&_nsi=1&_ss=1&ep.prod_name=wot&ep.prod_realm=eu&ep.prod_lang=no&ep.prod_type=lp&ep.prod_lptype=invite-code%2FWOTHQ-2294%2FACQ%2Freg-in%2Fdl-in
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-77NSW0BT3P>m=2oe120&_p=1287978226&_gaz=1&gcs=G1--&cid=1280162845.1673234143&ul=en-us&sr=1280x1024&_s=1&sid=1673234143&sct=1&seg=0&dl=https%3A%2F%2Fjoin.worldoftanks.eu%2F1631088899%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63bb86ea4676e70001a6e804%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDcIA3jCDY1UqJmB41X3CQC_GAfS8KHKzHAwCY37enkM2qnWDBuf_AaLHfWH1VEADE0HRxfW-XdDSUa8fF-SpzcsgAOFKqZWFjqAB4Fc9UJGuDn7TqXI6f9unLh4bY8BcWYr4SpMCpo06ZpBI%26enctid%3Dcpnc074n78n3%26lpsn%3DWOT%2520ONGOING%2520LMS%2520WW%2520ACQ%2520Invite%2520Code%25204%2520WOTHQ-2294%26foris%3D1%26teclient%3D1673234154949453359%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dtuiznkdg%26utm_content%3D1287&dt=World%20of%20Tanks%E2%80%94det%20ultimate%20strategiske%20skytespillet.%20Spill%20gratis!&en=page_view&_fv=1&_nsi=1&_ss=1&ep.prod_name=wot&ep.prod_realm=eu&ep.prod_lang=no&ep.prod_type=lp&ep.prod_lptype=invite-code%2FWOTHQ-2294%2FACQ%2Freg-in%2Fdl-in
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-77NSW0BT3P>m=2oe120&_p=1287978226&_gaz=1&gcs=G1--&cid=1280162845.1673234143&ul=en-us&sr=1280x1024&_s=1&sid=1673234143&sct=1&seg=0&dl=https%3A%2F%2Fjoin.worldoftanks.eu%2F1631088899%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63bb86ea4676e70001a6e804%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDcIA3jCDY1UqJmB41X3CQC_GAfS8KHKzHAwCY37enkM2qnWDBuf_AaLHfWH1VEADE0HRxfW-XdDSUa8fF-SpzcsgAOFKqZWFjqAB4Fc9UJGuDn7TqXI6f9unLh4bY8BcWYr4SpMCpo06ZpBI%26enctid%3Dcpnc074n78n3%26lpsn%3DWOT%2520ONGOING%2520LMS%2520WW%2520ACQ%2520Invite%2520Code%25204%2520WOTHQ-2294%26foris%3D1%26teclient%3D1673234154949453359%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dtuiznkdg%26utm_content%3D1287&dt=World%20of%20Tanks%E2%80%94det%20ultimate%20strategiske%20skytespillet.%20Spill%20gratis!&en=page_view&_fv=1&_nsi=1&_ss=1&ep.prod_name=wot&ep.prod_realm=eu&ep.prod_lang=no&ep.prod_type=lp&ep.prod_lptype=invite-code%2FWOTHQ-2294%2FACQ%2Freg-in%2Fdl-in HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://join.worldoftanks.eu
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://join.worldoftanks.eu
date: Mon, 09 Jan 2023 03:15:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2009%20Jan%202023%2003%3A15%3A43%20GMT&n=0&b=World%20of%20Tanks%E2%80%94det%20ultimate%20strategiske%20skytespillet.%20Spill%20gratis!&.yp=10180089&f=https%3A%2F%2Fjoin.worldoftanks.eu%2F1631088899%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63bb86ea4676e70001a6e804%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDcIA3jCDY1UqJmB41X3CQC_GAfS8KHKzHAwCY37enkM2qnWDBuf_AaLHfWH1VEADE0HRxfW-XdDSUa8fF-SpzcsgAOFKqZWFjqAB4Fc9UJGuDn7TqXI6f9unLh4bY8BcWYr4SpMCpo06ZpBI%26enctid%3Dcpnc074n78n3%26lpsn%3DWOT%2520ONGOING%2520LMS%2520WW%2520ACQ%2520Invite%2520Code%25204%2520WOTHQ-2294%26foris%3D1%26teclient%3D1673234154949453359%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dtuiznkdg%26utm_content%3D1287&enc=UTF-8&yv=1.13.0&tagmgr=gtm
212.82.100.181200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2009%20Jan%202023%2003%3A15%3A43%20GMT&n=0&b=World%20of%20Tanks%E2%80%94det%20ultimate%20strategiske%20skytespillet.%20Spill%20gratis!&.yp=10180089&f=https%3A%2F%2Fjoin.worldoftanks.eu%2F1631088899%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63bb86ea4676e70001a6e804%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDcIA3jCDY1UqJmB41X3CQC_GAfS8KHKzHAwCY37enkM2qnWDBuf_AaLHfWH1VEADE0HRxfW-XdDSUa8fF-SpzcsgAOFKqZWFjqAB4Fc9UJGuDn7TqXI6f9unLh4bY8BcWYr4SpMCpo06ZpBI%26enctid%3Dcpnc074n78n3%26lpsn%3DWOT%2520ONGOING%2520LMS%2520WW%2520ACQ%2520Invite%2520Code%25204%2520WOTHQ-2294%26foris%3D1%26teclient%3D1673234154949453359%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dtuiznkdg%26utm_content%3D1287&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP 212.82.100.181:0
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&d=Mon%2C%2009%20Jan%202023%2003%3A15%3A43%20GMT&n=0&b=World%20of%20Tanks%E2%80%94det%20ultimate%20strategiske%20skytespillet.%20Spill%20gratis!&.yp=10180089&f=https%3A%2F%2Fjoin.worldoftanks.eu%2F1631088899%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63bb86ea4676e70001a6e804%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDcIA3jCDY1UqJmB41X3CQC_GAfS8KHKzHAwCY37enkM2qnWDBuf_AaLHfWH1VEADE0HRxfW-XdDSUa8fF-SpzcsgAOFKqZWFjqAB4Fc9UJGuDn7TqXI6f9unLh4bY8BcWYr4SpMCpo06ZpBI%26enctid%3Dcpnc074n78n3%26lpsn%3DWOT%2520ONGOING%2520LMS%2520WW%2520ACQ%2520Invite%2520Code%25204%2520WOTHQ-2294%26foris%3D1%26teclient%3D1673234154949453359%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dtuiznkdg%26utm_content%3D1287&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 03:15:56 GMT
expires: Mon, 09 Jan 2023 03:15:56 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBOyGu2MCECDeNUmYYCJyHqgZI58TU9AFEgEBAQHYvGPFYwAAAAAA_eMAAA&S=AQAAAk9pobQWgIF3kmeb3N2PAuU; Expires=Tue, 9 Jan 2024 09:15:56 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
sp.analytics.yahoo.com/sp.pl?a=10000&b=World%20of%20Tanks%E2%80%94det%20ultimate%20strategiske%20skytespillet.%20Spill%20gratis!&.yp=10180089&f=https%3A%2F%2Fjoin.worldoftanks.eu%2F1631088899%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63bb86ea4676e70001a6e804%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDcIA3jCDY1UqJmB41X3CQC_GAfS8KHKzHAwCY37enkM2qnWDBuf_AaLHfWH1VEADE0HRxfW-XdDSUa8fF-SpzcsgAOFKqZWFjqAB4Fc9UJGuDn7TqXI6f9unLh4bY8BcWYr4SpMCpo06ZpBI%26enctid%3Dcpnc074n78n3%26lpsn%3DWOT%2520ONGOING%2520LMS%2520WW%2520ACQ%2520Invite%2520Code%25204%2520WOTHQ-2294%26foris%3D1%26teclient%3D1673234154949453359%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dtuiznkdg%26utm_content%3D1287&enc=UTF-8&yv=1.13.0&et=custom&ec=LP%20Interaction&ea=Page%20View&el=Landing%20Page&tagmgr=gtm
212.82.100.181200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&b=World%20of%20Tanks%E2%80%94det%20ultimate%20strategiske%20skytespillet.%20Spill%20gratis!&.yp=10180089&f=https%3A%2F%2Fjoin.worldoftanks.eu%2F1631088899%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63bb86ea4676e70001a6e804%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDcIA3jCDY1UqJmB41X3CQC_GAfS8KHKzHAwCY37enkM2qnWDBuf_AaLHfWH1VEADE0HRxfW-XdDSUa8fF-SpzcsgAOFKqZWFjqAB4Fc9UJGuDn7TqXI6f9unLh4bY8BcWYr4SpMCpo06ZpBI%26enctid%3Dcpnc074n78n3%26lpsn%3DWOT%2520ONGOING%2520LMS%2520WW%2520ACQ%2520Invite%2520Code%25204%2520WOTHQ-2294%26foris%3D1%26teclient%3D1673234154949453359%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dtuiznkdg%26utm_content%3D1287&enc=UTF-8&yv=1.13.0&et=custom&ec=LP%20Interaction&ea=Page%20View&el=Landing%20Page&tagmgr=gtm
IP 212.82.100.181:0
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&b=World%20of%20Tanks%E2%80%94det%20ultimate%20strategiske%20skytespillet.%20Spill%20gratis!&.yp=10180089&f=https%3A%2F%2Fjoin.worldoftanks.eu%2F1631088899%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63bb86ea4676e70001a6e804%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDcIA3jCDY1UqJmB41X3CQC_GAfS8KHKzHAwCY37enkM2qnWDBuf_AaLHfWH1VEADE0HRxfW-XdDSUa8fF-SpzcsgAOFKqZWFjqAB4Fc9UJGuDn7TqXI6f9unLh4bY8BcWYr4SpMCpo06ZpBI%26enctid%3Dcpnc074n78n3%26lpsn%3DWOT%2520ONGOING%2520LMS%2520WW%2520ACQ%2520Invite%2520Code%25204%2520WOTHQ-2294%26foris%3D1%26teclient%3D1673234154949453359%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dtuiznkdg%26utm_content%3D1287&enc=UTF-8&yv=1.13.0&et=custom&ec=LP%20Interaction&ea=Page%20View&el=Landing%20Page&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 03:15:56 GMT
expires: Mon, 09 Jan 2023 03:15:56 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBOyGu2MCEDMRGYDEknw8lLFwwK2AVwcFEgEBAQHYvGPFYwAAAAAA_eMAAA&S=AQAAAjjFf080dE7yx52n8YpJ0yE; Expires=Tue, 9 Jan 2024 09:15:56 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=722630277830558&ev=PageView&dl=https%3A%2F%2Fjoin.worldoftanks.eu%2F1631088899%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63bb86ea4676e70001a6e804%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDcIA3jCDY1UqJmB41X3CQC_GAfS8KHKzHAwCY37enkM2qnWDBuf_AaLHfWH1VEADE0HRxfW-XdDSUa8fF-SpzcsgAOFKqZWFjqAB4Fc9UJGuDn7TqXI6f9unLh4bY8BcWYr4SpMCpo06ZpBI%26enctid%3Dcpnc074n78n3%26lpsn%3DWOT%2520ONGOING%2520LMS%2520WW%2520ACQ%2520Invite%2520Code%25204%2520WOTHQ-2294%26foris%3D1%26teclient%3D1673234154949453359%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dtuiznkdg%26utm_content%3D1287&rl=&if=false&ts=1673234144205&sw=1280&sh=1024&v=2.9.91&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1673234144204.1537465926&it=1673234143609&coo=false&tm=1&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=722630277830558&ev=PageView&dl=https%3A%2F%2Fjoin.worldoftanks.eu%2F1631088899%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63bb86ea4676e70001a6e804%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDcIA3jCDY1UqJmB41X3CQC_GAfS8KHKzHAwCY37enkM2qnWDBuf_AaLHfWH1VEADE0HRxfW-XdDSUa8fF-SpzcsgAOFKqZWFjqAB4Fc9UJGuDn7TqXI6f9unLh4bY8BcWYr4SpMCpo06ZpBI%26enctid%3Dcpnc074n78n3%26lpsn%3DWOT%2520ONGOING%2520LMS%2520WW%2520ACQ%2520Invite%2520Code%25204%2520WOTHQ-2294%26foris%3D1%26teclient%3D1673234154949453359%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dtuiznkdg%26utm_content%3D1287&rl=&if=false&ts=1673234144205&sw=1280&sh=1024&v=2.9.91&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1673234144204.1537465926&it=1673234143609&coo=false&tm=1&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=722630277830558&ev=PageView&dl=https%3A%2F%2Fjoin.worldoftanks.eu%2F1631088899%2Fno%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63bb86ea4676e70001a6e804%26xid_param1%3DEZ46KGBJ6R%26xid_param_2%3D%26sid%3DSIDcIA3jCDY1UqJmB41X3CQC_GAfS8KHKzHAwCY37enkM2qnWDBuf_AaLHfWH1VEADE0HRxfW-XdDSUa8fF-SpzcsgAOFKqZWFjqAB4Fc9UJGuDn7TqXI6f9unLh4bY8BcWYr4SpMCpo06ZpBI%26enctid%3Dcpnc074n78n3%26lpsn%3DWOT%2520ONGOING%2520LMS%2520WW%2520ACQ%2520Invite%2520Code%25204%2520WOTHQ-2294%26foris%3D1%26teclient%3D1673234154949453359%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dtuiznkdg%26utm_content%3D1287&rl=&if=false&ts=1673234144205&sw=1280&sh=1024&v=2.9.91&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1673234144204.1537465926&it=1673234143609&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 09 Jan 2023 03:15:56 GMT
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=AE0AC2A86A5D4698AF4A09EA17A47D68&RedC=c.clarity.ms&MXFR=3F8AA993B0FA64AD01EBBB07B4FA6ABA
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=3F8AA993B0FA64AD01EBBB07B4FA6ABA; domain=.clarity.ms; expires=Sat, 03-Feb-2024 03:15:57 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Mon, 09 Jan 2023 03:15:56 GMT
content-length: 0
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=AE0AC2A86A5D4698AF4A09EA17A47D68&RedC=c.clarity.ms&MXFR=3F8AA993B0FA64AD01EBBB07B4FA6ABA
204.79.197.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=AE0AC2A86A5D4698AF4A09EA17A47D68&RedC=c.clarity.ms&MXFR=3F8AA993B0FA64AD01EBBB07B4FA6ABA
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=AE0AC2A86A5D4698AF4A09EA17A47D68&RedC=c.clarity.ms&MXFR=3F8AA993B0FA64AD01EBBB07B4FA6ABA HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://join.worldoftanks.eu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=AE0AC2A86A5D4698AF4A09EA17A47D68&MUID=062AF3290BEB6A801DD5E1BD0A1E6B63
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=062AF3290BEB6A801DD5E1BD0A1E6B63; domain=c.bing.com; expires=Sat, 03-Feb-2024 03:15:57 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8C7B6B3F523845128DB6F1ACA55465ED Ref B: OSL30EDGE0113 Ref C: 2023-01-09T03:15:57Z
date: Mon, 09 Jan 2023 03:15:56 GMT
content-length: 0
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=AE0AC2A86A5D4698AF4A09EA17A47D68&MUID=062AF3290BEB6A801DD5E1BD0A1E6B63
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=AE0AC2A86A5D4698AF4A09EA17A47D68&MUID=062AF3290BEB6A801DD5E1BD0A1E6B63
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=AE0AC2A86A5D4698AF4A09EA17A47D68&MUID=062AF3290BEB6A801DD5E1BD0A1E6B63 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://join.worldoftanks.eu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Thu, 05 Jan 2023 17:40:42 GMT
accept-ranges: bytes
etag: "d59a6ed52c21d91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Mon, 09-Jan-2023 03:25:57 GMT; path=/; SameSite=None; Secure;
date: Mon, 09 Jan 2023 03:15:56 GMT
content-length: 42
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.7.1/clarity.js
13.107.238.53200 OK 19 kB URL HTTP/2 www.clarity.ms/eus2/s/0.7.1/clarity.js
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (56646)
Hash 66bec5cf19258f21f546dafbd8fbac89
9ad80a56291ca677990c37c376631d3ff74e0234
fe223664aef7e529023cbb3ee1920a439abcd1f70bd6ce9554a6fb6ca9e565fb
GET /eus2/s/0.7.1/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d9162aa06b059e"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-azure-ref-originshield: 02Oi6YwAAAABY1CytD2XKSaWErs0uZCpJQU1TMDRFREdFMTgxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-azure-ref: 07Ia7YwAAAADWLgf6y/TtRakaD5AtszvdU1ZHMjBFREdFMDYxMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Mon, 09 Jan 2023 03:15:56 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb7207be-4100-4a82-bf3e-342252e2cfa0.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb7207be-4100-4a82-bf3e-342252e2cfa0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3266083bf2b5bdd813baebdba104664f
7fd066c76972286974cec7df74a0b4494266c03c
9c6cb1a3b4a3d7e869ab33754f99f6d39956f19e93f50aa2c9dab473464de728
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb7207be-4100-4a82-bf3e-342252e2cfa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9301
x-amzn-requestid: 56251425-9d2c-4de4-97d8-15e39c5e8ec7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ecWZ6E91IAMFgXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bb3772-635f814006fa184b3be79d8f;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 21:36:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KmrATvRIlkh4Yx1SBNuyaF8tAay9HdQbc5fG3GdC3iDyNgcvGyensg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 21:40:49 GMT
etag: "7fd066c76972286974cec7df74a0b4494266c03c"
content-type: image/jpeg
age: 20111
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto+Condensed:400,700&display=swap&subset=cyrillic,greek,vietnamese
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto+Condensed:400,700&display=swap&subset=cyrillic,greek,vietnamese
IP 142.250.74.74:0
GET /css?family=Roboto+Condensed:400,700&display=swap&subset=cyrillic,greek,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 09 Jan 2023 03:15:55 GMT
date: Mon, 09 Jan 2023 03:15:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
thirawogla.com/bm3iVx0.Pj3upevvb/m/V_JqZ-DG0v0/NqTJcEylMqjNApwjLVTsQA1wNJzGIgy/MbDOEu
88.85.94.246200 OK 0 B URL HTTP/2 thirawogla.com/bm3iVx0.Pj3upevvb/m/V_JqZ-DG0v0/NqTJcEylMqjNApwjLVTsQA1wNJzGIgy/MbDOEu
IP 88.85.94.246:0
GET /bm3iVx0.Pj3upevvb/m/V_JqZ-DG0v0/NqTJcEylMqjNApwjLVTsQA1wNJzGIgy/MbDOEu HTTP/1.1
Host: thirawogla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://long.interestmoments.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 03:15:54 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Mon, 09 Jan 2023 03:15:53 GMT
x-frame-options: DENY
referrer-policy: no-referrer
p3p: CP="CUR ADM OUR NOR STA NID"
set-cookie: kadCCap=212269:1:1667199062;132751:1:1673159249;219484:1:1667715065;219047:1:1667194435;222775:1:1671023864;219652:1:1669330335;215297:1:1671843330;79610:1:1669272875;184246:1:1673226439;101716:1:1672946010;223255:1:1670393482;218693:1:1669515516;194136:1:1673097966;222582:1:1673162353;221398:1:1673031544;220335:1:1670435916;222555:1:1671433227;218665:1:1671785908;221352:1:1670163762;220790:1:1668460505;222513:1:1671568408;223454:1:1671925401;199455:1:1668245056; max-age=1704770154; path=/
kadACap=458041:1:1670526590;404163:1:1673226439;417177:1:1673216086;419297:1:1670740668;445499:1:1670164226;453850:1:1671627132;346327:1:1673167772;451724:1:1669565807;406293:1:1672977574;410254:1:1671377581;444748:1:1669841678;419321:1:1672807980;272913:1:1673208392;446720:1:1673017703;419301:1:1673205268;458045:1:1670528140;446498:1:1671420411;441369:1:1671297690;419291:1:1673140110;445735:1:1669286676;456883:1:1671781891;424445:1:1673123363;446716:1:1672031762;445788:1:1669918420;450649:1:1671968855;446013:1:1668228435;419295:1:1673143817;444785:1:1671894608;190964:1:1669272875;451139:1:1671706534;445506:1:1669286676;383700:1:1673168901;419323:1:1672975053;442019:1:1673186218;446714:1:1671329420;419303:1:1670918283;458498:1:1672536671;460522:1:1673215437;398832:1:1672025828;424441:1:1673123938;401659:1:1673234153;446718:1:1672964869;424443:1:1673201378;454815:1:1673201512;451147:1:1673144472;445081:1:1671894608;419293:1:1671780919;407100:1:1668246232;453839:1:1672548072;419299:1:1670986713;449523:1:1670210030;410252:1:1673233611;346329:1:1670226206;446531:1:1669270846;453831:1:1673164326; max-age=1704770154; path=/
kadCSCap=132751:1:1673159249;222582:1:1673162353;184246:1:1673226439; path=/
kadASCap=419301:1:1673205268;454815:1:1673201512;401659:1:1673234153;417177:1:1673216086;383700:1:1673168901;410252:1:1673233611;442019:1:1673186218;453831:1:1673164326;404163:1:1673226439;424443:1:1673201378;346327:1:1673167772;272913:1:1673208392;460522:1:1673215437; path=/
kadRPixJ=bnVsbA==; max-age=1704770154; path=/
kadUnP3=CBMQ0cTpnQYaDQiEyJMCEAEYpuzpnQYaDQja7pgCEAIY6I7snQYaDQixoZkCEAMYqpfrnQYaDQjzspkCEAEY2oXqnQYaDQjo55ACEAEYrIPqnQYaDQioiJcCEAcY0cTpnQYaDQiIrZcCEAEY8dzpnQYaDQjMyZcCEAEYyMTsnQYaDQiJy5kCEAEYlKzsnQYaDQjVv5kBEAEYnIfqnQYiCggDEBIY0cTpnQYqDAivrScQARisg+qdBioMCKSTKBAHGNHE6Z0GKgwIkpwoEAEYyMTsnQYqDAjouSgQARjaheqdBioMCLS8KBABGJSs7J0GKgwIg70SEAEYnIfqnQYqDAiEpyUQARim7OmdBioMCNqXKBABGPHc6Z0GKgwI9rEoEAIY6I7snQYqDAjntygQAxiql+udBg==; max-age=1704770154; path=/
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
lms-static.wgcdn.co/1631088899/dist/landing/influencer/riddler.js
92.223.84.84200 OK 0 B URL HTTP/2 lms-static.wgcdn.co/1631088899/dist/landing/influencer/riddler.js
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /1631088899/dist/landing/influencer/riddler.js HTTP/1.1
Host: lms-static.wgcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 03:15:55 GMT
content-type: application/javascript
last-modified: Fri, 01 Jul 2022 12:19:00 GMT
vary: Accept-Encoding
etag: W/"62bee634-4391"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: gzip
cache: HIT
x-cached-since: 2022-11-23T18:50:04+00:00
x-id: sto5-up-gc13
X-Firefox-Spdy: h2
lms-static.wgcdn.co/1631088899/dist/landing/influencer/sha3.js
92.223.84.84200 OK 0 B URL HTTP/2 lms-static.wgcdn.co/1631088899/dist/landing/influencer/sha3.js
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /1631088899/dist/landing/influencer/sha3.js HTTP/1.1
Host: lms-static.wgcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 03:15:55 GMT
content-type: application/javascript
last-modified: Fri, 01 Jul 2022 12:19:00 GMT
vary: Accept-Encoding
etag: W/"62bee634-1704"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: gzip
cache: HIT
x-cached-since: 2022-11-23T18:50:04+00:00
x-id: sto5-up-gc13
X-Firefox-Spdy: h2
lms-static.wgcdn.co/1631088899/dist/landing/influencer/center_glow.b80f1780.png
92.223.84.84200 OK 0 B URL HTTP/2 lms-static.wgcdn.co/1631088899/dist/landing/influencer/center_glow.b80f1780.png
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /1631088899/dist/landing/influencer/center_glow.b80f1780.png HTTP/1.1
Host: lms-static.wgcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lms-static.wgcdn.co/1631088899/dist/landing/influencer/app.c6d09eba.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 03:15:55 GMT
content-type: image/png
content-length: 89535
last-modified: Fri, 01 Jul 2022 12:19:00 GMT
etag: "62bee634-15dbf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-11-23T15:56:45+00:00
x-id: sto5-up-gc13
accept-ranges: bytes
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
91.228.74.159200 OK 0 B URL HTTP/2 secure.quantserve.com/quant.js
IP 91.228.74.159:0
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 03:15:56 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "WQX8ubvDGl3DCUDHzxu0sA=="
expires: Mon, 16 Jan 2023 03:15:56 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.clarity.ms/tag/uet/26043906
13.107.238.53200 OK 0 B URL HTTP/2 www.clarity.ms/tag/uet/26043906
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /tag/uet/26043906 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=a68d3198375f4e0eb73bbc5a11fd3a91.20230109.20240109; expires=Tue, 09 Jan 2024 03:15:56 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
x-cache: CONFIG_NOCACHE
x-azure-ref: 07Ia7YwAAAACH6bF1Ebh5QLA31muNSwFDU1ZHMjBFREdFMDYxMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Mon, 09 Jan 2023 03:15:56 GMT
X-Firefox-Spdy: h2
lms-static.wgcdn.co/1631088899/dist/landing/influencer/vendors~app.dd0131eb.js
92.223.84.84200 OK 0 B URL HTTP/2 lms-static.wgcdn.co/1631088899/dist/landing/influencer/vendors~app.dd0131eb.js
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /1631088899/dist/landing/influencer/vendors~app.dd0131eb.js HTTP/1.1
Host: lms-static.wgcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 03:15:55 GMT
content-type: application/javascript
last-modified: Fri, 01 Jul 2022 12:19:00 GMT
vary: Accept-Encoding
etag: W/"62bee634-340a8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: gzip
cache: HIT
x-cached-since: 2022-11-23T15:56:44+00:00
x-id: sto5-up-gc13
X-Firefox-Spdy: h2
lms-static.wgcdn.co/1631088899/dist/landing/influencer/app.c6d09eba.css
92.223.84.84200 OK 0 B URL HTTP/2 lms-static.wgcdn.co/1631088899/dist/landing/influencer/app.c6d09eba.css
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /1631088899/dist/landing/influencer/app.c6d09eba.css HTTP/1.1
Host: lms-static.wgcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://join.worldoftanks.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 03:15:55 GMT
content-type: text/css
last-modified: Fri, 01 Jul 2022 12:19:00 GMT
vary: Accept-Encoding
etag: W/"62bee634-23bad"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: gzip
cache: HIT
x-cached-since: 2022-11-23T15:56:44+00:00
x-id: sto5-up-gc13
X-Firefox-Spdy: h2