clezgashop.fr/
185.98.131.141301 Moved Permanently 309 B IP 185.98.131.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 4733841cafe0238973f900a82b6bbd63
2f4c634edd46812aab4d46c4489078d8db2df4b8
81f3abcb347f460338c294083d423f6eb07a8968c9becb8264f4f0450975bb1c
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 30 Jan 2023 20:55:07 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 309
Connection: keep-alive
Location: https://clezgashop.fr/
X-Cache-Status: HIT
X-Cache-Key: http://clezgashop.fr/
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9634
Expires: Mon, 30 Jan 2023 23:35:42 GMT
Date: Mon, 30 Jan 2023 20:55:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10231
Expires: Mon, 30 Jan 2023 23:45:39 GMT
Date: Mon, 30 Jan 2023 20:55:08 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 20:35:46 GMT
content-type: application/json
age: 1162
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11530
Expires: Tue, 31 Jan 2023 00:07:18 GMT
Date: Mon, 30 Jan 2023 20:55:08 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: h6Fs8YLZtxryemTeFWoPLuvGzO74hMZlsVgIPAwWmYrp4jrxhl5ZOG4Rg0nFpzl0iaHzk1yn1bo=
x-amz-request-id: 2XZRHD126TX088QD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 20:21:56 GMT
age: 1992
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:08 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 20:41:41 GMT
age: 807
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7987
Expires: Mon, 30 Jan 2023 23:08:15 GMT
Date: Mon, 30 Jan 2023 20:55:08 GMT
Connection: keep-alive
clezgashop.fr/
185.98.131.141200 OK 33 kB IP 185.98.131.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (51508)
Hash ab789dae6f8e144d080b8e5614b942ea
0e5d58ff44641a91850994ea7d014b8774b9c278
e5e4c0db74c9ada12098204e57042b76a2beebfe79791f9be75f2e2a001d6985
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:08 GMT
content-type: text/html; charset=UTF-8
content-length: 33036
x-powered-by: PHP/7.4.33
link: <https://clezgashop.fr/wp-json/>; rel="https://api.w.org/", <https://clezgashop.fr/wp-json/wp/v2/pages/4506>; rel="alternate"; type="application/json", <https://clezgashop.fr/>; rel=shortlink
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/uploads/elementor/css/post-6377.css?ver=1648145088
185.98.131.141200 OK 500 B URL HTTP/2 clezgashop.fr/wp-content/uploads/elementor/css/post-6377.css?ver=1648145088
IP 185.98.131.141:0
File type ASCII text, with very long lines (3725), with no line terminators
Hash c457ae47ce59158ffbe76a9af734fdc2
2425d9530c98a840d7ba422493eee9e3c12f9643
6fbba5416731bba572c9ee534bf165a54e021171482a80f506f2dd8ca760ca84
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-6377.css?ver=1648145088 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: text/css
content-length: 500
last-modified: Thu, 24 Mar 2022 18:04:48 GMT
etag: "e8d-5dafaae88bf8c-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/uploads/elementor/css/post-6377.css?ver=1648145088?ver=1648145088
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/plugins/striz-core/assets/css/magnific-popup.css?ver=5.9.5
185.98.131.141200 OK 1.7 kB URL HTTP/2 clezgashop.fr/wp-content/plugins/striz-core/assets/css/magnific-popup.css?ver=5.9.5
IP 185.98.131.141:0
Hash 4d340b58816b59e259b1dcb157b5e753
c9526d081907bc3dfabb5afc45850c872a7975b1
31fb18d79cfb3995704a0cf74ce41d307cc3e752b26283995689b799e2a47e8e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/striz-core/assets/css/magnific-popup.css?ver=5.9.5 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: text/css
content-length: 1690
last-modified: Thu, 24 Mar 2022 18:04:59 GMT
etag: "1b8e-5dafaaf37fb2c-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/plugins/striz-core/assets/css/magnific-popup.css?ver=5.9.5?ver=5.9.5
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/themes/striz/assets/css/opal-boostrap.css?ver=5.9.5
185.98.131.141200 OK 13 kB URL HTTP/2 clezgashop.fr/wp-content/themes/striz/assets/css/opal-boostrap.css?ver=5.9.5
IP 185.98.131.141:0
File type ASCII text, with very long lines (7027)
Hash d2835ffdf7017e49743f08832253c3b8
7cb82c78456d5ab516afff8b1b5cfd154a0a4210
bbdb9956f6118a78f2aae1759f13d340d2454baadea88e7cf65fa56d542d3f89
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/striz/assets/css/opal-boostrap.css?ver=5.9.5 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: text/css
content-length: 13095
last-modified: Wed, 09 Mar 2022 18:38:31 GMT
etag: "199af-5d9cd677cabd4-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/themes/striz/assets/css/opal-boostrap.css?ver=5.9.5?ver=5.9.5
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.1
185.98.131.141200 OK 13 kB URL HTTP/2 clezgashop.fr/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.1
IP 185.98.131.141:0
File type ASCII text, with very long lines (65497)
Hash 564e1610203abdfd559f8485e293f4fe
e1aebb96114606411a5c39d1a1746492a36c3b43
f008ce1bdc8baefb21a143668fe9d4d3e7bcd4906430d5411b67314aefccc5d0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.1 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: text/css
content-length: 12745
last-modified: Thu, 24 Mar 2022 18:04:39 GMT
etag: "1a564-5dafaae0093fa-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.1?ver=3.6.1
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/plugins/striz-core/assets/css/elementor/style.css?ver=2.9.2
185.98.131.141200 OK 12 kB URL HTTP/2 clezgashop.fr/wp-content/plugins/striz-core/assets/css/elementor/style.css?ver=2.9.2
IP 185.98.131.141:0
File type Unicode text, UTF-8 text, with very long lines (1601)
Hash fa675f633f864f0b974c2d99c6661f14
2cc97178292c682a3d1906dc4190d4a5d8eaf7bb
57ed1254cdec248c7a77bda7b2a6af42fcb9921e35cda28c02b312f3a967a8a9
GET /wp-content/plugins/striz-core/assets/css/elementor/style.css?ver=2.9.2 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: text/css
content-length: 11496
last-modified: Thu, 24 Mar 2022 18:04:59 GMT
etag: "17cb2-5dafaaf37eb8c-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/plugins/striz-core/assets/css/elementor/style.css?ver=2.9.2?ver=2.9.2
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/themes/striz/style.css?ver=5.9.5
185.98.131.141200 OK 24 kB URL HTTP/2 clezgashop.fr/wp-content/themes/striz/style.css?ver=5.9.5
IP 185.98.131.141:0
File type Unicode text, UTF-8 text, with very long lines (8561)
Hash d92c8b451e59a9fa259c3f056701a20a
25655d9535384f518d1e2838a72eefe44cba1fcb
34ac1d56a115fdb3f58d7070b165eea8a9dbbf2a66dd4cc69a9af0fdcc81a599
GET /wp-content/themes/striz/style.css?ver=5.9.5 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: text/css
content-length: 24352
last-modified: Wed, 09 Mar 2022 18:38:31 GMT
etag: "24446-5d9cd677b82f4-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/themes/striz/style.css?ver=5.9.5?ver=5.9.5
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
185.98.131.141200 OK 6.7 kB URL HTTP/2 clezgashop.fr/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP 185.98.131.141:0
File type ASCII text, with very long lines (30837)
Hash 3bca42e5004726d89ebdea033d8ae93f
629b1195ec0fa24286d5d6a06fe319c139a4872f
1f3dde16a1674c2dcc2af76809687ed4ab30a42c4a3097fb6d53b6115fbd294b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: text/css
content-length: 6662
last-modified: Thu, 24 Mar 2022 18:04:39 GMT
etag: "7917-5dafaadfdf419-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0?ver=4.7.0
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/uploads/elementor/css/global.css?ver=1648145099
185.98.131.141200 OK 2.1 kB URL HTTP/2 clezgashop.fr/wp-content/uploads/elementor/css/global.css?ver=1648145099
IP 185.98.131.141:0
File type ASCII text, with very long lines (8904)
Hash c6ccb19b3f91c866357c4d36f928a592
096e871ac8ffd8af1acaae6566495651f5f78b62
2006334bc0a0a1ac29f0738067ebdde403f59d43fcdaa1e47a80890a812ecf69
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/global.css?ver=1648145099 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: text/css
content-length: 2098
last-modified: Thu, 24 Mar 2022 18:04:59 GMT
etag: "72cf-5dafaaf35f78c-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/uploads/elementor/css/global.css?ver=1648145099?ver=1648145099
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.9.0
185.98.131.141200 OK 1.1 kB URL HTTP/2 clezgashop.fr/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.9.0
IP 185.98.131.141:0
File type ASCII text, with very long lines (4933), with no line terminators
Hash 3029e2a6d3b1a6a511dbde8b5a0d85fc
1d1269cf17ca8cbbef9a7e13a877529a82099689
747fbbc0f2cff079a6fe042d2562b9961464422e037f1d8ba3d1f67da6aa9c05
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.9.0 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: text/css
content-length: 1111
last-modified: Thu, 10 Mar 2022 20:19:26 GMT
etag: "1345-5d9e2ee39da67-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.9.0?ver=6.9.0
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:55:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
clezgashop.fr/wp-includes/css/dist/block-library/style.min.css?ver=5.9.5
185.98.131.141200 OK 10 kB URL HTTP/2 clezgashop.fr/wp-includes/css/dist/block-library/style.min.css?ver=5.9.5
IP 185.98.131.141:0
File type ASCII text, with very long lines (39791)
Hash fa010c5c4f35423b2ee713efc7a10726
70d72cf774bdfd56b3ada4f5f1daf58c32e5b3a8
c2dcf4191030910e4a285d074e16fc98848d3cf32744c23a110f90a9bcdb43f6
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.9.5 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: text/css
content-length: 10546
last-modified: Tue, 05 Apr 2022 20:18:41 GMT
etag: "145db-5dbedf369bea1-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-includes/css/dist/block-library/style.min.css?ver=5.9.5?ver=5.9.5
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/plugins/striz-core/assets/js/carousel.js?ver=5.9.5
185.98.131.141200 OK 1.6 kB URL HTTP/2 clezgashop.fr/wp-content/plugins/striz-core/assets/js/carousel.js?ver=5.9.5
IP 185.98.131.141:0
File type ASCII text, with very long lines (4375)
Hash 4ce10a028e39aee174bad20df94c7964
40aae2732765ca7500d68ceb619d0ab4b065144e
a6d564a21c1c4a050a2b940e2c13f6254acf632a8727f07a9e31ced87617ec55
GET /wp-content/plugins/striz-core/assets/js/carousel.js?ver=5.9.5 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: application/javascript
content-length: 1551
last-modified: Thu, 24 Mar 2022 18:04:59 GMT
etag: "113d-5dafaaf35a96c-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/plugins/striz-core/assets/js/carousel.js?ver=5.9.5?ver=5.9.5
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:55:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d81f874741beb45c89de8bb5c6de438e
a251ab903e654953631d84721479bbae55aa5cdf
ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:55:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
clezgashop.fr/wp-content/uploads/elementor/css/post-84.css?ver=1648145099
185.98.131.141200 OK 307 B URL HTTP/2 clezgashop.fr/wp-content/uploads/elementor/css/post-84.css?ver=1648145099
IP 185.98.131.141:0
File type ASCII text, with very long lines (1118), with no line terminators
Hash 45d9b083b2e2f9defd660712cafc6626
81fa9a43cd144ce688f97bfa2affdd6bf27e7100
7fae6a6e769fdfd7ceed365dc4da1a3d003ec820a9ce2385ba931b12386821eb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-84.css?ver=1648145099 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: text/css
content-length: 307
last-modified: Thu, 24 Mar 2022 18:04:59 GMT
etag: "45e-5dafaaf2c81a8-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/uploads/elementor/css/post-84.css?ver=1648145099?ver=1648145099
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/plugins/striz-core/assets/css/plugin-update.css
185.98.131.141200 OK 205 B URL HTTP/2 clezgashop.fr/wp-content/plugins/striz-core/assets/css/plugin-update.css
IP 185.98.131.141:0
Hash 809ba3ba94693020fb97be9b6554253c
51a6433581007ece8f3a09a6412d7246b54f6bb0
4c2d22b4bbb8001efa5402bed322e28f44efbdad4fff9f75068be9fd9697546c
GET /wp-content/plugins/striz-core/assets/css/plugin-update.css HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: text/css
content-length: 205
last-modified: Thu, 24 Mar 2022 18:04:59 GMT
etag: "631-5dafaaf379d6c-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/plugins/striz-core/assets/css/plugin-update.css
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/uploads/elementor/css/post-4506.css?ver=1648900692
185.98.131.141200 OK 148 B URL HTTP/2 clezgashop.fr/wp-content/uploads/elementor/css/post-4506.css?ver=1648900692
IP 185.98.131.141:0
File type ASCII text, with very long lines (793), with no line terminators
Hash 11237c354a0809c25c84db3f7eddbec5
7488b82d863aa67d728e251ac79782b08b1df0e4
1db37da1ed290beba1d7200c767e02b7006c06186534b6c48d80c4a8c27ebabd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-4506.css?ver=1648900692 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: text/css
content-length: 148
last-modified: Sat, 02 Apr 2022 11:58:12 GMT
etag: "319-5dbaa9c132d0f-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/uploads/elementor/css/post-4506.css?ver=1648900692?ver=1648900692
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6
185.98.131.141200 OK 849 B URL HTTP/2 clezgashop.fr/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6
IP 185.98.131.141:0
Hash 206db6362f8b7f33b19b3cdbd3a9d057
8985a296fa427906875c57f2725c5b44488a7ab3
649ae4ae461fd7aadfc63f0cb914cb996e2559778721f82dc40daacc06c595d2
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: text/css
content-length: 849
last-modified: Wed, 09 Mar 2022 18:39:11 GMT
etag: "aab-5d9cd69dc478c-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6?ver=5.5.6
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/plugins/striz-core/assets/js/libs/modernizr.custom.js?ver=2.9.2
185.98.131.141200 OK 3.8 kB URL HTTP/2 clezgashop.fr/wp-content/plugins/striz-core/assets/js/libs/modernizr.custom.js?ver=2.9.2
IP 185.98.131.141:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (8820)
Hash 9723ef14a0e3498c72cc0ead936b1853
6701ef3b90c6832a0dc645ec499120cd9b72dfdb
66196cb26d554389d46cc19b241c2b5ecb652626ab4fe27cf362b9062db87451
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/striz-core/assets/js/libs/modernizr.custom.js?ver=2.9.2 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: application/javascript
content-length: 3761
last-modified: Thu, 24 Mar 2022 18:04:59 GMT
etag: "232b-5dafaaf35f78c-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/plugins/striz-core/assets/js/libs/modernizr.custom.js?ver=2.9.2?ver=2.9.2
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/themes/striz/assets/css/carousel.css?ver=5.9.5
185.98.131.141200 OK 1.5 kB URL HTTP/2 clezgashop.fr/wp-content/themes/striz/assets/css/carousel.css?ver=5.9.5
IP 185.98.131.141:0
Hash 31b5922d160211f31b558939d5b4d3a6
a6360e2669b7af74c872fcc61948ddd87a87808f
26fe149ae1f2e49f42e470f74f3894b2b81346fecdd2343af440dc7d920dafcc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/striz/assets/css/carousel.css?ver=5.9.5 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: text/css
content-length: 1462
last-modified: Wed, 09 Mar 2022 18:38:31 GMT
etag: "1ab4-5d9cd677cbb74-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/themes/striz/assets/css/carousel.css?ver=5.9.5?ver=5.9.5
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
185.98.131.141200 OK 4.0 kB URL HTTP/2 clezgashop.fr/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 185.98.131.141:0
File type ASCII text, with very long lines (11126)
Hash 1fbb59519536e28eeb7ae7173973c39f
f6542c5d0f96f621eea4f3cb442021dfe33863fa
b1b54befd52c3605721bf8b5a6c0290c572929138358738826873751256b191c
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: application/javascript
content-length: 3998
last-modified: Tue, 02 Feb 2021 07:43:52 GMT
etag: "2bd8-5ba55a1bc1e00-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2?ver=3.3.2
accept-ranges: bytes
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-223833553-1
142.250.74.40200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-223833553-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (1759)
Hash 8072ddb010c3b7514bb446f047d88239
846ac4bd9b54b39deba17cce69d59898d58d09b0
de4439894c8539877fe1435743aac4666ff10389f2fe1a14a8bfa56d81d52c7d
GET /gtag/js?id=UA-223833553-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 20:55:09 GMT
expires: Mon, 30 Jan 2023 20:55:09 GMT
cache-control: private, max-age=900
last-modified: Mon, 30 Jan 2023 20:00:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44089
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/themes/striz/assets/css/opal-icons.css?ver=5.9.5
185.98.131.141200 OK 7.5 kB URL HTTP/2 clezgashop.fr/wp-content/themes/striz/assets/css/opal-icons.css?ver=5.9.5
IP 185.98.131.141:0
File type troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (1115)
Hash 7d275ba5ceda15d2d193fee55f39a929
f9d80fde130036a8315d4ae36365dc9205215620
50bfe22e6c5e9953623cd57c0c91731aa7d6e65833a93a8d28c90bf13b9eaccd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/striz/assets/css/opal-icons.css?ver=5.9.5 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: text/css
content-length: 7549
last-modified: Wed, 09 Mar 2022 18:38:31 GMT
etag: "9c00-5d9cd677cabd4-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/themes/striz/assets/css/opal-icons.css?ver=5.9.5?ver=5.9.5
accept-ranges: bytes
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.227.109.32101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.227.109.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LcSyUP2qhiU2KGeoCcSJ6Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9QQsgg3xKEXziBCDw//Hu6cZVn4=
clezgashop.fr/wp-content/themes/striz/assets/js/libs/owl.carousel.js?ver=2.2.1
185.98.131.141200 OK 19 kB URL HTTP/2 clezgashop.fr/wp-content/themes/striz/assets/js/libs/owl.carousel.js?ver=2.2.1
IP 185.98.131.141:0
Hash 1960c3a4b6fb0e0eb718168da71ebceb
f0350a20a98f16305079537e5db47b0830ddeef1
bdf38c00d5c88b021483fa087698ad3eecfabda5cc4ed3a9611950738e1e497a
GET /wp-content/themes/striz/assets/js/libs/owl.carousel.js?ver=2.2.1 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: application/javascript
content-length: 18655
last-modified: Wed, 09 Mar 2022 18:38:31 GMT
etag: "1952f-5d9cd677d0994-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/themes/striz/assets/js/libs/owl.carousel.js?ver=2.2.1?ver=2.2.1
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/uploads/2022/03/nouveau-logo.png
185.98.131.141200 OK 35 kB URL HTTP/2 clezgashop.fr/wp-content/uploads/2022/03/nouveau-logo.png
IP 185.98.131.141:0
File type PNG image data, 500 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash c7c8bbdb6f03baa8f368884af09cb825
09dc5a352f770cc78898c37af0f5b84ac9e41423
2a5105937d5bbaaa0fe293f0902d251699725f146da01a69d7c15f4588f69881
GET /wp-content/uploads/2022/03/nouveau-logo.png HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: image/png
content-length: 35010
last-modified: Mon, 14 Mar 2022 19:05:24 GMT
etag: "88c2-5da325cd8954d"
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/uploads/2022/03/nouveau-logo.png
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.9.0
185.98.131.141200 OK 20 kB URL HTTP/2 clezgashop.fr/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.9.0
IP 185.98.131.141:0
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Hash 593378cbf474809f3eb51df98f1315a5
1cacdc93348b2aec17e3e2270cf978d1d122d541
cd34b379cea4e94a141f0ead3615e170a3994e9a5982955de821cf96aa55b9d7
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.9.0 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: text/css
content-length: 19991
last-modified: Thu, 10 Mar 2022 20:19:26 GMT
etag: "333a7-5d9e2ee391ee7-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.9.0?ver=6.9.0
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
185.98.131.141200 OK 31 kB URL HTTP/2 clezgashop.fr/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 185.98.131.141:0
File type ASCII text, with very long lines (62390)
Hash 05e7ff1e76fdc81b0e33371f17135538
d8e0e2861423cd0e8c30f93d284e0152c0defec6
5d6e23a4a4c8dfca1a48b0928cc20cab551ce862ed10764c480eea7123e5c219
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: application/javascript
content-length: 30985
last-modified: Sat, 19 Nov 2022 18:05:46 GMT
etag: "169a2-5edd6abe334c5-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-includes/js/jquery/jquery.min.js?ver=3.6.0?ver=3.6.0
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/themes/striz/assets/css/woocommerce.css?ver=5.9.5
185.98.131.141200 OK 29 kB URL HTTP/2 clezgashop.fr/wp-content/themes/striz/assets/css/woocommerce.css?ver=5.9.5
IP 185.98.131.141:0
File type ASCII text, with very long lines (1658)
Hash 4d6365e43a60dbb15308aafc8da868b8
af36a41811706aa18b6892898b412a886669b154
20617d3b2bb9446235c44b476c761eb030851d84f133ce5938589243ffe995ec
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/striz/assets/css/woocommerce.css?ver=5.9.5 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: text/css
content-length: 28849
last-modified: Wed, 09 Mar 2022 18:38:31 GMT
etag: "2f0af-5d9cd677cbb74-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/themes/striz/assets/css/woocommerce.css?ver=5.9.5?ver=5.9.5
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/plugins/striz-core/assets/js/libs/mlpushmenu.js?ver=2.9.2
185.98.131.141200 OK 3.9 kB URL HTTP/2 clezgashop.fr/wp-content/plugins/striz-core/assets/js/libs/mlpushmenu.js?ver=2.9.2
IP 185.98.131.141:0
File type ASCII text, with very long lines (2057)
Hash b2c674c4c311d89e937998c345dd8c6c
20b2f14a5b827902bae432160c799441b69f4661
0aeb71f2bfa40c33d2ff2dee4bdd803c4a500109f02202b405c0c8d7980e0bc9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/striz-core/assets/js/libs/mlpushmenu.js?ver=2.9.2 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: application/javascript
content-length: 3862
last-modified: Thu, 24 Mar 2022 18:04:59 GMT
etag: "302d-5dafaaf35e7ec-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/plugins/striz-core/assets/js/libs/mlpushmenu.js?ver=2.9.2?ver=2.9.2
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
185.98.131.141200 OK 3.1 kB URL HTTP/2 clezgashop.fr/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
IP 185.98.131.141:0
File type HTML document, ASCII text, with very long lines (9720), with no line terminators
Hash 39b0659baedd99b8ae0c6f1c3bdcf890
bbeb4ebd6ccd51a78f2f491148ce6448bf97912a
2d695823e0974b62873ca201cb3f0de70d9cc926aaefa58b9902b27610584f1d
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: application/javascript
content-length: 3056
last-modified: Wed, 09 Mar 2022 18:39:11 GMT
etag: "25f8-5d9cd69dc478c-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6?ver=5.5.6
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/plugins/striz-core/assets/js/libs/jquery.smartmenus.min.js?ver=2.9.2
185.98.131.141200 OK 6.8 kB URL HTTP/2 clezgashop.fr/wp-content/plugins/striz-core/assets/js/libs/jquery.smartmenus.min.js?ver=2.9.2
IP 185.98.131.141:0
File type ASCII text, with very long lines (24459)
Hash f8b905f4e4ae01ee114168b3dd90ffda
10501650420c1e3f8f1068fc6b215383678f1db9
e430d01888d95d7ab37827093acd1ad89aa7d0885e41bffac603fbebb0a13437
GET /wp-content/plugins/striz-core/assets/js/libs/jquery.smartmenus.min.js?ver=2.9.2 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: application/javascript
content-length: 6824
last-modified: Thu, 24 Mar 2022 18:04:59 GMT
etag: "5fe4-5dafaaf36072c-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/plugins/striz-core/assets/js/libs/jquery.smartmenus.min.js?ver=2.9.2?ver=2.9.2
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/plugins/striz-core/assets/js/libs/jquery.magnific-popup.min.js?ver=5.9.5
185.98.131.141200 OK 7.1 kB URL HTTP/2 clezgashop.fr/wp-content/plugins/striz-core/assets/js/libs/jquery.magnific-popup.min.js?ver=5.9.5
IP 185.98.131.141:0
File type ASCII text, with very long lines (20087)
Hash 8f456881d37ea9492f33986ae7a20985
8fda79318fd0fb51bc8bd7d2bbe6731bf90fe4eb
00489bd2f2f35779c09bb2930ce6818e4f3a37758c72ac89d55b129db8f95c9f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/striz-core/assets/js/libs/jquery.magnific-popup.min.js?ver=5.9.5 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: application/javascript
content-length: 7055
last-modified: Thu, 24 Mar 2022 18:04:59 GMT
etag: "4ef8-5dafaaf35e7ec-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/plugins/striz-core/assets/js/libs/jquery.magnific-popup.min.js?ver=5.9.5?ver=5.9.5
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888
185.98.131.141200 OK 7.5 kB URL HTTP/2 clezgashop.fr/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888
IP 185.98.131.141:0
File type Web Open Font Format, TrueType, length 7536, version 1.0\012- data
Hash 04eb8fc57f27498e5ae37523e3bfb2c7
d942ae11706c3f7e511e3c49b0e4574d7ad199c4
f7b9c3065e55fa3b9e320093612e7b30dcb14355a44ec461247b495a3e729686
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: font/woff
content-length: 7536
last-modified: Wed, 09 Mar 2022 18:38:56 GMT
etag: "1d70-5d9cd68fd223d"
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888?5510888
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
185.98.131.141200 OK 2.3 kB URL HTTP/2 clezgashop.fr/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 185.98.131.141:0
File type ASCII text, with very long lines (6494), with no line terminators
Hash 64fcbf4f0f2ff0fdbd1d0357d9b14c80
695b5047aebad8d9758b4035904f9355712c2d07
a39e9a026574d6cdc79847f959710a17772a18d8cde300126e7b53b4134669ef
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: application/javascript
content-length: 2334
last-modified: Wed, 09 Mar 2022 19:10:24 GMT
etag: "195e-5d9cdd98c0ad1-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9?ver=0.13.9
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-includes/js/wp-emoji-release.min.js?ver=5.9.5
185.98.131.141200 OK 5.2 kB URL HTTP/2 clezgashop.fr/wp-includes/js/wp-emoji-release.min.js?ver=5.9.5
IP 185.98.131.141:0
File type ASCII text, with very long lines (15224)
Hash 1ee91804d55adf2f56198284af7cdf33
e268adc10371d1aa106c35c96fc916ab44e81cb0
ee2e77c861bd33e53a6e6f405c1788b0efb322599594811967ca47caaa90a738
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.9.5 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: application/javascript
content-length: 5193
last-modified: Sat, 19 Nov 2022 18:05:46 GMT
etag: "52f6-5edd6abe334c5-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-includes/js/wp-emoji-release.min.js?ver=5.9.5?ver=5.9.5
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/themes/striz/assets/js/navigation.js?ver=1.0
185.98.131.141200 OK 386 B URL HTTP/2 clezgashop.fr/wp-content/themes/striz/assets/js/navigation.js?ver=1.0
IP 185.98.131.141:0
Hash cc2c9265642cf1a039a6990d1d61639a
d95d92725ce04ed1df497067ae70dd80812d05cf
7b4200f1f180a196e88e7791534992e5176f06e7a2bd62cf150902bcf88d11d8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/striz/assets/js/navigation.js?ver=1.0 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: application/javascript
content-length: 386
last-modified: Wed, 09 Mar 2022 18:38:31 GMT
etag: "371-5d9cd677cf9f4-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/themes/striz/assets/js/navigation.js?ver=1.0?ver=1.0
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.3.1
185.98.131.141200 OK 3.2 kB URL HTTP/2 clezgashop.fr/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.3.1
IP 185.98.131.141:0
File type ASCII text, with very long lines (9139)
Hash 75d317bc33d2b7fbc8dda9610accdfc1
311b1c62b413f83a53efeb1390ee66187d395a61
b51002d703891c20cfd8d4ee7313f85012d81a32db13519f31a96d73f3027642
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.3.1 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: application/javascript
content-length: 3248
last-modified: Thu, 10 Mar 2022 20:19:27 GMT
etag: "253d-5d9e2ee4bdbcd-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.3.1?ver=2.7.0-wc.6.3.1
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/themes/striz/assets/js/sticky-layout.js?ver=5.9.5
185.98.131.141200 OK 1.8 kB URL HTTP/2 clezgashop.fr/wp-content/themes/striz/assets/js/sticky-layout.js?ver=5.9.5
IP 185.98.131.141:0
File type ASCII text, with very long lines (4735)
Hash 8b2047a8260233caf7d6fd9629c82890
521a45fe69ad31107bdefaa8b42d3bf746a0a23f
9f8f1266597d713bb5c823d556b5b43d5d691c3254e7739b99e7dcc1aa849394
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/striz/assets/js/sticky-layout.js?ver=5.9.5 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: application/javascript
content-length: 1782
last-modified: Wed, 09 Mar 2022 18:38:31 GMT
etag: "12aa-5d9cd677d1934-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/themes/striz/assets/js/sticky-layout.js?ver=5.9.5?ver=5.9.5
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/themes/striz/assets/js/theme.js?ver=1.0
185.98.131.141200 OK 3.8 kB URL HTTP/2 clezgashop.fr/wp-content/themes/striz/assets/js/theme.js?ver=1.0
IP 185.98.131.141:0
File type ASCII text, with very long lines (564)
Hash 4e063597dd471449a44b29930f59f24d
e7cd0b261c026135b9fb2beaf8cbcff5ed1633d0
bf067ec1e01158d5321f9d3f4b5d302c1e41ebc6a0ed7e9a5deaa66d6c085289
GET /wp-content/themes/striz/assets/js/theme.js?ver=1.0 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: application/javascript
content-length: 3808
last-modified: Wed, 09 Mar 2022 18:38:31 GMT
etag: "501f-5d9cd677cf9f4-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/themes/striz/assets/js/theme.js?ver=1.0?ver=1.0
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.3.1
185.98.131.141200 OK 900 B URL HTTP/2 clezgashop.fr/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.3.1
IP 185.98.131.141:0
File type ASCII text, with very long lines (1668)
Hash bae8297b8ca8146040b803dc6f000cc6
b4f1e509a6b5145c72a5915d8a1ed16ca78fe88d
f5190f093f79861ec3bb71ed1a5846e2a29f5340ea21ae3147ee93ced34846ad
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.3.1 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: application/javascript
content-length: 900
last-modified: Thu, 10 Mar 2022 20:19:27 GMT
etag: "72a-5d9e2ee4dfead-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.3.1?ver=2.1.4-wc.6.3.1
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.1
185.98.131.141200 OK 2.0 kB URL HTTP/2 clezgashop.fr/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.1
IP 185.98.131.141:0
File type ASCII text, with very long lines (4921)
Hash 54b44f20c7100b2dde1f969d46f2d6b4
9b8f3b58bb6b538f584ef64b292a70e346fe48b3
a12b79db48a47a63b5686e57b55262472d56220a024623bbf6f2c5548a467814
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.1 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: application/javascript
content-length: 2049
last-modified: Thu, 24 Mar 2022 18:04:39 GMT
etag: "1360-5dafaadfbb1f8-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.1?ver=3.6.1
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.3.1
185.98.131.141200 OK 679 B URL HTTP/2 clezgashop.fr/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.3.1
IP 185.98.131.141:0
File type ASCII text, with very long lines (2139), with no line terminators
Hash 5e1de0f81a6d91def6c7c83565a063f7
68c09e81c28067e11f86678389df2e548e5fcaaf
3e366ca3b7bf9e91bd95d83f05d47552d46501d6c9b1fdd908e732ea38ede24d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.3.1 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: application/javascript
content-length: 679
last-modified: Thu, 10 Mar 2022 20:19:27 GMT
etag: "85b-5d9e2ee4c686d-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.3.1?ver=6.3.1
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2-wc.6.3.1
185.98.131.141200 OK 6.3 kB URL HTTP/2 clezgashop.fr/wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2-wc.6.3.1
IP 185.98.131.141:0
File type ASCII text, with very long lines (22772), with no line terminators
Hash 30905b5a5219938248343e97f458ff39
7977eed1a25f660338bb89774a61d9db3454a978
3ee7ee8125ec2104b805abb0a199ed6295297008caf032501ebcac05770cf573
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2-wc.6.3.1 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: application/javascript
content-length: 6284
last-modified: Thu, 10 Mar 2022 20:19:27 GMT
etag: "58f4-5d9e2ee4bfb0d-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2-wc.6.3.1?ver=2.7.2-wc.6.3.1
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/plugins/striz-core/assets/js/woocommerce/main.js?ver=5.9.5
185.98.131.141200 OK 3.7 kB URL HTTP/2 clezgashop.fr/wp-content/plugins/striz-core/assets/js/woocommerce/main.js?ver=5.9.5
IP 185.98.131.141:0
File type ASCII text, with very long lines (12547)
Hash 8b4eb0fbc682e944d5f49ec1cada96a9
4cd49441f7e8f62f89bbafe81a7ce0d132d3f2a9
266e6f4f376bef8e3a6fda918515c06c531038ba8233c0aa46000b0aa975014b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/striz-core/assets/js/woocommerce/main.js?ver=5.9.5 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: application/javascript
content-length: 3718
last-modified: Thu, 24 Mar 2022 18:04:59 GMT
etag: "3125-5dafaaf36266c-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/plugins/striz-core/assets/js/woocommerce/main.js?ver=5.9.5?ver=5.9.5
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/plugins/striz-core/assets/js/SmoothScroll.min.js?ver=1.4.8
185.98.131.141200 OK 6.7 kB URL HTTP/2 clezgashop.fr/wp-content/plugins/striz-core/assets/js/SmoothScroll.min.js?ver=1.4.8
IP 185.98.131.141:0
Hash 30b5fd7fb37b32c8673b700dd5957d80
2c5bd15b9e78d660b5d94296783c58006b3fda12
8fa9e21aa21911ce37e0735819c0c1f6476076ce1b341b6e4ef961c639bddb4a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/striz-core/assets/js/SmoothScroll.min.js?ver=1.4.8 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: application/javascript
content-length: 6659
last-modified: Thu, 24 Mar 2022 18:04:59 GMT
etag: "636a-5dafaaf35b90c-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/plugins/striz-core/assets/js/SmoothScroll.min.js?ver=1.4.8?ver=1.4.8
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
185.98.131.141200 OK 2.9 kB URL HTTP/2 clezgashop.fr/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 185.98.131.141:0
File type ASCII text, with very long lines (12198), with no line terminators
Hash 944267e8c3c28fae2ad68dc9b6904f35
f4a5b08c185028bb018925510ddb2f987b6d612a
9b965c6204d91d7ca4ec7ffccb99510fda6aaed1bb98fdb0c844186bd1dc499d
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: application/javascript
content-length: 2869
last-modified: Thu, 24 Mar 2022 18:04:39 GMT
etag: "2fa6-5dafaadfefdb9-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2?ver=4.0.2
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-includes/js/underscore.min.js?ver=1.13.1
185.98.131.141200 OK 7.2 kB URL HTTP/2 clezgashop.fr/wp-includes/js/underscore.min.js?ver=1.13.1
IP 185.98.131.141:0
File type ASCII text, with very long lines (19034)
Hash 812327ec7ac4f469fbdbfab5237f60af
f69e9e79a3ce1b5e56ec25c530e30ec39cae2ddf
2f30f7dbde6ee54a27a6e8453bc0a2cf8047458f1f0302840352ebcbb95c9ce1
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/underscore.min.js?ver=1.13.1 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: application/javascript
content-length: 7200
last-modified: Wed, 09 Mar 2022 19:10:25 GMT
etag: "4a7d-5d9cdd98db0b1-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-includes/js/underscore.min.js?ver=1.13.1?ver=1.13.1
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.1
185.98.131.141200 OK 4.5 kB URL HTTP/2 clezgashop.fr/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.1
IP 185.98.131.141:0
File type ASCII text, with very long lines (14238)
Hash efc482132ec46fc7a4fd72cf179a42d1
5f4b041a69ca2a95cc051edda5e56b5736afa08c
194075527d6c34d6205d688b72d23b399ba46bf58fa456267f4ffa3add255ef7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.1 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: application/javascript
content-length: 4458
last-modified: Thu, 24 Mar 2022 18:04:39 GMT
etag: "37c5-5dafaadfb7378-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.1?ver=3.6.1
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.3.1
185.98.131.141200 OK 935 B URL HTTP/2 clezgashop.fr/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.3.1
IP 185.98.131.141:0
File type ASCII text, with very long lines (2938), with no line terminators
Hash 8808678d7771c96dfe8184d45afcf631
45ccea61b128e2e3d4898e90aee81f2ff2c0e021
117013c483418a69683244390c6b355ca9d764aaec7cd336adc3e0f3e7f00a54
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.3.1 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: application/javascript
content-length: 935
last-modified: Thu, 10 Mar 2022 20:19:27 GMT
etag: "b7a-5d9e2ee4c780d-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.3.1?ver=6.3.1
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:55:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d81f874741beb45c89de8bb5c6de438e
a251ab903e654953631d84721479bbae55aa5cdf
ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:55:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
clezgashop.fr/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
185.98.131.141200 OK 6.8 kB URL HTTP/2 clezgashop.fr/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 185.98.131.141:0
File type Unicode text, UTF-8 text, with very long lines (19111)
Hash 8aa9a8a4750b4f0fb7aec238b2ece3c1
2a1295b876aeab755668b714113edef08b989d08
d3da0b21783538c746068229d435e5cc29bd726c9450f349c8699d7307669bc0
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: application/javascript
content-length: 6826
last-modified: Wed, 09 Mar 2022 19:10:24 GMT
etag: "4b3d-5d9cdd98c1a71-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0?ver=3.15.0
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.3.1
185.98.131.141200 OK 974 B URL HTTP/2 clezgashop.fr/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.3.1
IP 185.98.131.141:0
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 40218fb136bda5c2cfee8516536bd958
de56391d1959fd40b8eab579be5d167c98355464
892f2ca3e12014023dc9f975d7a8a06b37bac9e37df85a15a2e958a3f5dc2c06
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.3.1 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: application/javascript
content-length: 974
last-modified: Thu, 10 Mar 2022 20:19:27 GMT
etag: "bdd-5d9e2ee4c686d-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.3.1?ver=6.3.1
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-includes/js/wp-util.min.js?ver=5.9.5
185.98.131.141200 OK 647 B URL HTTP/2 clezgashop.fr/wp-includes/js/wp-util.min.js?ver=5.9.5
IP 185.98.131.141:0
File type ASCII text, with very long lines (1305)
Hash 2a76be55e22646ae466bdf7f7b9547f3
9a36bc2691e2bd04a08858a234d017ac87e74745
38aa38eaeb3a904f34a2761068fddf3dc02cce608c7a07c3f45413bd6b378174
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-util.min.js?ver=5.9.5 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: application/javascript
content-length: 647
last-modified: Tue, 02 Nov 2021 07:58:23 GMT
etag: "53c-5cfc9a853e5c0-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-includes/js/wp-util.min.js?ver=5.9.5?ver=5.9.5
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.1
185.98.131.141200 OK 11 kB URL HTTP/2 clezgashop.fr/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.1
IP 185.98.131.141:0
File type ASCII text, with very long lines (37635)
Hash 81755606cb7d087ae2fab110d0bdf648
0ad3bf9bdea7d51b7a68b84ae2d06e884ae3aae2
b53e9f2bda4af40b90e079c9f8e42b6bb103a38bfcf13834a592021d57d0e55d
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.1 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: application/javascript
content-length: 10649
last-modified: Thu, 24 Mar 2022 18:04:39 GMT
etag: "932a-5dafaadfbb1f8-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.1?ver=3.6.1
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.3
185.98.131.141200 OK 12 kB URL HTTP/2 clezgashop.fr/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.3
IP 185.98.131.141:0
File type Unicode text, UTF-8 text, with very long lines (12602)
Hash ea655ec5d9ef5b7307b62f2aee12f2a2
616cae877202cf19e17a7c612e218f340c873cc2
659984f6a872eefd691b0277d1d739771ab0b2b0c6f9497ee8d4bd1d74893a0a
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.3 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: text/css
content-length: 11757
last-modified: Wed, 09 Mar 2022 18:38:55 GMT
etag: "e120-5d9cd68eaa3d6-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.3?ver=6.5.3
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
185.98.131.141200 OK 6.6 kB URL HTTP/2 clezgashop.fr/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 185.98.131.141:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash b60b90724ed922c710526c7cd7515524
cc593c4564a4e4d83430f2e1e22b9b9bd3a131ab
3da60ff06da0431b42abf004f8335056c1f99bc6042ddb78bb0f95d9740669b4
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: application/javascript
content-length: 6609
last-modified: Wed, 09 Mar 2022 19:10:25 GMT
etag: "50ea-5d9cdd98ef8d2-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1?ver=1.13.1
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/plugins/striz-core/assets/js/elementor/frontend.js?ver=5.9.5
185.98.131.141200 OK 4.6 kB URL HTTP/2 clezgashop.fr/wp-content/plugins/striz-core/assets/js/elementor/frontend.js?ver=5.9.5
IP 185.98.131.141:0
File type ASCII text, with very long lines (21865)
Hash cfbe31cab3bb2c27870e7ba2c0cd4b94
301c23bb0c432b3d2c8bd718947a796ebb694ac0
c08a5e665c3fe1808c7e22c95230cea1456a75ec87afcfee8c08ae02cc5c4053
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/striz-core/assets/js/elementor/frontend.js?ver=5.9.5 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: application/javascript
content-length: 4617
last-modified: Thu, 24 Mar 2022 18:04:59 GMT
etag: "558f-5dafaaf3645ac-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/plugins/striz-core/assets/js/elementor/frontend.js?ver=5.9.5?ver=5.9.5
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.3
185.98.131.141200 OK 46 kB URL HTTP/2 clezgashop.fr/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.3
IP 185.98.131.141:0
File type ASCII text, with very long lines (42889)
Hash 453a445adedac16153914d024f3822ea
c95df1f9895a69f009a00b7943ef99f576c90cac
34c772895556408f72878670a616c37e76fbcf7b06497378a625fd856db6f535
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.3 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: application/javascript
content-length: 45510
last-modified: Wed, 09 Mar 2022 18:38:55 GMT
etag: "1e4e6-5d9cd68eac316-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.3?ver=6.5.3
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/plugins/woocommerce-paypal-payments/modules/ppcp-button/assets/js/button.js?ver=1.7.0
185.98.131.141200 OK 41 kB URL HTTP/2 clezgashop.fr/wp-content/plugins/woocommerce-paypal-payments/modules/ppcp-button/assets/js/button.js?ver=1.7.0
IP 185.98.131.141:0
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash 0ce2d7d3f823741636742820bb8b65ab
cb2560e4e9c43298ef9b52b9823e10a814f3d8ee
b8a8d3aa744fb0f11a65129c16d3b45527b7d3bf5e5644212ae53c91ad3401dc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce-paypal-payments/modules/ppcp-button/assets/js/button.js?ver=1.7.0 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: application/javascript
content-length: 40965
last-modified: Sat, 02 Apr 2022 12:58:18 GMT
etag: "29a2e-5dbab72f63348-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/plugins/woocommerce-paypal-payments/modules/ppcp-button/assets/js/button.js?ver=1.7.0?ver=1.7.0
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:55:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/rubik/v23/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0U1.woff2
216.58.207.227200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/rubik/v23/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0U1.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 17424, version 1.0\012- data
Hash ae296b25384237514e540501a98ce4b2
f031046681848999f489f0585db7a5fc42270c42
69d2e3ffdee3731bdd06ac65ddd73d847cf46e42884cf21412960f376f411251
GET /s/rubik/v23/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0U1.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://clezgashop.fr
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17424
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 10:05:31 GMT
expires: Sat, 27 Jan 2024 10:05:31 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Dec 2022 18:11:52 GMT
content-type: font/woff2
age: 298178
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B4873z3bWuQ.woff2
216.58.207.227200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B4873z3bWuQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 21352, version 1.0\012- data
Hash 16cc9e59e14cc5df2278ec62d8340a8f
8e1575ef8c49a1473a58d00b409c61e25f7d2e2f
0b281bf2f4179c06ba68f0a427f2341287c41eacc2ce9d534c6f5c513ac633fb
GET /s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B4873z3bWuQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://clezgashop.fr
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 09:44:25 GMT
expires: Sun, 28 Jan 2024 09:44:25 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:30:34 GMT
content-type: font/woff2
age: 213044
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:55:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/barlowcondensed/v12/HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
216.58.207.227200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/barlowcondensed/v12/HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 20200, version 1.0\012- data
Hash c8e400bbebae36502af48dcd4a30ea7d
4ab1f2c2a30aef8c1905d94df3b199877103ddb7
af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff
GET /s/barlowcondensed/v12/HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://clezgashop.fr
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20200
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 02:05:56 GMT
expires: Sat, 27 Jan 2024 02:05:56 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:28:11 GMT
content-type: font/woff2
age: 326953
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://clezgashop.fr
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 13:09:06 GMT
expires: Wed, 24 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 546363
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/themes/striz/assets/fonts/opal-icon.woff2
185.98.131.141200 OK 7.7 kB URL HTTP/2 clezgashop.fr/wp-content/themes/striz/assets/fonts/opal-icon.woff2
IP 185.98.131.141:0
File type Web Open Font Format (Version 2), TrueType, length 7676, version 1.0\012- data
Hash e40392c799d733c306b8be66712f9b2d
4d3704eb5f5f99d34f90e70dcbef7cc7c6448224
9204dc643d1ed01c8e2402b7dc86e136545a80ad94f3892f4d0af8138c5a40e6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/striz/assets/fonts/opal-icon.woff2 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://clezgashop.fr/wp-content/themes/striz/assets/css/opal-icons.css?ver=5.9.5
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: font/woff2
content-length: 7676
last-modified: Wed, 09 Mar 2022 18:38:31 GMT
etag: "1dfc-5d9cd677cdab4"
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/themes/striz/assets/fonts/opal-icon.woff2
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/themes/striz/assets/fonts/fontawesome-webfont.woff?v=4.7.0
185.98.131.141200 OK 98 kB URL HTTP/2 clezgashop.fr/wp-content/themes/striz/assets/fonts/fontawesome-webfont.woff?v=4.7.0
IP 185.98.131.141:0
File type Web Open Font Format, TrueType, length 98024, version 4.7\012- data
Hash fee66e712a8a08eef5805a46892932ad
28b782240b3e76db824e12c02754a9731a167527
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/striz/assets/fonts/fontawesome-webfont.woff?v=4.7.0 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://clezgashop.fr/wp-content/themes/striz/assets/css/opal-icons.css?ver=5.9.5
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: font/woff
content-length: 98024
last-modified: Wed, 09 Mar 2022 18:38:31 GMT
etag: "17ee8-5d9cd677cdab4"
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/themes/striz/assets/fonts/fontawesome-webfont.woff?v=4.7.0?v=4.7.0
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/uploads/2022/03/fondtest.jpeg
185.98.131.141200 OK 556 kB URL HTTP/2 clezgashop.fr/wp-content/uploads/2022/03/fondtest.jpeg
IP 185.98.131.141:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 2246x1500, components 3\012- data
Size 556 kB (555618 bytes)
Hash f1a33955dbf7868a4d13de42385a96f7
92253148dc94cfbe49768b0e67756f41423b62ae
a516b021d674f98e42a9f5a72023b5ddeb889caf792b75a457e02bcc53334e3c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/03/fondtest.jpeg HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: image/jpeg
content-length: 555618
last-modified: Thu, 17 Mar 2022 09:44:48 GMT
etag: "87a62-5da66e18902d4"
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/uploads/2022/03/fondtest.jpeg
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/uploads/2022/03/hommenoirrouge-400x400.png
185.98.131.141200 OK 210 kB URL HTTP/2 clezgashop.fr/wp-content/uploads/2022/03/hommenoirrouge-400x400.png
IP 185.98.131.141:0
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size 210 kB (210222 bytes)
Hash f1efd6bd65411d26ee69ef30a5ebef86
2be4a9eb50ea6261f2f97a29d1d2983359ea1667
5b2f01142adef75db5de4a6c28805f1c657effa49cc6fe797cfb0b23c05e6d2c
GET /wp-content/uploads/2022/03/hommenoirrouge-400x400.png HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: image/png
content-length: 210222
last-modified: Thu, 17 Mar 2022 09:45:08 GMT
etag: "3352e-5da66e2badc10"
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/uploads/2022/03/hommenoirrouge-400x400.png
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/uploads/2022/03/homme-tshirt-noir-logo-jaune-400x400.png
185.98.131.141200 OK 222 kB URL HTTP/2 clezgashop.fr/wp-content/uploads/2022/03/homme-tshirt-noir-logo-jaune-400x400.png
IP 185.98.131.141:0
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size 222 kB (221517 bytes)
Hash a3fd3437b398210d735abd172c274c8e
6b8d2fe60ae744b22f090cea0175cbdc4245f1b3
dc995d66a310ab29c1beeecc5efa078af4acad14a8d63779003dc7ac1a463bb0
GET /wp-content/uploads/2022/03/homme-tshirt-noir-logo-jaune-400x400.png HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: image/png
content-length: 221517
last-modified: Thu, 17 Mar 2022 09:43:58 GMT
etag: "3614d-5da66de8b042d"
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/uploads/2022/03/homme-tshirt-noir-logo-jaune-400x400.png
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/uploads/2022/04/sublimated-t-shirt-mockup-featuring-a-young-man-with-sunglasses-31114-e1648899916846-400x400.png
185.98.131.141200 OK 200 kB URL HTTP/2 clezgashop.fr/wp-content/uploads/2022/04/sublimated-t-shirt-mockup-featuring-a-young-man-with-sunglasses-31114-e1648899916846-400x400.png
IP 185.98.131.141:0
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size 200 kB (199962 bytes)
Hash cd024945c9fa593caefea1c4afca7675
5e2a7b5c9dfba2248a639590e6543d16fd285107
83ff38fb3ec04ad666b6ece7b546ac49f449fb20c69fe815e0fd0d5031b18cae
GET /wp-content/uploads/2022/04/sublimated-t-shirt-mockup-featuring-a-young-man-with-sunglasses-31114-e1648899916846-400x400.png HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: image/png
content-length: 199962
last-modified: Sat, 02 Apr 2022 11:45:30 GMT
etag: "30d1a-5dbaa6ea615bd"
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/uploads/2022/04/sublimated-t-shirt-mockup-featuring-a-young-man-with-sunglasses-31114-e1648899916846-400x400.png
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/uploads/2022/03/femmerouge-1-e1647511353467-400x400.png
185.98.131.141200 OK 221 kB URL HTTP/2 clezgashop.fr/wp-content/uploads/2022/03/femmerouge-1-e1647511353467-400x400.png
IP 185.98.131.141:0
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size 221 kB (220850 bytes)
Hash fe93e57eb88576943825e54f877009ce
da49a0224dd59929703b830f34c64d09f3654246
a4f3e2c02aaf42eb25e0a399f46103dde5af203cfa0b452a5d70b04adfde5049
GET /wp-content/uploads/2022/03/femmerouge-1-e1647511353467-400x400.png HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: image/png
content-length: 220850
last-modified: Thu, 17 Mar 2022 10:02:47 GMT
etag: "35eb2-5da6721cbd5c4"
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/uploads/2022/03/femmerouge-1-e1647511353467-400x400.png
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/uploads/2022/03/femmenoirviolet-400x400.png
185.98.131.141200 OK 173 kB URL HTTP/2 clezgashop.fr/wp-content/uploads/2022/03/femmenoirviolet-400x400.png
IP 185.98.131.141:0
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size 173 kB (173186 bytes)
Hash d654aaa166581cec63868f52c6cb3d7e
66a66ef5a185308d9c5acab795839b5830a2c4bc
473f8e86b7c7182c76906cb3e97bd566a497ea03ccc4b65268bf4372a9765b7b
GET /wp-content/uploads/2022/03/femmenoirviolet-400x400.png HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: image/png
content-length: 173186
last-modified: Thu, 17 Mar 2022 09:45:03 GMT
etag: "2a482-5da66e26da659"
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/uploads/2022/03/femmenoirviolet-400x400.png
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/uploads/2022/03/Logoorange-400x400.png
185.98.131.141200 OK 230 kB URL HTTP/2 clezgashop.fr/wp-content/uploads/2022/03/Logoorange-400x400.png
IP 185.98.131.141:0
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size 230 kB (230022 bytes)
Hash 04e7b2d37e1233495efe514148405bf7
5af8ddeabedb8a31c80a6067e8ec2bf0da957f0d
548a494777f1d61f233a757912d19c4e4ee3b8dd66865f088b83a628778fee89
GET /wp-content/uploads/2022/03/Logoorange-400x400.png HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: image/png
content-length: 230022
last-modified: Thu, 17 Mar 2022 09:44:47 GMT
etag: "38286-5da66e17991af"
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/uploads/2022/03/Logoorange-400x400.png
accept-ranges: bytes
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/uploads/2022/03/streatlogo3b-1536x1018.png
185.98.131.141200 OK 2.2 MB URL HTTP/2 clezgashop.fr/wp-content/uploads/2022/03/streatlogo3b-1536x1018.png
IP 185.98.131.141:0
File type PNG image data, 1536 x 1018, 8-bit/color RGB, non-interlaced\012- data
Size 2.2 MB (2184473 bytes)
Hash a7dc728cde4f1fabcaf58a42ff2e914f
a61f4afd0b636bfdbaf58279946dbe48f0883693
3a736a9a17322e9eb21f7c077302d7044c4099518a07f62215c4f855241c7010
GET /wp-content/uploads/2022/03/streatlogo3b-1536x1018.png HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: image/png
content-length: 2184473
last-modified: Mon, 14 Mar 2022 19:11:31 GMT
etag: "215519-5da3272bbb310"
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/uploads/2022/03/streatlogo3b-1536x1018.png
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5c5bc701375ee726e789d906137c3327
82ae36f943c89e5b60c12f2b09ab2e6b866b3c75
6efceb2ae05906e09732571d3e9a00ede94c80404ca0c99a51cc498497c9012b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6372
Cache-Control: max-age=108625
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:55:10 GMT
Etag: "63d71b1b-1d7"
Expires: Wed, 01 Feb 2023 03:05:35 GMT
Last-Modified: Mon, 30 Jan 2023 01:19:23 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fc7d63f63e9fa947afd2f758c34ff27f
9272f8f415e80097225958303b822bc2021f55f1
8b6daa1a0bc87599762b2245357d523a2cabea1de04aeacadab6637579c0dd44
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B6DAA1A0BC87599762B2245357D523A2CABEA1DE04AEACADAB6637579C0DD44"
Last-Modified: Sat, 28 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=571
Expires: Mon, 30 Jan 2023 21:04:41 GMT
Date: Mon, 30 Jan 2023 20:55:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5454
Expires: Mon, 30 Jan 2023 22:26:04 GMT
Date: Mon, 30 Jan 2023 20:55:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5454
Expires: Mon, 30 Jan 2023 22:26:04 GMT
Date: Mon, 30 Jan 2023 20:55:10 GMT
Connection: keep-alive
clezgashop.fr/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.3
185.98.131.141200 OK 503 B URL HTTP/2 clezgashop.fr/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.3
IP 185.98.131.141:0
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.3 HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: application/javascript
content-length: 91493
last-modified: Wed, 09 Mar 2022 18:38:55 GMT
etag: "5b06f-5d9cd68eab376-br"
vary: Accept-Encoding
content-encoding: br
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.3?ver=6.5.3
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5454
Expires: Mon, 30 Jan 2023 22:26:04 GMT
Date: Mon, 30 Jan 2023 20:55:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VHh2SQ21xoDoBnGvM2kRiposhXuCE-DdWW1bM35kEykjbHYmhsldVA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:51:22 GMT
age: 83028
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 79b70f1f-a157-4dd4-8743-825714195b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9T3UGA3oAMFSlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c86695-36e60aba09c152c73b8aefcb;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 21:37:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HvqpQI-tR9W2NwvIgoi8loQaD--rOgVYFdLdkdlaXMhe4ts9mYqahg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:50:16 GMT
age: 83094
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65c02d8a1b0d6a210cb2a649c5c67469
027dbc7a104c922904f067ed15d696c363c11774
89d5443a1d313c632d09a583ef602aa4645a16986076387329f434262d15b0a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10997
x-amzn-requestid: a6fac0ab-1acf-4808-8785-3b4ec5e32edf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj30FX7IAMFa5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e698-005109ec2e76529e793678d6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: skGKI_MWvDwpAbGibUcr8wTlimgoPU9ZYhEHltd3uhdJZ_GoNznVAA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:08:57 GMT
etag: "027dbc7a104c922904f067ed15d696c363c11774"
content-type: image/jpeg
age: 81973
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 51aa950d5eed7b90cab6632107092edc
e4388ced02e5576867e77547496dec1ac2338ef7
588830e5f725e8e56270565e40f817f2658b0ee7c0425d138e5f65a17ff40483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9457
x-amzn-requestid: 7c48e5ca-2128-43da-ba83-fd91568af1ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkBOGHVoAMFQtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6d4-1b850ffd543f51f92dec3894;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3EXFa0gb46AbdZ9ZznGiPTemGZ7zWh9WLs5Yr1zmfyh_jyKA6o7xoA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:19:57 GMT
age: 81313
etag: "e4388ced02e5576867e77547496dec1ac2338ef7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 05:47:49 GMT
age: 54441
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe31ee140c2fd62e616c8a1edc9e78bb
7aa5fbdc8156514770ae620e81f1afef1c77890f
799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: y6bDvcD7a3-A4DLC3cSdZT-yewV1kkFqcGr7AMuqvUeGA4A0pgF4wQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:59:27 GMT
age: 82543
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
track.violetlovelines.com/src/jack.js?v=2.0.5
159.69.234.10200 OK 3.6 kB URL HTTP/1.1 track.violetlovelines.com/src/jack.js?v=2.0.5
IP 159.69.234.10:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (11707), with no line terminators
Hash 59a536b2d045da4d1218d24229454bb2
ff6e01c48e1ab7d7bc3c78f86e43917478a65b14
b7a81a84e8d207c400dda475ef5695726d0a24112dc4f07c2880e21e2b06b561
Analyzer Verdict Alert fortinet Malware
GET /src/jack.js?v=2.0.5 HTTP/1.1
Host: track.violetlovelines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 20:55:10 GMT
Content-Type: application/javascript
Last-Modified: Wed, 25 Jan 2023 09:20:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63d0f45e-2dbb"
Expires: Thu, 09 Feb 2023 20:55:10 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6c65261d3b2a27ff29d9d61be01e0ab2
98dbea992eb00e6d3e6e538676b4647d10d9cbec
f7e7a29ea6a951d3830d8d8d7527ba4cda91cd09a89418838cfb32cb8fd2644a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7E7A29EA6A951D3830D8D8D7527BA4CDA91CD09A89418838CFB32CB8FD2644A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11869
Expires: Tue, 31 Jan 2023 00:12:59 GMT
Date: Mon, 30 Jan 2023 20:55:10 GMT
Connection: keep-alive
record.findtrustclicks.com/sort.js?v=7.2.2
89.22.228.250200 OK 1.6 kB URL HTTP/1.1 record.findtrustclicks.com/sort.js?v=7.2.2
IP 89.22.228.250:0
File type ASCII text, with very long lines (4204), with no line terminators
Hash 240955a18e7f3ae327e2306c896cd951
0a1fe7f61b4989c537940a3bdfce3621edae23cc
28c95c49023d438a63df21c7f7d717fcc571628860a3a3be361932f80af668f6
GET /sort.js?v=7.2.2 HTTP/1.1
Host: record.findtrustclicks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 20:55:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Last-Modified: Fri, 09 Dec 2022 11:46:49 GMT
ETag: W/"106c-5ef63b57c68ec"
Content-Encoding: gzip
clezgashop.fr/?wc-ajax=get_refreshed_fragments
185.98.131.141200 OK 334 B URL HTTP/2 clezgashop.fr/?wc-ajax=get_refreshed_fragments
IP 185.98.131.141:0
File type HTML document, ASCII text, with very long lines (1021), with no line terminators
Hash c116b2fc1a8a68bdc2a5491a24f6d566
27d77227b5bce2e17aef3151d34a98e85d68bef2
4f242ec322fff2b79de7a6d9a0308af83423b5a3eb792986f6ed919dc17767a4
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://clezgashop.fr
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:10 GMT
content-type: application/json; charset=UTF-8
content-length: 334
x-powered-by: PHP/7.4.33
access-control-allow-origin: https://clezgashop.fr
access-control-allow-credentials: true
x-content-type-options: nosniff
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
vary: Accept-Encoding
content-encoding: br
x-cache-key: https://clezgashop.fr/?wc-ajax=get_refreshed_fragments?wc-ajax=get_refreshed_fragments
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 32b9f00e3e5c8ab189606e974b11972f
008b2b16159edfa0b72554770b12284dff823be8
4caf41de317a628199e92c8ea6784f60cac28ea30ff061a2a2c0c3e28c199a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4CAF41DE317A628199E92C8EA6784F60CAC28EA30FF061A2A2C0C3E28C199A55"
Last-Modified: Mon, 30 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6370
Expires: Mon, 30 Jan 2023 22:41:20 GMT
Date: Mon, 30 Jan 2023 20:55:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3c38918f411b859604964ab73bc001f9
b2cb796a1fb2c4fa962492b8bdac439aa030d06a
fe45cadfe80639fd3c980cc81da23defa2647534d1ee4a8167a4d8ef9f506dbf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE45CADFE80639FD3C980CC81DA23DEFA2647534D1EE4A8167A4D8EF9F506DBF"
Last-Modified: Sat, 28 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2381
Expires: Mon, 30 Jan 2023 21:34:51 GMT
Date: Mon, 30 Jan 2023 20:55:10 GMT
Connection: keep-alive
way.specialblueitems.com/qqJVYyyv?&se_referrer=&default_keyword=Accueil%20-%20Clezga%20Shop&&frm639317151a8ac=script639317151a8ae&_cid=cd0fa365-cd5a-1ed9-e213-8e1ce3b6bb97
159.69.234.10200 OK 1.2 kB URL HTTP/1.1 way.specialblueitems.com/qqJVYyyv?&se_referrer=&default_keyword=Accueil%20-%20Clezga%20Shop&&frm639317151a8ac=script639317151a8ae&_cid=cd0fa365-cd5a-1ed9-e213-8e1ce3b6bb97
IP 159.69.234.10:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2961), with no line terminators
Hash d18c63330bd1530b4275e95ffb9e0dea
1fc07fb217552092eba1af32a72c2aed40937463
6d951698379dee421cd7f78c87982bbddbf85a9e43d64c3f34745c0da792dffa
Analyzer Verdict Alert quad9 Sinkholed
GET /qqJVYyyv?&se_referrer=&default_keyword=Accueil%20-%20Clezga%20Shop&&frm639317151a8ac=script639317151a8ae&_cid=cd0fa365-cd5a-1ed9-e213-8e1ce3b6bb97 HTTP/1.1
Host: way.specialblueitems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 20:55:11 GMT
Content-Type: application/javascript
Content-Length: 1159
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Expires: 0
Pragma: no-cache
Set-Cookie: _subid=s8hnpa3vf3f5;Expires=Thursday, 02-Mar-2023 20:55:11 GMT;Max-Age=2678400;Path=/
674be=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjMzXCI6MTY3NTExMjExMSxcIjQyXCI6MTY3NTExMjExMSxcIjQ4XCI6MTY3NTExMjExMX0sXCJjYW1wYWlnbnNcIjp7XCIyXCI6MTY3NTExMjExMSxcIjdcIjoxNjc1MTEyMTExLFwiMTJcIjoxNjc1MTEyMTExfSxcInRpbWVcIjoxNjc1MTEyMTExfSJ9.o7o5MxnbWcNgP-Sw-Dh4jUKh7msLf2oe94aWfGVDqyQ;Expires=Sunday, 01-Mar-2076 17:50:22 GMT;Max-Age=1675198511;Path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
region1.google-analytics.com/g/collect?v=2&tid=G-1MKMK0W150>m=2oe1p0&_p=890601962&gdid=dZTNiMT&cid=1504086939.1675112124&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675112124&sct=1&seg=0&dl=https%3A%2F%2Fclezgashop.fr%2F&dt=Accueil%20-%20Clezga%20Shop&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-1MKMK0W150>m=2oe1p0&_p=890601962&gdid=dZTNiMT&cid=1504086939.1675112124&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675112124&sct=1&seg=0&dl=https%3A%2F%2Fclezgashop.fr%2F&dt=Accueil%20-%20Clezga%20Shop&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-1MKMK0W150>m=2oe1p0&_p=890601962&gdid=dZTNiMT&cid=1504086939.1675112124&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675112124&sct=1&seg=0&dl=https%3A%2F%2Fclezgashop.fr%2F&dt=Accueil%20-%20Clezga%20Shop&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://clezgashop.fr
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://clezgashop.fr
date: Mon, 30 Jan 2023 20:55:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
final.similarwebline.com/step.php?id=76664-12-58653843&pid=94&zid=347537&wid=488433
194.135.30.40302 Found 0 B URL HTTP/2 final.similarwebline.com/step.php?id=76664-12-58653843&pid=94&zid=347537&wid=488433
IP 194.135.30.40:0
ASN #2856 British Telecommunications PLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /step.php?id=76664-12-58653843&pid=94&zid=347537&wid=488433 HTTP/1.1
Host: final.similarwebline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 30 Jan 2023 20:55:11 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://final.similarwebline.com/step.php?id=56569-66-5569723&pid=883&zid=247&kid=794343527&from=Taurus
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
final.similarwebline.com/step.php?id=56569-66-5569723&pid=883&zid=247&kid=794343527&from=Taurus
194.135.30.40200 OK 467 B URL HTTP/2 final.similarwebline.com/step.php?id=56569-66-5569723&pid=883&zid=247&kid=794343527&from=Taurus
IP 194.135.30.40:0
ASN #2856 British Telecommunications PLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash c37a1cdde19cff6956521f7fa63d637a
46782945285dac2e970fd286ccd890f1535b7b30
720eaf84d4dec9f5e212f7b92dbdd5b4c09cd2d5f390e8ec35c1cf852d585819
Analyzer Verdict Alert quad9 Sinkholed
GET /step.php?id=56569-66-5569723&pid=883&zid=247&kid=794343527&from=Taurus HTTP/1.1
Host: final.similarwebline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://clezgashop.fr/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:11 GMT
content-type: text/html; charset=UTF-8
content-length: 467
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/uploads/2022/03/femmenoirjaune-400x400.png
185.98.131.141200 OK 59 kB URL HTTP/2 clezgashop.fr/wp-content/uploads/2022/03/femmenoirjaune-400x400.png
IP 185.98.131.141:0
File type gzip compressed data, max compression, from Unix\012- data
Hash 8cff9d89549da91a7d635088de7f4dce
33a7d7613e1c0616f1248f13a9bb7b46542084fe
05fde42d2a409f711204b71f512431c38444464bca989f48ca8ab58aef82d075
GET /wp-content/uploads/2022/03/femmenoirjaune-400x400.png HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: image/png
content-length: 177911
last-modified: Thu, 17 Mar 2022 09:44:55 GMT
etag: "2b6f7-5da66e1e73050"
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/uploads/2022/03/femmenoirjaune-400x400.png
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 268e93fc8f21bc014d6abb2c17a6e5ca
acd599483d25b4aa265400baa990c38e9704be60
1bb2d9121b449621203b8627cf8d12cf4a18503884b2bd7c6ce49a2b3f8a3fcd
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 30 Jan 2023 20:55:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 29 Jan 2023 22:22:39 GMT
Expires: Mon, 30 Jan 2023 22:22:39 GMT
ETag: "acd599483d25b4aa265400baa990c38e9704be60"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
track.wargaming-aff.com/click?pid=1287&offer_id=92&ref_id=jrclk49l9vz6mnnlxnee&sub1=E2Z6DGBJ6R
35.204.100.195302 Found 0 B URL HTTP/2 track.wargaming-aff.com/click?pid=1287&offer_id=92&ref_id=jrclk49l9vz6mnnlxnee&sub1=E2Z6DGBJ6R
IP 35.204.100.195:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=1287&offer_id=92&ref_id=jrclk49l9vz6mnnlxnee&sub1=E2Z6DGBJ6R HTTP/1.1
Host: track.wargaming-aff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 30 Jan 2023 20:55:12 GMT
content-length: 0
location: https://trck.wargaming.net/8q4rzvm7/?t=1&pub_id=1287&xid=63d82eb033512b000195947f&xid_param1=E2Z6DGBJ6R&xid_param_2=
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=63d82eb033512b000195947f; expires=Tue, 30 Jan 2024 20:55:12 GMT; secure; SameSite=None
afoffers={"92":1675112112}; expires=Tue, 30 Jan 2024 20:55:12 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8d27758c3be6a36d4b67416b02158045
dee82d75db0e15f0ed37abc6388b721cc550f7d8
9f5548aea45ff9ab5fc213a4a8ada068e7d32f5259a8091eaaf92f8962bb4df6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5298
Cache-Control: max-age=137769
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:55:12 GMT
Etag: "63d79127-1d7"
Expires: Wed, 01 Feb 2023 11:11:21 GMT
Last-Modified: Mon, 30 Jan 2023 09:43:03 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
trck.wargaming.net/8q4rzvm7/?t=1&pub_id=1287&xid=63d82eb033512b000195947f&xid_param1=E2Z6DGBJ6R&xid_param_2=
92.223.23.230301 Moved Permanently 22 B URL HTTP/1.1 trck.wargaming.net/8q4rzvm7/?t=1&pub_id=1287&xid=63d82eb033512b000195947f&xid_param1=E2Z6DGBJ6R&xid_param_2=
IP 92.223.23.230:0
ASN #199524 G-Core Labs S.A.
File type ASCII text, with no line terminators
Hash 0e0bf67572311f8a23814419ff24ee9a
78328dfc54708433cdfb3e7857e57f87ec443b08
c5f6c267ba4a2964fff5d304d4a1e79c371ce30d32eaf017b3bb40becccd58d2
GET /8q4rzvm7/?t=1&pub_id=1287&xid=63d82eb033512b000195947f&xid_param1=E2Z6DGBJ6R&xid_param_2= HTTP/1.1
Host: trck.wargaming.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 30 Jan 2023 20:55:12 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 22
Connection: keep-alive
Location: https://promo.worldofwarships.eu/glows-34505/eu-no/?t=1&pub_id=1287&xid=63d82eb033512b000195947f&xid_param1=E2Z6DGBJ6R&xid_param_2=&sid=SIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz&enctid=cq5toowp5ux8&lpsn=WOWS+TMPLT1+CODE+BOOM+global+WITH+BONUS+SUBTITLE&foris=1&teclient=1675112112479458421&utm_source=wlap&utm_medium=affiliate&utm_campaign=8q4rzvm7&utm_content=1287
Set-Cookie: STIDREFERRAL=SIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz; Domain=wargaming.net; Max-Age=2592000; Path=/; SameSite=None; Secure
enctid=cq5toowp5ux8; Domain=wargaming.net; Max-Age=2592000; Path=/; SameSite=None; Secure
teclient=1675112112479458421; Domain=wargaming.net; Max-Age=315360000; Path=/; SameSite=None; Secure
Cache-Control: no-cache
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8d27758c3be6a36d4b67416b02158045
dee82d75db0e15f0ed37abc6388b721cc550f7d8
9f5548aea45ff9ab5fc213a4a8ada068e7d32f5259a8091eaaf92f8962bb4df6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5298
Cache-Control: max-age=137769
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:55:12 GMT
Etag: "63d79127-1d7"
Expires: Wed, 01 Feb 2023 11:11:21 GMT
Last-Modified: Mon, 30 Jan 2023 09:43:03 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
tenor.wargaming.net/assets/campaigns/static/campaign_data_gtm_sender.js
92.223.21.23200 OK 6.6 kB URL HTTP/1.1 tenor.wargaming.net/assets/campaigns/static/campaign_data_gtm_sender.js
IP 92.223.21.23:0
ASN #199524 G-Core Labs S.A.
File type HTML document, ASCII text, with very long lines (7249)
Hash 51b44a9f232d5cec869a12623ae6dbfd
19305e6be93c7944f3e4cd68d778a73bf4a03031
32d957fdbd3debc51e0df55c6af4dbf747c501d19fafdd75731cb9a02cc68107
GET /assets/campaigns/static/campaign_data_gtm_sender.js HTTP/1.1
Host: tenor.wargaming.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Mon, 30 Jan 2023 20:55:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=200
Last-Modified: Wed, 25 Jan 2023 10:03:41 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"63d0fe7d-4ced"
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3c7f08e02251b3a8a67373712f88f8bd
1e52f4e3d657eb2ebf906f3292e0db318134a2ec
35296e3e6d8a2513a776cdcb6b1af9dd4736b79bc8c475253854982999665d48
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35296E3E6D8A2513A776CDCB6B1AF9DD4736B79BC8C475253854982999665D48"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14894
Expires: Tue, 31 Jan 2023 01:03:26 GMT
Date: Mon, 30 Jan 2023 20:55:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3c7f08e02251b3a8a67373712f88f8bd
1e52f4e3d657eb2ebf906f3292e0db318134a2ec
35296e3e6d8a2513a776cdcb6b1af9dd4736b79bc8c475253854982999665d48
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35296E3E6D8A2513A776CDCB6B1AF9DD4736B79BC8C475253854982999665D48"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14894
Expires: Tue, 31 Jan 2023 01:03:26 GMT
Date: Mon, 30 Jan 2023 20:55:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3c7f08e02251b3a8a67373712f88f8bd
1e52f4e3d657eb2ebf906f3292e0db318134a2ec
35296e3e6d8a2513a776cdcb6b1af9dd4736b79bc8c475253854982999665d48
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35296E3E6D8A2513A776CDCB6B1AF9DD4736B79BC8C475253854982999665D48"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14894
Expires: Tue, 31 Jan 2023 01:03:26 GMT
Date: Mon, 30 Jan 2023 20:55:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3c7f08e02251b3a8a67373712f88f8bd
1e52f4e3d657eb2ebf906f3292e0db318134a2ec
35296e3e6d8a2513a776cdcb6b1af9dd4736b79bc8c475253854982999665d48
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35296E3E6D8A2513A776CDCB6B1AF9DD4736B79BC8C475253854982999665D48"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14894
Expires: Tue, 31 Jan 2023 01:03:26 GMT
Date: Mon, 30 Jan 2023 20:55:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3c7f08e02251b3a8a67373712f88f8bd
1e52f4e3d657eb2ebf906f3292e0db318134a2ec
35296e3e6d8a2513a776cdcb6b1af9dd4736b79bc8c475253854982999665d48
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35296E3E6D8A2513A776CDCB6B1AF9DD4736B79BC8C475253854982999665D48"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14894
Expires: Tue, 31 Jan 2023 01:03:26 GMT
Date: Mon, 30 Jan 2023 20:55:12 GMT
Connection: keep-alive
promo-cdn.worldofwarships.com/glows-34505/src/images/ship-emden.png
185.244.209.62200 OK 60 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/images/ship-emden.png
IP 185.244.209.62:0
ASN #58286 Electric-IT Business S.R.L.
File type PNG image data, 512 x 436, 8-bit colormap, non-interlaced\012- data
Hash b9182e13a30e8408117ea8c4383bd2e7
4964d7625738a00496d6ff495bf8f4c56c738c64
d213e73d4cc6d18a1e37ee13439919b46fd10f4b8e97ad13fe4333992801ebd4
GET /glows-34505/src/images/ship-emden.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:12 GMT
content-type: image/png
content-length: 60180
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: "b9182e13a30e8408117ea8c4383bd2e7"
x-amz-request-id: tx000000000000000477048-0063c1a0b5-1da6e216-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-01-29T19:53:23+00:00
x-id: osix-up-gc4
accept-ranges: bytes
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/images/restless-fire.png
185.244.209.62200 OK 25 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/images/restless-fire.png
IP 185.244.209.62:0
ASN #58286 Electric-IT Business S.R.L.
File type PNG image data, 512 x 436, 8-bit colormap, non-interlaced\012- data
Hash 3043f931ada25f81bca06d4f0ea4dbaa
78f9bdc4a4b037b944687a7ee575793fd531b823
b3605f7cd8f58e9f7381a92d0919354d65c77b6793c14714263659a014a815fc
GET /glows-34505/src/images/restless-fire.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:12 GMT
content-type: image/png
content-length: 25054
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: "3043f931ada25f81bca06d4f0ea4dbaa"
x-amz-request-id: tx00000000000000047705b-0063c1a0b5-1da6e216-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-01-29T19:53:23+00:00
x-id: osix-up-gc4
accept-ranges: bytes
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/images/wowsl_logo.png
185.244.209.62200 OK 10 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/images/wowsl_logo.png
IP 185.244.209.62:0
ASN #58286 Electric-IT Business S.R.L.
File type PNG image data, 749 x 299, 8-bit colormap, non-interlaced\012- data
Hash 4d9371a87a4f9a0d6a8792e0397aa303
1308b49f8614f0ab05e81698daf5bfc4a2498bf0
68ddcc9fad945493001c241d8de6fb9acdd436bc82bff503302dbffa64f4f5ed
GET /glows-34505/src/images/wowsl_logo.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:12 GMT
content-type: image/png
content-length: 10514
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: "4d9371a87a4f9a0d6a8792e0397aa303"
x-amz-request-id: tx0000000000000004763aa-0063c1a0b5-1dbc2ce4-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-01-29T19:53:22+00:00
x-id: osix-up-gc4
accept-ranges: bytes
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/images/footer-logo.png
185.244.209.62200 OK 1.9 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/images/footer-logo.png
IP 185.244.209.62:0
ASN #58286 Electric-IT Business S.R.L.
File type PNG image data, 275 x 63, 8-bit colormap, non-interlaced\012- data
Hash 7ce94cd1324102c254e60ced58661dc3
b76e3b4e14cf98aa766788bc8cf4fbc97058fec0
fdd269a537d61d3fafbef167c6c7e22ae7707217427b506674f5f0d2f3caed48
GET /glows-34505/src/images/footer-logo.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:12 GMT
content-type: image/png
content-length: 1939
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: "7ce94cd1324102c254e60ced58661dc3"
x-amz-request-id: tx0000000000000004776ba-0063c1a0b5-1da6e21f-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-01-29T19:53:23+00:00
x-id: osix-up-gc4
accept-ranges: bytes
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/images/credits.png
185.244.209.62200 OK 61 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/images/credits.png
IP 185.244.209.62:0
ASN #58286 Electric-IT Business S.R.L.
File type PNG image data, 512 x 436, 8-bit colormap, non-interlaced\012- data
Hash f245ac5b8cd1d7f859b96690b4a220d1
94b1eaa00d2de2928668a89386b425c754e8172f
4cec7b959abf0add7e91cfef60f074a6f8fc8d13470721d121d007f1c3775d30
GET /glows-34505/src/images/credits.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:12 GMT
content-type: image/png
content-length: 60960
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: "f245ac5b8cd1d7f859b96690b4a220d1"
x-amz-request-id: tx000000000000000476b19-0063c1a0b6-1dbc2cc6-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-01-29T19:53:23+00:00
x-id: osix-up-gc4
accept-ranges: bytes
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/images/doubloons.png
185.244.209.62200 OK 39 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/images/doubloons.png
IP 185.244.209.62:0
ASN #58286 Electric-IT Business S.R.L.
File type PNG image data, 512 x 436, 8-bit colormap, non-interlaced\012- data
Hash 68091925676a9a77a9740b81acd666fe
8cada809874a5f8b6993ed3f913a6f72366b4cc5
c1a9b019676d7156280d39fda63b5b22a3ab53ea4f870c33dc2596d28b9b6f45
GET /glows-34505/src/images/doubloons.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:12 GMT
content-type: image/png
content-length: 39260
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: "68091925676a9a77a9740b81acd666fe"
x-amz-request-id: tx000000000000000476add-0063c1a0b5-1da6e207-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-01-29T19:53:22+00:00
x-id: osix-up-gc4
accept-ranges: bytes
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/images/premium-7-days.png
185.244.209.62200 OK 49 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/images/premium-7-days.png
IP 185.244.209.62:0
ASN #58286 Electric-IT Business S.R.L.
File type PNG image data, 512 x 436, 8-bit colormap, non-interlaced\012- data
Hash 98b09a0cd4166bddf0b0f3697c439740
2519fd7126fb29013a3981d2f4c14a3878bd8c55
9c8625714a90a8398492e86d233216eebd81db8ca311332be90d5c284bac7bbe
GET /glows-34505/src/images/premium-7-days.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:12 GMT
content-type: image/png
content-length: 49403
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: "98b09a0cd4166bddf0b0f3697c439740"
x-amz-request-id: tx000000000000000476aef-0063c1a0b5-1dbc2cc6-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-01-29T19:53:23+00:00
x-id: osix-up-gc4
accept-ranges: bytes
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/images/ship-luis.png
185.244.209.62200 OK 67 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/images/ship-luis.png
IP 185.244.209.62:0
ASN #58286 Electric-IT Business S.R.L.
File type PNG image data, 512 x 436, 8-bit colormap, non-interlaced\012- data
Hash fd8388d631a2faf5d87e73a4c6aab79b
fb194c3ec881e98c1b5fc5cfee2899316ebfc86b
1f78488eb95a277f03cec5474bfb15ef822ce19435bc7efd1f37cbd4cb339a6b
GET /glows-34505/src/images/ship-luis.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:12 GMT
content-type: image/png
content-length: 67245
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: "fd8388d631a2faf5d87e73a4c6aab79b"
x-amz-request-id: tx0000000000000004763bf-0063c1a0b5-1dbc2ce4-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-01-29T19:53:23+00:00
x-id: osix-up-gc4
accept-ranges: bytes
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/video/video_bg_poster.jpg
185.244.209.62200 OK 1.1 MB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/video/video_bg_poster.jpg
IP 185.244.209.62:0
ASN #58286 Electric-IT Business S.R.L.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size 1.1 MB (1084614 bytes)
Hash 902cd1abfd666f6c0f58461a864305fc
24f6b660a15b03b886218c041af0fc1a20e15bfc
bf04190956fba52b0c074ed9246e904f4ee68772b4792385c6ea75a15b7e10fb
GET /glows-34505/src/video/video_bg_poster.jpg HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:12 GMT
content-type: image/jpeg
content-length: 1084614
last-modified: Tue, 22 Nov 2022 10:14:27 GMT
etag: "902cd1abfd666f6c0f58461a864305fc"
x-amz-request-id: tx0000000000000000ef6b0-0063c1a0b8-1dbe6ac5-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-01-29T19:53:22+00:00
x-id: osix-up-gc4
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/otSDKStub.js
104.16.149.64200 OK 7.2 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/otSDKStub.js
IP 104.16.149.64:0
File type ASCII text, with very long lines (21747)
Hash 4292e44eba0796aac4d0b7aab80daec2
8131fd92ed85c9e8378d78e2b668cd7163fdf875
0deff459ca0049e97fc03f4a80660ef7e69185057ffdcd1a462cd3bcaffb6e5b
GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:55:13 GMT
content-type: application/javascript
content-length: 7151
content-encoding: gzip
content-md5: QpLkTroHlqrE0LequA2uwg==
last-modified: Fri, 27 Jan 2023 07:38:15 GMT
etag: 0x8DB003973D2D647
x-ms-request-id: 40175fdc-601e-00c5-10ad-32a6dd000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 8206
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791d1b7258fdb511-OSL
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/libs/aos.js
185.244.209.62200 OK 6.5 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/libs/aos.js
IP 185.244.209.62:0
ASN #58286 Electric-IT Business S.R.L.
File type ASCII text, with very long lines (12414)
Hash 00a820f891d37beeb275e41f75f5ca21
afd57f4468efec857578d82f8166fdd2e6a514ac
f8b0c3cc5f38b6185ad36b12888e59be44ae2b4fec883336b3d93e1c0092cc66
GET /glows-34505/src/libs/aos.js HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:12 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 22 Nov 2022 10:14:27 GMT
etag: W/"7ee92212a3ecbc19d9d71fa3818508af"
x-amz-request-id: tx000000000000000476be2-0063c1a0b9-1da6e207-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-01-29T19:53:22+00:00
x-id: osix-up-gc4
content-encoding: gzip
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/styles/style.css?v=2.2
185.244.209.62200 OK 99 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/styles/style.css?v=2.2
IP 185.244.209.62:0
ASN #58286 Electric-IT Business S.R.L.
Hash 9815fff03484490bbb0448e86ca1615c
5cbaa007c4f03941653c7c5835cc6acf1a3e58de
1f9f75405d71ab04f1de82eb469542f5a33a9f6ed39d65225acfb859a221e3e2
GET /glows-34505/src/styles/style.css?v=2.2 HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:12 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: W/"c051de716150069a75decab6539edd41"
x-amz-request-id: tx0000000000000004f6593-0063c1b8ab-1da6e216-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-01-29T22:10:01+00:00
x-id: osix-up-gc4
content-encoding: gzip
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/libs/aos.css
185.244.209.62200 OK 3.4 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/libs/aos.css
IP 185.244.209.62:0
ASN #58286 Electric-IT Business S.R.L.
Hash 79d07bdd38bcbb341ded7ee22c63425a
cbd87afb4f604fca44bf6101694339b5d293d577
e1d1117e9886859a7648b0d9c10d18ddb35dbc7580759b1004518d555c6d77fd
GET /glows-34505/src/libs/aos.css HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:12 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Tue, 22 Nov 2022 10:14:27 GMT
etag: W/"1691966fad1799cece5fedf5bbd55bfc"
x-amz-request-id: tx0000000000000004f5f6a-0063c1b8ab-1dbc2cc6-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-01-29T22:10:00+00:00
x-id: osix-up-gc4
content-encoding: gzip
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/images/logo-main.svg
185.244.209.62200 OK 94 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/images/logo-main.svg
IP 185.244.209.62:0
ASN #58286 Electric-IT Business S.R.L.
Hash 931c3fed3660f2aa5d0695661556508c
f1def5b6e8b6f503ea1158634f1e910368a5bd49
2886aaa3dde4b2ba9d413fa4dca533fbd27668ae547e47c3c7f025402de389ae
GET /glows-34505/src/images/logo-main.svg HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:12 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: W/"3205035293624ac8f4502ce6c888db9e"
x-amz-request-id: tx000000000000000476af1-0063c1a0b5-1da6e207-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-01-29T19:53:22+00:00
x-id: osix-up-gc4
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.cookielaw.org/consent/68edbfbe-e009-4939-a55b-f4c65daa640b/68edbfbe-e009-4939-a55b-f4c65daa640b.json
104.16.149.64200 OK 1.9 kB URL HTTP/2 cdn.cookielaw.org/consent/68edbfbe-e009-4939-a55b-f4c65daa640b/68edbfbe-e009-4939-a55b-f4c65daa640b.json
IP 104.16.149.64:0
File type JSON data\012- , ASCII text, with very long lines (5875), with no line terminators
Hash 23b49030e418c340a4d3b3c510f6558d
fd7f8e05f97e7bf21c83782409f6972b172121f1
0f1e442050ca65df6cbaa0371a5097b75cb8bd93d0a7df66dfb88c249ed86b71
GET /consent/68edbfbe-e009-4939-a55b-f4c65daa640b/68edbfbe-e009-4939-a55b-f4c65daa640b.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:55:13 GMT
content-type: application/x-javascript
content-length: 1898
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: I7SQMOQYw0Ck07PFEPZVjQ==
last-modified: Fri, 25 Nov 2022 10:09:39 GMT
etag: 0x8DACECD29F68FC0
x-ms-request-id: 22332b09-f01e-0147-73b6-0041d8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 32584
expires: Tue, 31 Jan 2023 20:55:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791d1b730a44b511-OSL
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/libs/oneTrustBanner.js
185.244.209.62200 OK 124 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/libs/oneTrustBanner.js
IP 185.244.209.62:0
ASN #58286 Electric-IT Business S.R.L.
Size 124 kB (123862 bytes)
Hash fc32824cc8427a505c64b1b21de0fc5f
683a43093f913591b85a6c29efba751bcd3d8778
e2d9618544a3907e13b2c4d98f70503ac5d75cb88162ff7f455060156a9532ac
GET /glows-34505/src/libs/oneTrustBanner.js HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:12 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 22 Nov 2022 10:14:27 GMT
etag: W/"756187d7b894fafd3191e6683d92af26"
x-amz-request-id: tx0000000000000004770b9-0063c1a0b7-1da6e216-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-01-29T19:53:21+00:00
x-id: osix-up-gc4
content-encoding: gzip
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/images/bg_nologo.jpg
185.244.209.62200 OK 3.6 MB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/images/bg_nologo.jpg
IP 185.244.209.62:0
ASN #58286 Electric-IT Business S.R.L.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:07:23 11:49:21], baseline, precision 8, 3000x1977, components 3\012- data
Size 3.6 MB (3585879 bytes)
Hash 0f02cef4aad43587f3326cf30a6c032b
b618c163db92b11f5ded6af0bc9ae8c1374e2d5f
981dd4fd66bba58a5a94a0694d41e6788025aaf8a9b79872f946500f747c515b
GET /glows-34505/src/images/bg_nologo.jpg HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:13 GMT
content-type: image/jpeg
content-length: 3585879
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: "0f02cef4aad43587f3326cf30a6c032b"
x-amz-request-id: tx000000000000000476be3-0063c1a0b9-1dbc2cc6-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-01-29T19:53:22+00:00
x-id: osix-up-gc4
accept-ranges: bytes
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/libs/jquery.fullpage.js
185.244.209.62200 OK 9.5 MB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/libs/jquery.fullpage.js
IP 185.244.209.62:0
ASN #58286 Electric-IT Business S.R.L.
Size 9.5 MB (9471414 bytes)
Hash f73df6c3a68004d740a3b3329e8eb968
439742f107b05c3ec14635ceddcf4e01732f507e
52fd5ddeb28a06f70c66e234a6ea99c4294033cf609f22a04ada01c45e020bd3
GET /glows-34505/src/libs/jquery.fullpage.js HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:12 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 22 Nov 2022 10:14:27 GMT
etag: W/"9a854eed59d24b9252aa7e8ff082eda8"
x-amz-request-id: tx000000000000000476b9e-0063c1a0b8-1dbc2cc6-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-01-29T19:53:22+00:00
x-id: osix-up-gc4
content-encoding: gzip
X-Firefox-Spdy: h2
tenor.wargaming.net/sid?include=campaign&filter[sid]=SIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz
92.223.21.23200 OK 497 B URL HTTP/1.1 tenor.wargaming.net/sid?include=campaign&filter[sid]=SIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz
IP 92.223.21.23:0
ASN #199524 G-Core Labs S.A.
File type JSON data\012- , ASCII text, with very long lines (942), with no line terminators
Hash 56d009d0628547fb290ff69ddbd6978c
4a7a809cee664d940982a1d03f85538180d5d1fe
c35cb78e3c13698d4865c192f03ad8a3e94bf18c2771ce2f2fc636cd19149ec9
GET /sid?include=campaign&filter[sid]=SIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz HTTP/1.1
Host: tenor.wargaming.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Mon, 30 Jan 2023 20:55:13 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=200
Vary: Accept-Encoding
Access-Control-Expose-Headers: Date,Content-Length,Server
Access-Control-Allow-Origin: https://promo.worldofwarships.eu
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0b9cc264730de440eee507126da0cceb
fbb3dc2e52fdb616e64a2dd33e4a4a39920ee4e7
6b065a01640ad0a390322014171cb6afbc11ab3c996e7d3445e64cd82b2b026b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6B065A01640AD0A390322014171CB6AFBC11AB3C996E7D3445E64CD82B2B026B"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7969
Expires: Mon, 30 Jan 2023 23:08:02 GMT
Date: Mon, 30 Jan 2023 20:55:13 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ac76de4cf388d2354bafbf6742323867
addb6da20838ab09fff190b1141cb0704b851cc3
c091eff2434fab97a511e903b0909e1381426c59bf335dc316951ed4ffd39835
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 578
Cache-Control: max-age=115038
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:55:13 GMT
Etag: "63d74acd-118"
Expires: Wed, 01 Feb 2023 04:52:31 GMT
Last-Modified: Mon, 30 Jan 2023 04:42:53 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 33e403367d183257be0f03f28da923d2
a586e4052008741f8f535e7bd12a94bde81b264e
82ce104749546e6a6f76a8ddf19b67795784c06256581c13f499e80e4f713131
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:55:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
promo-cdn.worldofwarships.com/glows-34505/src/libs/jquery.min.js
185.244.209.62200 OK 47 kB URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/libs/jquery.min.js
IP 185.244.209.62:0
ASN #58286 Electric-IT Business S.R.L.
File type ASCII text, with very long lines (32077)
Hash 2b20e81355b48a29e471cd44aa7d779d
01949d5d8ec7bd0f7f478f95115c76d637a27f3e
1028bd8a32045ac3c9dcdd5a448a28f090f985d2ad7a0f4db6c0666eaf4ca280
GET /glows-34505/src/libs/jquery.min.js HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:12 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 22 Nov 2022 10:14:27 GMT
etag: W/"4f252523d4af0b478c810c2547a63e19"
x-amz-request-id: tx000000000000000477770-0063c1a0b8-1da6e21f-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-01-29T19:53:22+00:00
x-id: osix-up-gc4
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
151.101.1.229200 OK 86 kB URL HTTP/2 cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
IP 151.101.1.229:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (659)
Hash ddf45926107f7a74103f5d00d3bf564c
03c2b22623ccf1d593513956829f891ff07f3169
c709076ef37b9b1720b78c124e329645762b476d566ed204a23cadd762e9c580
GET /npm/yandex-metrica-watch/tag.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.257.0
x-jsd-version-type: version
etag: W/"34e3a-eIUrj6hD3pmnKAQZCp7YaNtM0Rc"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 30 Jan 2023 20:55:13 GMT
age: 26326
x-served-by: cache-fra-eddf8230060-FRA, cache-bma1658-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 85751
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0b9cc264730de440eee507126da0cceb
fbb3dc2e52fdb616e64a2dd33e4a4a39920ee4e7
6b065a01640ad0a390322014171cb6afbc11ab3c996e7d3445e64cd82b2b026b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6B065A01640AD0A390322014171CB6AFBC11AB3C996E7D3445E64CD82B2B026B"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7969
Expires: Mon, 30 Jan 2023 23:08:02 GMT
Date: Mon, 30 Jan 2023 20:55:13 GMT
Connection: keep-alive
promo.worldofwarships.eu/glows-34505/eu-no/?t=1&pub_id=1287&xid=63d82eb033512b000195947f&xid_param1=E2Z6DGBJ6R&xid_param_2=&sid=SIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz&enctid=cq5toowp5ux8&lpsn=WOWS+TMPLT1+CODE+BOOM+global+WITH+BONUS+SUBTITLE&foris=1&teclient=1675112112479458421&utm_source=wlap&utm_medium=affiliate&utm_campaign=8q4rzvm7&utm_content=1287
185.244.209.62200 OK 6.5 kB URL HTTP/2 promo.worldofwarships.eu/glows-34505/eu-no/?t=1&pub_id=1287&xid=63d82eb033512b000195947f&xid_param1=E2Z6DGBJ6R&xid_param_2=&sid=SIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz&enctid=cq5toowp5ux8&lpsn=WOWS+TMPLT1+CODE+BOOM+global+WITH+BONUS+SUBTITLE&foris=1&teclient=1675112112479458421&utm_source=wlap&utm_medium=affiliate&utm_campaign=8q4rzvm7&utm_content=1287
IP 185.244.209.62:0
ASN #58286 Electric-IT Business S.R.L.
Hash 70aee095f439033772c9acaa29458d46
b8bce9abd89ce9bfff516bc684420a8196b16db4
7002ec043da18406d416b2437c5542b26cc7433c0bd46a9f2e2a9d0e82e69393
GET /glows-34505/eu-no/?t=1&pub_id=1287&xid=63d82eb033512b000195947f&xid_param1=E2Z6DGBJ6R&xid_param_2=&sid=SIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz&enctid=cq5toowp5ux8&lpsn=WOWS+TMPLT1+CODE+BOOM+global+WITH+BONUS+SUBTITLE&foris=1&teclient=1675112112479458421&utm_source=wlap&utm_medium=affiliate&utm_campaign=8q4rzvm7&utm_content=1287 HTTP/1.1
Host: promo.worldofwarships.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:12 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
last-modified: Tue, 22 Nov 2022 10:14:27 GMT
etag: W/"eaf6bef074a5ee6283d9d64ad7bf4660"
x-amz-request-id: tx000000000000000455f42-0063c19a58-1dbc2cc6-ed1
cache: HIT
x-cached-since: 2023-01-29T20:36:52+00:00
x-id: osix-up-gc4
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.20.226:0
Hash 8fed61f4e0b8251bb0df350dbfe3c3cd
fb3fb83499816a19482b555d4a1f9fe62827d8d4
e963d02263d69a5604edbab060ea528c7dbabda35de14c58dd8dac7737b8a6ce
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:55:13 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "F6C301DD82CD3817FF5A160A62F9ECD66CD42716"
Expires: Tue, 31 Jan 2023 08:00:00 GMT
Last-Modified: Mon, 30 Jan 2023 20:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 302
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791d1b783f9a1c0e-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 33e403367d183257be0f03f28da923d2
a586e4052008741f8f535e7bd12a94bde81b264e
82ce104749546e6a6f76a8ddf19b67795784c06256581c13f499e80e4f713131
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:55:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2ac1bcdceabf1fc4e07017906aa8a815
ba00b737325fc50b35af8d851ced0fe13d1cba22
c6c54f5dbbfc40b454b9c67a7972827f500d83b10a1594f7cb56c69158278c08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:55:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:55:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/landing?gcs=G111&gcd=G111&rnd=992841953.1675112127&url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F>m=2wg1p058Z37MT&auid=593899321.1675112127
216.58.207.228302 Found 42 B URL HTTP/2 www.google.com/pagead/landing?gcs=G111&gcd=G111&rnd=992841953.1675112127&url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F>m=2wg1p058Z37MT&auid=593899321.1675112127
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
POST /pagead/landing?gcs=G111&gcd=G111&rnd=992841953.1675112127&url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F>m=2wg1p058Z37MT&auid=593899321.1675112127 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 20:55:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G111&rnd=992841953.1675112127&url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F>m=2wg1p058Z37MT&auid=593899321.1675112127
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=10697551;type=pagev0;cat=allvi0;ord=5556587767404;gtm=2wg1p0;gcs=G111;auiddc=593899321.1675112127;u1=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287;~oref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287
142.250.74.130200 OK 624 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=10697551;type=pagev0;cat=allvi0;ord=5556587767404;gtm=2wg1p0;gcs=G111;auiddc=593899321.1675112127;u1=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287;~oref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1522), with no line terminators
Hash 2aa4b639ffd5c62713dba6c0b75189f0
5b0a977edeb1bbf38b78a85658b5d732ef4490a6
a4e1790de4e2832d349513524beaebef6262d94c632a8db83fbaf8a950bf3c23
GET /ddm/fls/i/src=10697551;type=pagev0;cat=allvi0;ord=5556587767404;gtm=2wg1p0;gcs=G111;auiddc=593899321.1675112127;u1=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287;~oref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287 HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10697551.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 20:55:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 624
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:55:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:55:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e54dcd3d97b20e93bec5820073c4f47
a6d7c8605db8aa7af547756432f23c66b3f3c181
29038c3ab9d4526c362bebf271a1ea15d6ee0288d66d241b1edb1e62ea754429
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "29038C3AB9D4526C362BEBF271A1EA15D6EE0288D66D241B1EDB1E62EA754429"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6290
Expires: Mon, 30 Jan 2023 22:40:04 GMT
Date: Mon, 30 Jan 2023 20:55:14 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:55:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.cookielaw.org/scripttemplates/202211.1.0/otBannerSdk.js
104.16.149.64200 OK 94 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/202211.1.0/otBannerSdk.js
IP 104.16.149.64:0
File type ASCII text, with very long lines (65451)
Hash f6a491be9dc7f6ba1271f4faa9753179
e11e8e291ca6548f4933103088b8acd15af84191
6cf04708cbb25e9b7144e865deebd75bd4b2d42fa703299ba303a084d457b081
GET /scripttemplates/202211.1.0/otBannerSdk.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:55:14 GMT
content-type: application/javascript
content-length: 93485
content-encoding: gzip
content-md5: 9qSRvp3H9roScfT6qXUxeQ==
last-modified: Thu, 15 Dec 2022 13:30:03 GMT
etag: 0x8DADEA07933BD54
x-ms-request-id: e3dbcf52-f01e-014c-2807-1159ac000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 11693
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791d1b795b00b511-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 73d6f94eec5f7bf78dc11951011af215
2d7941713a82a83c174bf782b618a6f86a8ab2d7
9de1920abadb3501bcf9f787608807f13a266efea69f12fc811bc7cac14a3552
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:55:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 396c3031580960c65849e5313b39f4fa
4ad76b65ca349c0f62654426bba44e49291df679
fa139f416c967887eac37e7b73a877fe06d9406192d27e85534aab9fc8904e70
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:55:14 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Fri, 03 Feb 2023 16:19:21 GMT
ETag: "4ad76b65ca349c0f62654426bba44e49291df679"
Last-Modified: Mon, 30 Jan 2023 16:19:22 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3046
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791d1b79891a1c0e-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 396c3031580960c65849e5313b39f4fa
4ad76b65ca349c0f62654426bba44e49291df679
fa139f416c967887eac37e7b73a877fe06d9406192d27e85534aab9fc8904e70
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:55:14 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Fri, 03 Feb 2023 16:19:21 GMT
ETag: "4ad76b65ca349c0f62654426bba44e49291df679"
Last-Modified: Mon, 30 Jan 2023 16:19:22 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3046
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791d1b798b59b511-OSL
geolocation.onetrust.com/cookieconsentpub/v1/geo/location
104.18.26.85200 OK 116 B URL HTTP/2 geolocation.onetrust.com/cookieconsentpub/v1/geo/location
IP 104.18.26.85:0
Hash 58b67f576abe3b5173fa88e051781324
431e4335d7aae3ac8a97a70bc58402d5bed878d7
85651b4f4be21d6e77b8d91ffec840eb054ff60aad94d851a5f8655754e4d94c
GET /cookieconsentpub/v1/geo/location HTTP/1.1
Host: geolocation.onetrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:55:13 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 791d1b775da3b4f1-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 396c3031580960c65849e5313b39f4fa
4ad76b65ca349c0f62654426bba44e49291df679
fa139f416c967887eac37e7b73a877fe06d9406192d27e85534aab9fc8904e70
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:55:14 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Fri, 03 Feb 2023 16:19:21 GMT
ETag: "4ad76b65ca349c0f62654426bba44e49291df679"
Last-Modified: Mon, 30 Jan 2023 16:19:22 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3046
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791d1b798a8a0b45-OSL
adservice.google.no/ddm/fls/i/src=10697551;type=pagev0;cat=allvi0;ord=5556587767404;gtm=2wg1p0;gcs=G111;auiddc=593899321.1675112127;u1=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287;~oref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287
216.58.211.2200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=10697551;type=pagev0;cat=allvi0;ord=5556587767404;gtm=2wg1p0;gcs=G111;auiddc=593899321.1675112127;u1=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287;~oref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287
IP 216.58.211.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=10697551;type=pagev0;cat=allvi0;ord=5556587767404;gtm=2wg1p0;gcs=G111;auiddc=593899321.1675112127;u1=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287;~oref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287 HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 20:55:14 GMT
expires: Mon, 30 Jan 2023 20:55:14 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.cookielaw.org/consent/68edbfbe-e009-4939-a55b-f4c65daa640b/ad5c42f4-14cd-4309-be4a-e049aeb7b78d/en.json
104.16.149.64200 OK 12 kB URL HTTP/2 cdn.cookielaw.org/consent/68edbfbe-e009-4939-a55b-f4c65daa640b/ad5c42f4-14cd-4309-be4a-e049aeb7b78d/en.json
IP 104.16.149.64:0
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (48198), with no line terminators
Hash b423017d2eccc05cb5e3921d36eeb535
b989dd503a71fa6a448860a5d59c28bbceee910b
b8aab8ba299a063e0e5faacea59d7cc56da466c0fd3b91a8d03480184eaf7495
GET /consent/68edbfbe-e009-4939-a55b-f4c65daa640b/ad5c42f4-14cd-4309-be4a-e049aeb7b78d/en.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:55:14 GMT
content-type: application/x-javascript
content-length: 11485
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: tCMBfS7MwFy145IdNu61NQ==
last-modified: Fri, 25 Nov 2022 10:09:21 GMT
etag: 0x8DACECD1F1475FC
x-ms-request-id: ba3e27e9-f01e-00e9-15b6-0024e0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 32585
expires: Tue, 31 Jan 2023 20:55:14 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791d1b79dbdbb511-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:55:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 73d6f94eec5f7bf78dc11951011af215
2d7941713a82a83c174bf782b618a6f86a8ab2d7
9de1920abadb3501bcf9f787608807f13a266efea69f12fc811bc7cac14a3552
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:55:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/watch/45727869/1?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A968%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1554723600063%3Ahid%3A373567677%3Az%3A0%3Ai%3A20230130205527%3Aet%3A1675112128%3Ac%3A1%3Arn%3A88870127%3Arqn%3A1%3Au%3A1675112128291709993%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A57%2C7%2C1%2C0%2C386%2C0%2C%2C535%2C52%2C%2C%2C%2C1005%3Aco%3A0%3Ans%3A1675112125764%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675112128%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
87.250.251.119200 OK 419 B URL HTTP/2 mc.yandex.ru/watch/45727869/1?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A968%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1554723600063%3Ahid%3A373567677%3Az%3A0%3Ai%3A20230130205527%3Aet%3A1675112128%3Ac%3A1%3Arn%3A88870127%3Arqn%3A1%3Au%3A1675112128291709993%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A57%2C7%2C1%2C0%2C386%2C0%2C%2C535%2C52%2C%2C%2C%2C1005%3Aco%3A0%3Ans%3A1675112125764%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675112128%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 87.250.251.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash 606b251b7519131bf74c0f64f0d3a177
7c2581b5003b1cf6ca14358935962ac5a2427a2d
516ae9e8b5718413a77d76b48be3ca40859271e7306adcc3d96fe541a38c8f09
GET /watch/45727869/1?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A968%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1554723600063%3Ahid%3A373567677%3Az%3A0%3Ai%3A20230130205527%3Aet%3A1675112128%3Ac%3A1%3Arn%3A88870127%3Arqn%3A1%3Au%3A1675112128291709993%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A57%2C7%2C1%2C0%2C386%2C0%2C%2C535%2C52%2C%2C%2C%2C1005%3Aco%3A0%3Ans%3A1675112125764%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675112128%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Referer: https://promo.worldofwarships.eu/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 419
date: Mon, 30 Jan 2023 20:55:14 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://promo.worldofwarships.eu
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 30-Jan-2023 20:55:14 GMT
last-modified: Mon, 30-Jan-2023 20:55:14 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/14976586/1?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A968%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A3%3Adp%3A0%3Als%3A187111168853%3Ahid%3A373567677%3Az%3A0%3Ai%3A20230130205527%3Aet%3A1675112128%3Ac%3A1%3Arn%3A493328816%3Arqn%3A1%3Au%3A1675112128291709993%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A57%2C7%2C1%2C0%2C386%2C0%2C%2C535%2C52%2C%2C%2C%2C1005%3Aco%3A0%3Ans%3A1675112125764%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675112128%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29mc%28g-2%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
87.250.251.119200 OK 419 B URL HTTP/2 mc.yandex.ru/watch/14976586/1?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A968%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A3%3Adp%3A0%3Als%3A187111168853%3Ahid%3A373567677%3Az%3A0%3Ai%3A20230130205527%3Aet%3A1675112128%3Ac%3A1%3Arn%3A493328816%3Arqn%3A1%3Au%3A1675112128291709993%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A57%2C7%2C1%2C0%2C386%2C0%2C%2C535%2C52%2C%2C%2C%2C1005%3Aco%3A0%3Ans%3A1675112125764%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675112128%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29mc%28g-2%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 87.250.251.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash bdfc1066d6f9255cd1c18c0159118c32
759d973bbdff9d5afa93fca0302f47b6da258d26
2475d0de7a7874dc1f7d32244d8a030c139a9e3c2b72fa5b15c91b525e31928e
GET /watch/14976586/1?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A968%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A3%3Adp%3A0%3Als%3A187111168853%3Ahid%3A373567677%3Az%3A0%3Ai%3A20230130205527%3Aet%3A1675112128%3Ac%3A1%3Arn%3A493328816%3Arqn%3A1%3Au%3A1675112128291709993%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A57%2C7%2C1%2C0%2C386%2C0%2C%2C535%2C52%2C%2C%2C%2C1005%3Aco%3A0%3Ans%3A1675112125764%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675112128%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29mc%28g-2%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Referer: https://promo.worldofwarships.eu/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 419
date: Mon, 30 Jan 2023 20:55:14 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://promo.worldofwarships.eu
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 30-Jan-2023 20:55:14 GMT
last-modified: Mon, 30-Jan-2023 20:55:14 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
q.quora.com/_/ad/e4652778ed5c49c1b1a36d8c41a61ba9/pixel?j=1&u=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&tag=ViewContent&ts=1675112127474
3.91.111.252200 OK 43 B URL HTTP/1.1 q.quora.com/_/ad/e4652778ed5c49c1b1a36d8c41a61ba9/pixel?j=1&u=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&tag=ViewContent&ts=1675112127474
IP 3.91.111.252:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /_/ad/e4652778ed5c49c1b1a36d8c41a61ba9/pixel?j=1&u=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&tag=ViewContent&ts=1675112127474 HTTP/1.1
Host: q.quora.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Date: Mon, 30 Jan 2023 20:55:14 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,4d0c356e66eeee9e731c170b77980cb5,10.0.0.85,20092,91.90.42.154,,98351904508,1,1675112114.242,0.002,,.,0,0,0.000,0.000,-,0,0,197,153,76,10,34729,,,,,,-,
Content-Length: 43
Connection: keep-alive
mc.yandex.ru/watch/71343676/1?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A968%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1368915722771%3Ahid%3A373567677%3Az%3A0%3Ai%3A20230130205527%3Aet%3A1675112128%3Ac%3A1%3Arn%3A16378406%3Arqn%3A1%3Au%3A1675112128291709993%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A57%2C7%2C1%2C0%2C386%2C0%2C%2C535%2C52%2C%2C%2C%2C1005%3Aco%3A0%3Ans%3A1675112125764%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675112128%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
87.250.251.119200 OK 400 B URL HTTP/2 mc.yandex.ru/watch/71343676/1?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A968%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1368915722771%3Ahid%3A373567677%3Az%3A0%3Ai%3A20230130205527%3Aet%3A1675112128%3Ac%3A1%3Arn%3A16378406%3Arqn%3A1%3Au%3A1675112128291709993%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A57%2C7%2C1%2C0%2C386%2C0%2C%2C535%2C52%2C%2C%2C%2C1005%3Aco%3A0%3Ans%3A1675112125764%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675112128%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 87.250.251.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash c8a4863424c30110720a78b03b56236c
041f46198d00efcacf347e47c4fbe83ea8a2fd5f
f7d2523bc8df7804ac2790c070763c5c638b8e6c6fe28713b7a2a491fa86478a
GET /watch/71343676/1?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A968%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1368915722771%3Ahid%3A373567677%3Az%3A0%3Ai%3A20230130205527%3Aet%3A1675112128%3Ac%3A1%3Arn%3A16378406%3Arqn%3A1%3Au%3A1675112128291709993%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A57%2C7%2C1%2C0%2C386%2C0%2C%2C535%2C52%2C%2C%2C%2C1005%3Aco%3A0%3Ans%3A1675112125764%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675112128%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Referer: https://promo.worldofwarships.eu/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Mon, 30 Jan 2023 20:55:14 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://promo.worldofwarships.eu
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 30-Jan-2023 20:55:14 GMT
last-modified: Mon, 30-Jan-2023 20:55:14 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/202211.1.0/assets/v2/otPcCenter.json
104.16.149.64200 OK 12 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/202211.1.0/assets/v2/otPcCenter.json
IP 104.16.149.64:0
File type JSON data\012- , ASCII text, with very long lines (50353)
Hash 0cd2fb0fd730954ef2159520d96f1934
d2656260dfdac230479c8e7dc44444e9d5c8faf2
b821093423791675ca31c2d688b528b329737cca90ef62bc44f5c5b39423c8f6
GET /scripttemplates/202211.1.0/assets/v2/otPcCenter.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:55:14 GMT
content-type: application/json
content-length: 12540
content-encoding: gzip
content-md5: DNL7D9cwlU7yFZUg2W8ZNA==
last-modified: Thu, 15 Dec 2022 13:29:57 GMT
etag: 0x8DADEA0758F35B0
x-ms-request-id: 9b16e561-001e-0091-3f93-104c57000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 32585
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791d1b7a6ca8b511-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/202211.1.0/assets/otCenterRounded.json
104.16.149.64200 OK 2.6 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/202211.1.0/assets/otCenterRounded.json
IP 104.16.149.64:0
File type JSON data\012- , ASCII text, with very long lines (7753)
Hash 688f5aef949a8982bda0771893cc67d3
c50441dea985350ab305848e2d87d6286adfda3c
da30c398b0e6646c44fc5a53e44371004a33267d6cd07404775ab6380979b058
GET /scripttemplates/202211.1.0/assets/otCenterRounded.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:55:14 GMT
content-type: application/json
content-length: 2639
content-encoding: gzip
content-md5: aI9a75SaiYK9oHcYk8xn0w==
last-modified: Thu, 15 Dec 2022 13:29:55 GMT
etag: 0x8DADEA074AA9D35
x-ms-request-id: aa98274f-b01e-00c7-0a93-10a427000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 32585
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791d1b7a6ca7b511-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/202211.1.0/assets/otCommonStyles.css
104.16.149.64200 OK 3.7 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/202211.1.0/assets/otCommonStyles.css
IP 104.16.149.64:0
Hash 1541e63e868b7036c6b9ef20db43b6bd
a40bf801a3d60141e54f385751a655b8aca3bfe4
21b97ae8cc480cc7a6ad5f830de2a93046503100e3b219fe8bf1e7de59bce59f
GET /scripttemplates/202211.1.0/assets/otCommonStyles.css HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:55:14 GMT
content-type: text/css
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
last-modified: Thu, 15 Dec 2022 13:30:09 GMT
x-ms-request-id: f62025ee-201e-0068-0993-1086b7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 32585
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791d1b7a6ca9b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.cookielaw.org/logos/04fe1919-d767-41dc-abd4-f409a111f829/d0c760aa-d1b6-44a8-964c-9ae294f365f3/40885536-3b1f-4688-b7c1-39913d45a61e/wg_logo_secondversion_white1r.png
104.16.149.64200 OK 13 kB URL HTTP/2 cdn.cookielaw.org/logos/04fe1919-d767-41dc-abd4-f409a111f829/d0c760aa-d1b6-44a8-964c-9ae294f365f3/40885536-3b1f-4688-b7c1-39913d45a61e/wg_logo_secondversion_white1r.png
IP 104.16.149.64:0
File type PNG image data, 1000 x 320, 8-bit/color RGBA, non-interlaced\012- data
Hash c90475872d8975dcc4b5ed7db6cc5e28
1e5a413845f5d501c174ae4940e1329a2575067f
e79eb16948cca42e0f7884fad7637fa6ec69117a07dbc04cc8b3ea7ebeaef719
GET /logos/04fe1919-d767-41dc-abd4-f409a111f829/d0c760aa-d1b6-44a8-964c-9ae294f365f3/40885536-3b1f-4688-b7c1-39913d45a61e/wg_logo_secondversion_white1r.png HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:55:14 GMT
content-type: image/png
content-length: 13003
content-md5: yQR1hy2JddzEte19tsxeKA==
last-modified: Fri, 02 Oct 2020 14:20:55 GMT
etag: 0x8D866DE604098C2
x-ms-request-id: c476ff8b-c01e-00c3-3c6c-c451a5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 53960
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791d1b7b5e22b511-OSL
X-Firefox-Spdy: h2
mc.yandex.ru/watch/71343676/1?page-url=goal%3A%2F%2Fpromo.worldofwarships.eu%2FWOWS_All-visitors_LP_set&page-ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&charset=utf-8&hittoken=1675112114_eea293f03dd945b235ea6180838692c8a39d970b2f72d359cd330b172b255b83&browser-info=ar%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1368915722771%3Ahid%3A373567677%3Az%3A0%3Ai%3A20230130205528%3Aet%3A1675112128%3Ac%3A1%3Arn%3A821879433%3Arqn%3A2%3Au%3A1675112128291709993%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Aeu%3A1%3Ans%3A1675112125764%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675112128%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29mc%28g-2%29clc%280-0-0%29rqnt%282%29aw%281%29fip%281%29ti%282%29
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/71343676/1?page-url=goal%3A%2F%2Fpromo.worldofwarships.eu%2FWOWS_All-visitors_LP_set&page-ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&charset=utf-8&hittoken=1675112114_eea293f03dd945b235ea6180838692c8a39d970b2f72d359cd330b172b255b83&browser-info=ar%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1368915722771%3Ahid%3A373567677%3Az%3A0%3Ai%3A20230130205528%3Aet%3A1675112128%3Ac%3A1%3Arn%3A821879433%3Arqn%3A2%3Au%3A1675112128291709993%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Aeu%3A1%3Ans%3A1675112125764%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675112128%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29mc%28g-2%29clc%280-0-0%29rqnt%282%29aw%281%29fip%281%29ti%282%29
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/71343676/1?page-url=goal%3A%2F%2Fpromo.worldofwarships.eu%2FWOWS_All-visitors_LP_set&page-ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&charset=utf-8&hittoken=1675112114_eea293f03dd945b235ea6180838692c8a39d970b2f72d359cd330b172b255b83&browser-info=ar%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1368915722771%3Ahid%3A373567677%3Az%3A0%3Ai%3A20230130205528%3Aet%3A1675112128%3Ac%3A1%3Arn%3A821879433%3Arqn%3A2%3Au%3A1675112128291709993%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Aeu%3A1%3Ans%3A1675112125764%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675112128%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29mc%28g-2%29clc%280-0-0%29rqnt%282%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Referer: https://promo.worldofwarships.eu/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 30 Jan 2023 20:55:14 GMT
access-control-allow-origin: https://promo.worldofwarships.eu
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 30-Jan-2023 20:55:14 GMT
last-modified: Mon, 30-Jan-2023 20:55:14 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/global_static/favicon/v2/apple-touch-icon-180x180.png
185.244.209.62200 OK 2.3 kB URL HTTP/2 promo-cdn.worldofwarships.com/global_static/favicon/v2/apple-touch-icon-180x180.png
IP 185.244.209.62:0
ASN #58286 Electric-IT Business S.R.L.
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 687168d21b7e78dfb6175de97ae3d045
78081e22c1ea9e51a6cac8910d7ce01c319132e1
49f69cf7e37fda7051cd440048ecd5b2ab0973f106dc6e669959ee453b03e5d1
GET /global_static/favicon/v2/apple-touch-icon-180x180.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:14 GMT
content-type: image/png
content-length: 2326
last-modified: Mon, 05 Sep 2022 07:56:20 GMT
etag: "687168d21b7e78dfb6175de97ae3d045"
x-amz-request-id: tx00000000000000030cbd5-0063c15314-1dbc2cc6-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-01-29T13:17:54+00:00
x-id: osix-up-gc4
accept-ranges: bytes
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/global_static/favicon/v2/favicon-64x64.png
185.244.209.62200 OK 1.2 kB URL HTTP/2 promo-cdn.worldofwarships.com/global_static/favicon/v2/favicon-64x64.png
IP 185.244.209.62:0
ASN #58286 Electric-IT Business S.R.L.
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash de30b29e8bbc72b7828734d5d781b9eb
9d5fb51148291180b45d9481b756eb7fc2d4a352
e47efd1c616db1a5564776f4be806183ee085c80d2d3722d3f8d5a06115e46ee
GET /global_static/favicon/v2/favicon-64x64.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:14 GMT
content-type: image/png
content-length: 1198
last-modified: Mon, 05 Sep 2022 07:56:21 GMT
etag: "de30b29e8bbc72b7828734d5d781b9eb"
x-amz-request-id: tx00000000000000030430d-0063c15167-1dbc2cc6-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-01-29T12:49:27+00:00
x-id: osix-up-gc4
accept-ranges: bytes
X-Firefox-Spdy: h2
mc.yandex.ru/watch/71343676?page-url=goal%3A%2F%2Fpromo.worldofwarships.eu%2FWOWS_All-visitors_LP_set&page-ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&charset=utf-8&hittoken=1675112114_eea293f03dd945b235ea6180838692c8a39d970b2f72d359cd330b172b255b83&browser-info=ar%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1368915722771%3Ahid%3A373567677%3Az%3A0%3Ai%3A20230130205528%3Aet%3A1675112128%3Ac%3A1%3Arn%3A821879433%3Arqn%3A2%3Au%3A1675112128291709993%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Aeu%3A1%3Ans%3A1675112125764%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675112128%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2)
87.250.251.119302 Found 42 B URL HTTP/2 mc.yandex.ru/watch/71343676?page-url=goal%3A%2F%2Fpromo.worldofwarships.eu%2FWOWS_All-visitors_LP_set&page-ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&charset=utf-8&hittoken=1675112114_eea293f03dd945b235ea6180838692c8a39d970b2f72d359cd330b172b255b83&browser-info=ar%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1368915722771%3Ahid%3A373567677%3Az%3A0%3Ai%3A20230130205528%3Aet%3A1675112128%3Ac%3A1%3Arn%3A821879433%3Arqn%3A2%3Au%3A1675112128291709993%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Aeu%3A1%3Ans%3A1675112125764%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675112128%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2)
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /watch/71343676?page-url=goal%3A%2F%2Fpromo.worldofwarships.eu%2FWOWS_All-visitors_LP_set&page-ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&charset=utf-8&hittoken=1675112114_eea293f03dd945b235ea6180838692c8a39d970b2f72d359cd330b172b255b83&browser-info=ar%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1368915722771%3Ahid%3A373567677%3Az%3A0%3Ai%3A20230130205528%3Aet%3A1675112128%3Ac%3A1%3Arn%3A821879433%3Arqn%3A2%3Au%3A1675112128291709993%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Aeu%3A1%3Ans%3A1675112125764%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675112128%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/71343676/1?page-url=goal%3A%2F%2Fpromo.worldofwarships.eu%2FWOWS_All-visitors_LP_set&page-ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&charset=utf-8&hittoken=1675112114_eea293f03dd945b235ea6180838692c8a39d970b2f72d359cd330b172b255b83&browser-info=ar%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1368915722771%3Ahid%3A373567677%3Az%3A0%3Ai%3A20230130205528%3Aet%3A1675112128%3Ac%3A1%3Arn%3A821879433%3Arqn%3A2%3Au%3A1675112128291709993%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Aeu%3A1%3Ans%3A1675112125764%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675112128%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29mc%28g-2%29clc%280-0-0%29rqnt%282%29aw%281%29fip%281%29ti%282%29
date: Mon, 30 Jan 2023 20:55:14 GMT
access-control-allow-origin: https://promo.worldofwarships.eu
set-cookie: yabs-sid=2294364281675112114; Path=/; SameSite=None; Secure
i=ZhVYIxWrR8xDaNRqE8PlxDkrY1m9llOxGGNZy0dMPQ0lDMOssBHvLjKGyZ5g5KVYiPCamWmcWODrVIYY/499ZnabrjA=; Expires=Thu, 27-Jan-2033 20:55:09 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=3674548761675112114; Expires=Tue, 30-Jan-2024 20:55:14 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=3674548761675112114; Expires=Tue, 30-Jan-2024 20:55:14 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706648114.yc.1675112114#1706648114.yrts.1675112114#1706648114.yrtsi.1675112114; Expires=Tue, 30-Jan-2024 20:55:14 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 30-Jan-2023 20:55:14 GMT
last-modified: Mon, 30-Jan-2023 20:55:14 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
87.250.251.119200 OK 74 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.251.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (659)
Hash a236c7014c1f1a1e52d356f59e5d665a
b66c638eb2346287364c37725819bbab1f409d66
ad2d57579e453af0eac49156840bcd1dcfbd802a82135af98f41f714d7e698f2
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 73769
date: Mon, 30 Jan 2023 20:55:14 GMT
access-control-allow-origin: *
etag: "63c93a4b-12029"
expires: Mon, 30 Jan 2023 21:55:14 GMT
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 30 Jan 2023 20:55:14 GMT
access-control-allow-origin: *
etag: "63c93a4b-2b"
expires: Mon, 30 Jan 2023 21:55:14 GMT
accept-ranges: bytes
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/45727869?page-url=goal%3A%2F%2Fpromo.worldofwarships.eu%2FWOWS_All-visitors_LP_set&page-ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&charset=utf-8&hittoken=1675112114_bb07f844b18bd145005c138a0a34872db3e3671e8a38b6bd5b7d510be9b1148b&browser-info=ar%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1554723600063%3Ahid%3A373567677%3Az%3A0%3Ai%3A20230130205527%3Aet%3A1675112128%3Ac%3A1%3Arn%3A260326954%3Arqn%3A2%3Au%3A1675112128291709993%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675112125764%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675112128%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2)
87.250.251.119302 Found 42 B URL HTTP/2 mc.yandex.ru/watch/45727869?page-url=goal%3A%2F%2Fpromo.worldofwarships.eu%2FWOWS_All-visitors_LP_set&page-ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&charset=utf-8&hittoken=1675112114_bb07f844b18bd145005c138a0a34872db3e3671e8a38b6bd5b7d510be9b1148b&browser-info=ar%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1554723600063%3Ahid%3A373567677%3Az%3A0%3Ai%3A20230130205527%3Aet%3A1675112128%3Ac%3A1%3Arn%3A260326954%3Arqn%3A2%3Au%3A1675112128291709993%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675112125764%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675112128%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2)
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /watch/45727869?page-url=goal%3A%2F%2Fpromo.worldofwarships.eu%2FWOWS_All-visitors_LP_set&page-ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&charset=utf-8&hittoken=1675112114_bb07f844b18bd145005c138a0a34872db3e3671e8a38b6bd5b7d510be9b1148b&browser-info=ar%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1554723600063%3Ahid%3A373567677%3Az%3A0%3Ai%3A20230130205527%3Aet%3A1675112128%3Ac%3A1%3Arn%3A260326954%3Arqn%3A2%3Au%3A1675112128291709993%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675112125764%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675112128%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/45727869/1?page-url=goal%3A%2F%2Fpromo.worldofwarships.eu%2FWOWS_All-visitors_LP_set&page-ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&charset=utf-8&hittoken=1675112114_bb07f844b18bd145005c138a0a34872db3e3671e8a38b6bd5b7d510be9b1148b&browser-info=ar%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1554723600063%3Ahid%3A373567677%3Az%3A0%3Ai%3A20230130205527%3Aet%3A1675112128%3Ac%3A1%3Arn%3A260326954%3Arqn%3A2%3Au%3A1675112128291709993%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Ans%3A1675112125764%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675112128%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29mc%28g-2%29clc%280-0-0%29rqnt%282%29aw%281%29fip%281%29ti%282%29
date: Mon, 30 Jan 2023 20:55:14 GMT
access-control-allow-origin: https://promo.worldofwarships.eu
set-cookie: yabs-sid=2663194211675112114; Path=/; SameSite=None; Secure
i=OhIt+yUNKPqARn76AD0ocOvSujcwOuDBkxUqfWh/8G2fjOlqiYcN4hOpl8Dbqor9GPregF8itoyXKJXHrzayxmLRfb8=; Expires=Thu, 27-Jan-2033 20:55:00 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=4056971341675112114; Expires=Tue, 30-Jan-2024 20:55:14 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=4056971341675112114; Expires=Tue, 30-Jan-2024 20:55:14 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706648114.yc.1675112114#1706648114.yrts.1675112114#1706648114.yrtsi.1675112114; Expires=Tue, 30-Jan-2024 20:55:14 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 30-Jan-2023 20:55:14 GMT
last-modified: Mon, 30-Jan-2023 20:55:14 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1006839708/?random=1675112126991&cv=11&fst=1675108800000&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&tiba=World%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high&fmt=3&is_vtc=1&random=3530703474&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1006839708/?random=1675112126991&cv=11&fst=1675108800000&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&tiba=World%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high&fmt=3&is_vtc=1&random=3530703474&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1006839708/?random=1675112126991&cv=11&fst=1675108800000&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&tiba=World%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high&fmt=3&is_vtc=1&random=3530703474&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 20:55:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/14976586?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A968%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A3%3Adp%3A0%3Als%3A187111168853%3Ahid%3A373567677%3Az%3A0%3Ai%3A20230130205527%3Aet%3A1675112128%3Ac%3A1%3Arn%3A493328816%3Arqn%3A1%3Au%3A1675112128291709993%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A57%2C7%2C1%2C0%2C386%2C0%2C%2C535%2C52%2C%2C%2C%2C1005%3Aco%3A0%3Ans%3A1675112125764%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675112128%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.251.119302 Found 63 B URL HTTP/2 mc.yandex.ru/watch/14976586?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A968%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A3%3Adp%3A0%3Als%3A187111168853%3Ahid%3A373567677%3Az%3A0%3Ai%3A20230130205527%3Aet%3A1675112128%3Ac%3A1%3Arn%3A493328816%3Arqn%3A1%3Au%3A1675112128291709993%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A57%2C7%2C1%2C0%2C386%2C0%2C%2C535%2C52%2C%2C%2C%2C1005%3Aco%3A0%3Ans%3A1675112125764%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675112128%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.251.119:0
File type gzip compressed data, max compression\012- data
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /watch/14976586?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A968%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A3%3Adp%3A0%3Als%3A187111168853%3Ahid%3A373567677%3Az%3A0%3Ai%3A20230130205527%3Aet%3A1675112128%3Ac%3A1%3Arn%3A493328816%3Arqn%3A1%3Au%3A1675112128291709993%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A57%2C7%2C1%2C0%2C386%2C0%2C%2C535%2C52%2C%2C%2C%2C1005%3Aco%3A0%3Ans%3A1675112125764%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675112128%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /watch/14976586/1?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A968%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A3%3Adp%3A0%3Als%3A187111168853%3Ahid%3A373567677%3Az%3A0%3Ai%3A20230130205527%3Aet%3A1675112128%3Ac%3A1%3Arn%3A493328816%3Arqn%3A1%3Au%3A1675112128291709993%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A57%2C7%2C1%2C0%2C386%2C0%2C%2C535%2C52%2C%2C%2C%2C1005%3Aco%3A0%3Ans%3A1675112125764%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675112128%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29mc%28g-2%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Mon, 30 Jan 2023 20:55:14 GMT
access-control-allow-origin: https://promo.worldofwarships.eu
set-cookie: yabs-sid=1427555011675112114; Path=/; SameSite=None; Secure
i=Ak/p2dsTUyZiLU4y8mIBs8/mzpBlICnvqBHZkga/fhOW7MqfLWhg2133XhVWjFb2UIqkMAUngTa+2SrD19ZGSkgISK0=; Expires=Thu, 27-Jan-2033 20:55:12 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=4108457821675112114; Expires=Tue, 30-Jan-2024 20:55:14 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=4108457821675112114; Expires=Tue, 30-Jan-2024 20:55:14 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706648114.yc.1675112114#1706648114.yrts.1675112114#1706648114.yrtsi.1675112114; Expires=Tue, 30-Jan-2024 20:55:14 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 30-Jan-2023 20:55:14 GMT
last-modified: Mon, 30-Jan-2023 20:55:14 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
s.yimg.jp/images/listing/tool/cv/ytag.js
183.79.249.124200 OK 9.8 kB URL HTTP/2 s.yimg.jp/images/listing/tool/cv/ytag.js
IP 183.79.249.124:0
File type ASCII text, with very long lines (32040), with no line terminators
Hash 365c9c596b34a4638836c22c8a5dc623
90f05e1c6c4016e5677709bb6f8f0e810b9ca58a
ecddfb33f676186b2a23f80d1d12b32bfe11d1144b1e44da0347d5ac2943b76f
GET /images/listing/tool/cv/ytag.js HTTP/1.1
Host: s.yimg.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 30 Jan 2023 20:52:37 GMT
vary: Accept-Encoding
last-modified: Mon, 19 Dec 2022 01:14:54 GMT
cache-control: public, max-age=600
content-encoding: gzip
server: ATS
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
permissions-policy: ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
age: 158
content-length: 9788
ats-carp-promotion: 1
x-z-chihaya: r=1
X-Firefox-Spdy: h2
am.yahoo.co.jp/rt/?p=26NUFXJP68&label=&ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&rref=&pt=home&item=&cat=&price=&quantity=&r=1675112128.1467774&pvid=ubvqo1sxz2qldjaieua&tsyjad=0&_impl=ytag
183.79.249.124403 Forbidden 14 kB URL HTTP/2 am.yahoo.co.jp/rt/?p=26NUFXJP68&label=&ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&rref=&pt=home&item=&cat=&price=&quantity=&r=1675112128.1467774&pvid=ubvqo1sxz2qldjaieua&tsyjad=0&_impl=ytag
IP 183.79.249.124:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (486)
Hash e986e7a04549f3bef16fe1bb24e61acd
b3ec35460824fae12cf6342ae42d27597ec94fb7
e8b72fe96bc96ffcfef2cdf8ebb503ac854e5c2997ae389b96d04bf78f478edd
GET /rt/?p=26NUFXJP68&label=&ref=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&rref=&pt=home&item=&cat=&price=&quantity=&r=1675112128.1467774&pvid=ubvqo1sxz2qldjaieua&tsyjad=0&_impl=ytag HTTP/1.1
Host: am.yahoo.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Mon, 30 Jan 2023 20:55:15 GMT
server: ATS
x-z-chihaya: r=1
x-frame-options: SAMEORIGIN
content-length: 14275
content-type: text/html
X-Firefox-Spdy: h2
s.adroll.com/j/roundtrip.js
54.230.111.26200 OK 18 kB URL HTTP/1.1 s.adroll.com/j/roundtrip.js
IP 54.230.111.26:0
File type ASCII text, with very long lines (1139)
Hash b31f9b642165df1e97ee081eb3f67fb0
79febf11ad246aee1d5b172495a2696434788c10
bb9876575f71025c237bdd2a7d15f5d65c1154b2938cb5e674121903956894f9
GET /j/roundtrip.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 18 Jan 2023 16:29:54 GMT
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: bntwPEMHiM2VGhRpRaGiN3p9n4.eWDa1
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 30 Jan 2023 20:42:23 GMT
Cache-Control: max-age=3600, must-revalidate
Etag: W/"0746318b259b1f107827e097348569d8"
Vary: Accept-Encoding
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
Age: 815
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 23sRqG2CYF9BwSMdazWCGQCBF9XeCo9aCmt2MLplaQ_peZ8aKuIX2A==
s.adroll.com/j/5DEKGEZXIZFGBAVTF7IHV4/roundtrip.js
54.230.111.26200 OK 23 kB URL HTTP/1.1 s.adroll.com/j/5DEKGEZXIZFGBAVTF7IHV4/roundtrip.js
IP 54.230.111.26:0
File type ASCII text, with very long lines (3568)
Hash ebe3cf8f28b90c64a13e17c96f3872e5
9c6689871f9a67403581471be799332dd9921870
6f1e1bbeb3d843c1783e0d5e1c3888722a22ac338645c1a47770c653abd9959b
GET /j/5DEKGEZXIZFGBAVTF7IHV4/roundtrip.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 20:33:29 GMT
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: WSpLB.TaBavW3IqgUCZSku0NG19MMuUk
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 30 Jan 2023 20:34:35 GMT
Cache-Control: max-age=3600, must-revalidate
Etag: W/"eaced7918f7dbcb220390851dca1e385"
Vary: Accept-Encoding
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
Age: 1242
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: coke0-9A-uGutiFYjSK_LtHVjV_6e32MeLgFrDsnD4ZkzXTuhk1PeA==
s.adroll.com/j/exp/5DEKGEZXIZFGBAVTF7IHV4/index.js
54.230.111.26200 OK 42 B URL HTTP/1.1 s.adroll.com/j/exp/5DEKGEZXIZFGBAVTF7IHV4/index.js
IP 54.230.111.26:0
File type ASCII text, with no line terminators
Hash 2ff5e20519778d0385c77e7f6e12de10
8e8d022d7675d4c0227b63c3fd2c75d09f52068b
f51a75f2ede4c5e0457f05d60bfa39290b59348a71cdae4cc701236e6f552ad9
GET /j/exp/5DEKGEZXIZFGBAVTF7IHV4/index.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 42
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 19:56:40 GMT
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: kC5BNvm6SicTp11.z_8JXLzqwWzVce1z
Accept-Ranges: bytes
Server: AmazonS3
Date: Mon, 30 Jan 2023 20:52:51 GMT
Cache-Control: max-age=300, must-revalidate
Etag: "2ff5e20519778d0385c77e7f6e12de10"
Vary: Accept-Encoding
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
Age: 157
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: edzS6XfmgzL-j44Ux0GaIqIuuRxquHDqoDmZiOiDePKgfv_Fr4tD5g==
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 42a81afbdca2e4aa222319e44bfd0d86
db2160b77a4f38959214447ce90c190d660418ba
a11a6665a3e4ee4addb5a9047b0950f40570cad29a978db4e48a8547f5ebd2b3
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 30 Jan 2023 20:55:16 GMT
Last-Modified: Mon, 30 Jan 2023 19:47:21 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: JtJkleBP-jFXOv9eAs8u7mEyBvrMi4dQiI_TGCb7Qap6n85pOg-4qw==
Age: 4075
d.adroll.com/consent/check/5DEKGEZXIZFGBAVTF7IHV4?pv=90671830053.72986&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&_s=5f8dc0ab16458dd539607503101ed321&_b=2
34.241.40.91200 OK 461 B URL HTTP/2 d.adroll.com/consent/check/5DEKGEZXIZFGBAVTF7IHV4?pv=90671830053.72986&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&_s=5f8dc0ab16458dd539607503101ed321&_b=2
IP 34.241.40.91:0
File type ASCII text, with very long lines (461), with no line terminators
Hash 0748902d3dfc0880596baa90331c9a97
10e0ec9e312267bd147a59aa7163953b76b63dbc
a8217619c9c01b310066610492e4c9555c939b58cd102c2dab21bd582938c479
GET /consent/check/5DEKGEZXIZFGBAVTF7IHV4?pv=90671830053.72986&arrfrr=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&_s=5f8dc0ab16458dd539607503101ed321&_b=2 HTTP/1.1
Host: d.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:55:16 GMT
content-type: application/javascript
content-length: 461
server: nginx/1.22.1
cache-control: no-store, no-cache, must-revalidate
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
set-cookie: __adroll=caeb1a866a9d2133e7e6ef0861f251f5-a_1675112116; Version=1; Expires=Thu, 29-Feb-2024 20:55:16 GMT; Max-Age=34128000; Path=/; HttpOnly; SameSite=None; Secure; Domain=d.adroll.com
__adroll_shared=caeb1a866a9d2133e7e6ef0861f251f5-a_1675112116; Version=1; Expires=Thu, 29-Feb-2024 20:55:16 GMT; Max-Age=34128000; Path=/; HttpOnly; SameSite=None; Secure; Domain=adroll.com
X-Firefox-Spdy: h2
mc.yandex.ru/watch/45727869?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A968%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1554723600063%3Ahid%3A373567677%3Az%3A0%3Ai%3A20230130205527%3Aet%3A1675112128%3Ac%3A1%3Arn%3A88870127%3Arqn%3A1%3Au%3A1675112128291709993%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A57%2C7%2C1%2C0%2C386%2C0%2C%2C535%2C52%2C%2C%2C%2C1005%3Aco%3A0%3Ans%3A1675112125764%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675112128%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.251.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/45727869?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A968%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1554723600063%3Ahid%3A373567677%3Az%3A0%3Ai%3A20230130205527%3Aet%3A1675112128%3Ac%3A1%3Arn%3A88870127%3Arqn%3A1%3Au%3A1675112128291709993%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A57%2C7%2C1%2C0%2C386%2C0%2C%2C535%2C52%2C%2C%2C%2C1005%3Aco%3A0%3Ans%3A1675112125764%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675112128%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.251.119:0
GET /watch/45727869?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A968%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1554723600063%3Ahid%3A373567677%3Az%3A0%3Ai%3A20230130205527%3Aet%3A1675112128%3Ac%3A1%3Arn%3A88870127%3Arqn%3A1%3Au%3A1675112128291709993%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A57%2C7%2C1%2C0%2C386%2C0%2C%2C535%2C52%2C%2C%2C%2C1005%3Aco%3A0%3Ans%3A1675112125764%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675112128%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /watch/45727869/1?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A968%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1554723600063%3Ahid%3A373567677%3Az%3A0%3Ai%3A20230130205527%3Aet%3A1675112128%3Ac%3A1%3Arn%3A88870127%3Arqn%3A1%3Au%3A1675112128291709993%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A57%2C7%2C1%2C0%2C386%2C0%2C%2C535%2C52%2C%2C%2C%2C1005%3Aco%3A0%3Ans%3A1675112125764%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675112128%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Mon, 30 Jan 2023 20:55:14 GMT
access-control-allow-origin: https://promo.worldofwarships.eu
set-cookie: yabs-sid=661559551675112114; Path=/; SameSite=None; Secure
i=YziJCcE3Qn0DeIKhXfDQYvWkNqePlW4Wk/Fg+g4NlVApuzDz1YZefM4uFlgI4rcFzUkCUmqzEHwpirhNglR+yd0CmqU=; Expires=Thu, 27-Jan-2033 20:55:13 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=4940786661675112114; Expires=Tue, 30-Jan-2024 20:55:14 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=4940786661675112114; Expires=Tue, 30-Jan-2024 20:55:14 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706648114.yc.1675112114#1706648114.yrts.1675112114#1706648114.yrtsi.1675112114; Expires=Tue, 30-Jan-2024 20:55:14 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 30-Jan-2023 20:55:14 GMT
last-modified: Mon, 30-Jan-2023 20:55:14 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/71343676?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A968%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1368915722771%3Ahid%3A373567677%3Az%3A0%3Ai%3A20230130205527%3Aet%3A1675112128%3Ac%3A1%3Arn%3A16378406%3Arqn%3A1%3Au%3A1675112128291709993%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A57%2C7%2C1%2C0%2C386%2C0%2C%2C535%2C52%2C%2C%2C%2C1005%3Aco%3A0%3Ans%3A1675112125764%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675112128%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.251.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/71343676?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A968%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1368915722771%3Ahid%3A373567677%3Az%3A0%3Ai%3A20230130205527%3Aet%3A1675112128%3Ac%3A1%3Arn%3A16378406%3Arqn%3A1%3Au%3A1675112128291709993%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A57%2C7%2C1%2C0%2C386%2C0%2C%2C535%2C52%2C%2C%2C%2C1005%3Aco%3A0%3Ans%3A1675112125764%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675112128%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.251.119:0
GET /watch/71343676?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A968%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1368915722771%3Ahid%3A373567677%3Az%3A0%3Ai%3A20230130205527%3Aet%3A1675112128%3Ac%3A1%3Arn%3A16378406%3Arqn%3A1%3Au%3A1675112128291709993%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A57%2C7%2C1%2C0%2C386%2C0%2C%2C535%2C52%2C%2C%2C%2C1005%3Aco%3A0%3Ans%3A1675112125764%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675112128%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /watch/71343676/1?wmode=7&page-url=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS%2BTMPLT1%2BCODE%2BBOOM%2Bglobal%2BWITH%2BBONUS%2BSUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A968%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1368915722771%3Ahid%3A373567677%3Az%3A0%3Ai%3A20230130205527%3Aet%3A1675112128%3Ac%3A1%3Arn%3A16378406%3Arqn%3A1%3Au%3A1675112128291709993%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A57%2C7%2C1%2C0%2C386%2C0%2C%2C535%2C52%2C%2C%2C%2C1005%3Aco%3A0%3Ans%3A1675112125764%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675112128%3At%3AWorld%C2%A0of%C2%A0Warships%E2%80%94massive%C2%A0naval%C2%A0clashes.%C2%A0Take%C2%A0command%C2%A0of%C2%A0legendary%C2%A0vessels%C2%A0from%C2%A0the%C2%A0early%C2%A020th%C2%A0century%C2%A0and%C2%A0fight%C2%A0for%C2%A0domination%C2%A0on%C2%A0the%C2%A0high%C2%A0seas.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Mon, 30 Jan 2023 20:55:14 GMT
access-control-allow-origin: https://promo.worldofwarships.eu
set-cookie: yabs-sid=646527341675112114; Path=/; SameSite=None; Secure
i=GUszJ66PoJzqFoO/VhCLPFroK9L3Yuc3Vp6xCBrW1j3M3/qxZk9BAFcuNi+06ZVt1V8cVYlfINc8L7RINe2ZQ1fmRiE=; Expires=Thu, 27-Jan-2033 20:55:11 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=3505382561675112114; Expires=Tue, 30-Jan-2024 20:55:14 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=3505382561675112114; Expires=Tue, 30-Jan-2024 20:55:14 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706648114.yc.1675112114#1706648114.yrts.1675112114#1706648114.yrtsi.1675112114; Expires=Tue, 30-Jan-2024 20:55:14 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 30-Jan-2023 20:55:14 GMT
last-modified: Mon, 30-Jan-2023 20:55:14 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/libs/jquery.fullpage.min.css
185.244.209.62200 OK 0 B URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/libs/jquery.fullpage.min.css
IP 185.244.209.62:0
ASN #58286 Electric-IT Business S.R.L.
GET /glows-34505/src/libs/jquery.fullpage.min.css HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:12 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Tue, 22 Nov 2022 10:14:27 GMT
etag: W/"c397710fd5227e7e53b0c95cbc6b9d61"
x-amz-request-id: tx0000000000000004f5745-0063c1b8ab-1dbc2ce4-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-01-29T22:10:00+00:00
x-id: osix-up-gc4
content-encoding: gzip
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/global_static/age_ratings/v2/pegi_rating.svg
185.244.209.62200 OK 0 B URL HTTP/2 promo-cdn.worldofwarships.com/global_static/age_ratings/v2/pegi_rating.svg
IP 185.244.209.62:0
ASN #58286 Electric-IT Business S.R.L.
GET /global_static/age_ratings/v2/pegi_rating.svg HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:12 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Feb 2022 22:01:21 GMT
etag: W/"207ef7e145ba483b342b96f8c2fbf72a"
x-amz-request-id: tx000000000000000301a4c-0063c150d2-1da6e216-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-01-29T12:40:39+00:00
x-id: osix-up-gc4
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Rubik%3A400%7CBarlow+Condensed%3A600%7CBarlow+Condensed%3A400%7CBai+Jamjuree%3A700italic&subset=cyrillic%2Clatin-ext%2Clatin-ext%2Clatin-ext
142.250.74.138200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Rubik%3A400%7CBarlow+Condensed%3A600%7CBarlow+Condensed%3A400%7CBai+Jamjuree%3A700italic&subset=cyrillic%2Clatin-ext%2Clatin-ext%2Clatin-ext
IP 142.250.74.138:0
GET /css?family=Rubik%3A400%7CBarlow+Condensed%3A600%7CBarlow+Condensed%3A400%7CBai+Jamjuree%3A700italic&subset=cyrillic%2Clatin-ext%2Clatin-ext%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 30 Jan 2023 20:55:09 GMT
date: Mon, 30 Jan 2023 20:55:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.cookielaw.org/logos/static/ot_guard_logo.svg
104.16.149.64200 OK 0 B URL HTTP/2 cdn.cookielaw.org/logos/static/ot_guard_logo.svg
IP 104.16.149.64:0
GET /logos/static/ot_guard_logo.svg HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Origin: https://promo.worldofwarships.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:55:14 GMT
content-type: image/svg+xml
content-md5: tXyZydHjxQshFMbbBT1/8A==
last-modified: Fri, 27 Jan 2023 07:38:17 GMT
x-ms-request-id: b3fc9f96-601e-00c5-305d-32a6dd000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 31705
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791d1b7b6e38b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/global_static/age_ratings/v2/pegi_ext-in-game-purchases.svg
185.244.209.62200 OK 0 B URL HTTP/2 promo-cdn.worldofwarships.com/global_static/age_ratings/v2/pegi_ext-in-game-purchases.svg
IP 185.244.209.62:0
ASN #58286 Electric-IT Business S.R.L.
GET /global_static/age_ratings/v2/pegi_ext-in-game-purchases.svg HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:12 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Feb 2022 22:01:20 GMT
etag: W/"635ea99325f08d75fd8f09201f998f50"
x-amz-request-id: tx00000000000000030122d-0063c150d2-1dbc2ce4-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-01-29T12:40:39+00:00
x-id: osix-up-gc4
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.cookielaw.org/logos/static/powered_by_logo.svg
104.16.149.64200 OK 0 B URL HTTP/2 cdn.cookielaw.org/logos/static/powered_by_logo.svg
IP 104.16.149.64:0
GET /logos/static/powered_by_logo.svg HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:55:14 GMT
content-type: image/svg+xml
content-md5: Y+c301RBZNK39PvKQWrIBw==
last-modified: Fri, 27 Jan 2023 07:38:18 GMT
x-ms-request-id: 1c8bfc48-c01e-0122-6186-32f085000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 8075
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791d1b7b6e24b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.9.5
142.250.74.138200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.9.5
IP 142.250.74.138:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.9.5 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 30 Jan 2023 20:55:09 GMT
date: Mon, 30 Jan 2023 20:55:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
clezgashop.fr/wp-content/uploads/2022/04/t-shirt-mockup-of-a-teen-girl-taking-a-selfie-with-a-soccer-ball-33579-e1648900207741-400x400.png
185.98.131.141200 OK 0 B URL HTTP/2 clezgashop.fr/wp-content/uploads/2022/04/t-shirt-mockup-of-a-teen-girl-taking-a-selfie-with-a-soccer-ball-33579-e1648900207741-400x400.png
IP 185.98.131.141:0
GET /wp-content/uploads/2022/04/t-shirt-mockup-of-a-teen-girl-taking-a-selfie-with-a-soccer-ball-33579-e1648900207741-400x400.png HTTP/1.1
Host: clezgashop.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clezgashop.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:09 GMT
content-type: image/png
content-length: 235299
last-modified: Sat, 02 Apr 2022 11:50:20 GMT
etag: "39723-5dbaa7fee0e7b"
x-cache-status: MISS
x-cache-key: https://clezgashop.fr/wp-content/uploads/2022/04/t-shirt-mockup-of-a-teen-girl-taking-a-selfie-with-a-soccer-ball-33579-e1648900207741-400x400.png
accept-ranges: bytes
X-Firefox-Spdy: h2
a.quora.com/qevents.js
162.159.152.17200 OK 0 B IP 162.159.152.17:0
GET /qevents.js HTTP/1.1
Host: a.quora.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:55:13 GMT
content-type: text/plain
x-amz-id-2: Lo6V6sS9dollZm991E+r9QS5ilIWlcul705lMiga2oQnz8bnT95jaa4X7qyu2MPUU2YNcD20ek4=
x-amz-request-id: ABWFWAK2P6Z86ST7
last-modified: Fri, 18 Mar 2022 00:16:52 GMT
etag: W/"47078e63380c6b0cbbfb6d8508b25ee7"
x-amz-meta-s3cmd-attrs: atime:1647562609/ctime:1647562609/gid:150037/gname:ezhang/md5:47078e63380c6b0cbbfb6d8508b25ee7/mode:33204/mtime:1647562609/uid:150037/uname:ezhang
cache-control: public, max-age=14400
x-amz-version-id: vyBstMTGyA6m5sV66zq8xsypUg.tAOk.
cf-cache-status: HIT
age: 1015551
expires: Tue, 31 Jan 2023 00:55:13 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 791d1b774ecf1c12-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
arctic-farmer.com/bz3/V_0.PG3jpOvCb/m/VHJLZIDQ0-0lNujRIBwQMtzpMNx/L/TrQb2zMajLA-zMMrzBIE
188.72.219.35200 OK 0 B URL HTTP/2 arctic-farmer.com/bz3/V_0.PG3jpOvCb/m/VHJLZIDQ0-0lNujRIBwQMtzpMNx/L/TrQb2zMajLA-zMMrzBIE
IP 188.72.219.35:0
GET /bz3/V_0.PG3jpOvCb/m/VHJLZIDQ0-0lNujRIBwQMtzpMNx/L/TrQb2zMajLA-zMMrzBIE HTTP/1.1
Host: arctic-farmer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://final.similarwebline.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:12 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
expires: Mon, 26 Jul 2011 05:00:00 GMT
x-frame-options: DENY
referrer-policy: no-referrer
p3p: CP="CUR ADM OUR NOR STA NID"
last-modified: Mon, 30 Jan 2023 20:55:11 GMT
set-cookie: kadCCap=218693:1:1669515516;220335:1:1670435916;222555:1:1671433227;171526:1:1673628579;132751:1:1675084242;212269:1:1675041317;218665:1:1673777741;222582:1:1674318856;219652:1:1669330335;215297:1:1674141027;223454:1:1674804841;184246:1:1673859446;222513:1:1671568408;221398:1:1674769535;219484:1:1667715065;220790:1:1668460505;223255:1:1670393482;101716:1:1672946010;79610:1:1674135009;194136:1:1675008656;199455:1:1668245056;219047:1:1667194435;222775:1:1674305361;223642:1:1674763884;221352:1:1670163762; max-age=1706648112; path=/
kadACap=419291:1:1674985351;444785:1:1671894608;441369:1:1671297690;424441:1:1674948590;445735:1:1669286676;445788:1:1669918420;445506:1:1669286676;446531:1:1669270846;451147:1:1674036929;470673:1:1674289452;410256:1:1674039938;458045:1:1670528140;407100:1:1668246232;446498:1:1671420411;346329:1:1670226206;445081:1:1671894608;465201:1:1674236409;462327:1:1673736144;410254:1:1674926948;320498:1:1674924381;190964:1:1674135009;458498:1:1672536671;446718:1:1674353140;444748:1:1669841678;419323:1:1674028005;419295:1:1674030439;272913:1:1674460051;453839:1:1675063588;458041:1:1670526590;419303:1:1674299014;404163:1:1673226439;389299:1:1673726804;446714:1:1674043083;410252:1:1674308810;419321:1:1674357365;446716:1:1674258987;424443:1:1674359547;450649:1:1674026353;419297:1:1674242325;453831:1:1674872001;468607:1:1674893352;451139:1:1673951585;471728:1:1674871019;446720:1:1673953397;419301:1:1674188761;383700:1:1674900815;424445:1:1675105910;406293:1:1673859446;417177:1:1674123312;456883:1:1671781891;401659:1:1674332133;419299:1:1674258213;469907:1:1674927295;449523:1:1670210030;445499:1:1670164226;398832:1:1672025828;462319:1:1674949690;460384:1:1674927276;451724:1:1669565807;346327:1:1675104100;454815:1:1673736038;453850:1:1671627132;442019:1:1675112111;419293:1:1671780919;460522:1:1675063677;446013:1:1668228435; max-age=1706648112; path=/
kadCSCap=212269:1:1675041317;132751:1:1675084242; path=/
kadASCap=453839:1:1675063588;424445:1:1675105910;346327:1:1675104100;460522:1:1675063677;442019:1:1675112111; path=/
kadRPixJ=bnVsbA==; max-age=1706648112; path=/
kadUnP3=CAkQ0oPfngYaDQioiJcCEAEYzbjfngYaDQirgJoCEAMY0oPfngYaDQjwo5oCEAEYpOLdngYaCwi1CBADGJb03Z4GGg0I85T+ARABGMid4J4GGg0I9oj/ARACGNad4J4GIgoIAxAJGNKD354GKgwIuI4lEAIY1p3gngYqDAikkygQARjNuN+eBioMCMjCKBADGNKD354GKgwIyMYoEAEYpOLdngYqCwjpAhADGJb03Z4GKgwIt44lEAEYyJ3gngY=; max-age=1706648112; path=/
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
promo.worldofwarships.eu/glows-34505/eu-no/[https://www.kdukvh.com/u?cid=1556435&oid=[unique_id]&type=415647&item1=EU&amt1=0&qty1=[item_quantity]&dcnt1=[item_discount_amount]&discount=[order_discount_amount]&coupon=[voucher_code]¤cy=EUR&CJEVENT=(event_ID)&method=IMG|https://www.kdukvh.com/u?cid=1556435&oid=%5bunique_id%5d&type=415647&item1=%5bitem_id%5d&amt1=0&qty1=%5bitem_quantity%5d&dcnt1=%5bitem_discount_amount%5d&discount=%5border_discount_amount%5d&coupon=%5bvoucher_code%5d¤cy=EUR&CJEVENT=(event_ID)&method=IMG]
185.244.209.62403 Forbidden 0 B URL HTTP/2 promo.worldofwarships.eu/glows-34505/eu-no/[https://www.kdukvh.com/u?cid=1556435&oid=[unique_id]&type=415647&item1=EU&amt1=0&qty1=[item_quantity]&dcnt1=[item_discount_amount]&discount=[order_discount_amount]&coupon=[voucher_code]¤cy=EUR&CJEVENT=(event_ID)&method=IMG|https://www.kdukvh.com/u?cid=1556435&oid=%5bunique_id%5d&type=415647&item1=%5bitem_id%5d&amt1=0&qty1=%5bitem_quantity%5d&dcnt1=%5bitem_discount_amount%5d&discount=%5border_discount_amount%5d&coupon=%5bvoucher_code%5d¤cy=EUR&CJEVENT=(event_ID)&method=IMG]
IP 185.244.209.62:0
ASN #58286 Electric-IT Business S.R.L.
GET /glows-34505/eu-no/[https://www.kdukvh.com/u?cid=1556435&oid=[unique_id]&type=415647&item1=EU&amt1=0&qty1=[item_quantity]&dcnt1=[item_discount_amount]&discount=[order_discount_amount]&coupon=[voucher_code]¤cy=EUR&CJEVENT=(event_ID)&method=IMG|https://www.kdukvh.com/u?cid=1556435&oid=%5bunique_id%5d&type=415647&item1=%5bitem_id%5d&amt1=0&qty1=%5bitem_quantity%5d&dcnt1=%5bitem_discount_amount%5d&discount=%5border_discount_amount%5d&coupon=%5bvoucher_code%5d¤cy=EUR&CJEVENT=(event_ID)&method=IMG] HTTP/1.1
Host: promo.worldofwarships.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/glows-34505/eu-no/?t=1&pub_id=1287&xid=63d82eb033512b000195947f&xid_param1=E2Z6DGBJ6R&xid_param_2=&sid=SIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz&enctid=cq5toowp5ux8&lpsn=WOWS+TMPLT1+CODE+BOOM+global+WITH+BONUS+SUBTITLE&foris=1&teclient=1675112112479458421&utm_source=wlap&utm_medium=affiliate&utm_campaign=8q4rzvm7&utm_content=1287
Cookie: _gcl_au=1.1.593899321.1675112127; _rdt_uuid=1675112127537.9fbd2f5a-2b8b-4816-9a58-068e32f2087e; _ym_uid=1675112128291709993; _ym_d=1675112128; OptanonConsent=isGpcEnabled=0&datestamp=Mon+Jan+30+2023+20%3A55%3A28+GMT%2B0000+(Coordinated+Universal+Time)&version=202211.1.0&isIABGlobal=false&hosts=&consentId=522cf963-d5a3-404c-b984-40ec4d11ba36&interactionCount=0&landingPath=https%3A%2F%2Fpromo.worldofwarships.eu%2Fglows-34505%2Feu-no%2F%3Ft%3D1%26pub_id%3D1287%26xid%3D63d82eb033512b000195947f%26xid_param1%3DE2Z6DGBJ6R%26xid_param_2%3D%26sid%3DSIDHqWyS9w3tTbzurizqlASIZ26tsw-8F1JCYAb2b2bDzPwHFLeOHCDEYehnQx8SsjcNnxszqthfMeHJYnUX2sdTwDP_3jm9EfpOImPs4fdKaGmKJMyZ6anmHbu5AgzLM19hk2Kliv2mwPz%26enctid%3Dcq5toowp5ux8%26lpsn%3DWOWS+TMPLT1+CODE+BOOM+global+WITH+BONUS+SUBTITLE%26foris%3D1%26teclient%3D1675112112479458421%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3D8q4rzvm7%26utm_content%3D1287&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0; _ym_visorc=b; _ym_isad=2; _ts_yjad=1675112128930
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: nginx
date: Mon, 30 Jan 2023 20:55:16 GMT
content-type: application/xml
x-amz-request-id: tx00000000000000194d2af-0063d82eb4-1cec7918-ed1
cache: MISS
x-id: osix-up-gc4
content-encoding: gzip
X-Firefox-Spdy: h2
promo-cdn.worldofwarships.com/glows-34505/src/scripts/script.js
185.244.209.62200 OK 0 B URL HTTP/2 promo-cdn.worldofwarships.com/glows-34505/src/scripts/script.js
IP 185.244.209.62:0
ASN #58286 Electric-IT Business S.R.L.
GET /glows-34505/src/scripts/script.js HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:55:12 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 22 Nov 2022 10:14:28 GMT
etag: W/"eab843ce65c0521f3d120a4b09548b66"
x-amz-request-id: tx0000000000000000ef6a3-0063c1a0b8-1dbe6ac5-ed1
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-01-29T19:53:22+00:00
x-id: osix-up-gc4
content-encoding: gzip
X-Firefox-Spdy: h2