r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16620
Expires: Wed, 30 Nov 2022 13:12:47 GMT
Date: Wed, 30 Nov 2022 08:35:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3494
Expires: Wed, 30 Nov 2022 09:34:01 GMT
Date: Wed, 30 Nov 2022 08:35:47 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2044
Cache-Control: max-age=95368
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:35:47 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 11:05:15 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
alukejtiyyxemmefvnum7360369215.blogspot.com/heatwell
142.250.74.33301 Moved Permanently 203 B URL HTTP/1.1 alukejtiyyxemmefvnum7360369215.blogspot.com/heatwell
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash e10261a34347c8c7efd919d04cf6db1d
dc1e2fdc8ffdf2f52da5d6d3fa0f205d62e9642f
d63cd061a9d809c5cc3514f1ba54704429df9c30024e677ab0d268f90009a19e
GET /heatwell HTTP/1.1
Host: alukejtiyyxemmefvnum7360369215.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://alukejtiyyxemmefvnum7360369215.blogspot.com/heatwell
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Wed, 30 Nov 2022 08:35:47 GMT
Expires: Wed, 30 Nov 2022 08:35:47 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 203
Server: GSE
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: DTjh24t7UF/t7kvdaf1YhCfkgnfNbGll7wAOobCGBHJFtT+Uwe0zqbspQWT7ttoIhwAVhHMT7nU=
x-amz-request-id: 2BT0KNSZKC9B1JD4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 07:45:08 GMT
age: 3039
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 08:18:00 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1067
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8c7740729b3e689d0f033aae372325c2
c6daa75cb90188534367ab0a3ef263a7f8b15ff8
077d3bf6932d231023142ad1deb36203e7f59f0fa3e3838f56852c781b1b959c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:35:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 08:35:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 08:11:14 GMT
cache-control: public,max-age=3600
age: 1474
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8c7740729b3e689d0f033aae372325c2
c6daa75cb90188534367ab0a3ef263a7f8b15ff8
077d3bf6932d231023142ad1deb36203e7f59f0fa3e3838f56852c781b1b959c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:35:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2032
Cache-Control: max-age=90292
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:35:48 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 09:40:40 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.191.251.76101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.191.251.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AWLxJiAKaBneq8jEs43mtA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MN4F6mIwpFscgiuL5Xi8SHDRpFI=
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash e1ff5433e6be8a9f371037cbaa341701
36ca5bf04693acc6c4ef60ac08fdc7edf30fd3ec
74fe87689cc672ae3477db2a86c672103c2b6ad42dd5bea80005e8cbda34a06c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 08:35:49 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 03:52:24 GMT
Expires: Sun, 04 Dec 2022 03:52:23 GMT
Etag: "36ca5bf04693acc6c4ef60ac08fdc7edf30fd3ec"
Cache-Control: max-age=327993,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77224076dbc8b51d-OSL
tikiz.shop/heatwell
198.54.126.24301 Moved Permanently 0 B IP 198.54.126.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /heatwell HTTP/1.1
Host: tikiz.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alukejtiyyxemmefvnum7360369215.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://tikiz.shop/heatwell/
x-litespeed-cache: hit
content-length: 0
date: Wed, 30 Nov 2022 08:35:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
tikiz.shop/heatwell/
198.54.126.24301 Moved Permanently 0 B IP 198.54.126.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /heatwell/ HTTP/1.1
Host: tikiz.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alukejtiyyxemmefvnum7360369215.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://thebestofferx.shop/heatwellshop/en/presale.html
x-litespeed-cache: hit
content-length: 0
date: Wed, 30 Nov 2022 08:35:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13682
Expires: Wed, 30 Nov 2022 12:23:52 GMT
Date: Wed, 30 Nov 2022 08:35:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13682
Expires: Wed, 30 Nov 2022 12:23:52 GMT
Date: Wed, 30 Nov 2022 08:35:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13682
Expires: Wed, 30 Nov 2022 12:23:52 GMT
Date: Wed, 30 Nov 2022 08:35:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CJiSRzIK7-rQE81gaP2We0LhgKX1YmuJKEGYEqW34Bm1KMx6NB8yhQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 23:32:45 GMT
age: 32585
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qftF-GQkcjKTs30KMGCTDymw2SVSXeAYKGNWUnaMfvIb8HjtfHUx8A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:46 GMT
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
age: 39064
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9e135c29a8769eb12ef8c26f99097400
87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d
ce41ff79c382efc54aa2fd3ab64293d2d2b706a7f21585f4bd8bbcd9a3566126
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7971
x-amzn-requestid: e47d10e4-2b60-4998-b5fa-5b145e60aac2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhgWHgGoAMFcLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c68-5b9710a07b0a59730e73dce4;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OURSF_raDXrHV3-3ScaEdorNpW9ZKSIQjv6WUCQYHhruGz372BU_QA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:11:32 GMT
age: 37458
etag: "87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48df8a6f-5803-4ce0-ab84-1efc8ca3e251.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48df8a6f-5803-4ce0-ab84-1efc8ca3e251.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8825a2c5c0d98323f489e0b816b7f1d8
05f46985ea4ace57460120876da8e19db08857b3
1d12590a78b32146d6f1d107fb93bdb6cb45228d15babd087c0111495d7138e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48df8a6f-5803-4ce0-ab84-1efc8ca3e251.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8885
x-amzn-requestid: 67e1ba67-b4fb-42c8-985d-f34164101c7b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhIGGtloAMFxjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bcd-295995bb1123430c55659fe3;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: d64lSE184IwrwZKVC8KOUINEBclth9b7xRGV9T1uNfAptgXz0bxKhw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:14:25 GMT
age: 37285
etag: "05f46985ea4ace57460120876da8e19db08857b3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bad627-8bb4-4de1-a2da-92da8f9ec614.webp
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bad627-8bb4-4de1-a2da-92da8f9ec614.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 536cd283dee06cf1ceb9e15e4850db92
47aafca572d34f9726a0174ac902178556e581d8
63a5acf87962da6656f828422545af0ccc0888f0a2a15ebd2160ffb3714e6241
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bad627-8bb4-4de1-a2da-92da8f9ec614.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7658
x-amzn-requestid: e729e5b6-0c92-4ed3-b449-4a30d5bb4b89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEyEQSIAMFWsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1e-1bba7e9a2d15d66779b1896c;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AuN9hTb4YydNZjvpnTGyE313wl-O3F_p4jC_NUSe8kr3RB_4AjOEMw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:09 GMT
age: 38381
etag: "47aafca572d34f9726a0174ac902178556e581d8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29e8368b-e5a8-4256-a456-b724e13819e4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29e8368b-e5a8-4256-a456-b724e13819e4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f621857774e4b4adda95f58081644859
639165dc66d171b8266f22cd495181427112bc80
341fd33d3d9486079c182d60e21c355244b6597e6e09ba51ecee2e331b38ca2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29e8368b-e5a8-4256-a456-b724e13819e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10068
x-amzn-requestid: 7f386e94-3c17-44a1-a36b-3d0eeff4623d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEQQoAMFihA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-5069acfd038ffb2c124b7bd8;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ec2HkhHmHE2ddGBpLsJ5Rn7SCMjyR5kzaTyrguDoI9xOohgsCi08CQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:26 GMT
age: 39084
etag: "639165dc66d171b8266f22cd495181427112bc80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 99a150855c0357c53e3dc6dc85d7d6ba
df35145717b5c0205d1c6a47d2c37989cb3130d6
3bfe3f10d5245c22baced21d0e4a101bdddc5aa84b4aec12241973f143c29ff7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 08:35:50 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 02:50:25 GMT
Expires: Wed, 07 Dec 2022 02:50:24 GMT
Etag: "df35145717b5c0205d1c6a47d2c37989cb3130d6"
Cache-Control: max-age=583473,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772240802ef9b51d-OSL
thebestofferx.shop/heatwellshop/en/presale.html
198.54.120.24200 OK 14 kB URL HTTP/2 thebestofferx.shop/heatwellshop/en/presale.html
IP 198.54.120.24:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (56171)
Hash a0654cb6f53339818f8fc33e52d58855
8f9da6d91b8e281d6cb5f6265ca1ddd2766bff82
c1d955cb150f2dc17f9e45666b980726b1e9f44814d759986955d7a8cacf7820
GET /heatwellshop/en/presale.html HTTP/1.1
Host: thebestofferx.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alukejtiyyxemmefvnum7360369215.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
last-modified: Thu, 03 Nov 2022 21:28:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 14315
date: Wed, 30 Nov 2022 08:35:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:35:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:35:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
thebestofferx.shop/heatwellshop/en/assets/js/modernizr-custome4c3.js?v=1666085607204
198.54.120.24200 OK 1.6 kB URL HTTP/2 thebestofferx.shop/heatwellshop/en/assets/js/modernizr-custome4c3.js?v=1666085607204
IP 198.54.120.24:0
File type ASCII text, with very long lines (4277)
Hash 9c74f2e5dc813498595bc50eee6265d0
086ce2e94c15ceabde6a1b47bf0df1f9566172c2
dac9d5fc489299c2e574e47789aaa4100703e29132dd696cb23f07516398504c
GET /heatwellshop/en/assets/js/modernizr-custome4c3.js?v=1666085607204 HTTP/1.1
Host: thebestofferx.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 08:35:51 GMT
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 13:54:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1552
date: Wed, 30 Nov 2022 08:35:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
thebestofferx.shop/heatwellshop/en/assets/js/jquery-3.4.1.mine4c3.js?v=1666085607204
198.54.120.24200 OK 30 kB URL HTTP/2 thebestofferx.shop/heatwellshop/en/assets/js/jquery-3.4.1.mine4c3.js?v=1666085607204
IP 198.54.120.24:0
File type ASCII text, with very long lines (65451)
Hash fb2fa79a9c7027aa0e9dd8b23a607d29
1f254951fbbbf3490feef1a8eb28d1cdb1c35258
d43f300aa3d25a8f356e19496df590a60a2e23c09d4d768c40fc68a9ad1c96b6
GET /heatwellshop/en/assets/js/jquery-3.4.1.mine4c3.js?v=1666085607204 HTTP/1.1
Host: thebestofferx.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 08:35:51 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 19:28:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30047
date: Wed, 30 Nov 2022 08:35:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
thebestofferx.shop/heatwellshop/en/assets/js/blazy.mine4c3.js?v=1666085607204
198.54.120.24200 OK 1.9 kB URL HTTP/2 thebestofferx.shop/heatwellshop/en/assets/js/blazy.mine4c3.js?v=1666085607204
IP 198.54.120.24:0
File type ASCII text, with very long lines (4991)
Hash f40399ebe2ac5cde650cdf5db17c30cd
91d3f734596f0ff6b5c22974383e3951d37f2590
82c12bac3b3114555a894d18fc9edfc4a43c7ed4f27ca7910eb8262987172455
GET /heatwellshop/en/assets/js/blazy.mine4c3.js?v=1666085607204 HTTP/1.1
Host: thebestofferx.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 08:35:51 GMT
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 13:54:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1886
date: Wed, 30 Nov 2022 08:35:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
thebestofferx.shop/heatwellshop/en/assets/js/ctrwowUtils-v2.10.0.mine4c3.js?v=1666085607204
198.54.120.24200 OK 11 kB URL HTTP/2 thebestofferx.shop/heatwellshop/en/assets/js/ctrwowUtils-v2.10.0.mine4c3.js?v=1666085607204
IP 198.54.120.24:0
File type ASCII text, with very long lines (34825), with no line terminators
Hash 771daf4ffb50fb645b9695ab87871b99
383490df1fef483db04f6ada04431abf5d062220
04f9519c67d1cf649d1248a89662f4a22ea7a4563f671c1f09a0fc39f63382a0
GET /heatwellshop/en/assets/js/ctrwowUtils-v2.10.0.mine4c3.js?v=1666085607204 HTTP/1.1
Host: thebestofferx.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 08:35:51 GMT
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 13:54:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10702
date: Wed, 30 Nov 2022 08:35:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
thebestofferx.shop/heatwellshop/en/assets/css/presale-1e4c3.css?v=1666085607204
198.54.120.24200 OK 4.2 kB URL HTTP/2 thebestofferx.shop/heatwellshop/en/assets/css/presale-1e4c3.css?v=1666085607204
IP 198.54.120.24:0
File type ASCII text, with very long lines (22999), with no line terminators
Hash 04eb3aa9db90c6361c7413bfc67c3107
93db43a18cf24c6fe1d02c5471bb4cc7f08d25c4
03e72c99ad5bb0a8f36ce03711d84285be23541d1e2c8730b379b89681dc8eb2
GET /heatwellshop/en/assets/css/presale-1e4c3.css?v=1666085607204 HTTP/1.1
Host: thebestofferx.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 08:35:51 GMT
content-type: text/css
last-modified: Tue, 18 Oct 2022 20:34:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4195
date: Wed, 30 Nov 2022 08:35:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
thebestofferx.shop/heatwellshop/en/assets/js/CTR_FP_TRACKING-v2.7.0.mine4c3.js?v=1666085607204
198.54.120.24200 OK 13 kB URL HTTP/2 thebestofferx.shop/heatwellshop/en/assets/js/CTR_FP_TRACKING-v2.7.0.mine4c3.js?v=1666085607204
IP 198.54.120.24:0
File type ASCII text, with very long lines (48812), with no line terminators
Hash 98b0290391715d703fce6572e08ae88c
1e66a91bf6f13b5a7d4c6acc3677f3a786565454
162cdc90b6c8d80d3a538637e26aa204670849219415526bbc276add43a3a88a
GET /heatwellshop/en/assets/js/CTR_FP_TRACKING-v2.7.0.mine4c3.js?v=1666085607204 HTTP/1.1
Host: thebestofferx.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 08:35:51 GMT
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 13:54:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 13292
date: Wed, 30 Nov 2022 08:35:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:35:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thebestofferx.shop
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 05:42:51 GMT
expires: Fri, 24 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 528780
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:35:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
thebestofferx.shop/heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/6770408f-524d-4080-bdef-397ab4c5d57d/1.jpg.webp
198.54.120.24200 OK 33 kB URL HTTP/2 thebestofferx.shop/heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/6770408f-524d-4080-bdef-397ab4c5d57d/1.jpg.webp
IP 198.54.120.24:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 730x457, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f9f203a540537087c75368474399701b
64ec0becee7c82fda3c40106fcba612e30017cad
bc301cc816e8d9f38449d13a5435c04c15c3ecfcba72017cb8af9b22d81111df
GET /heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/6770408f-524d-4080-bdef-397ab4c5d57d/1.jpg.webp HTTP/1.1
Host: thebestofferx.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 08:35:51 GMT
content-type: image/webp
last-modified: Thu, 03 Nov 2022 00:35:00 GMT
accept-ranges: bytes
content-length: 32562
date: Wed, 30 Nov 2022 08:35:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
thebestofferx.shop/d16hdrba6dusey.cloudfront.net/sitecommon/js/components/blueshift_wow_v13860.js?v=1
198.54.120.24404 Not Found 1.2 kB URL HTTP/2 thebestofferx.shop/d16hdrba6dusey.cloudfront.net/sitecommon/js/components/blueshift_wow_v13860.js?v=1
IP 198.54.120.24:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /d16hdrba6dusey.cloudfront.net/sitecommon/js/components/blueshift_wow_v13860.js?v=1 HTTP/1.1
Host: thebestofferx.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Wed, 30 Nov 2022 08:35:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
thebestofferx.shop/heatwellshop/en/assets/js/presale-1e4c3.js?v=1666085607204
198.54.120.24200 OK 4.2 kB URL HTTP/2 thebestofferx.shop/heatwellshop/en/assets/js/presale-1e4c3.js?v=1666085607204
IP 198.54.120.24:0
File type ASCII text, with very long lines (13830)
Hash 350d73b5b728ef33215d3381058cd95f
1e484f9e961acc5a38547a96c2865e2c9ef0b856
620e2407ad25caa12ef2e26ff8fadccf0a4ca04dbeb45e72bbc06f255f12ec65
GET /heatwellshop/en/assets/js/presale-1e4c3.js?v=1666085607204 HTTP/1.1
Host: thebestofferx.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 08:35:51 GMT
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 20:34:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4238
date: Wed, 30 Nov 2022 08:35:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 33f732b4dfbd5fb3ed7345eba2896fe6
2652f214cf7127302cc65b1d4e42f48a80907d5d
904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:35:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-5W4SPMQ
172.217.21.168200 OK 89 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-5W4SPMQ
IP 172.217.21.168:0
File type ASCII text, with very long lines (63044)
Hash 80a6847d52bc5cba1c69b79646d08b71
6d45ae0dc112b6d01fb47d2aa370c7b186ccf1ef
ea6790bf7e38267ae41417f8dc08d27ee15e62a9c4dc1855cc6352ae6444d0e8
GET /gtm.js?id=GTM-5W4SPMQ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 08:35:51 GMT
expires: Wed, 30 Nov 2022 08:35:51 GMT
cache-control: private, max-age=900
last-modified: Wed, 30 Nov 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88750
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 33f732b4dfbd5fb3ed7345eba2896fe6
2652f214cf7127302cc65b1d4e42f48a80907d5d
904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 08:35:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap
142.250.74.106200 OK 80 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap
IP 142.250.74.106:0
Hash 1de111f52c219f0396cfcf4b80751e0d
558348ddb3bbfe75b725e2a9c79908bcd2e762c4
d7603336f10e3d5e66277243b33b81ce0236ef527c3fc25556b57bdfe7440c82
GET /css?family=Open+Sans:300,400,600,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 08:35:51 GMT
date: Wed, 30 Nov 2022 08:35:51 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
thebestofferx.shop/heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/46c27627-d9c0-4583-84af-af37a2ccefee/avenir-next-regular.ttf
198.54.120.24200 OK 80 kB URL HTTP/2 thebestofferx.shop/heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/46c27627-d9c0-4583-84af-af37a2ccefee/avenir-next-regular.ttf
IP 198.54.120.24:0
File type TrueType Font data, 15 tables, 1st "FFTM", 30 names, Macintosh\012- data
Hash 1c25c8052b1b35bcf1548f1ce8d28a60
b54e3935ef9882bfb6f3880a5077266d979d0987
2d62d3f3b86d29eee4b34c86178b1283e349c220913b81e3a99c8d091e99323b
GET /heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/46c27627-d9c0-4583-84af-af37a2ccefee/avenir-next-regular.ttf HTTP/1.1
Host: thebestofferx.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 08:35:51 GMT
content-type: font/ttf
last-modified: Thu, 27 Oct 2022 13:57:46 GMT
accept-ranges: bytes
content-length: 79484
date: Wed, 30 Nov 2022 08:35:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
thebestofferx.shop/heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/cff1c68d-d98b-4dc9-a0eb-21b543745b86/avenir-next-demi.ttf
198.54.120.24200 OK 81 kB URL HTTP/2 thebestofferx.shop/heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/cff1c68d-d98b-4dc9-a0eb-21b543745b86/avenir-next-demi.ttf
IP 198.54.120.24:0
File type TrueType Font data, 15 tables, 1st "FFTM", 32 names, Macintosh\012- data
Hash 18c0b77e664800698055afd9a2a96039
88e4fe55959fe7396caf1bdb74234bb1b4261bde
debd123b89383ea6bf80946b177506f744d3ba673169bf480dee212c05627015
GET /heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/cff1c68d-d98b-4dc9-a0eb-21b543745b86/avenir-next-demi.ttf HTTP/1.1
Host: thebestofferx.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 08:35:51 GMT
content-type: font/ttf
last-modified: Wed, 02 Nov 2022 19:29:56 GMT
accept-ranges: bytes
content-length: 80552
date: Wed, 30 Nov 2022 08:35:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
thebestofferx.shop/heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/167a5eb4-38cc-4e8d-bd65-3f492bcdf04d/side.jpg.webp
198.54.120.24200 OK 19 kB URL HTTP/2 thebestofferx.shop/heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/167a5eb4-38cc-4e8d-bd65-3f492bcdf04d/side.jpg.webp
IP 198.54.120.24:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 475bc3565e00d8b83959290cba0a3306
44ee9515b50372e0e0a995d4d44e641f93db8ed5
f50da356c5b9f1e9869a99dcd1f5f46042cf16d5093c33878b7f53fd16282de4
GET /heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/167a5eb4-38cc-4e8d-bd65-3f492bcdf04d/side.jpg.webp HTTP/1.1
Host: thebestofferx.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 08:35:51 GMT
content-type: image/webp
last-modified: Thu, 03 Nov 2022 00:34:24 GMT
accept-ranges: bytes
content-length: 19012
date: Wed, 30 Nov 2022 08:35:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
thebestofferx.shop/heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/204e7a98-f905-4543-9992-b3a1383ec3b6/logo.png.webp
198.54.120.24200 OK 2.8 kB URL HTTP/2 thebestofferx.shop/heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/204e7a98-f905-4543-9992-b3a1383ec3b6/logo.png.webp
IP 198.54.120.24:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 0098bfb22b2000f5af0d760bcfd0a307
65a3fcf3e75da9fbb73a98fae564fd1f129a2c1f
a7b5bad86da94d612be69cd189552d48cd5e77adc9e58691cc0c12f9ff3811e2
GET /heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/204e7a98-f905-4543-9992-b3a1383ec3b6/logo.png.webp HTTP/1.1
Host: thebestofferx.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 08:35:51 GMT
content-type: image/webp
last-modified: Thu, 03 Nov 2022 00:33:36 GMT
accept-ranges: bytes
content-length: 2820
date: Wed, 30 Nov 2022 08:35:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
thebestofferx.shop/heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/bf18bc55-581e-4fc4-9c54-426cdfb4be8d/shape-1-.png.webp
198.54.120.24404 Not Found 1.2 kB URL HTTP/2 thebestofferx.shop/heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/bf18bc55-581e-4fc4-9c54-426cdfb4be8d/shape-1-.png.webp
IP 198.54.120.24:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/bf18bc55-581e-4fc4-9c54-426cdfb4be8d/shape-1-.png.webp HTTP/1.1
Host: thebestofferx.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Wed, 30 Nov 2022 08:35:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 53b6cbe24a22f9bcbc59c746a42b1c4b
875536daf789f3b5e390455ad09b335f55974dd3
44654a08378bd30511cb1da92c63d3c413f4c71f715895b1fed414a381d29bba
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 30 Nov 2022 08:35:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 29 Nov 2022 20:27:22 GMT
Expires: Wed, 30 Nov 2022 20:27:22 GMT
ETag: "875536daf789f3b5e390455ad09b335f55974dd3"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
thebestofferx.shop/heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/cee6e83b-3eea-4920-90b4-765d04bbc7fc/favicon-2259852a-6926-4536-962f-0739fc1088ab.ico
198.54.120.24200 OK 1.2 kB URL HTTP/2 thebestofferx.shop/heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/cee6e83b-3eea-4920-90b4-765d04bbc7fc/favicon-2259852a-6926-4536-962f-0739fc1088ab.ico
IP 198.54.120.24:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 3694ff48f7c02658640efb606986ef29
0981297f906ad19ab4cbeb2e5a4c5497aa250e0e
25ddba2a7a49cf269dc3a81be6b32d43f002485989217aaece9c7dbcc379e78f
GET /heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/cee6e83b-3eea-4920-90b4-765d04bbc7fc/favicon-2259852a-6926-4536-962f-0739fc1088ab.ico HTTP/1.1
Host: thebestofferx.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Cookie: _gcl_au=1.1.1314944593.1669797351
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 08:35:52 GMT
content-type: image/x-icon
last-modified: Wed, 02 Nov 2022 19:29:36 GMT
accept-ranges: bytes
content-length: 1150
date: Wed, 30 Nov 2022 08:35:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
thebestofferx.shop/heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/bf18bc55-581e-4fc4-9c54-426cdfb4be8d/shape-1-.png.webp
198.54.120.24404 Not Found 1.2 kB URL HTTP/2 thebestofferx.shop/heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/bf18bc55-581e-4fc4-9c54-426cdfb4be8d/shape-1-.png.webp
IP 198.54.120.24:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/bf18bc55-581e-4fc4-9c54-426cdfb4be8d/shape-1-.png.webp HTTP/1.1
Host: thebestofferx.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Cookie: _gcl_au=1.1.1314944593.1669797351
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Wed, 30 Nov 2022 08:35:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-9454684c2416a20a97e3b657cc9f41a4.js
34.96.102.137200 OK 49 kB URL HTTP/2 dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-9454684c2416a20a97e3b657cc9f41a4.js
IP 34.96.102.137:0
File type ASCII text, with very long lines (47951)
Hash 31fdeb2b6bd1d05d76cfef328ee5482c
03f3e7dad3e28ad1a54c5ad95aed96875361cea1
832d771744a431cd28a7f94899e0e89428ddb9d20e72b203d40d75c034151260
GET /web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-9454684c2416a20a97e3b657cc9f41a4.js HTTP/1.1
Host: dev.visualwebsiteoptimizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thebestofferx.shop
Connection: keep-alive
Referer: https://thebestofferx.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 08:35:52 GMT
content-type: text/javascript; charset=UTF-8
content-length: 49370
last-modified: Wed, 30 Nov 2022 08:31:55 GMT
content-encoding: br
etag: "638714fb-c0da"
server: gams1
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dev.visualwebsiteoptimizer.com/j.php?a=463962&u=https%3A%2F%2Fthebestofferx.shop%2Fheatwellshop%2Fen%2Fpresale.html&f=1&r=0.49254439299076813
34.96.102.137200 OK 3.9 kB URL HTTP/2 dev.visualwebsiteoptimizer.com/j.php?a=463962&u=https%3A%2F%2Fthebestofferx.shop%2Fheatwellshop%2Fen%2Fpresale.html&f=1&r=0.49254439299076813
IP 34.96.102.137:0
Hash fb6826ff465fbfd8fb6d1dffffb41beb
b999b5793a9bacfd69db905a748e74266019564b
564bc7b5a3bc318440a94d13ff249ab6b10aed837a4fe0ad984012e2b8ea5511
GET /j.php?a=463962&u=https%3A%2F%2Fthebestofferx.shop%2Fheatwellshop%2Fen%2Fpresale.html&f=1&r=0.49254439299076813 HTTP/1.1
Host: dev.visualwebsiteoptimizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 08:35:52 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=0, no-cache, must-revalidate
etag: W/"1669797138"
server: gams1
timing-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dev.visualwebsiteoptimizer.com/settings.js?a=463962&settings_type=1&vn=7.0&exc=1663
34.96.102.137200 OK 6.6 kB URL HTTP/2 dev.visualwebsiteoptimizer.com/settings.js?a=463962&settings_type=1&vn=7.0&exc=1663
IP 34.96.102.137:0
Hash 1972020b7520b31b6bc0c6602a45f56f
6c5abb401e0bd77254b913d6d0075c03627f9ee3
e11e1ef45fb376d15e4520b25b1baa4e8f92bf954ff9544de6fbec748e45f87c
GET /settings.js?a=463962&settings_type=1&vn=7.0&exc=1663 HTTP/1.1
Host: dev.visualwebsiteoptimizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 08:35:52 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
etag: W/"1669797138"
server: gams1
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
thebestofferx.shop/heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/bf18bc55-581e-4fc4-9c54-426cdfb4be8d/shape-1-.png.webp
198.54.120.24404 Not Found 1.2 kB URL HTTP/2 thebestofferx.shop/heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/bf18bc55-581e-4fc4-9c54-426cdfb4be8d/shape-1-.png.webp
IP 198.54.120.24:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/bf18bc55-581e-4fc4-9c54-426cdfb4be8d/shape-1-.png.webp HTTP/1.1
Host: thebestofferx.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Cookie: _gcl_au=1.1.1314944593.1669797351; _clck=1l23ewc|1|f70|0; _vwo_uuid_v2=D074F54EB085344958418B74EDA2296AB|3982d22439f44699d74214aea6be90e6; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _vwo_uuid=D074F54EB085344958418B74EDA2296AB; _vwo_ds=3%241669797352%3A21.05407041%3A%3A; _vwo_sn=0%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Wed, 30 Nov 2022 08:35:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=BDEA9353BBF64C99A4DE6495CD9AAA3E&RedC=c.clarity.ms&MXFR=29384169D880634A38B25305DC806D71
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=29384169D880634A38B25305DC806D71; domain=.clarity.ms; expires=Mon, 25-Dec-2023 08:35:53 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Wed, 30 Nov 2022 08:35:52 GMT
content-length: 0
X-Firefox-Spdy: h2
thebestofferx.shop/heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/bf18bc55-581e-4fc4-9c54-426cdfb4be8d/shape-1-.png.webp
198.54.120.24404 Not Found 1.2 kB URL HTTP/2 thebestofferx.shop/heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/bf18bc55-581e-4fc4-9c54-426cdfb4be8d/shape-1-.png.webp
IP 198.54.120.24:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/bf18bc55-581e-4fc4-9c54-426cdfb4be8d/shape-1-.png.webp HTTP/1.1
Host: thebestofferx.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Cookie: _gcl_au=1.1.1314944593.1669797351; _clck=1l23ewc|1|f70|0; _vwo_uuid_v2=D074F54EB085344958418B74EDA2296AB|3982d22439f44699d74214aea6be90e6; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _vwo_uuid=D074F54EB085344958418B74EDA2296AB; _vwo_ds=3%241669797352%3A21.05407041%3A%3A; _vwo_sn=0%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Wed, 30 Nov 2022 08:35:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=BDEA9353BBF64C99A4DE6495CD9AAA3E&RedC=c.clarity.ms&MXFR=29384169D880634A38B25305DC806D71
204.79.197.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=BDEA9353BBF64C99A4DE6495CD9AAA3E&RedC=c.clarity.ms&MXFR=29384169D880634A38B25305DC806D71
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=BDEA9353BBF64C99A4DE6495CD9AAA3E&RedC=c.clarity.ms&MXFR=29384169D880634A38B25305DC806D71 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thebestofferx.shop/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=BDEA9353BBF64C99A4DE6495CD9AAA3E&MUID=0ECE6D6287E96FEF22DA7F0E861C6EC1
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=0ECE6D6287E96FEF22DA7F0E861C6EC1; domain=c.bing.com; expires=Mon, 25-Dec-2023 08:35:53 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1BAFBA80003E42D8B4CEAFF4316EC518 Ref B: OSL30EDGE0116 Ref C: 2022-11-30T08:35:53Z
date: Wed, 30 Nov 2022 08:35:52 GMT
content-length: 0
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=BDEA9353BBF64C99A4DE6495CD9AAA3E&MUID=0ECE6D6287E96FEF22DA7F0E861C6EC1
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=BDEA9353BBF64C99A4DE6495CD9AAA3E&MUID=0ECE6D6287E96FEF22DA7F0E861C6EC1
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=BDEA9353BBF64C99A4DE6495CD9AAA3E&MUID=0ECE6D6287E96FEF22DA7F0E861C6EC1 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thebestofferx.shop/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ranges: bytes
etag: "40db785d3fdfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Wed, 30-Nov-2022 08:45:53 GMT; path=/; SameSite=None; Secure;
date: Wed, 30 Nov 2022 08:35:52 GMT
content-length: 42
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.6.43/clarity.js
13.107.219.53200 OK 18 kB URL HTTP/2 www.clarity.ms/eus2/s/0.6.43/clarity.js
IP 13.107.219.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (55029)
Hash 6d59b47d9560d98259e9f35dce3d09e1
15cb16b12236a8f03d24a6710c024cfd96fc88f5
ab85cb42892169204b435caa21790dbbb9f58961722c33e341163dd1fa8dce4c
GET /eus2/s/0.6.43/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d9026a431ead4c"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-azure-ref-originshield: 0GmSGYwAAAACHRRFoD7tZTpidn8SozRtNQU1TMDRFREdFMTkxNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-azure-ref: 06BWHYwAAAAAV4yIuh1L/T4gT5zjDs7irT1NMMjMxMDUwMjA1MDI1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
date: Wed, 30 Nov 2022 08:35:51 GMT
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 29672
Origin: https://thebestofferx.shop
Connection: keep-alive
Referer: https://thebestofferx.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://thebestofferx.shop
access-control-allow-credentials: true
date: Wed, 30 Nov 2022 08:35:53 GMT
X-Firefox-Spdy: h2
ctrwow-prod-analytics-socketserver.azurewebsites.net/?trackingId=630c4448b06f10107c236678
52.176.5.241101 Switching Protocols 0 B URL HTTP/1.1 ctrwow-prod-analytics-socketserver.azurewebsites.net/?trackingId=630c4448b06f10107c236678
IP 52.176.5.241:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?trackingId=630c4448b06f10107c236678 HTTP/1.1
Host: ctrwow-prod-analytics-socketserver.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://thebestofferx.shop
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZGbCZEWtencG5sRdIiQOSg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Date: Wed, 30 Nov 2022 08:35:54 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: ARRAffinity=b42003c253a6ee92c124bdfad0b2db83fb2ef9906588018364ce2390be8fbedb;Path=/;HttpOnly;Secure;Domain=ctrwow-prod-analytics-socketserver.azurewebsites.net
ARRAffinitySameSite=b42003c253a6ee92c124bdfad0b2db83fb2ef9906588018364ce2390be8fbedb;Path=/;HttpOnly;SameSite=None;Secure;Domain=ctrwow-prod-analytics-socketserver.azurewebsites.net
Upgrade: websocket
Sec-WebSocket-Accept: fR3EybY9FtaI0vzkZ+96hzl9fgs=
Origin: https://thebestofferx.shop
X-Powered-By: ASP.NET
ocsp.starfieldtech.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 53b6cbe24a22f9bcbc59c746a42b1c4b
875536daf789f3b5e390455ad09b335f55974dd3
44654a08378bd30511cb1da92c63d3c413f4c71f715895b1fed414a381d29bba
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 30 Nov 2022 08:35:55 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 29 Nov 2022 20:27:22 GMT
Expires: Wed, 30 Nov 2022 20:27:22 GMT
ETag: "875536daf789f3b5e390455ad09b335f55974dd3"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
alukejtiyyxemmefvnum7360369215.blogspot.com/heatwell
142.250.74.33404 Not Found 0 B URL HTTP/2 alukejtiyyxemmefvnum7360369215.blogspot.com/heatwell
IP 142.250.74.33:0
GET /heatwell HTTP/1.1
Host: alukejtiyyxemmefvnum7360369215.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 30 Nov 2022 08:35:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 15009
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.clarity.ms/tag/ecqx4egfsd?ref=gtm2
13.107.219.53200 OK 0 B URL HTTP/2 www.clarity.ms/tag/ecqx4egfsd?ref=gtm2
IP 13.107.219.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /tag/ecqx4egfsd?ref=gtm2 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=fc1df12b0c224ea1936622566fea3c87.20221130.20231130; expires=Thu, 30 Nov 2023 08:35:52 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-cache: CONFIG_NOCACHE
x-azure-ref: 06BWHYwAAAAATK92iwythSbK01up9rDbNT1NMMjMxMDUwMjA1MDI1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
date: Wed, 30 Nov 2022 08:35:51 GMT
X-Firefox-Spdy: h2
d16hdrba6dusey.cloudfront.net/ctrwow_fp_analytics.min.js
54.230.245.115200 OK 0 B URL HTTP/2 d16hdrba6dusey.cloudfront.net/ctrwow_fp_analytics.min.js
IP 54.230.245.115:0
GET /ctrwow_fp_analytics.min.js HTTP/1.1
Host: d16hdrba6dusey.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 18 Aug 2022 03:14:53 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 30 Nov 2022 08:35:54 GMT
cache-control: max-age=31536000
etag: W/"b3f370ee7e0449a09eac8b3d80b621e7"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wnNqxEIkn5tTZkRLGYZ_bLI1KrcXKBMzP43uIEWPmMoTTp7m1XeZ-g==
X-Firefox-Spdy: h2