xn--tmnas4d-oza.com/
104.21.3.129301 Moved Permanently 0 B IP 104.21.3.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: xn--tmnas4d-oza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 25 Nov 2022 09:45:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 25 Nov 2022 10:45:27 GMT
Location: https://xn--tmnas4d-oza.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e0rprAkQJdzjEYcg5jL29%2BLpSUMVMsE3nxgTy1CGvCEs%2FChGdTe9a1BdbbR5vuhvwCjVcSeIyjc8rQ35kyo0NrN8E%2FZXFwxdXji3V7GgB5dUYKTBr0Lw6sNdDuEaeg2wMvR1KEY%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f9739ca8080b31-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10286
Expires: Fri, 25 Nov 2022 12:36:53 GMT
Date: Fri, 25 Nov 2022 09:45:27 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5104
Cache-Control: max-age=94247
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:45:28 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 11:56:15 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 09:19:04 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1584
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3129
Expires: Fri, 25 Nov 2022 10:37:37 GMT
Date: Fri, 25 Nov 2022 09:45:28 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /m81I/z6vPSB/al8/RjuRWnqlpDL56otUvTVXdyiKPj5ikDyApf3zcASP3xj1xUsx1eger+2OQ8=
x-amz-request-id: S48EYA0HN79DF90X
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 09:40:45 GMT
age: 283
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ed76971959ca5bea40f9f11329a89d50
683a7b2265568dd6ecbe1dc220552c6337853d3b
5173974a139c3c8494feb3ef8a0f812995577da4336aa02aeef98bb583803aa4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=147458
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:45:28 GMT
Etag: "63802bba-117"
Expires: Sun, 27 Nov 2022 02:43:06 GMT
Last-Modified: Fri, 25 Nov 2022 02:43:06 GMT
Server: nginx
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 09:11:11 GMT
cache-control: public,max-age=3600
age: 2057
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6043
Cache-Control: max-age=90124
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:45:28 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:47:32 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ed76971959ca5bea40f9f11329a89d50
683a7b2265568dd6ecbe1dc220552c6337853d3b
5173974a139c3c8494feb3ef8a0f812995577da4336aa02aeef98bb583803aa4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=147458
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:45:28 GMT
Etag: "63802bba-117"
Expires: Sun, 27 Nov 2022 02:43:06 GMT
Last-Modified: Fri, 25 Nov 2022 02:43:06 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
push.services.mozilla.com/
54.149.156.115101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.156.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mTytRSzV2ECdPOKyCt7bDg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: cnHnbSx7VngIpymHMes19ez/xEg=
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c9ce459ed4850bf560dcb3826181a875
dd9789c25b00471d713e33e4e671f81f324fa702
7b6b61b361dd9683375f83ea39a38a1bb51b1dacbcf03f648052a7e506b3b331
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1368
Cache-Control: max-age=123280
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:45:28 GMT
Etag: "637fc7f0-117"
Expires: Sat, 26 Nov 2022 20:00:08 GMT
Last-Modified: Thu, 24 Nov 2022 19:37:20 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c9ce459ed4850bf560dcb3826181a875
dd9789c25b00471d713e33e4e671f81f324fa702
7b6b61b361dd9683375f83ea39a38a1bb51b1dacbcf03f648052a7e506b3b331
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1368
Cache-Control: max-age=123280
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:45:28 GMT
Etag: "637fc7f0-117"
Expires: Sat, 26 Nov 2022 20:00:08 GMT
Last-Modified: Thu, 24 Nov 2022 19:37:20 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c9ce459ed4850bf560dcb3826181a875
dd9789c25b00471d713e33e4e671f81f324fa702
7b6b61b361dd9683375f83ea39a38a1bb51b1dacbcf03f648052a7e506b3b331
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1368
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:45:28 GMT
Etag: "637fc7f0-117"
Last-Modified: Fri, 25 Nov 2022 09:22:40 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img.pay4d.info/mobile-sport.png
104.19.139.75200 OK 2.7 kB URL HTTP/2 img.pay4d.info/mobile-sport.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 02a8a80face04e69f3bfa68f686f57bb
61f8a41a95694c27a307199407af513dde0dc43e
d9cd2cc3ba7a11673f072f321e83694c7da5979c0adda00e26de15d9a1f43797
GET /mobile-sport.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 2730
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6408
content-disposition: inline; filename="mobile-sport.webp"
last-modified: Mon, 01 Feb 2021 07:21:49 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a3cda80b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/picrightsport-b.jpg
104.19.139.75200 OK 12 kB URL HTTP/2 img.pay4d.info/picrightsport-b.jpg
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 404x194, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b384a638dc5c10281228cd681469b5db
bf8625ff8f2a683d21cd384f671ce379b9a7c76d
0dc4e717442c9585c855bc2dcaa9d621be9fee18d541f724f0af33b3e57137ff
GET /picrightsport-b.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 11588
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=13092
content-disposition: inline; filename="picrightsport-b.webp"
last-modified: Fri, 04 Nov 2022 13:42:49 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a3cdab0b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/icon-promo_w.png
104.19.139.75200 OK 11 kB URL HTTP/2 img.pay4d.info/icon-promo_w.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 816a4fd40d29c5ba31bb4b9f61c3f540
14db71e41b29ad9701790f2dda8f00a5fc3596f7
0ca698ee7649b886c54c83a5e73dd7c86bfaf1185f41647571aaf0879c64cae3
GET /icon-promo_w.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 11412
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=27663
content-disposition: inline; filename="icon-promo_w.webp"
last-modified: Fri, 13 Nov 2020 07:11:14 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a3cdaf0b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/picright-b.jpg
104.19.139.75200 OK 21 kB URL HTTP/2 img.pay4d.info/picright-b.jpg
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 404x194, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 11b3651cddd57d137ad1f9f632ca7360
7ac7d221ec9c1865dc06138b53fe870e6bccdb97
43c4b555f21c351bdd7b5953b63d93078c02def41fe3b333c85822aaca5bf5ef
GET /picright-b.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 20622
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=24384
content-disposition: inline; filename="picright-b.webp"
last-modified: Fri, 04 Nov 2022 13:42:49 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a3cdad0b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/picleft-b.jpg
104.19.139.75200 OK 12 kB URL HTTP/2 img.pay4d.info/picleft-b.jpg
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 404x194, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ea02b87d5efe916e0d1fd689245bafa9
d515d56084f09ed372c254188e6fd75a74ae5543
1a84b9a6f066b825d388f044e0012bfe7922a9ca9a4400c2fa33cac082bfc91d
GET /picleft-b.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 11550
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=40621
content-disposition: inline; filename="picleft-b.webp"
last-modified: Wed, 23 Nov 2022 11:19:42 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a3cdb30b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/picmid.jpg
104.19.139.75200 OK 34 kB URL HTTP/2 img.pay4d.info/picmid.jpg
IP 104.19.139.75:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 404x194, components 3\012- data
Hash 9ff8825bea0abb9177794729b5932760
9424c5ff2b125bc8d319313875c90c5393183b36
18179e3e611fdec3356c387f78b85ff7201fd7ee6166eb5aff06aa851cbe4b82
GET /picmid.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/jpeg
content-length: 34044
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=36646, status=webp_bigger
last-modified: Fri, 04 Nov 2022 13:42:48 GMT
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f973a3cdb50b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/mobile-slot.png
104.19.139.75200 OK 3.0 kB URL HTTP/2 img.pay4d.info/mobile-slot.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash bd496c55acc5fdb1ebe53c18e7b78a2e
256827a0c6474898129d22b1cfa7fadc88d96b70
414beef5dd52d21ddb304d58eedf9a6503a42523de9f54922c76f567343cdfc3
GET /mobile-slot.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 3002
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6674
content-disposition: inline; filename="mobile-slot.webp"
last-modified: Mon, 01 Feb 2021 07:21:49 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a3cdb70b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/picmid-b.jpg
104.19.139.75200 OK 14 kB URL HTTP/2 img.pay4d.info/picmid-b.jpg
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 404x194, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3c37b7fb71f105f8b8672c66677a0b85
9a507c9d9c2909c55c080df7e4a63ff82c8b357c
51b7b166d8e3ae02de88cb7af8209160e491478c8d00c93900f85e6e7886f716
GET /picmid-b.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 14152
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=15488
content-disposition: inline; filename="picmid-b.webp"
last-modified: Fri, 04 Nov 2022 13:42:48 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a3cdb60b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/mobile-tembakikan.png
104.19.139.75200 OK 2.1 kB URL HTTP/2 img.pay4d.info/mobile-tembakikan.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash bfdeefb05e569edf1028afb65895653c
97478d745112e48f9400eaeab7e84c41c60ceec2
02f0b6b2e6ee24f5bf2774b69109e9f1f0c5d1deafda081ed4c48d62b90ab9dd
GET /mobile-tembakikan.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 2106
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=5201
content-disposition: inline; filename="mobile-tembakikan.webp"
last-modified: Mon, 01 Feb 2021 07:21:49 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a3cdb00b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/kontak/wa.png
104.19.139.75200 OK 378 B URL HTTP/2 img.pay4d.info/kontak/wa.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 18d9883e1a072905361ca73d34a57734
c9dcf63a7866cd530f7615bd220e7ce4e81aad0d
a06f5509e0ed17a2901ee5d71717a549f53e66dbec7607e3944cb418c60688c5
GET /kontak/wa.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 378
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=1628
content-disposition: inline; filename="wa.webp"
last-modified: Mon, 09 Sep 2019 19:19:48 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a3cdbb0b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/mobile-togel.png
104.19.139.75200 OK 2.8 kB URL HTTP/2 img.pay4d.info/mobile-togel.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 24ee8246bf5b00f82e391b3de2c9530d
44b86adefeab3260148aadfa367cf35c602b6761
04ea1ba435c65231d96bea3e735c0bc193beb05f7e921a354ef593dbfd7528fb
GET /mobile-togel.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 2816
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6237
content-disposition: inline; filename="mobile-togel.webp"
last-modified: Mon, 01 Feb 2021 07:21:49 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a3ddc20b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/mobile-casino.png
104.19.139.75200 OK 4.0 kB URL HTTP/2 img.pay4d.info/mobile-casino.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a4ec13dedac773682a95ad0357c883d9
ac08067b8b14c320590fd8e0d9f46fee95c98064
34d33f63decd18d046d7ce1eaa41df45fd546a36c020d1aa2460c68d4e382a05
GET /mobile-casino.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 3982
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=8816
content-disposition: inline; filename="mobile-casino.webp"
last-modified: Mon, 01 Feb 2021 07:21:49 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a3ddc30b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/icon-kontak_w.png
104.19.139.75200 OK 9.0 kB URL HTTP/2 img.pay4d.info/icon-kontak_w.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9076cf659b9af3835b5a25a73a16551f
601f969eb09c00fe344b2b53cacd87573e32d700
72b4cf3cea98074a04121c1249ba5ffd4fe76482863cb6b3de9ecf68914770c2
GET /icon-kontak_w.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 9008
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=20605
content-disposition: inline; filename="icon-kontak_w.webp"
last-modified: Fri, 13 Nov 2020 07:38:15 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a3cdb90b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/slot-prag.png
104.19.139.75200 OK 1.4 kB URL HTTP/2 img.pay4d.info/slot-prag.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 8e7ecdf154298edbc92186de70734ff7
10402bf0a46147d1b1e6e41ded452c24faa6dce6
b13a36e2d82b2cd019af41f40af642d37641573770e11980ecc12e2dce55d713
GET /slot-prag.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 1416
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=5251
content-disposition: inline; filename="slot-prag.webp"
last-modified: Wed, 18 Dec 2019 05:38:15 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a3ddc60b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/slot-pg.png
104.19.139.75200 OK 1.7 kB URL HTTP/2 img.pay4d.info/slot-pg.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 86ec152055228538f1a8f8943f179a97
ef30830c693272695c7cf5f2ac12679c75a2db18
a643c08a5d025958c4499731c62c3cc78663aa9c6bd2d567bbff38b4637b339b
GET /slot-pg.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 1740
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=5084
content-disposition: inline; filename="slot-pg.webp"
last-modified: Tue, 08 Jun 2021 09:18:38 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a3ddc70b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/slot-hab.png
104.19.139.75200 OK 1.9 kB URL HTTP/2 img.pay4d.info/slot-hab.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 158c1eeabbd166126f46035ec5e6d457
83fa7159d10da9989fc9853ee6f96ab57b065e83
11bd40a973e0e088856ced2e923bb0badeb4291c9ea0d11386d9a469817eeda0
GET /slot-hab.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 1888
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=5768
content-disposition: inline; filename="slot-hab.webp"
last-modified: Wed, 18 Dec 2019 05:38:14 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a3ddc80b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/slot-cq9.png
104.19.139.75200 OK 1.2 kB URL HTTP/2 img.pay4d.info/slot-cq9.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c1a383f5c29c2a1abb0146f00f976edd
d044fc1b18c28a0129ef1ffbeba52166614d057e
cef9e6fabf6bc11ddbe76f0abec0e0f7106ba78a0b5499c3c640d82c8a7d6701
GET /slot-cq9.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 1182
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4157
content-disposition: inline; filename="slot-cq9.webp"
last-modified: Wed, 10 Nov 2021 17:01:06 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a3ddca0b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/slot-spad.png
104.19.139.75200 OK 1.3 kB URL HTTP/2 img.pay4d.info/slot-spad.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d6290e499ede13e741045d26dfbd95bf
73a41f0d753bb0843be9bfb147e1999ced0e30d5
ccdb75fdea9558a8454442831c45017f205cd8729bc2f0399b91e1fb2473cd89
GET /slot-spad.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 1258
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4945
content-disposition: inline; filename="slot-spad.webp"
last-modified: Wed, 18 Dec 2019 05:38:16 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a3ddcb0b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/slot-mg.png
104.19.139.75200 OK 1.1 kB URL HTTP/2 img.pay4d.info/slot-mg.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ab217824849c8bc2f05240458ef55574
06b015108c8fc22469d8e5a4c371e6d05c04b624
326039e01fe95c632ec94f34f39b85e61715f2a5abcdb555d937ec140574aa72
GET /slot-mg.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 1092
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4064
content-disposition: inline; filename="slot-mg.webp"
last-modified: Tue, 15 Mar 2022 06:24:42 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a3ddcc0b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/slot-jok.png
104.19.139.75200 OK 2.0 kB URL HTTP/2 img.pay4d.info/slot-jok.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c3d6ce73337d8098402370b95ce184d6
f82824809e6fc6b5bc0696c7dce5942ab17abac5
21cd86f323c17093d4d78ba1e98352a00c8459cb70d1135006cf1de90b0388b3
GET /slot-jok.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 2000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=7983
content-disposition: inline; filename="slot-jok.webp"
last-modified: Wed, 18 Dec 2019 05:38:14 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a3ddcd0b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/slot-ttg.png
104.19.139.75200 OK 356 B URL HTTP/2 img.pay4d.info/slot-ttg.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 3ce52bfdf47ac5aeec429c7d844f8309
20ecca3cdae26598825aca9d3180721585936d76
574449c76cb20fb822d17cec93a25ed069371c78d8f6e9efb0daa4924a411a56
GET /slot-ttg.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 356
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=2467
content-disposition: inline; filename="slot-ttg.webp"
last-modified: Sat, 14 Mar 2020 09:33:42 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a3ddd30b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/live-pp.png
104.19.139.75200 OK 1.4 kB URL HTTP/2 img.pay4d.info/live-pp.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1f1aa38c5a91ca20b6bfdee9245eebc2
5f00a7a39257fc368e3fcaaf0b923f6a9fd49bcf
57d9d0b26be6a4ea6d8894ff8dab03ea2c4400155146d5380281f4a589966e65
GET /live-pp.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 1418
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=7765
content-disposition: inline; filename="live-pp.webp"
last-modified: Fri, 26 Jun 2020 07:51:40 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a3ddd40b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/live-evo.png
104.19.139.75200 OK 1.9 kB URL HTTP/2 img.pay4d.info/live-evo.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5cb96d1f84e38795c3f22b92bc122592
34b8d1a7ec29283b962233ffc9a0dea48ba3a2e4
6c5acbaf9f4b55c013e541f7885469169bb34227ccb554f3501f82fa29c3b3c8
GET /live-evo.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 1866
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=5224
content-disposition: inline; filename="live-evo.webp"
last-modified: Wed, 23 Nov 2022 11:55:02 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a3ddd60b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/picleft.jpg
104.19.139.75200 OK 22 kB URL HTTP/2 img.pay4d.info/picleft.jpg
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 404x194, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2b1bdc85cc48c85f6033c7ddca833b0c
df9589d7051fba1a5c2fd15b81b11f72f24caee0
7e599adfbea9fa50b6139eae70f7ee2214c9a0fd14a718f1d07bfd4b955ae63d
GET /picleft.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 22128
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=26042
content-disposition: inline; filename="picleft.webp"
last-modified: Fri, 04 Nov 2022 13:42:48 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a3cdb10b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/pop/mobile-opus.jpg
104.19.139.75200 OK 30 kB URL HTTP/2 img.pay4d.info/pop/mobile-opus.jpg
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8d191b6393109de875275c79f178e863
89c1f1c6b4968a6d6f1bcb13ce4500f1e7f71711
4c554e5ffc7c633b4e881338c2b83789ada0b84a3083808c4f72368e121edd28
GET /pop/mobile-opus.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 30134
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=61371
content-disposition: inline; filename="mobile-opus.webp"
last-modified: Fri, 25 Nov 2022 06:26:05 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a3ddc40b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/picrightsport.jpg
104.19.139.75200 OK 28 kB URL HTTP/2 img.pay4d.info/picrightsport.jpg
IP 104.19.139.75:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 404x194, components 3\012- data
Hash ebedde0e62ada787a6ccc5cd81ba82e6
eab61df9caa7b3789ddfe4ff5744ed5ffa4da68b
461fb8ca2eda5e25e9002bffe6111739faa6cf991167cd2578632c1f90d791ca
GET /picrightsport.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/jpeg
content-length: 28289
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=33880, status=webp_bigger
last-modified: Fri, 18 Nov 2022 06:57:55 GMT
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f973a3cda90b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/picright.jpg
104.19.139.75200 OK 23 kB URL HTTP/2 img.pay4d.info/picright.jpg
IP 104.19.139.75:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 404x194, components 3\012- data
Hash 4d21cb6ce4fcf78445d50ec994697f8b
df4d5433b0acbf6ee3a0db62663f071b2fb01275
b267ac51d20c09b4e5bb4f90f30fac9fb72c024f4448eff75cbccdba316da2e6
GET /picright.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/jpeg
content-length: 23329
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=26379, status=webp_bigger
last-modified: Fri, 04 Nov 2022 13:42:48 GMT
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f973a3cdac0b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/live-ion.png
104.19.139.75200 OK 2.4 kB URL HTTP/2 img.pay4d.info/live-ion.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1a48e4a72414e5587b22eb4ac4ae959b
a3ac92a04917abab71a98503dcfff52be3af7cdb
e48ccb777ed57ca1eee701da53a8fa2d85b64639d0b8210e3160678e1753b144
GET /live-ion.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 2434
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6674
content-disposition: inline; filename="live-ion.webp"
last-modified: Fri, 26 Jun 2020 07:51:41 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a3eddd0b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/live-mg.png
104.19.139.75200 OK 1.1 kB URL HTTP/2 img.pay4d.info/live-mg.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ab217824849c8bc2f05240458ef55574
06b015108c8fc22469d8e5a4c371e6d05c04b624
326039e01fe95c632ec94f34f39b85e61715f2a5abcdb555d937ec140574aa72
GET /live-mg.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 1092
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4064
content-disposition: inline; filename="live-mg.webp"
last-modified: Tue, 15 Mar 2022 06:24:43 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a3ede00b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/live-all.png
104.19.139.75200 OK 2.5 kB URL HTTP/2 img.pay4d.info/live-all.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 80ab66e968b68828f745dbd67b94dfc8
18d70a225ba9f5c51d79d286178312966d339f76
bf207416b528a9c36145e5943266d17c909af991f3512d62636b85eb8232ab5f
GET /live-all.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 2548
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=9511
content-disposition: inline; filename="live-all.webp"
last-modified: Mon, 07 Sep 2020 10:34:19 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a3fde60b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/live-sg.png
104.19.139.75200 OK 2.8 kB URL HTTP/2 img.pay4d.info/live-sg.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5fde10bbbfdf170112f4bc9859955ed5
e73a68c4221288b52a848a67801f9bcd387ba2ea
60bb4f59c40e9ef9f1d2be56a2a7324a8750e339de1efb9b96840314b8581628
GET /live-sg.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 2814
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=11259
content-disposition: inline; filename="live-sg.webp"
last-modified: Thu, 10 Dec 2020 08:44:39 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a3fdea0b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/sport-saba.png
104.19.139.75200 OK 3.2 kB URL HTTP/2 img.pay4d.info/sport-saba.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ca905a05925915a6aeae1dff933661ea
e4432529d8665c323809db7b6bd7fd1412862de2
27f3a57f120ec304c41c368c4ff779c9310968a53be66f0b1a1eb6a61d61629a
GET /sport-saba.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 3166
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=8019
content-disposition: inline; filename="sport-saba.webp"
last-modified: Fri, 18 Nov 2022 07:12:18 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a3fdeb0b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/live-opus.png
104.19.139.75200 OK 1.3 kB URL HTTP/2 img.pay4d.info/live-opus.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ff58f7baf1903414b9e121fa194c01a0
9686d2811e39d923e00d3573d187e84dda29fdba
d68d2439ada8dcdb278433a33da32e2659f34ce90cc7c9023180bbd3dd92f54a
GET /live-opus.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 1330
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4303
content-disposition: inline; filename="live-opus.webp"
last-modified: Fri, 26 Aug 2022 10:55:33 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a3fde50b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/fish-fishing-god.png
104.19.139.75200 OK 4.1 kB URL HTTP/2 img.pay4d.info/fish-fishing-god.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a0948f83578f51b07453a73d2e7feb0e
0e3f824762ed0f79c93200f05b8b631535e62d50
294f599a73342736676eb2d36724e27f9ace65053d1eec0d5267318608dcb49d
GET /fish-fishing-god.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 4084
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=8579
content-disposition: inline; filename="fish-fishing-god.webp"
last-modified: Tue, 30 Mar 2021 09:18:46 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a40dfe0b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/fish-zombie.png
104.19.139.75200 OK 2.8 kB URL HTTP/2 img.pay4d.info/fish-zombie.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 88304eeaf81e9ebd296a0d0e2ddb7be2
32c2c254dfa81406883e0507339c538a4af5ce3b
fab65eee93acd119c34e221f22ca4029d06a9fa9a5d93b56be894e4247ff7d81
GET /fish-zombie.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 2760
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=9384
content-disposition: inline; filename="fish-zombie.webp"
last-modified: Thu, 05 Aug 2021 09:13:00 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a40e010b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/informasi.png
104.19.139.75200 OK 496 B URL HTTP/2 img.pay4d.info/informasi.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 55734ca433dd15622f992f24a3750a77
625812100e07a5b85b1dca90d622c0deafa3410d
0b31e72e9209648652af2a9e36541fb4ca4015cdbca7f29ae1993824d379c395
GET /informasi.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 496
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=2507
content-disposition: inline; filename="informasi.webp"
last-modified: Sat, 30 Jan 2021 10:28:59 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a40e030b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/fish-fishing-war.png
104.19.139.75200 OK 4.2 kB URL HTTP/2 img.pay4d.info/fish-fishing-war.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5de4388ad28949bab321d81e8afd639b
320c986e3c630e937333639364dcf80ef7dc19a2
54d4dfa543f1b8e4c544ce229b644b2671722eca476c6b8cb9df759e2375561f
GET /fish-fishing-war.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 4158
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=10616
content-disposition: inline; filename="fish-fishing-war.webp"
last-modified: Tue, 30 Mar 2021 09:18:46 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a40dff0b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/fish-alien-hunter.png
104.19.139.75200 OK 2.9 kB URL HTTP/2 img.pay4d.info/fish-alien-hunter.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 44ed1c2cb6486482db8d337636bd9494
7d7f1961857c405b2d72078ee512626a79ce2504
165db214f71fc24501cec62e40869ad284f2ef1fddae90933b570a605608b2a3
GET /fish-alien-hunter.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 2884
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=9071
content-disposition: inline; filename="fish-alien-hunter.webp"
last-modified: Wed, 07 Jul 2021 11:05:14 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a40e000b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/sport-sbo.png
104.19.139.75200 OK 2.6 kB URL HTTP/2 img.pay4d.info/sport-sbo.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6264eff1bd0d1cb19031119953556ab5
5ba02b770ec3c704549a90c1619624ab41afad29
5b4e3f622d5aec3c70df461c3aa9a3a4b200b2b8c92f0c13e0b03395bd655d51
GET /sport-sbo.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 2566
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=7368
content-disposition: inline; filename="sport-sbo.webp"
last-modified: Fri, 18 Nov 2022 07:12:18 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a40dfc0b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/buku-mimpi.png
104.19.139.75200 OK 734 B URL HTTP/2 img.pay4d.info/buku-mimpi.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 47e11b51ac743eaa8cf239317b274ed5
2f8e7efe94b9a2bc33e4a2cfa5d56c767e53f2b6
e102b58cf346532436c7e47dc3e2e29fc53b5b550e0fcd1c4200aadce03bb7e6
GET /buku-mimpi.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 734
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=3014
content-disposition: inline; filename="buku-mimpi.webp"
last-modified: Sat, 30 Jan 2021 10:28:57 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a40e020b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/banner/slider-wc-2022.jpg
104.19.139.75200 OK 156 kB URL HTTP/2 img.pay4d.info/banner/slider-wc-2022.jpg
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1900x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 156 kB (156456 bytes)
Hash 9ae983754e7c56256e6f7cae8438ef58
04978cb727dbe83b821e9bfd1e890514363cd144
144ce72837f5bb04407c7b4ea75c956c1fd7b0affda81f14690b33e8a64c68b5
GET /banner/slider-wc-2022.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 156456
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=205412
content-disposition: inline; filename="slider-wc-2022.webp"
last-modified: Mon, 21 Nov 2022 12:44:35 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a41e060b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/banner/slide-evo.jpg
104.19.139.75200 OK 95 kB URL HTTP/2 img.pay4d.info/banner/slide-evo.jpg
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1900x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash eb02c8af01265c17cd6bfa916b8590cd
87454568859bcc81562d916edd29f90c19259641
8fdc207822dfe9352613272cf9c76839eb1ab306e4bdd2446213f132cf3d4087
GET /banner/slide-evo.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 94810
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=153063
content-disposition: inline; filename="slide-evo.webp"
last-modified: Fri, 25 Nov 2022 06:26:29 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a41e050b51-OSL
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.6.0.min.js
69.16.175.10200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.6.0.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (65447)
Hash 899f0189aaf034bbba5340f724d91dfa
210ea9de03968edb9d839ba4a0ce2d48666a8ab8
949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xn--tmnas4d-oza.com
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669369528.dop023.sk1.t,1669369528.cds066.sk1.hn,1669369528.cds210.sk1.c
X-Firefox-Spdy: h2
img.pay4d.info/logo_providernewn_w.png
104.19.139.75200 OK 22 kB URL HTTP/2 img.pay4d.info/logo_providernewn_w.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2b9ef6421b1bb4ad82fd02d9e5b5b0e4
c33103e748ba45f1f6b4ba4dee2c4a8c9f674ba4
f74279c38ac20d40eefcb8376d87fb6aa64f00ed6f7cb48a3ab204c063016764
GET /logo_providernewn_w.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 22350
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=65781
content-disposition: inline; filename="logo_providernewn_w.webp"
last-modified: Wed, 23 Nov 2022 11:16:42 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a41e090b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/footern.png
104.19.139.75200 OK 10 kB URL HTTP/2 img.pay4d.info/footern.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c874f595389f01e778067dff5bc5d1f0
c5f3cb0b0a03bb0cc41cea7d1bc24b630eaab4bf
84097f8df21211e36d200017ce5dbb571569bbd5d21d7dfb1067d0b75567b17f
GET /footern.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 10240
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=11983
content-disposition: inline; filename="footern.webp"
last-modified: Fri, 04 Nov 2022 13:47:10 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a41e0a0b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/banner/slide-pp-nv.jpg
104.19.139.75200 OK 181 kB URL HTTP/2 img.pay4d.info/banner/slide-pp-nv.jpg
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1900x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 181 kB (181314 bytes)
Hash f05e4ec58442c20d7dcb6bf38f1856be
e1d63b5ffda7e54a46e97f0c3fb1548f6350f1d8
874343455cdd0ba9d33b598954a620e53ac23740ec5e584323df8a56efedc34e
GET /banner/slide-pp-nv.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: image/webp
content-length: 181314
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=267909
content-disposition: inline; filename="slide-pp-nv.webp"
last-modified: Mon, 21 Nov 2022 12:45:21 GMT
vary: Accept
cf-cache-status: HIT
age: 1367
expires: Fri, 25 Nov 2022 11:45:28 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a41e070b51-OSL
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/bootstrap.min.js
151.101.85.229200 OK 11 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/bootstrap.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (39553)
Hash 3d7736f3e0093bfcece832c8a1dced40
4421527237d7cf60ab3a8605e131d90370d59f8e
9bfb0fe335300ad7521ccc87e8a1d7be601958e3a9b9f0ea8f98cc7fa3946e70
GET /npm/bootstrap@3.4.1/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xn--tmnas4d-oza.com
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.4.1
x-jsd-version-type: version
etag: W/"9b00-sW/YImvWv7COVo8bHQoh1gJHzvs"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 25 Nov 2022 09:45:29 GMT
age: 17231805
x-served-by: cache-fra19167-FRA, cache-bma1635-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10942
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:45:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash e5b4f0edacb0e1ec14b068b30274304e
88191d1f3d8232666b3bccd8ec8a069ba9cbd1dc
33cfb52b80d5f80c646682f4c8bbe1a14398189794aa58cb0429bb56843e7144
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:45:29 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "78F89FB34287B2A2B9E834169BA3A0B694F81CC9"
Expires: Fri, 25 Nov 2022 20:00:00 GMT
Last-Modified: Fri, 25 Nov 2022 08:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2625
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f973a48e10b506-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c9ce459ed4850bf560dcb3826181a875
dd9789c25b00471d713e33e4e671f81f324fa702
7b6b61b361dd9683375f83ea39a38a1bb51b1dacbcf03f648052a7e506b3b331
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=121912
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:45:28 GMT
Etag: "637fc7f0-117"
Expires: Sat, 26 Nov 2022 19:37:20 GMT
Last-Modified: Thu, 24 Nov 2022 19:37:20 GMT
Server: nginx
Content-Length: 279
img.pay4d.info/kontak/skype.png
104.19.139.75200 OK 362 B URL HTTP/2 img.pay4d.info/kontak/skype.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 0557d2a423ddcbd15413f480842ce180
652216804afba090db5a17e5e278b17fb1b0cae1
4814e3ccb7ba86e8aa5c1ef9d4cc9f432b6b344f6bd9a209765ebc77f0a611b6
GET /kontak/skype.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:29 GMT
content-type: image/webp
content-length: 362
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=3408
content-disposition: inline; filename="skype.webp"
last-modified: Mon, 09 Sep 2019 19:19:33 GMT
vary: Accept
cf-cache-status: HIT
expires: Fri, 25 Nov 2022 11:45:29 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a3ddbf0b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/kontak/sms.png
104.19.139.75200 OK 414 B URL HTTP/2 img.pay4d.info/kontak/sms.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ab01bf284d3245dad051381855a39f35
51de83afc1fe4a2cba4aeb647d260a7e3fa32001
ab5418701d478deee3c36600c7d7101b44d902461008cecd4eef93d882eca238
GET /kontak/sms.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:29 GMT
content-type: image/webp
content-length: 414
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=3655
content-disposition: inline; filename="sms.webp"
last-modified: Mon, 09 Sep 2019 19:19:33 GMT
vary: Accept
cf-cache-status: HIT
expires: Fri, 25 Nov 2022 11:45:29 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a3cdbd0b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/kontak/fb.png
104.19.139.75200 OK 300 B URL HTTP/2 img.pay4d.info/kontak/fb.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9daa0755bb1f7cbea82e2d506d355535
09438e3bc734c47538cf70f11dc8450dc3471ea5
b7216eb923bbb92bb47ea39c84e2f84a8fc7daad9bb77d9f89fa3528d3a59f78
GET /kontak/fb.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:29 GMT
content-type: image/webp
content-length: 300
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=3295
content-disposition: inline; filename="fb.webp"
last-modified: Mon, 09 Sep 2019 19:19:33 GMT
vary: Accept
cf-cache-status: HIT
expires: Fri, 25 Nov 2022 11:45:29 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a3ddc10b51-OSL
X-Firefox-Spdy: h2
xn--tmnas4d-oza.com/
104.21.3.129200 OK 14 kB IP 104.21.3.129:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (363), with CRLF, LF line terminators
Hash f802bed13841e213821de541ca1462d5
860a2ebd22ae648931ae48f3cd52f70928e54ec9
07f4512c4546b9c75e861825baa975170400715546f40a59874e4b334d8f5c1d
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: xn--tmnas4d-oza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:28 GMT
content-type: text/html; charset=UTF-8
x-frame-options: Deny
x-content-type-options: nosniff
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
set-cookie: PHPSESSID=8c9kpbd5ledri7tnu7cs3ac4v7; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2Fn2LYJhF3xnJobtbRmVM1hKppJCKMQqvVvkXmbA9XiXKU%2Boo5LlZ2LdKEvSDa22aNnqpiDgB2i4S432La8KdLV0e9Bp9gjSpp6nJMRAhYZNZX984W71H%2FDhU4RslFqfEsjYsaaZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f9739fab670af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:45:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:45:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
216.58.207.195200 OK 35 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 34852, version 1.0\012- data
Hash 0e8eefb4549a2edf26c560cb9845952e
8d0b1718aacad934fd0043c87cbc54aa091396bf
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xn--tmnas4d-oza.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34852
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 08:17:47 GMT
expires: Thu, 23 Nov 2023 08:17:47 GMT
cache-control: public, max-age=31536000
age: 178062
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
216.58.207.195200 OK 9.8 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Hash afda6e429fd299054de28e1f157c683d
c1847d6f3df5fe11d5e96fd5e6a59b73ff7ed96b
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xn--tmnas4d-oza.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Nov 2022 23:14:29 GMT
expires: Sat, 18 Nov 2023 23:14:29 GMT
cache-control: public, max-age=31536000
age: 556260
last-modified: Mon, 18 Jul 2022 19:24:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:45:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:45:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
216.58.207.195200 OK 47 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 47048, version 1.0\012- data
Hash 87a1556b696ae2cb1a726bd8c4584a2f
1be0f6f39e0cf316f9827f945eeeaef8294cc37b
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
GET /s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xn--tmnas4d-oza.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47048
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Nov 2022 22:54:24 GMT
expires: Sat, 18 Nov 2023 22:54:24 GMT
cache-control: public, max-age=31536000
age: 557465
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 45300, version 1.0\012- data
Hash 5fe660c3a23b871807b0e1d3ee973d23
62a9dd423b30b6ee3ab3dd40d573545d579af10a
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
GET /s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xn--tmnas4d-oza.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 45300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:51:03 GMT
expires: Thu, 23 Nov 2023 18:51:03 GMT
cache-control: public, max-age=31536000
age: 140066
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/abel/v18/MwQ5bhbm2POE2V9BPQ.woff2
216.58.207.195200 OK 10 kB URL HTTP/2 fonts.gstatic.com/s/abel/v18/MwQ5bhbm2POE2V9BPQ.woff2
IP 216.58.207.195:0
File type PNG image data, 40 x 30, 8-bit/color RGB, non-interlaced\012- data
Hash 7565802c9580565452b0ff539f76ebf9
e4d52cc56de29eaa60ebe53e36297e5544a0e490
ac05e3dfe63199c7c6774dd1f93bd8f21b95cf1cf574d6e28162dc3a9a173658
GET /s/abel/v18/MwQ5bhbm2POE2V9BPQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xn--tmnas4d-oza.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9588
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 16:49:46 GMT
expires: Fri, 24 Nov 2023 16:49:46 GMT
cache-control: public, max-age=31536000
age: 60943
last-modified: Tue, 19 Apr 2022 18:29:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 09:45:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.livechatinc.com/tracking.js
23.36.79.17200 OK 26 kB URL HTTP/2 cdn.livechatinc.com/tracking.js
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash fdb3fbabc9d0fdd42c1230d360cd2d44
3968a4d120665750710b64068c0af871d1a149d5
b774ad6e513f484794d2f3985d3b42667e11c38c6def308bcce6b3d81ebff9c7
GET /tracking.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 17 Nov 2022 13:08:42 GMT
x-amz-version-id: XiT9l9I6GGKdmfwcYLWex5TUwoVUOWV5
server: AmazonS3
content-encoding: br
etag: W/"72abe41f23b1a5d3b25350cc7025a805"
vary: Accept-Encoding
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: D3KEkfL4U2Yk1ikvSs7spz9_JmtUYKdfxg54PQ9go4a6WarOC0Sz5A==
content-length: 26070
cache-control: max-age=28800
expires: Fri, 25 Nov 2022 17:45:29 GMT
date: Fri, 25 Nov 2022 09:45:29 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 857e0686aa3d20b7052b34ef1ae60da9
8d888aefa98519e8a5ac5a74bb7100260f475353
edec3c40bbe08ca7b46fffc1a3f5d30e2460ae54b1ebf6f391b6c2a41461561c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EDEC3C40BBE08CA7B46FFFC1A3F5D30E2460AE54B1EBF6F391B6C2A41461561C"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4578
Expires: Fri, 25 Nov 2022 11:01:47 GMT
Date: Fri, 25 Nov 2022 09:45:29 GMT
Connection: keep-alive
static.getbutton.io/widget-send-button/js/init.js
95.216.228.15302 Moved Temporarily 145 B URL HTTP/1.1 static.getbutton.io/widget-send-button/js/init.js
IP 95.216.228.15:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 7938fc116951d02bc261f707297cf915
c7f2a9311468d25830f39a6e280e22cc871149ca
a7a0cbe25a887e612a079e22a6b8bee676d68530d19ddf883a19088768f6f464
GET /widget-send-button/js/init.js HTTP/1.1
Host: static.getbutton.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx/1.16.0
Date: Fri, 25 Nov 2022 09:45:29 GMT
Content-Type: text/html
Content-Length: 145
Connection: keep-alive
Location: https://static.getbutton.io/widget/bundle.js
static.getbutton.io/widget/bundle.js
95.216.228.15200 OK 94 kB URL HTTP/1.1 static.getbutton.io/widget/bundle.js
IP 95.216.228.15:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (65475)
Hash d8cd247eabac0219996f3e07e4a9a211
bf8835bf60ec200dbdb7498c9c0e68d42f1c6030
7ba300201e1d30489a65dda4a1c35e25d6281b47d064d37a843892e138849b3e
GET /widget/bundle.js HTTP/1.1
Host: static.getbutton.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xn--tmnas4d-oza.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Fri, 25 Nov 2022 09:45:29 GMT
Content-Type: application/javascript
Last-Modified: Wed, 16 Nov 2022 07:07:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63748c32-4a576"
Expires: Fri, 25 Nov 2022 12:45:29 GMT
Cache-Control: max-age=10800
Access-Control-Allow-Origin: *
Content-Encoding: gzip
img.pay4d.info/android.png
104.19.139.75200 OK 1.1 kB URL HTTP/2 img.pay4d.info/android.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 0b02cd52bbd4c1164b94f9c21050e6be
8941f921796a98fc8fabb4c0cec157c34d4e4276
a7c62c2757c85f7b8edb8bddd7f3b0472c851452daceb20485ddffa6ea9703fb
GET /android.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:29 GMT
content-type: image/webp
content-length: 1096
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=3351
content-disposition: inline; filename="android.webp"
last-modified: Sat, 30 Jan 2021 10:29:07 GMT
vary: Accept
cf-cache-status: HIT
age: 1366
expires: Fri, 25 Nov 2022 11:45:29 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a91aed0b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/kontak/line.png
104.19.139.75200 OK 396 B URL HTTP/2 img.pay4d.info/kontak/line.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6a2f088ef8dcce50e35c9fa786ea2b8f
c7976ba757370e5771e5596f89028b3c116bd85f
5dca4c53e05afdf097de02a1e7f059e83b7c6e9d1468f518c8ae2301427232e6
GET /kontak/line.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:29 GMT
content-type: image/webp
content-length: 396
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=1633
content-disposition: inline; filename="line.webp"
last-modified: Mon, 09 Sep 2019 19:19:48 GMT
vary: Accept
cf-cache-status: HIT
expires: Fri, 25 Nov 2022 11:45:29 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973a3cdbc0b51-OSL
X-Firefox-Spdy: h2
img.pay4d.info/dlandroid.png
104.19.139.75200 OK 2.5 kB URL HTTP/2 img.pay4d.info/dlandroid.png
IP 104.19.139.75:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a74bb516386bf584bbcb42de349db17c
8bb9f72b4f8d077bbe7319cb341bd9ef7ea8136a
5ddce943f364942ee30b1398175472ab116b19119a3fa7eb2815944162ccfb51
GET /dlandroid.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 09:45:30 GMT
content-type: image/webp
content-length: 2520
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=5781
content-disposition: inline; filename="dlandroid.webp"
last-modified: Wed, 11 Sep 2019 07:36:31 GMT
vary: Accept
cf-cache-status: HIT
age: 1368
expires: Fri, 25 Nov 2022 11:45:30 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 76f973aacc9a0b51-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18374
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 09:45:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18374
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 09:45:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18374
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 09:45:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18374
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 09:45:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f6292a2988fb4505d0098553b8e99ddc
9b8aafcda0e22edcc16d3048f4b88659d3b42419
16b7b473229c5e519ab81b385c50277424f3f3b2a5d7647035e84ba58e44f3be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6385
x-amzn-requestid: 4c2a84f7-f038-4f5a-86c2-5c8ce1a48c6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cI5NVFMAoAMFn7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63803bee-45c6411c2430e2375f530dd8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 03:52:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fj82i9qJmEiUy2DOkkowq8WRyzupMwNyQqu110sJ3o72HEW4yb7bjQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 07:22:46 GMT
age: 8564
etag: "9b8aafcda0e22edcc16d3048f4b88659d3b42419"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4006a9037ab5f28dca62b0aa7a704c41
74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 02:07:28 GMT
age: 27482
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP 34.120.237.76:0
Hash 70e9d3b32cfb0d1b8d8af184a1bf8bbd
28b40becaa4eec63801c029550d7450b6d4339b4
1c3d461dd2bbf93235bedb35eb11548e30df946dd6a05ba64bf908c63aee5f4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f4b5f150-a5dc-40bf-93b9-394c294a51cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEmkRFSnIAMF5vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e8481-74454bee1a1ec6d506f3d75b;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 20:37:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZVv8iTGCYV-IiBJ6KwNSG1ZWSEwClaQopUejSqZq0S1wd782lRoyKA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:59:49 GMT
age: 38741
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5863138af1ddbba34a7856242a7b3a06
2eba66ff6539388c48562503e8d11ff0e060350a
d1543e1b803a07095148b743925eebbbf21f566a2df9b785a1a9d48c5604496c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8917
x-amzn-requestid: 10f3b269-9437-476d-ae4f-a0ac3fb78491
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wEIwoAMF8uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4cfeecf4553b26381ed11875;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6ibPrCdDNQqWzxiVYDsl87yUfTP8sUmu22GbhBdDHJruil0qxbw7Fw==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:00 GMT
etag: "2eba66ff6539388c48562503e8d11ff0e060350a"
content-type: image/jpeg
age: 43830
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg
IP 34.120.237.76:0
Hash 9c8e67b0a0629bc1c58c3539894e02ca
5a31d70bb3747936cdbcbafcfb5de7eec55cf9ce
b7a17b01a697b4ea260cbf7eded19b7e0e19c8a437e33728655a5cf548f31394
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11743
x-amzn-requestid: 9ab0aba7-5cd1-4f6c-8984-dc221e1cbf8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cICD-F7joAMFqmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe3b2-152ba5f1495a44447356cdab;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oWSNdsrz59sJC2znLnFqa_Zm3T14_d6j-rjzDQe4yV22Dy2Qc4Swaw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:45 GMT
age: 42645
etag: "b0ddc1555d2506177adcdcea77864d75f1245d07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ad933c0-8cbe-40eb-920c-38b8ae531c9f.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ad933c0-8cbe-40eb-920c-38b8ae531c9f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d43ec6824d4fdc4d31b8c245bf8c5849
81f85633fca39972d8e0bf9a4ec7cd999e54564f
b0e521b23879af86102f46a9ec412faf6345df31a97a7b58880f63f81fdcd0c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ad933c0-8cbe-40eb-920c-38b8ae531c9f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7900
x-amzn-requestid: a9d184b1-3b4a-4ca6-9ad2-ce3aac10f422
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB91H2IIAMFjGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38b-5732361f36c023c22c922ee9;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nVe_gcpscsmf4QGPseIR2poHwzxp_mfWODrAz8Oy0ePkMgnIREhCag==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:07 GMT
etag: "81f85633fca39972d8e0bf9a4ec7cd999e54564f"
content-type: image/jpeg
age: 43823
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=10657737&url=https%3A%2F%2Fxn--tmnas4d-oza.com%2F&group_id=20&channel_type=code&jsonp=__xt9av5ldbd
23.36.79.17200 OK 520 B URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=10657737&url=https%3A%2F%2Fxn--tmnas4d-oza.com%2F&group_id=20&channel_type=code&jsonp=__xt9av5ldbd
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (520), with no line terminators
Hash f8688607057c2f7dc5823c8de30c2b36
f8d025bc3e67830c92fbfd6e7733a70c63c41de5
b1c03ecb8c903dcd69716d32c39e5b3ddcb2c7d500c519af8a1a25a7a74d6912
GET /v3.3/customer/action/get_dynamic_configuration?license_id=10657737&url=https%3A%2F%2Fxn--tmnas4d-oza.com%2F&group_id=20&channel_type=code&jsonp=__xt9av5ldbd HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: frame-ancestors https://xn--tmnas4d-oza.com/;
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
x-frame-options: allow-from https://xn--tmnas4d-oza.com/
content-length: 520
date: Fri, 25 Nov 2022 09:45:30 GMT
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=10657737&version=1613.25.25.20203.5646.5676.105.26.1.1.1.6.0&group_id=20&jsonp=__lc_static_config
23.36.79.17200 OK 1.5 kB URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=10657737&version=1613.25.25.20203.5646.5676.105.26.1.1.1.6.0&group_id=20&jsonp=__lc_static_config
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (3980), with no line terminators
Hash 01b36d3bc3523930226b47b146e699b9
ccc4ae36cb81c25212496b860e9bfe9f492b1f99
04b31a618a8d0fc990f43a409f582667719c1272a187054bfc914e8bc5c1b21d
GET /v3.3/customer/action/get_configuration?license_id=10657737&version=1613.25.25.20203.5646.5676.105.26.1.1.1.6.0&group_id=20&jsonp=__lc_static_config HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
content-length: 1503
cache-control: public, max-age=600
expires: Fri, 25 Nov 2022 09:55:30 GMT
date: Fri, 25 Nov 2022 09:45:30 GMT
X-Firefox-Spdy: h2
secure.livechatinc.com/customer/action/open_chat?license_id=10657737&group=20&embedded=1&widget_version=3&unique_groups=1
23.36.79.17200 OK 2.6 kB URL HTTP/2 secure.livechatinc.com/customer/action/open_chat?license_id=10657737&group=20&embedded=1&widget_version=3&unique_groups=1
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8824), with no line terminators
Hash 2af834d2c1666ed80bdf535ba7baf0cf
f83744b1d09476acd71ce975971ace5404982232
1727455617bd6865da97b3dfba29fae5b9b7f43662bf5b57d9bde8f5a987dc67
GET /customer/action/open_chat?license_id=10657737&group=20&embedded=1&widget_version=3&unique_groups=1 HTTP/1.1
Host: secure.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-length: 2558
date: Fri, 25 Nov 2022 09:45:30 GMT
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/0.0f55d8dd.chunk.js
23.36.79.17200 OK 15 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/0.0f55d8dd.chunk.js
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (47599), with no line terminators
Hash 59df903a307f8661bd53313a1a1ec2dd
c1b075479edfeed640cea3038d08915f5eedb9a8
6a19cca29c349c638cdb3a4f5103fe14562c865fc49184f33770f0f87b87bb7c
GET /widget/static/js/0.0f55d8dd.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 13:27:43 GMT
x-amz-version-id: FTaBdM5aPM6e3Wa0SH3EvXHWpAST4v3U
server: AmazonS3
content-encoding: br
etag: W/"10a3d7ac1ed37325d3341c379ee0de69"
vary: Accept-Encoding
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: KgvNFtC8e1Ondp6OM2DSbEHtkwN5kS2GkPwb0uCzLz2iu3P1-YllZA==
content-length: 14934
cache-control: max-age=31536000
expires: Sat, 25 Nov 2023 09:45:30 GMT
date: Fri, 25 Nov 2022 09:45:30 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/1.1e075a8f.chunk.js
23.36.79.17200 OK 66 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/1.1e075a8f.chunk.js
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65462)
Hash 524812952e0af015a7b1f7621b66446d
52de20770b835fc95c42ee8fb8c929ce889f1f41
9c6a9bc16e05afce31697dd6ef2530653501be1ea8af90e1905d9949d014a9ba
GET /widget/static/js/1.1e075a8f.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 13:27:43 GMT
x-amz-version-id: o8X.laUPCA4HbBkhv_.0.rtHv1UEzu8S
server: AmazonS3
content-encoding: br
etag: W/"add645219cc09aca44e90ff2cb69482a"
vary: Accept-Encoding
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: wQvKSpsPRy26in0iJkcMTYfNv8UaYE7ghU0BTCtCVHFylj64oG5eMQ==
content-length: 66502
cache-control: max-age=31536000
expires: Sat, 25 Nov 2023 09:45:30 GMT
date: Fri, 25 Nov 2022 09:45:30 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
23.36.79.17200 OK 13 kB URL HTTP/2 cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 12852, version 1.0\012- data
Hash 3b5df7e947d77201eaf22f3dbdac08cc
21989ca07e4afe32d48982b816b8fac85ce3e668
4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f
GET /widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2 HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 12852
last-modified: Tue, 18 Oct 2022 07:22:37 GMT
etag: "3b5df7e947d77201eaf22f3dbdac08cc"
x-amz-version-id: 4jMtpmrTh3NU2il.eSSLRODO9UYgvJk9
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: KM8abeyaVeSEIxlLTJcUkoNH7_q4l1PlUQolOkL0_K8Ml-Hn8lULcg==
cache-control: max-age=31536000
expires: Sat, 25 Nov 2023 09:45:30 GMT
date: Fri, 25 Nov 2022 09:45:30 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
23.36.79.17200 OK 13 kB URL HTTP/2 cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 12688, version 1.0\012- data
Hash d9f5998f47f6f22cb66e7dbf428c76ab
86b993baf91f867a03ea62e0d0adc9488530efaa
e94ba9c6df7a149b4b3c590bcc484ce24ce7c0f15c6f7f43479035a6311211d6
GET /widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2 HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 12688
last-modified: Tue, 18 Oct 2022 07:22:38 GMT
etag: "d9f5998f47f6f22cb66e7dbf428c76ab"
x-amz-version-id: msVoGOeEvv4rBAjmPT.bOOY9QhLnYq.K
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: HAM50-P2
x-amz-cf-id: X3prfpUvaSuujXUioKllfbrWJRSujJaRcEeTIItJqtcJgekTOM8gKw==
cache-control: max-age=31536000
expires: Sat, 25 Nov 2023 09:45:30 GMT
date: Fri, 25 Nov 2022 09:45:30 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_localization?license_id=10657737&version=13159fb2ee05429e3ae48a4031b3d0e0_1e0bf01b99c9f21003923ae5bf0edef8&language=id&group_id=20&jsonp=__lc_localization
23.36.79.17200 OK 4.0 kB URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_localization?license_id=10657737&version=13159fb2ee05429e3ae48a4031b3d0e0_1e0bf01b99c9f21003923ae5bf0edef8&language=id&group_id=20&jsonp=__lc_localization
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (11632), with no line terminators
Hash 8d70835cca8f23d0a6c0a30a4abae342
aac8956761e208e2c1eb5fc80a7a4495f7007fac
4aefa382bfc68b12593f238b219a5ba58e4131c3b595ca222f657c658ce4ba20
GET /v3.3/customer/action/get_localization?license_id=10657737&version=13159fb2ee05429e3ae48a4031b3d0e0_1e0bf01b99c9f21003923ae5bf0edef8&language=id&group_id=20&jsonp=__lc_localization HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
content-length: 4049
cache-control: public, max-age=600
expires: Fri, 25 Nov 2022 09:55:30 GMT
date: Fri, 25 Nov 2022 09:45:30 GMT
X-Firefox-Spdy: h2
accounts.livechatinc.com/licence/g10657737_20/customer?license_id=10657737&flow=button&response_type=token&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&redirect_uri=https%3A%2F%2Fsecure.livechatinc.com%2Fcustomer%2Faction%2Fopen_chat&post_message_uri=https%3A%2F%2Fsecure.livechatinc.com%2Fcustomer%2Faction%2Fopen_chat&state=%40livechat%2Fcustomer-auth
23.36.79.17302 Found 0 B URL HTTP/2 accounts.livechatinc.com/licence/g10657737_20/customer?license_id=10657737&flow=button&response_type=token&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&redirect_uri=https%3A%2F%2Fsecure.livechatinc.com%2Fcustomer%2Faction%2Fopen_chat&post_message_uri=https%3A%2F%2Fsecure.livechatinc.com%2Fcustomer%2Faction%2Fopen_chat&state=%40livechat%2Fcustomer-auth
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /licence/g10657737_20/customer?license_id=10657737&flow=button&response_type=token&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&redirect_uri=https%3A%2F%2Fsecure.livechatinc.com%2Fcustomer%2Faction%2Fopen_chat&post_message_uri=https%3A%2F%2Fsecure.livechatinc.com%2Fcustomer%2Faction%2Fopen_chat&state=%40livechat%2Fcustomer-auth HTTP/1.1
Host: accounts.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://accounts.livechatinc.com/static/postmessage.html#access_token=dal%3AAMzTG4ZvTWSsdqoRU52D7A&entity_id=d6e90e4e-19c0-4803-6acd-d4d4a27037ad&expires_in=28800&redirect_uri=https%3A%2F%2Fsecure.livechatinc.com%2Fcustomer%2Faction%2Fopen_chat&state=%40livechat%2Fcustomer-auth&token_type=Bearer
pragma: no-cache
content-length: 0
date: Fri, 25 Nov 2022 09:45:30 GMT
set-cookie: __lc_cid=d6e90e4e-19c0-4803-6acd-d4d4a27037ad; Path=/v2/customer/68b6bfca-7a50-439a-88e0-c59be3e4e31d/20/token; Domain=accounts.livechatinc.com; Expires=Mon, 25 Nov 2024 09:45:30 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=40149d71aad767b518b28c042c29dcd1d83227b34331f195dcb5df287861335d8d5eed59203e05b8a4c4468f1e4720fbaaab0f1a74b68a9a55f9591bbde7; Path=/v2/customer/68b6bfca-7a50-439a-88e0-c59be3e4e31d/20/token; Domain=accounts.livechatinc.com; Expires=Mon, 25 Nov 2024 09:45:30 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cid=d6e90e4e-19c0-4803-6acd-d4d4a27037ad; Path=/licence/g10657737_20/; Domain=accounts.livechatinc.com; Expires=Mon, 25 Nov 2024 09:45:30 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=40149d71aad767b518b28c042c29dcd1d83227b34331f195dcb5df287861335d8d5eed59203e05b8a4c4468f1e4720fbaaab0f1a74b68a9a55f9591bbde7; Path=/licence/g10657737_20/; Domain=accounts.livechatinc.com; Expires=Mon, 25 Nov 2024 09:45:30 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__oauth_redirect_detector=counter=1&t=1669369560&tag=3929efaebdbe398bac424780f49650b84602e454; Path=/; Expires=Fri, 25 Nov 2022 09:46:00 GMT; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
accounts.livechatinc.com/static/postmessage.html
23.36.79.17200 OK 365 B URL HTTP/2 accounts.livechatinc.com/static/postmessage.html
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 4219c89ffbdc671638ae10d01b469706
15b08c970d585ae7d7a00b195cfab2a9bda69381
bb25f856e14c7945481ff2f4ed8c58184511f29281aae38791e43c4a8ade5944
GET /static/postmessage.html HTTP/1.1
Host: accounts.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure.livechatinc.com/
Connection: keep-alive
Cookie: __oauth_redirect_detector=counter=1&t=1669369560&tag=3929efaebdbe398bac424780f49650b84602e454
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/html
etag: "06F41167B22D690E6AD57C16440DEC37558AF6A5"
vary: Accept-Encoding
content-length: 365
date: Fri, 25 Nov 2022 09:45:31 GMT
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/check_goals?license_id=10657737
23.36.79.17200 OK 0 B URL HTTP/2 api.livechatinc.com/v3.3/customer/action/check_goals?license_id=10657737
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v3.3/customer/action/check_goals?license_id=10657737 HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://secure.livechatinc.com/
Origin: https://secure.livechatinc.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type
access-control-allow-origin: https://secure.livechatinc.com
vary: Accept-Encoding
content-length: 0
date: Fri, 25 Nov 2022 09:45:31 GMT
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/check_goals?license_id=10657737
23.36.79.17200 OK 2 B URL HTTP/2 api.livechatinc.com/v3.3/customer/action/check_goals?license_id=10657737
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /v3.3/customer/action/check_goals?license_id=10657737 HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer dal:AMzTG4ZvTWSsdqoRU52D7A
Content-Length: 77
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://secure.livechatinc.com
content-type: application/json
legacy: 2023-06-30
vary: Accept-Encoding
content-length: 2
date: Fri, 25 Nov 2022 09:45:31 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:47:08 GMT
age: 43108
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/iframe.5a8c73ef.chunk.js
23.36.79.17200 OK 0 B URL HTTP/2 cdn.livechatinc.com/widget/static/js/iframe.5a8c73ef.chunk.js
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
GET /widget/static/js/iframe.5a8c73ef.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Nov 2022 13:08:45 GMT
x-amz-version-id: P0PTNAbmnutUEWx5JwIuKC0qV1oD8pjU
server: AmazonS3
content-encoding: br
etag: W/"662ab831ab34600ffa4072f565bdfd64"
vary: Accept-Encoding
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: 1Ip4wPazEkF_uHKhUPZDS0tSsxvZSsZmEMk6Zoy43CtXbndWYhSu6A==
content-length: 206714
cache-control: max-age=31536000
expires: Sat, 25 Nov 2023 09:45:30 GMT
date: Fri, 25 Nov 2022 09:45:30 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Abel|Oswald:400|PT+Sans:400,700|Open+Sans:300,400,700,800
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Abel|Oswald:400|PT+Sans:400,700|Open+Sans:300,400,700,800
IP 142.250.74.10:0
GET /css?family=Abel|Oswald:400|PT+Sans:400,700|Open+Sans:300,400,700,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xn--tmnas4d-oza.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 09:45:28 GMT
date: Fri, 25 Nov 2022 09:45:28 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2