r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5690
Expires: Mon, 28 Nov 2022 12:22:32 GMT
Date: Mon, 28 Nov 2022 10:47:42 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3697
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:47:42 GMT
Last-Modified: Mon, 28 Nov 2022 09:46:05 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4467
Expires: Mon, 28 Nov 2022 12:02:09 GMT
Date: Mon, 28 Nov 2022 10:47:42 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 10:17:46 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1796
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Cdayaobt4m0A3/j7ElR6z54OdmMq1jgkiTaNkPsqMNl1XN+3qCBsH8FQhCrjy6biylE5apVYcKCt6sHnqygGRw==
x-amz-request-id: XNY3BW83856P7K62
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 10:45:00 GMT
age: 162
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 10:47:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 10:11:12 GMT
cache-control: public,max-age=3600
age: 2190
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4133
Cache-Control: max-age=170886
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:47:42 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 10:15:48 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
www.golden-shoes.c1.biz/
185.176.43.98200 OK 186 kB IP 185.176.43.98:0
ASN #44476 Zetta Hosting Solutions LLC.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size 186 kB (185858 bytes)
Hash 186901e61ea2b1869236c362572f94fd
152a660b3a01b36eb6855633c56362ae4bb18b62
ad2f02ddb9c24f20f306a5c05f5c2006b77d540db87ee21e5dc31cca8edb7cc0
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: www.golden-shoes.c1.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 10:47:42 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 04:56:14 GMT
ETag: "2d602-5ec25319ef780"
Accept-Ranges: bytes
Content-Length: 185858
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
www.golden-shoes.c1.biz/css/fonts.css?v=1.5.8d
185.176.43.98200 OK 5.0 kB URL HTTP/1.1 www.golden-shoes.c1.biz/css/fonts.css?v=1.5.8d
IP 185.176.43.98:0
ASN #44476 Zetta Hosting Solutions LLC.
File type ASCII text, with very long lines (788), with CRLF line terminators
Hash 484807a8544a9ccd48672030985f25ef
8897c48d109fabf62bfdf11f87130644013dc939
9a125df1d257d6cc1f82f703c40b513df8a6cfa1b710c5f7955e97aaebb496aa
Analyzer Verdict Alert quad9 Sinkholed
GET /css/fonts.css?v=1.5.8d HTTP/1.1
Host: www.golden-shoes.c1.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 10:47:42 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 04:56:14 GMT
ETag: "1366-5ec25319ef780"
Accept-Ranges: bytes
Content-Length: 4966
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c41a0d6f69e69bb1ed87855e077fe07c
3cc20b9443867de64c02503be7489b50c1c90535
34864c58ccaec87208aadd31220cfe1ccca13b4df95c179a007a87ab2366774f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:47:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.golden-shoes.c1.biz/css/static_style.css
185.176.43.98200 OK 55 kB URL HTTP/1.1 www.golden-shoes.c1.biz/css/static_style.css
IP 185.176.43.98:0
ASN #44476 Zetta Hosting Solutions LLC.
Hash b8094ec397bec564e3b67cce23c10ed1
1d99f04187be1c619052a5186778027306b03736
3144ebb936c5095ee3fc06732c4c74a8f25049f02c098c76f1f637c8abe6e271
GET /css/static_style.css HTTP/1.1
Host: www.golden-shoes.c1.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 10:47:42 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 04:56:14 GMT
ETag: "d55d-5ec25319ef780"
Accept-Ranges: bytes
Content-Length: 54621
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7207a5076b63fb5f39b9436ced9fb18f
cdd84ecfe85882601e81f11783d9f63b30084de3
6d4543402df8135d5860ecd47dd52d96d66d2e1ac6feec11accb5f43f2da7d0d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:47:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
imos006-dot-im--os.appspot.com/js/imos.js?v=1.5.8d
216.58.211.20200 OK 2.0 kB URL HTTP/2 imos006-dot-im--os.appspot.com/js/imos.js?v=1.5.8d
IP 216.58.211.20:0
File type ASCII text, with CRLF line terminators
Hash e4dcac576e5a6a7ba85c5bce64e053bf
60c2ae7fd9a21976027f59c9c69f10f4f29578e5
a7032e5917a2b57aedc70026e9699ea5fb6cfbe11b3980d80999adb01c88b020
GET /js/imos.js?v=1.5.8d HTTP/1.1
Host: imos006-dot-im--os.appspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-cloud-trace-context: 47e2fcbf73db688807a0439ff400cc2b
content-encoding: gzip
server: Google Frontend
content-length: 2035
date: Mon, 28 Nov 2022 10:44:13 GMT
expires: Mon, 28 Nov 2022 10:54:13 GMT
cache-control: public, max-age=600
age: 209
etag: "NjoVCA"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
code.jquery.com/jquery-2.x-git.min.js
69.16.175.42302 Found 119 B URL HTTP/2 code.jquery.com/jquery-2.x-git.min.js
IP 69.16.175.42:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 46a4ea4faad936b387c503c03a9a3ca5
6dc18a6cd6b159f6b64bcbc775606cdb844cf2c9
0202a110ab673b716eb15c3fe047d075ec36bfe2e8d8cb1a3e8efdb83154449e
GET /jquery-2.x-git.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 28 Nov 2022 10:47:42 GMT
cache-control: max-age=5408497
content-encoding: gzip
content-length: 119
content-type: text/html
accept-ranges: bytes
server: nginx
location: https://releases.jquery.com/git/jquery-2.x-git.min.js
x-hw: 1669632462.dop228.sk1.t,1669632462.cds247.sk1.hn,1669632462.cds207.sk1.c
X-Firefox-Spdy: h2
www.golden-shoes.c1.biz/js/xprs_helper.js?v=1.5.8d
185.176.43.98200 OK 36 kB URL HTTP/1.1 www.golden-shoes.c1.biz/js/xprs_helper.js?v=1.5.8d
IP 185.176.43.98:0
ASN #44476 Zetta Hosting Solutions LLC.
File type ASCII text, with CRLF line terminators
Hash 8e6a76b2f8a5975f1fb6cff390fae044
b7ed4e4d8af6979b0536f08ea4bbc2a6919e449f
16236a16a95009024cebc75718409ad144ef5dd78a3227a44b4f642ae2cfff07
Analyzer Verdict Alert quad9 Sinkholed
GET /js/xprs_helper.js?v=1.5.8d HTTP/1.1
Host: www.golden-shoes.c1.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 10:47:42 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 04:56:14 GMT
ETag: "8ca3-5ec25319ef780"
Accept-Ranges: bytes
Content-Length: 36003
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/x-javascript
www.golden-shoes.c1.biz/js/lib/touchswipe/jquery.mobile.custom.min.js
185.176.43.98200 OK 7.8 kB URL HTTP/1.1 www.golden-shoes.c1.biz/js/lib/touchswipe/jquery.mobile.custom.min.js
IP 185.176.43.98:0
ASN #44476 Zetta Hosting Solutions LLC.
File type ASCII text, with very long lines (7687), with CRLF line terminators
Hash cf9ac7fecfcdaf87fdad431b545d7191
2beaff92739a95daeaa929664962ae416aba6748
7cb4efd75d841420c32a07f5880f53c1b59a78a2ca21e4c805a6a10c0f1ad429
Analyzer Verdict Alert quad9 Sinkholed
GET /js/lib/touchswipe/jquery.mobile.custom.min.js HTTP/1.1
Host: www.golden-shoes.c1.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 10:47:42 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 04:56:14 GMT
ETag: "1e6a-5ec25319ef780"
Accept-Ranges: bytes
Content-Length: 7786
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/x-javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:47:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:47:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:47:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:47:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c41a0d6f69e69bb1ed87855e077fe07c
3cc20b9443867de64c02503be7489b50c1c90535
34864c58ccaec87208aadd31220cfe1ccca13b4df95c179a007a87ab2366774f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:47:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-1TW9Y3E2L0
142.250.74.168200 OK 79 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-1TW9Y3E2L0
IP 142.250.74.168:0
File type ASCII text, with very long lines (25492)
Hash 84c26d78577e175df5c21c32b6fc6b38
6c502114459c6dc1910a03edb5e7941fbc25c00c
ee923e8243b550d024c4e65b35f1fb1b2ba93e8cad816c93c3f8d6a6166074e2
GET /gtag/js?id=G-1TW9Y3E2L0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 28 Nov 2022 10:47:43 GMT
expires: Mon, 28 Nov 2022 10:47:43 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78657
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:47:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7207a5076b63fb5f39b9436ced9fb18f
cdd84ecfe85882601e81f11783d9f63b30084de3
6d4543402df8135d5860ecd47dd52d96d66d2e1ac6feec11accb5f43f2da7d0d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:47:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
docs.biz.nf/set_aid.php?aid=MTkyNDE4MjQyMTIxMjE=
185.176.40.84302 Found 215 B URL HTTP/1.1 docs.biz.nf/set_aid.php?aid=MTkyNDE4MjQyMTIxMjE=
IP 185.176.40.84:0
ASN #44476 Zetta Hosting Solutions LLC.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a0fbe16196577fad96237f24c7a5638a
b274593a5cb7b7d2b583da36b93c66c2ed8afac9
13840a4e793831e7c79b9faebae4fc009fb2379d8b1b54cf98c4b96bb6863b80
GET /set_aid.php?aid=MTkyNDE4MjQyMTIxMjE= HTTP/1.1
Host: docs.biz.nf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 10:47:43 GMT
Server: Apache
Location: https://docs.biz.nf/set_aid.php?aid=MTkyNDE4MjQyMTIxMjE=
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 215
Keep-Alive: timeout=10, max=120
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.golden-shoes.c1.biz/js/all_js.js
185.176.43.98200 OK 94 kB URL HTTP/1.1 www.golden-shoes.c1.biz/js/all_js.js
IP 185.176.43.98:0
ASN #44476 Zetta Hosting Solutions LLC.
File type ASCII text, with CRLF line terminators
Hash 7732da1f0440259de9bf74e223aca869
5f7d01fad04b7851af2d6deaf9c92df87d9d1681
f4a09886e48d5ecf18fd5bcb5ccfe14ca7ea3be913075465ea301d1ac1ece6db
Analyzer Verdict Alert quad9 Sinkholed
GET /js/all_js.js HTTP/1.1
Host: www.golden-shoes.c1.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 10:47:42 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 04:56:14 GMT
ETag: "16e4e-5ec25319ef780"
Accept-Ranges: bytes
Content-Length: 93774
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/x-javascript
push.services.mozilla.com/
35.161.136.21101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.136.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yaqZAh425vBwUiaMFXr++w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: D7S168a3YpeeNMKKK0/6N6gVBW0=
www.golden-shoes.c1.biz/js/lightbox.js?v=1.5.8d
185.176.43.98200 OK 16 kB URL HTTP/1.1 www.golden-shoes.c1.biz/js/lightbox.js?v=1.5.8d
IP 185.176.43.98:0
ASN #44476 Zetta Hosting Solutions LLC.
File type ASCII text, with CRLF line terminators
Hash b2c01acaf97bf3af009721c30e269748
0573fdf2254e3915c06dd9af2284bf393171bd1d
4d0043cf27b66c2a38040edf85abca8596be2d9368c73bef172a668160e50665
Analyzer Verdict Alert quad9 Sinkholed
GET /js/lightbox.js?v=1.5.8d HTTP/1.1
Host: www.golden-shoes.c1.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 10:47:43 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 04:56:14 GMT
ETag: "3e57-5ec25319ef780"
Accept-Ranges: bytes
Content-Length: 15959
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/x-javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:47:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:47:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.golden-shoes.c1.biz/js/spimeengine.js?v=1.5.8d
185.176.43.98200 OK 77 kB URL HTTP/1.1 www.golden-shoes.c1.biz/js/spimeengine.js?v=1.5.8d
IP 185.176.43.98:0
ASN #44476 Zetta Hosting Solutions LLC.
File type Unicode text, UTF-8 text, with very long lines (354), with CRLF line terminators
Hash 8d76bb578e09d44072cbfa7189a6e088
2c5564cc1a0587745857391133b09e2ddea7f9eb
0e052a42588678115282200dfcf7a9e187ac63bcc6828521886de793221b2c24
Analyzer Verdict Alert quad9 Sinkholed
GET /js/spimeengine.js?v=1.5.8d HTTP/1.1
Host: www.golden-shoes.c1.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 10:47:43 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 04:56:14 GMT
ETag: "12c9f-5ec25319ef780"
Accept-Ranges: bytes
Content-Length: 76959
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/x-javascript
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash eaf628962875f394289e4328fe3268e2
ee93cd1f0a6215b30d672d80e23bc5523aa361b1
9162f5761ce877acedb62385e673433c1469c94f996b7fb49034764d757840dc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9162F5761CE877ACEDB62385E673433C1469C94F996B7FB49034764D757840DC"
Last-Modified: Sun, 27 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 28 Nov 2022 16:47:43 GMT
Date: Mon, 28 Nov 2022 10:47:43 GMT
Connection: keep-alive
releases.jquery.com/git/jquery-2.x-git.min.js
69.16.175.42200 OK 30 kB URL HTTP/2 releases.jquery.com/git/jquery-2.x-git.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (32040)
Hash e7caf00364dc18f5fd873d499266560e
cf8741e1e624b8013aade55ccb452bf7bf373a38
9f1e3e9209ad3d521a8a202f007289a38510d07cf80707e09f554d5b38264ccb
GET /git/jquery-2.x-git.min.js HTTP/1.1
Host: releases.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.golden-shoes.c1.biz/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 10:47:43 GMT
content-encoding: gzip
content-length: 29834
content-type: application/javascript; charset=utf-8
last-modified: Wed, 22 Jun 2016 11:41:26 GMT
accept-ranges: bytes
server: nginx
etag: "576a7966-14e1f"
cache-control: max-age=300, public
access-control-allow-origin: *
x-hw: 1669632463.dop228.sk1.t,1669632463.cds247.sk1.hn,1669632463.cds220.sk1.pr
X-Firefox-Spdy: h2
docs.biz.nf/set_aid.php?aid=MTkyNDE4MjQyMTIxMjE=
185.176.40.84200 OK 256 B URL HTTP/1.1 docs.biz.nf/set_aid.php?aid=MTkyNDE4MjQyMTIxMjE=
IP 185.176.40.84:0
ASN #44476 Zetta Hosting Solutions LLC.
File type HTML document, ASCII text
Hash d07d03b4750874499ee6327820a1174a
6e2086e092565cf1403f00487e29f0e9a5417900
6b6c7560293e1e62249125f13015510be149955e0c2ef2588889c70b25ce76e6
GET /set_aid.php?aid=MTkyNDE4MjQyMTIxMjE= HTTP/1.1
Host: docs.biz.nf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.golden-shoes.c1.biz/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 10:47:43 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 256
Keep-Alive: timeout=10, max=120
Connection: Keep-Alive
Content-Type: application/x-javascript; charset=utf-8
docs.biz.nf/set_aid.php?aid=MTkyNDE4MjQyMTIxMjE=
185.176.40.84302 Found 215 B URL HTTP/1.1 docs.biz.nf/set_aid.php?aid=MTkyNDE4MjQyMTIxMjE=
IP 185.176.40.84:0
ASN #44476 Zetta Hosting Solutions LLC.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a0fbe16196577fad96237f24c7a5638a
b274593a5cb7b7d2b583da36b93c66c2ed8afac9
13840a4e793831e7c79b9faebae4fc009fb2379d8b1b54cf98c4b96bb6863b80
GET /set_aid.php?aid=MTkyNDE4MjQyMTIxMjE= HTTP/1.1
Host: docs.biz.nf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 10:47:43 GMT
Server: Apache
Location: https://docs.biz.nf/set_aid.php?aid=MTkyNDE4MjQyMTIxMjE=
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 215
Keep-Alive: timeout=10, max=119
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.biz.nf/buts/biznf_joomla_120x60.jpg
50.28.50.3301 Moved Permanently 162 B URL HTTP/1.1 www.biz.nf/buts/biznf_joomla_120x60.jpg
IP 50.28.50.3:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /buts/biznf_joomla_120x60.jpg HTTP/1.1
Host: www.biz.nf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 28 Nov 2022 10:47:44 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.biz.nf/buts/biznf_joomla_120x60.jpg
www.biz.nf/buts/biznf_green_120x60.jpg
50.28.50.3301 Moved Permanently 162 B URL HTTP/1.1 www.biz.nf/buts/biznf_green_120x60.jpg
IP 50.28.50.3:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /buts/biznf_green_120x60.jpg HTTP/1.1
Host: www.biz.nf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 28 Nov 2022 10:47:44 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.biz.nf/buts/biznf_green_120x60.jpg
www.biz.nf/aid.php?aid=MTkyNDE4MjQyMTIxMjE=
50.28.50.3301 Moved Permanently 162 B URL HTTP/1.1 www.biz.nf/aid.php?aid=MTkyNDE4MjQyMTIxMjE=
IP 50.28.50.3:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /aid.php?aid=MTkyNDE4MjQyMTIxMjE= HTTP/1.1
Host: www.biz.nf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 28 Nov 2022 10:47:44 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.biz.nf/aid.php?aid=MTkyNDE4MjQyMTIxMjE=
docs.biz.nf/set_aid.php?aid=MTkyNDE4MjQyMTIxMjE=
185.176.40.84200 OK 256 B URL HTTP/1.1 docs.biz.nf/set_aid.php?aid=MTkyNDE4MjQyMTIxMjE=
IP 185.176.40.84:0
ASN #44476 Zetta Hosting Solutions LLC.
File type HTML document, ASCII text
Hash d07d03b4750874499ee6327820a1174a
6e2086e092565cf1403f00487e29f0e9a5417900
6b6c7560293e1e62249125f13015510be149955e0c2ef2588889c70b25ce76e6
GET /set_aid.php?aid=MTkyNDE4MjQyMTIxMjE= HTTP/1.1
Host: docs.biz.nf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.golden-shoes.c1.biz/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 10:47:43 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 256
Keep-Alive: timeout=10, max=119
Connection: Keep-Alive
Content-Type: application/x-javascript; charset=utf-8
fonts.googleapis.com/css?family=Teko:300,400,700|Dosis:200,400,800|Abel|Yellowtail|Permanent+Marker|Arvo:400,700|Playfair+Display:400,900,400italic,900italic|Codystar|Viga|Rozha+One|Fredericka+the+Great|Sail|Gravitas+One|Quicksand:300,400,700|Petit+Formal+Script|Wire+One|Mr+Dafoe|Oranienbaum|Bitter:400,700|Lobster|Kreon:400,700|Fugaz+One|Anton|Rokkitt|Libre+Baskerville:400,700,400italic|Copse|UnifrakturCook:700|Grand+Hotel|Muli|Monoton|Droid+Serif:400,700italic|Bangers|Pacifico|UnifrakturMaguntia|Francois+One|Rubik+Mono+One|Qwigley|Geo|Oswald|Passion+One|Chewy|Changa+One|Merriweather|Montserrat|Bevan|Damion|Play|Oxygen|Playfair+Display+SC:400,900,700,400italic|Love+Ya+Like+A+Sister|Hammersmith+One|Prata|Roboto+Condensed:400,300,700|Ultra|Six+Caps|Open+Sans
142.250.74.10200 OK 5.0 kB URL HTTP/2 fonts.googleapis.com/css?family=Teko:300,400,700|Dosis:200,400,800|Abel|Yellowtail|Permanent+Marker|Arvo:400,700|Playfair+Display:400,900,400italic,900italic|Codystar|Viga|Rozha+One|Fredericka+the+Great|Sail|Gravitas+One|Quicksand:300,400,700|Petit+Formal+Script|Wire+One|Mr+Dafoe|Oranienbaum|Bitter:400,700|Lobster|Kreon:400,700|Fugaz+One|Anton|Rokkitt|Libre+Baskerville:400,700,400italic|Copse|UnifrakturCook:700|Grand+Hotel|Muli|Monoton|Droid+Serif:400,700italic|Bangers|Pacifico|UnifrakturMaguntia|Francois+One|Rubik+Mono+One|Qwigley|Geo|Oswald|Passion+One|Chewy|Changa+One|Merriweather|Montserrat|Bevan|Damion|Play|Oxygen|Playfair+Display+SC:400,900,700,400italic|Love+Ya+Like+A+Sister|Hammersmith+One|Prata|Roboto+Condensed:400,300,700|Ultra|Six+Caps|Open+Sans
IP 142.250.74.10:0
Hash db418c25005501502f2fc69db82dc4aa
82e1cbbc96d4d3af1757f822db2c1cd63ab126fc
96e1513868f2d18c16e7445d6ddfa622eea12dd02f299a3ec7fe7c9b028a688f
GET /css?family=Teko:300,400,700|Dosis:200,400,800|Abel|Yellowtail|Permanent+Marker|Arvo:400,700|Playfair+Display:400,900,400italic,900italic|Codystar|Viga|Rozha+One|Fredericka+the+Great|Sail|Gravitas+One|Quicksand:300,400,700|Petit+Formal+Script|Wire+One|Mr+Dafoe|Oranienbaum|Bitter:400,700|Lobster|Kreon:400,700|Fugaz+One|Anton|Rokkitt|Libre+Baskerville:400,700,400italic|Copse|UnifrakturCook:700|Grand+Hotel|Muli|Monoton|Droid+Serif:400,700italic|Bangers|Pacifico|UnifrakturMaguntia|Francois+One|Rubik+Mono+One|Qwigley|Geo|Oswald|Passion+One|Chewy|Changa+One|Merriweather|Montserrat|Bevan|Damion|Play|Oxygen|Playfair+Display+SC:400,900,700,400italic|Love+Ya+Like+A+Sister|Hammersmith+One|Prata|Roboto+Condensed:400,300,700|Ultra|Six+Caps|Open+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 10:47:43 GMT
date: Mon, 28 Nov 2022 10:47:43 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:47:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/abel/v18/MwQ5bhbm2POE2V9BPQ.woff2
216.58.207.195200 OK 9.6 kB URL HTTP/2 fonts.gstatic.com/s/abel/v18/MwQ5bhbm2POE2V9BPQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 9588, version 1.0\012- data
Hash 55d912c794126956bb1e8f41597c131f
f7ade582dbe9d0efe97ae105cab313c6e45904d4
8bea498aed7cc1366e8b966e467b98219c803107d728eab8a6c4c9b045def699
GET /s/abel/v18/MwQ5bhbm2POE2V9BPQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.golden-shoes.c1.biz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9588
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 16:49:46 GMT
expires: Fri, 24 Nov 2023 16:49:46 GMT
cache-control: public, max-age=31536000
age: 323878
last-modified: Tue, 19 Apr 2022 18:29:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/anton/v23/1Ptgg87LROyAm3Kz-C8.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/anton/v23/1Ptgg87LROyAm3Kz-C8.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 17020, version 1.0\012- data
Hash aca09278214a7e267c0498cdd36ce416
ab7def30380e8f14e6064a9fd3c7dca6769ad85d
feb9617bd3fcda1a52cbf8539985fddac2aaab0e6df8dbdac21ec3e9a179a4be
GET /s/anton/v23/1Ptgg87LROyAm3Kz-C8.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.golden-shoes.c1.biz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17020
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 20:03:04 GMT
expires: Tue, 21 Nov 2023 20:03:04 GMT
cache-control: public, max-age=31536000
age: 571480
last-modified: Tue, 19 Apr 2022 18:51:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:47:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a64c4e38b1da5d38dc4d677db23d209c
3e6eb937fb51f9a5e490400c3b874f9c38373f0b
9c733216cb4f9db127f3eb8156da7ea55df0aaa6901d059976c02640c40993c1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C733216CB4F9DB127F3EB8156DA7EA55DF0AAA6901D059976C02640C40993C1"
Last-Modified: Sat, 26 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21589
Expires: Mon, 28 Nov 2022 16:47:33 GMT
Date: Mon, 28 Nov 2022 10:47:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a64c4e38b1da5d38dc4d677db23d209c
3e6eb937fb51f9a5e490400c3b874f9c38373f0b
9c733216cb4f9db127f3eb8156da7ea55df0aaa6901d059976c02640c40993c1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C733216CB4F9DB127F3EB8156DA7EA55DF0AAA6901D059976C02640C40993C1"
Last-Modified: Sat, 26 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21567
Expires: Mon, 28 Nov 2022 16:47:11 GMT
Date: Mon, 28 Nov 2022 10:47:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2210
Expires: Mon, 28 Nov 2022 11:24:34 GMT
Date: Mon, 28 Nov 2022 10:47:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2210
Expires: Mon, 28 Nov 2022 11:24:34 GMT
Date: Mon, 28 Nov 2022 10:47:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2210
Expires: Mon, 28 Nov 2022 11:24:34 GMT
Date: Mon, 28 Nov 2022 10:47:44 GMT
Connection: keep-alive
fonts.googleapis.com/css?family=Cairo|Changa|Lalezar|Reem+Kufi
142.250.74.10200 OK 13 kB URL HTTP/2 fonts.googleapis.com/css?family=Cairo|Changa|Lalezar|Reem+Kufi
IP 142.250.74.10:0
Hash 9df76590e475c8adb42f34a7188eb53e
8c7ed029b30a278e66b8c194868dc0326ac1cd5d
9d711aaffbb63c519cbb802bf05f043f708c01429bdb4370ffbe20de9370ce09
GET /css?family=Cairo|Changa|Lalezar|Reem+Kufi HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 10:47:43 GMT
date: Mon, 28 Nov 2022 10:47:43 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74165307-11fe-455f-9c90-106d24a6495f.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74165307-11fe-455f-9c90-106d24a6495f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1bb306213437ea24ab879adc9e3b6da4
771d38e18cdfa54052f7cb150b73c03154eb4368
d4cce7533fd59ef11fb8fec4bc114d5be0bacaa9134e3f1536e0d6bac1f58ffb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74165307-11fe-455f-9c90-106d24a6495f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6498
x-amzn-requestid: 2499eb0e-74c9-4c04-ba58-3e65fc452c34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR8IwHU4oAMFaAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383da37-12f14e7a30bc1a75499cb272;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:44:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WaCfMUy6EtOLWvJy1jFbKp9KQzG5v7nq27sIo7d8gFeGesFd4uWdEw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:24:14 GMT
age: 44610
etag: "771d38e18cdfa54052f7cb150b73c03154eb4368"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8165ed59e7e8be44134cc1078e6ad28
c2d0a36d2f81d5e5ce48276bd88d7c48d64056fd
3fbdeff57f18ffb1de8fb892a54ac15efde6ed94cf6ce8ea839e5c468f3a356b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FBDEFF57F18FFB1DE8FB892A54AC15EFDE6ED94CF6CE8EA839E5C468F3A356B"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21599
Expires: Mon, 28 Nov 2022 16:47:43 GMT
Date: Mon, 28 Nov 2022 10:47:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56dccc9-321b-431e-8a92-49471e788b4b.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56dccc9-321b-431e-8a92-49471e788b4b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a8935783026c10470f60033d3a860f7b
65941dd34eb1063a3f7fe2b6790a11a484a06b9a
e88c706458faf5b5512212692392c7c1a0d8e60af62962267166f5cb60ee9c89
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56dccc9-321b-431e-8a92-49471e788b4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11165
x-amzn-requestid: 9e35d865-adea-4d2a-b20f-beb014cdd42f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_JE2VIAMFYgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-7cf4db38152cdfa1448cba3d;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: SFO5-C3, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4YRocKXYUOkfho0bEHNX0xMxhhKNH2Cm3XtQDtQK7x2dFOsipPjfCw==
via: 1.1 dec8fa38a453902521b941c7cd70d33c.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:26:45 GMT
age: 44459
etag: "65941dd34eb1063a3f7fe2b6790a11a484a06b9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78b1389f425425d0450c94d900404dc4
53b12a8702f7c5b7cc697e2a24da824d9434be65
0c1659ab3afc6e45f9e3acb12f8865bb99e4668f7df4501b1cc740e53f5b62ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6376
x-amzn-requestid: 25b82353-9c15-44c0-ada5-55f4697de935
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KGeaoAMFb_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-71711cca7c063030292c5e47;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: odmAWkNyUMevvXStu7zRJyckokhyBjUwu7-JSvj8by-JWJ9eAm9P5Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:46 GMT
age: 45958
etag: "53b12a8702f7c5b7cc697e2a24da824d9434be65"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3a1a4e00f1f15827cf651f373863c379
70c2a238f06ca7e56ef80c83738e081bf0de3330
3d936e1f0c96297f121faece12d6f8173e12eed5087165cd4eefc0fab368419f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8885
x-amzn-requestid: 71b8367f-f79f-42a7-bcb8-c441a154babf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGDTEFSeIAMF3rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f18e0-631b775d3430a8c30c3b4420;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 07:10:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jsmd6yxjJxLMEgv1jDa87iEoZXL2OuALsmUZ9Nxx1rUN-xOTdtN1-A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 10:13:33 GMT
age: 2051
etag: "70c2a238f06ca7e56ef80c83738e081bf0de3330"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NMMuQ1NNks65LJK_HDAK69MfCJ3pS0Y6VzBs8_5Oku64v4FSWADCdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:46 GMT
age: 45958
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.biz.nf/aid.php?aid=MTkyNDE4MjQyMTIxMjE=
50.28.50.3200 OK 0 B URL HTTP/2 www.biz.nf/aid.php?aid=MTkyNDE4MjQyMTIxMjE=
IP 50.28.50.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aid.php?aid=MTkyNDE4MjQyMTIxMjE= HTTP/1.1
Host: www.biz.nf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.golden-shoes.c1.biz/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 10:47:45 GMT
content-type: text/html
content-length: 0
set-cookie: aid=MTkyNDE4MjQyMTIxMjE%3D; expires=Sun, 28-Nov-2032 10:47:45 GMT; path=/; domain=.biz.nf
x-powered-by: PleskLin
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-1TW9Y3E2L0>m=2oeb90&_p=1470156422&cid=518063465.1669632463&ul=en-us&sr=1280x1024&_s=1&sid=1669632463&sct=1&seg=0&dl=http%3A%2F%2Fwww.golden-shoes.c1.biz%2F&dt=golden-shoes.c1.biz&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-1TW9Y3E2L0>m=2oeb90&_p=1470156422&cid=518063465.1669632463&ul=en-us&sr=1280x1024&_s=1&sid=1669632463&sct=1&seg=0&dl=http%3A%2F%2Fwww.golden-shoes.c1.biz%2F&dt=golden-shoes.c1.biz&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-1TW9Y3E2L0>m=2oeb90&_p=1470156422&cid=518063465.1669632463&ul=en-us&sr=1280x1024&_s=1&sid=1669632463&sct=1&seg=0&dl=http%3A%2F%2Fwww.golden-shoes.c1.biz%2F&dt=golden-shoes.c1.biz&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.golden-shoes.c1.biz
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://www.golden-shoes.c1.biz
date: Mon, 28 Nov 2022 10:47:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.biz.nf/buts/biznf_joomla_120x60.jpg
50.28.50.3200 OK 4.1 kB URL HTTP/2 www.biz.nf/buts/biznf_joomla_120x60.jpg
IP 50.28.50.3:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 120x60, components 3\012- data
Hash a70b3b68c9e1c4cbfa147ecab2b62391
91def40385527574e3adbc5770d68a29538d1a0f
2f9e57f315e1635fc96fa9a2e7cb78e043e21e61861bfc75fbc3280fb57a3da0
GET /buts/biznf_joomla_120x60.jpg HTTP/1.1
Host: www.biz.nf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.golden-shoes.c1.biz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 10:47:45 GMT
content-type: image/jpeg
content-length: 4112
last-modified: Sat, 24 Mar 2018 21:46:59 GMT
etag: "5ab6c753-1010"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.biz.nf/buts/biznf_green_120x60.jpg
50.28.50.3200 OK 4.4 kB URL HTTP/2 www.biz.nf/buts/biznf_green_120x60.jpg
IP 50.28.50.3:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 120x60, components 3\012- data
Hash bcadbb8207f56e007ddc37602b24c6b5
5e8c8fa614b9f4902ace50a5f2ac574598b6cf60
06d4ffd64aa55c39bdae6726be0a4f714ced092bcc4ac3946983a4053bbf74b6
GET /buts/biznf_green_120x60.jpg HTTP/1.1
Host: www.biz.nf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.golden-shoes.c1.biz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 10:47:45 GMT
content-type: image/jpeg
content-length: 4383
last-modified: Sat, 24 Mar 2018 21:46:58 GMT
etag: "5ab6c752-111f"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.biz.nf/aid.php?aid=MTkyNDE4MjQyMTIxMjE=
50.28.50.3200 OK 0 B URL HTTP/2 www.biz.nf/aid.php?aid=MTkyNDE4MjQyMTIxMjE=
IP 50.28.50.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aid.php?aid=MTkyNDE4MjQyMTIxMjE= HTTP/1.1
Host: www.biz.nf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.golden-shoes.c1.biz/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 10:47:45 GMT
content-type: text/html
content-length: 0
set-cookie: aid=MTkyNDE4MjQyMTIxMjE%3D; expires=Sun, 28-Nov-2032 10:47:45 GMT; path=/; domain=.biz.nf
x-powered-by: PleskLin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5011c3ae54f0ee02e53eee57d47da352
ad893bb5928ff835231652809cc9af62d5219f0a
d840efa1d29eff50fc07c0c31315c004f60db98e7da8c8a232e40e3595bba0a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:47:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5011c3ae54f0ee02e53eee57d47da352
ad893bb5928ff835231652809cc9af62d5219f0a
d840efa1d29eff50fc07c0c31315c004f60db98e7da8c8a232e40e3595bba0a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:47:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/ZMARmveTg1geksYKXZKdh71KW09XrhDLg8N-XrfXCGsDBEHnuKwhmYpHd55Y2-NwuwLX8qsyx26JNyJWtr1jEcxD=s50
142.250.74.33200 OK 265 B URL HTTP/2 lh3.googleusercontent.com/ZMARmveTg1geksYKXZKdh71KW09XrhDLg8N-XrfXCGsDBEHnuKwhmYpHd55Y2-NwuwLX8qsyx26JNyJWtr1jEcxD=s50
IP 142.250.74.33:0
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash ba19e2d39553eacd580c647b2929b301
01c27c50734058e24205ebd092c179c19fcdeec9
9060a290f229a10d3358d3fb1d89df6eb0e085ce49e1e14a751febb50c27f69a
GET /ZMARmveTg1geksYKXZKdh71KW09XrhDLg8N-XrfXCGsDBEHnuKwhmYpHd55Y2-NwuwLX8qsyx26JNyJWtr1jEcxD=s50 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 265
x-xss-protection: 0
date: Mon, 28 Nov 2022 09:11:57 GMT
expires: Wed, 11 May 2022 15:43:25 GMT
cache-control: public, max-age=86400, no-transform
age: 5747
etag: "v1"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/EWqW7DEI4kOTRMLjK2-ObFHp-EYBt5apFYZ1LVFAhLtTLjigCRfx5hCCTKbIjIm68VQ00p9twloHJ9w8=s50
142.250.74.33200 OK 688 B URL HTTP/2 lh3.googleusercontent.com/EWqW7DEI4kOTRMLjK2-ObFHp-EYBt5apFYZ1LVFAhLtTLjigCRfx5hCCTKbIjIm68VQ00p9twloHJ9w8=s50
IP 142.250.74.33:0
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 7768150b1a689b83d6ba2ae0f2f41989
d302195fa69bef759aec6d554f8f26bdad8fe5fd
c3e0d1b01c02cca5545bbe9a85d904b97723600a61a4e157b1f7116ae2aee4d8
GET /EWqW7DEI4kOTRMLjK2-ObFHp-EYBt5apFYZ1LVFAhLtTLjigCRfx5hCCTKbIjIm68VQ00p9twloHJ9w8=s50 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 688
x-xss-protection: 0
date: Mon, 28 Nov 2022 07:40:08 GMT
expires: Thu, 18 Nov 2021 16:41:44 GMT
cache-control: public, max-age=86400, no-transform
age: 11256
etag: "v1"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh5.ggpht.com/kXLX7TIFPsRKz3LxFlSHkeRkh2RaFUIMzdfnYFUa2j7-Q6CtpspdsJ5xdgVwY-hUFyrA1kHvy75W7TgajL0=s300
142.250.74.161200 OK 5.2 kB URL HTTP/2 lh5.ggpht.com/kXLX7TIFPsRKz3LxFlSHkeRkh2RaFUIMzdfnYFUa2j7-Q6CtpspdsJ5xdgVwY-hUFyrA1kHvy75W7TgajL0=s300
IP 142.250.74.161:0
File type PNG image data, 300 x 300, 8-bit/color RGB, non-interlaced\012- data
Hash 505cb72360b006bd6263359645bc1d50
0825add6b443cd40904a3ae81b839139c523a3ee
0c480c332450b699ce67acb7421bdd653e7cbaf94c256ba9ee8847c1d2486609
GET /kXLX7TIFPsRKz3LxFlSHkeRkh2RaFUIMzdfnYFUa2j7-Q6CtpspdsJ5xdgVwY-hUFyrA1kHvy75W7TgajL0=s300 HTTP/1.1
Host: lh5.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 5195
x-xss-protection: 0
date: Mon, 28 Nov 2022 07:28:25 GMT
expires: Fri, 25 Nov 2022 19:17:51 GMT
cache-control: public, max-age=86400, no-transform
age: 11959
etag: "v1"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/Noh7kIm5kfqbPDsQ7iI6rTN4euBfQ7VMAlvb1SR-86_5iQtOVXQ3_UURL-N-97M-RWfKGNH6zjcbX9dCQW8=s30
142.250.74.33200 OK 1.0 kB URL HTTP/2 lh3.googleusercontent.com/Noh7kIm5kfqbPDsQ7iI6rTN4euBfQ7VMAlvb1SR-86_5iQtOVXQ3_UURL-N-97M-RWfKGNH6zjcbX9dCQW8=s30
IP 142.250.74.33:0
File type PNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced\012- data
Hash 749007b55be68b84cdfa313f51c7c37f
46b7f12e2c82210da609c5eae06b01f1019e4342
c0bf440c314408e0ed82a3c5dfea26822122c4d115ffd3db7a7dde897b9f3786
GET /Noh7kIm5kfqbPDsQ7iI6rTN4euBfQ7VMAlvb1SR-86_5iQtOVXQ3_UURL-N-97M-RWfKGNH6zjcbX9dCQW8=s30 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1020
x-xss-protection: 0
date: Mon, 28 Nov 2022 09:11:54 GMT
expires: Wed, 11 May 2022 15:43:03 GMT
cache-control: public, max-age=86400, no-transform
age: 5750
etag: "v1"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/TgRyMQvJ3_h9RmOnu7AlhIE7NLOOBsRoBounARrs8fQv8HCRPaFtpBneSqJOSZpI6l7He_bAZKN179JBig=s50
142.250.74.33200 OK 206 B URL HTTP/2 lh3.googleusercontent.com/TgRyMQvJ3_h9RmOnu7AlhIE7NLOOBsRoBounARrs8fQv8HCRPaFtpBneSqJOSZpI6l7He_bAZKN179JBig=s50
IP 142.250.74.33:0
File type PNG image data, 30 x 30, 4-bit colormap, non-interlaced\012- data
Hash 9d8d6bd3ec3d55cd74446084740e114d
bc6219eda93f5f7f261e348f697aa799b3a1d3e5
f20e26f58626bee6c98e4ae3b104bbf633079c4127beff649dd57afbbd6444e8
GET /TgRyMQvJ3_h9RmOnu7AlhIE7NLOOBsRoBounARrs8fQv8HCRPaFtpBneSqJOSZpI6l7He_bAZKN179JBig=s50 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 206
x-xss-protection: 0
date: Mon, 28 Nov 2022 09:37:09 GMT
expires: Fri, 24 Jun 2022 20:39:47 GMT
cache-control: public, max-age=86400, no-transform
age: 4235
etag: "v1"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/43-pXHjwrpmVO8Oean-6BD0uzARvcqUQrpdi7Yw2bxaXwEoP21UdN5kW6Ks9pdOxf7ropMUrh0djgYPwYPU=s50
142.250.74.33200 OK 265 B URL HTTP/2 lh3.googleusercontent.com/43-pXHjwrpmVO8Oean-6BD0uzARvcqUQrpdi7Yw2bxaXwEoP21UdN5kW6Ks9pdOxf7ropMUrh0djgYPwYPU=s50
IP 142.250.74.33:0
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash ba19e2d39553eacd580c647b2929b301
01c27c50734058e24205ebd092c179c19fcdeec9
9060a290f229a10d3358d3fb1d89df6eb0e085ce49e1e14a751febb50c27f69a
GET /43-pXHjwrpmVO8Oean-6BD0uzARvcqUQrpdi7Yw2bxaXwEoP21UdN5kW6Ks9pdOxf7ropMUrh0djgYPwYPU=s50 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 265
x-xss-protection: 0
date: Mon, 28 Nov 2022 09:37:09 GMT
expires: Sat, 13 Nov 2021 02:46:40 GMT
cache-control: public, max-age=86400, no-transform
age: 4235
etag: "v1"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/dd_e0xA19up9208Tv6odcjHEw6z4cKAA6fTgjZ9ynkKoSnr5R4vFxI7gZp6pnZH1Vi5T5f-fphjFsrLG=s30
142.250.74.33200 OK 1.1 kB URL HTTP/2 lh3.googleusercontent.com/dd_e0xA19up9208Tv6odcjHEw6z4cKAA6fTgjZ9ynkKoSnr5R4vFxI7gZp6pnZH1Vi5T5f-fphjFsrLG=s30
IP 142.250.74.33:0
File type PNG image data, 25 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash bd65b5feb0dfebb391e3b7f97452518a
edba45f52d5eea04570662436f7c722916e341aa
09377aece6d13145f5fa8dbd7c4d82ec6d124c455150ade4d940b8ac1d9a2cec
GET /dd_e0xA19up9208Tv6odcjHEw6z4cKAA6fTgjZ9ynkKoSnr5R4vFxI7gZp6pnZH1Vi5T5f-fphjFsrLG=s30 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1074
x-xss-protection: 0
date: Mon, 28 Nov 2022 09:11:23 GMT
expires: Fri, 24 Jun 2022 20:39:48 GMT
cache-control: public, max-age=86400, no-transform
age: 5781
etag: "v1"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/9rwgVnDglPdPFugSu98fhDmxzjXC9KovZ_7BuHkXPIv6jvg9S96flGnhL_e4y8mIpPpZQstfqEV-WitY=s50
142.250.74.33200 OK 262 B URL HTTP/2 lh3.googleusercontent.com/9rwgVnDglPdPFugSu98fhDmxzjXC9KovZ_7BuHkXPIv6jvg9S96flGnhL_e4y8mIpPpZQstfqEV-WitY=s50
IP 142.250.74.33:0
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 229368d2ae80cee8c2d0ca74a3e8d785
325eebe844f6637330d47f27d8c950289aa1ec0d
bce587a05f16dcc4c6160c77318f9cbc0253c0c178469bdf4dcb3ee74a4c6009
GET /9rwgVnDglPdPFugSu98fhDmxzjXC9KovZ_7BuHkXPIv6jvg9S96flGnhL_e4y8mIpPpZQstfqEV-WitY=s50 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 262
x-xss-protection: 0
date: Mon, 28 Nov 2022 08:06:45 GMT
expires: Sat, 13 Nov 2021 02:46:40 GMT
cache-control: public, max-age=86400, no-transform
age: 9659
etag: "v1"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/u_2y6S8bW10NzZp9Esbljoa7nWifvQBqN6F2drqNcA75tSKdvQHTZ6qXxzRGK9vdOhUuP059nggZ7v9kFDX6--UbLI_D4TBz=s160
142.250.74.33200 OK 7.3 kB URL HTTP/2 lh3.googleusercontent.com/u_2y6S8bW10NzZp9Esbljoa7nWifvQBqN6F2drqNcA75tSKdvQHTZ6qXxzRGK9vdOhUuP059nggZ7v9kFDX6--UbLI_D4TBz=s160
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Picasa], baseline, precision 8, 145x160, components 3\012- data
Hash c177cba6928b8a0c7a82dc429fe2c1d0
984dd8177fe78acd76b0cffdd10faab364cabe84
fdf12712eae3a60f206440c7e1da3befe5e061f5507df68f33a7e5d31bdb0801
GET /u_2y6S8bW10NzZp9Esbljoa7nWifvQBqN6F2drqNcA75tSKdvQHTZ6qXxzRGK9vdOhUuP059nggZ7v9kFDX6--UbLI_D4TBz=s160 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Tue, 29 Nov 2022 10:47:44 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 10:47:44 GMT
server: fife
content-length: 7322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5011c3ae54f0ee02e53eee57d47da352
ad893bb5928ff835231652809cc9af62d5219f0a
d840efa1d29eff50fc07c0c31315c004f60db98e7da8c8a232e40e3595bba0a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:47:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5011c3ae54f0ee02e53eee57d47da352
ad893bb5928ff835231652809cc9af62d5219f0a
d840efa1d29eff50fc07c0c31315c004f60db98e7da8c8a232e40e3595bba0a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:47:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/IwbzWn12Gfxe7KtPorhcgTRvL5vCM-ncHnkpcC8UwQYVD8OWr_6sHtQW2Syt_q2HDqOuFrsfDqRMOsCDCniYrG2NS2PxXw=s160
142.250.74.33200 OK 7.3 kB URL HTTP/2 lh3.googleusercontent.com/IwbzWn12Gfxe7KtPorhcgTRvL5vCM-ncHnkpcC8UwQYVD8OWr_6sHtQW2Syt_q2HDqOuFrsfDqRMOsCDCniYrG2NS2PxXw=s160
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Picasa], baseline, precision 8, 145x160, components 3\012- data
Hash c177cba6928b8a0c7a82dc429fe2c1d0
984dd8177fe78acd76b0cffdd10faab364cabe84
fdf12712eae3a60f206440c7e1da3befe5e061f5507df68f33a7e5d31bdb0801
GET /IwbzWn12Gfxe7KtPorhcgTRvL5vCM-ncHnkpcC8UwQYVD8OWr_6sHtQW2Syt_q2HDqOuFrsfDqRMOsCDCniYrG2NS2PxXw=s160 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Tue, 29 Nov 2022 10:47:44 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 10:47:44 GMT
server: fife
content-length: 7322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/01BHT537C_TvWSGI4T2UIwnenie5NW_1yd2WRsuxbqyWe7rsABCp5qR6MEbl4L1g764rHf65bTBh3nodcUpKyl9LSgex1E49=s180
142.250.74.33200 OK 8.7 kB URL HTTP/2 lh3.googleusercontent.com/01BHT537C_TvWSGI4T2UIwnenie5NW_1yd2WRsuxbqyWe7rsABCp5qR6MEbl4L1g764rHf65bTBh3nodcUpKyl9LSgex1E49=s180
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Picasa], baseline, precision 8, 163x180, components 3\012- data
Hash 6fd3ea69701148a781b63ec7a00146f8
88c4c1c6260534b408cc54083447b29a595abdd5
36a8fab64e807820ee94742effae841b06fe8c0cfaa4cb323494fee46c8dbe40
GET /01BHT537C_TvWSGI4T2UIwnenie5NW_1yd2WRsuxbqyWe7rsABCp5qR6MEbl4L1g764rHf65bTBh3nodcUpKyl9LSgex1E49=s180 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Tue, 29 Nov 2022 10:47:44 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 10:47:44 GMT
server: fife
content-length: 8722
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh4.ggpht.com/HFb5II_KPMCr2zYBR-_esg5kVmBZ3F03amxQy6ObUfDX3kfRIClO_irGLnJJZZZULEqKWZm6sGTmRB3uBrM=s300
142.250.74.161200 OK 6.1 kB URL HTTP/2 lh4.ggpht.com/HFb5II_KPMCr2zYBR-_esg5kVmBZ3F03amxQy6ObUfDX3kfRIClO_irGLnJJZZZULEqKWZm6sGTmRB3uBrM=s300
IP 142.250.74.161:0
File type PNG image data, 300 x 300, 8-bit/color RGB, non-interlaced\012- data
Hash 244faa3b74f71176732bfe630c84e6b5
0afd3fcbc49c5059533a50188d2f6e0d22e7f52e
77f4f5d2c5e195a0b0554c129e4ddf594e87961b548a26a672702f8476d3528f
GET /HFb5II_KPMCr2zYBR-_esg5kVmBZ3F03amxQy6ObUfDX3kfRIClO_irGLnJJZZZULEqKWZm6sGTmRB3uBrM=s300 HTTP/1.1
Host: lh4.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Tue, 29 Nov 2022 10:47:44 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 10:47:44 GMT
server: fife
content-length: 6107
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5011c3ae54f0ee02e53eee57d47da352
ad893bb5928ff835231652809cc9af62d5219f0a
d840efa1d29eff50fc07c0c31315c004f60db98e7da8c8a232e40e3595bba0a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:47:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/FLwyvz4IBdAwh8VmGpoo23taPPEcVCDHwPqbr5Vvfc613I9nGlnrkzIa4_L1KPSGu6R1LEIEnJENbdv_C0MYt-GpQllV80E=s160
142.250.74.33200 OK 7.3 kB URL HTTP/2 lh3.googleusercontent.com/FLwyvz4IBdAwh8VmGpoo23taPPEcVCDHwPqbr5Vvfc613I9nGlnrkzIa4_L1KPSGu6R1LEIEnJENbdv_C0MYt-GpQllV80E=s160
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Picasa], baseline, precision 8, 145x160, components 3\012- data
Hash c177cba6928b8a0c7a82dc429fe2c1d0
984dd8177fe78acd76b0cffdd10faab364cabe84
fdf12712eae3a60f206440c7e1da3befe5e061f5507df68f33a7e5d31bdb0801
GET /FLwyvz4IBdAwh8VmGpoo23taPPEcVCDHwPqbr5Vvfc613I9nGlnrkzIa4_L1KPSGu6R1LEIEnJENbdv_C0MYt-GpQllV80E=s160 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Tue, 29 Nov 2022 10:47:44 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 10:47:44 GMT
server: fife
content-length: 7322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh5.ggpht.com/hksaf2hQuoLr1doEQK6XCRGlYZRvVSqKncR5rum0mCCR-TDwD4DfVaNsno0pKErW2Fj1Fj08ib6ALvrh8A=s300
142.250.74.161200 OK 4.7 kB URL HTTP/2 lh5.ggpht.com/hksaf2hQuoLr1doEQK6XCRGlYZRvVSqKncR5rum0mCCR-TDwD4DfVaNsno0pKErW2Fj1Fj08ib6ALvrh8A=s300
IP 142.250.74.161:0
File type PNG image data, 300 x 300, 8-bit/color RGB, non-interlaced\012- data
Hash 8a3826688102acd6ffe888a573336988
2c34bb14e60518951b6c6d20d041d3df6b0ee45f
7ccd33b12e5f395889bd335b017c2a67f4657ef7d1b2d8c753d4e0c6e911751c
GET /hksaf2hQuoLr1doEQK6XCRGlYZRvVSqKncR5rum0mCCR-TDwD4DfVaNsno0pKErW2Fj1Fj08ib6ALvrh8A=s300 HTTP/1.1
Host: lh5.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Tue, 29 Nov 2022 10:47:44 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 10:47:44 GMT
server: fife
content-length: 4665
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh5.ggpht.com/JdCH48oHvoxMHyJqqlKiTozDxciHeo58Ul5XGtYB6VYaUpvfkRZUlEeRjdaq-Z7X2bKPIai00OnGhm-Fng=s300
142.250.74.161200 OK 4.4 kB URL HTTP/2 lh5.ggpht.com/JdCH48oHvoxMHyJqqlKiTozDxciHeo58Ul5XGtYB6VYaUpvfkRZUlEeRjdaq-Z7X2bKPIai00OnGhm-Fng=s300
IP 142.250.74.161:0
File type PNG image data, 300 x 300, 8-bit/color RGB, non-interlaced\012- data
Hash 151d4fc6da8cbb74ad9959800e147c03
25c2083b99404d85e6bc9774043eedc609ccd0e2
f65d31644a58749400e5cb8dfcb2558fe565685d9d8a423373d25c62fc8b8387
GET /JdCH48oHvoxMHyJqqlKiTozDxciHeo58Ul5XGtYB6VYaUpvfkRZUlEeRjdaq-Z7X2bKPIai00OnGhm-Fng=s300 HTTP/1.1
Host: lh5.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4369
x-xss-protection: 0
date: Mon, 28 Nov 2022 10:47:44 GMT
expires: Mon, 21 Nov 2022 03:33:40 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/3Dsy5pORHfWHWBAVMVRDaM6ZD9YgULuMvvSf3Wcc24XR7Dg257Y3ljHHoVbeys-Hl53_Cf9TrMW8pUsp3CI59bQqEZ0hkGQ=s160
142.250.74.33200 OK 7.3 kB URL HTTP/2 lh3.googleusercontent.com/3Dsy5pORHfWHWBAVMVRDaM6ZD9YgULuMvvSf3Wcc24XR7Dg257Y3ljHHoVbeys-Hl53_Cf9TrMW8pUsp3CI59bQqEZ0hkGQ=s160
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Picasa], baseline, precision 8, 145x160, components 3\012- data
Hash c177cba6928b8a0c7a82dc429fe2c1d0
984dd8177fe78acd76b0cffdd10faab364cabe84
fdf12712eae3a60f206440c7e1da3befe5e061f5507df68f33a7e5d31bdb0801
GET /3Dsy5pORHfWHWBAVMVRDaM6ZD9YgULuMvvSf3Wcc24XR7Dg257Y3ljHHoVbeys-Hl53_Cf9TrMW8pUsp3CI59bQqEZ0hkGQ=s160 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Tue, 29 Nov 2022 10:47:44 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 10:47:44 GMT
server: fife
content-length: 7322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh5.ggpht.com/0dbY9XLqoDziFta-9JKAT6uTNC5LQemEsYEHhgQSdSG0YzIYe6DYFkAr-C7w4TolxShxb6frWWUlzlfTBQ=s300
142.250.74.161200 OK 4.8 kB URL HTTP/2 lh5.ggpht.com/0dbY9XLqoDziFta-9JKAT6uTNC5LQemEsYEHhgQSdSG0YzIYe6DYFkAr-C7w4TolxShxb6frWWUlzlfTBQ=s300
IP 142.250.74.161:0
File type PNG image data, 300 x 300, 8-bit/color RGB, non-interlaced\012- data
Hash a4dafc56cb6637a38e257ed1ba63ede3
e392486eca3bd9451938793b4b937375f9bd8519
c4ad9f53230922b33a0c69701134bde0ab348218bdb4569d47e23a896c4de4a4
GET /0dbY9XLqoDziFta-9JKAT6uTNC5LQemEsYEHhgQSdSG0YzIYe6DYFkAr-C7w4TolxShxb6frWWUlzlfTBQ=s300 HTTP/1.1
Host: lh5.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Tue, 29 Nov 2022 10:47:44 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 10:47:44 GMT
server: fife
content-length: 4759
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/AcO5NmPznbtaWrvp7K0TNwL3Suq3ktj_iw0s0D898_rcaHq0hAtbcmwu1Qixx5jeUnjsuowzu14CI3717uw2pRWFxRzOl6U=s300
142.250.74.33200 OK 76 kB URL HTTP/2 lh3.googleusercontent.com/AcO5NmPznbtaWrvp7K0TNwL3Suq3ktj_iw0s0D898_rcaHq0hAtbcmwu1Qixx5jeUnjsuowzu14CI3717uw2pRWFxRzOl6U=s300
IP 142.250.74.33:0
File type PNG image data, 300 x 135, 8-bit/color RGB, non-interlaced\012- data
Hash b8e78f6bb35df2d68d987584cc016d39
4fe3b126a48ec2a814c456efd5cccf0aa24f83c7
51bcbb8cf218b364260dfdc1c2b26c2678f851a3f6c9c2cb6d13de8a3065ba48
GET /AcO5NmPznbtaWrvp7K0TNwL3Suq3ktj_iw0s0D898_rcaHq0hAtbcmwu1Qixx5jeUnjsuowzu14CI3717uw2pRWFxRzOl6U=s300 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Tue, 29 Nov 2022 10:47:44 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 10:47:44 GMT
server: fife
content-length: 75584
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh4.ggpht.com/-w5wgakEti3jmytTmfyo5e6gWTkFF_dOaYqvDj6y42AREfUgdHD7B5D7iYXgQcow5pokYRfzpWT0MKqqHA=s300
142.250.74.161200 OK 5.5 kB URL HTTP/2 lh4.ggpht.com/-w5wgakEti3jmytTmfyo5e6gWTkFF_dOaYqvDj6y42AREfUgdHD7B5D7iYXgQcow5pokYRfzpWT0MKqqHA=s300
IP 142.250.74.161:0
File type PNG image data, 300 x 300, 8-bit/color RGB, non-interlaced\012- data
Hash 8794f25fdc3c7bbbf671eb0b47a9207c
4dfd021b9ed73a30eab982b4c54c34bc73db1481
695b10fc8a8a5f46a6734de4d3b4798a929b4c241c2e1228284d482fc03db3bd
GET /-w5wgakEti3jmytTmfyo5e6gWTkFF_dOaYqvDj6y42AREfUgdHD7B5D7iYXgQcow5pokYRfzpWT0MKqqHA=s300 HTTP/1.1
Host: lh4.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 5513
x-xss-protection: 0
date: Mon, 28 Nov 2022 07:28:25 GMT
expires: Sun, 20 Nov 2022 21:50:03 GMT
cache-control: public, max-age=86400, no-transform
age: 11959
etag: "v1"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5011c3ae54f0ee02e53eee57d47da352
ad893bb5928ff835231652809cc9af62d5219f0a
d840efa1d29eff50fc07c0c31315c004f60db98e7da8c8a232e40e3595bba0a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:47:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5011c3ae54f0ee02e53eee57d47da352
ad893bb5928ff835231652809cc9af62d5219f0a
d840efa1d29eff50fc07c0c31315c004f60db98e7da8c8a232e40e3595bba0a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 10:47:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.golden-shoes.c1.biz/css/lightbox.css?v=1.5.8d
185.176.43.98200 OK 1.7 kB URL HTTP/1.1 www.golden-shoes.c1.biz/css/lightbox.css?v=1.5.8d
IP 185.176.43.98:0
ASN #44476 Zetta Hosting Solutions LLC.
File type ASCII text, with CRLF line terminators
Hash ec0f7feb3644897708177ce6df8b40e5
e1fc9b6a69d4ec1c8a5af43878a21849a6dadf0b
23d3daa5d89b2aa01b7e0195a5880244221cadf5ecc84294981641dda32a9d50
Analyzer Verdict Alert quad9 Sinkholed
GET /css/lightbox.css?v=1.5.8d HTTP/1.1
Host: www.golden-shoes.c1.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
Cookie: _ga_1TW9Y3E2L0=GS1.1.1669632463.1.0.1669632463.0.0.0; _ga=GA1.1.518063465.1669632463; os_visitor=c1becc1725f9
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 10:47:44 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 04:56:14 GMT
ETag: "6ae-5ec25319ef780"
Accept-Ranges: bytes
Content-Length: 1710
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.golden-shoes.c1.biz/css/effects.css?v=1.5.8d
185.176.43.98200 OK 31 kB URL HTTP/1.1 www.golden-shoes.c1.biz/css/effects.css?v=1.5.8d
IP 185.176.43.98:0
ASN #44476 Zetta Hosting Solutions LLC.
File type ASCII text, with CRLF line terminators
Hash ab3303063a12d483d7243ee789cf2982
b4b5eae648576efca4a77ff71e7cbdf96155a478
6ca1e190c06a9facaf508370778549501a67aa3dca501e2a6fc31f02ed559ee7
Analyzer Verdict Alert quad9 Sinkholed
GET /css/effects.css?v=1.5.8d HTTP/1.1
Host: www.golden-shoes.c1.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
Cookie: _ga_1TW9Y3E2L0=GS1.1.1669632463.1.0.1669632463.0.0.0; _ga=GA1.1.518063465.1669632463; os_visitor=c1becc1725f9
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 10:47:44 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 04:56:14 GMT
ETag: "79fc-5ec25319ef780"
Accept-Ranges: bytes
Content-Length: 31228
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
fonts.googleapis.com/css?family=Libre+Baskerville:400italic
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Libre+Baskerville:400italic
IP 142.250.74.10:0
GET /css?family=Libre+Baskerville:400italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 10:47:43 GMT
date: Mon, 28 Nov 2022 10:47:43 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Inconsolata|Ubuntu+Mono|Fira+Mono
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Inconsolata|Ubuntu+Mono|Fira+Mono
IP 142.250.74.10:0
GET /css?family=Inconsolata|Ubuntu+Mono|Fira+Mono HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 10:47:43 GMT
date: Mon, 28 Nov 2022 10:47:43 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Alef|Amatica+SC|Arimo|Assistant|Cousine|David+Libre|Frank+Ruhl+Libre|Heebo|Miriam+Libre|Rubik:400,500|Secular+One|Suez+One|Tinos|Varela+Round
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Alef|Amatica+SC|Arimo|Assistant|Cousine|David+Libre|Frank+Ruhl+Libre|Heebo|Miriam+Libre|Rubik:400,500|Secular+One|Suez+One|Tinos|Varela+Round
IP 142.250.74.10:0
GET /css?family=Alef|Amatica+SC|Arimo|Assistant|Cousine|David+Libre|Frank+Ruhl+Libre|Heebo|Miriam+Libre|Rubik:400,500|Secular+One|Suez+One|Tinos|Varela+Round HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 10:47:43 GMT
date: Mon, 28 Nov 2022 10:47:43 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Josefin+Slab
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Josefin+Slab
IP 142.250.74.10:0
GET /css?family=Josefin+Slab HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 10:47:43 GMT
date: Mon, 28 Nov 2022 10:47:43 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto
IP 142.250.74.10:0
GET /css?family=Roboto HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 10:47:43 GMT
date: Mon, 28 Nov 2022 10:47:43 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/iframe_api
142.250.74.46200 OK 0 B URL HTTP/2 www.youtube.com/iframe_api
IP 142.250.74.46:0
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.golden-shoes.c1.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Mon, 28 Nov 2022 10:47:43 GMT
date: Mon, 28 Nov 2022 10:47:43 GMT
cache-control: private, max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=a-USIz9QcxM; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=EGJRdM20OeY; Domain=.youtube.com; Expires=Sat, 27-May-2023 10:47:43 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+506; expires=Wed, 27-Nov-2024 10:47:42 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2