Overview

URLgyswhwuknmgszvuuizpr5973248354.blogspot.com/heatwell
IP 172.217.21.161 (United States)
ASN#15169 GOOGLE
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Access lock_open
Report completed2022-11-29 19:04:01 UTC
StatusLoading report..
IDS alerts0
Blocklist alert2
urlquery alerts No alerts detected
Tags None

Domain Summary (23)

Fully Qualifying Domain Name Rank First Seen Last Seen Sent bytes Received bytes IP Comment
gyswhwuknmgszvuuizpr5973248354.blogspot.com (2) 0 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 864 16216 172.217.21.161
r3.o.lencr.org (7) 344 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 2366 6203 95.101.11.115
content-signature-2.cdn.mozilla.net (1) 1152 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 413 5844 34.160.144.191
push.services.mozilla.com (1) 2140 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 606 127 52.43.253.52
tikiz.shop (2) 0 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 1009 651 198.54.126.24
thebestofferx.shop (21) 0 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 11671 389125 198.54.120.24
www.clarity.ms (2) 1404 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 767 1133 13.107.219.53
ocsp.digicert.com (2) 86 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 682 1594 93.184.220.29
firefox.settings.services.mozilla.com (2) 867 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 782 2374 34.102.187.140
ocsp.pki.goog (7) 175 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 2401 4898 216.58.211.3
img-getpocket.cdn.mozilla.net (7) 1631 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 3800 63836 34.120.237.76
fonts.googleapis.com (1) 8877 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 422 1964 142.250.74.138
www.googletagmanager.com (1) 75 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 384 89326 142.250.74.168
dev.visualwebsiteoptimizer.com (3) 5085 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 1515 55994 34.96.102.137
b.clarity.ms (3) 3462 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 1372 861 20.75.32.255
ctrwow-prod-analytics-socketserver.azurewebsites.net (1) 448469 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 620 606 52.176.5.241
contile.services.mozilla.com (1) 1114 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 333 229 34.117.237.239
ocsp.sectigo.com (2) 487 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 680 1927 104.18.32.68
fonts.gstatic.com (1) 0 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 506 45804 216.58.207.227
ocsp.starfieldtech.com (2) 6616 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 692 4706 192.124.249.36
c.clarity.ms (2) 803 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 849 1185 20.234.93.27
c.bing.com (1) 247 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 474 795 13.107.21.200
d16hdrba6dusey.cloudfront.net (1) 0 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 394 501 54.230.245.93

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-29 medium tikiz.shop Sinkholed
2022-11-29 medium tikiz.shop Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.217.21.161
Date UQ / IDS / BL URL IP
2023-06-02 03:05:16 UTC 0 - 0 - 2 convictconviction1612.blogspot.com.au/2011/10 (...) 172.217.21.161
2023-06-02 03:01:49 UTC 0 - 0 - 1 gshssndff.blogspot.com.uy/ 172.217.21.161
2023-06-02 02:51:31 UTC 0 - 0 - 3 fessdgsgrghzrgr.blogspot.am/ 172.217.21.161
2023-06-02 02:51:18 UTC 0 - 1 - 4 dsfewsfzxdfcasd.blogspot.sg/ 172.217.21.161
2023-06-02 02:47:34 UTC 0 - 1 - 0 11o2.blogspot.ru/search/label/Tut 172.217.21.161


Last 5 reports on ASN: GOOGLE
Date UQ / IDS / BL URL IP
2023-06-02 03:05:16 UTC 0 - 0 - 2 convictconviction1612.blogspot.com.au/2011/10 (...) 172.217.21.161
2023-06-02 03:01:49 UTC 0 - 0 - 1 gshssndff.blogspot.com.uy/ 172.217.21.161
2023-06-02 02:51:31 UTC 0 - 0 - 3 fessdgsgrghzrgr.blogspot.am/ 172.217.21.161
2023-06-02 02:51:18 UTC 0 - 1 - 4 dsfewsfzxdfcasd.blogspot.sg/ 172.217.21.161
2023-06-02 02:47:42 UTC 0 - 2 - 0 ww6.achievegrow.top/ 35.186.238.101


Last 1 reports on domain: gyswhwuknmgszvuuizpr5973248354.blogspot.com
Date UQ / IDS / BL URL IP
2022-11-29 19:04:01 UTC 0 - 0 - 2 gyswhwuknmgszvuuizpr5973248354.blogspot.com/h (...) 172.217.21.161


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-11-30 08:35:58 UTC 0 - 0 - 2 alukejtiyyxemmefvnum7360369215.blogspot.com/h (...) 172.217.21.161
2022-11-30 00:15:27 UTC 0 - 0 - 2 rctbycyhstznbjumyjpo3479703946.blogspot.com/h (...) 172.217.21.161
2022-11-29 23:30:31 UTC 0 - 0 - 2 lahjucftvhguecopprcb9078651572.blogspot.com/h (...) 172.217.21.161
2022-11-29 21:14:11 UTC 0 - 0 - 2 adslivqbjnmmlzucmcfk4034942036.blogspot.com/h (...) 172.217.21.161
2022-11-29 19:28:33 UTC 0 - 0 - 2 pkzxnqhvylnrngbwuhtg2772926225.blogspot.com/h (...) 172.217.21.161

JavaScript

Executed Scripts (27)

Executed Evals (3)
#1 JavaScript::Eval (size: 81) - SHA256: 9d6477d7d4cec4312cef8dab92f251323fa2011ebda11b1f297d7015b911acb6
(_vwo_s().f_e(_vwo_s().dt(), 'desktop') || _vwo_s().f_e(_vwo_s().dt(), 'tablet'))
#2 JavaScript::Eval (size: 39) - SHA256: ef5292ff8788d5be313b9a0df4b4962f5c6093dd2d6352250e4a116686b0af9d
(_vwo_s().f_e(_vwo_s().dt(), 'mobile'))
#3 JavaScript::Eval (size: 40) - SHA256: d3fb2d22c30b3751fa16f86b8a324c07dd596af88f317aa9668c37c092120c45
((((_vwo_s().f_e(_vwo_s().Co(), 'US')))))

Executed Writes (0)


HTTP Transactions (73)


Request Response
                                        
                                            GET /heatwell HTTP/1.1 
Host: gyswhwuknmgszvuuizpr5973248354.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                        
                                             172.217.21.161
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                            
Location: https://gyswhwuknmgszvuuizpr5973248354.blogspot.com/heatwell
Content-Encoding: gzip
Date: Tue, 29 Nov 2022 19:03:50 GMT
Expires: Tue, 29 Nov 2022 19:03:50 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 205
Server: GSE


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   205
Md5:    6bab8f61c931c4be4809b00bd2d483ea
Sha1:   36fb81fee9dfa135103a1989c2da7311b91208f6
Sha256: 68f624be8887e1122e5b59f4687e5ead2faf459322754ca655185729eb23bc37
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10913
Expires: Tue, 29 Nov 2022 22:05:43 GMT
Date: Tue, 29 Nov 2022 19:03:50 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Accept-Ranges: bytes
Age: 3015
Cache-Control: max-age=145056
Date: Tue, 29 Nov 2022 19:03:50 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 11:21:26 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4961
Expires: Tue, 29 Nov 2022 20:26:31 GMT
Date: Tue, 29 Nov 2022 19:03:50 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                            
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 18:19:38 GMT
cache-control: public,max-age=3600
age: 2652
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                            
x-amz-id-2: R8oMlG2NnRs3PYzEmXKTGjjaBH0syHMKhkD9Pi+KSvHWIdUj7lUgabrvsIm6lO19fAI3U1lNsck=
x-amz-request-id: 2EX2M0E1VZT4T0XC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 18:44:55 GMT
age: 1135
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Tue, 29 Nov 2022 19:03:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                            
server: nginx
date: Tue, 29 Nov 2022 19:03:50 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                            
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 18:08:56 GMT
cache-control: public,max-age=3600
age: 3295
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /heatwell HTTP/1.1 
Host: gyswhwuknmgszvuuizpr5973248354.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                        
                                             172.217.21.161
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                            
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 29 Nov 2022 19:03:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 15014
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (6565)
Size:   15014
Md5:    e031b4676a313639047b85aaad0cdf5b
Sha1:   4e27077921ee3228c40f66246094dd5d0ecae92c
Sha256: 22bee56819f26ed13be810db48f1ef4f72f5e006d9f4bc3d6e1568673e4497a2
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Tue, 29 Nov 2022 19:03:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Accept-Ranges: bytes
Age: 2318
Cache-Control: max-age=139295
Date: Tue, 29 Nov 2022 19:03:51 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 09:45:26 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ld3z70ae3AvlC8zbWRZfow==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                        
                                             52.43.253.52
HTTP/1.1 101 Switching Protocols
                                            
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: liLJ6W5GLoHt2HHfAx7ouTBFCrA=

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Tue, 29 Nov 2022 19:03:51 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 03:52:24 GMT
Expires: Sun, 04 Dec 2022 03:52:23 GMT
Etag: "36ca5bf04693acc6c4ef60ac08fdc7edf30fd3ec"
Cache-Control: max-age=376711,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771d9b13aa121bfa-OSL

                                        
                                            GET /heatwell HTTP/1.1 
Host: tikiz.shop
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gyswhwuknmgszvuuizpr5973248354.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                        
                                             198.54.126.24
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                            
x-powered-by: PHP/7.2.34
x-redirect-by: WordPress
location: https://tikiz.shop/heatwell/
x-litespeed-cache: hit
content-length: 0
date: Tue, 29 Nov 2022 19:03:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Blocklists:
  - quad9: Sinkholed
                                        
                                            GET /heatwell/ HTTP/1.1 
Host: tikiz.shop
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gyswhwuknmgszvuuizpr5973248354.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             198.54.126.24
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                            
x-powered-by: PHP/7.2.34
x-redirect-by: WordPress
location: https://thebestofferx.shop/heatwellshop/en/presale.html
x-litespeed-cache: hit
content-length: 0
date: Tue, 29 Nov 2022 19:03:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Blocklists:
  - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Tue, 29 Nov 2022 19:03:52 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 14:50:24 GMT
Expires: Sat, 03 Dec 2022 14:50:23 GMT
Etag: "b09db8d58a512c2384cf5ea4a080d8459a086800"
Cache-Control: max-age=329790,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771d9b1969be1bfa-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2994
Expires: Tue, 29 Nov 2022 19:53:46 GMT
Date: Tue, 29 Nov 2022 19:03:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2994
Expires: Tue, 29 Nov 2022 19:53:46 GMT
Date: Tue, 29 Nov 2022 19:03:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9123
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 19:03:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2994
Expires: Tue, 29 Nov 2022 19:53:46 GMT
Date: Tue, 29 Nov 2022 19:03:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9123
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 19:03:52 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 10176
x-amzn-requestid: 768fc69c-e91b-4dd9-8add-63634762b2d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpbgEFOIAMF71A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bc49-21756db31c4714af0553f21b;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:12:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jS-AS3x8V3XacXRNkU63UJjBxA6unvBer5WcxUYseR5p4eZPK64o2g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:52:21 GMT
age: 51091
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10176
Md5:    03014221d7f49b50ffc2d1b0a0e75457
Sha1:   772d86ad983042a728ee3490630a9cf1134ad0dd
Sha256: 81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:01:17 GMT
age: 57755
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4916
Md5:    83c1fedec73299637cc7dc47c48af758
Sha1:   2e3f7326aeea6be8a34bf2c39b34862c07bfdc41
Sha256: 1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 9203
x-amzn-requestid: 8cba52d6-3c1c-495c-bb9d-3ba6f0adc7e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cHcHmGmQoAMF6dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fa6fd-73abfa592ff223061401af9a;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 17:16:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UmhWm03jrsV8dFagrzIA0E-8eL8dykoO5kw3cYOBd172dCGqNdAX-Q==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:05:38 GMT
age: 53894
etag: "433061bbb226048765a711deca3026ee3e52372f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9203
Md5:    5d574c4db20a68295dbd06cb08f5990b
Sha1:   433061bbb226048765a711deca3026ee3e52372f
Sha256: 8cc1a4d18e242f8bfc8ab94637f635b73554b903462c29b06d0ec67872542afb
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ibLuLI6j9EWh0dgk51O7kiPBRyURZ0UdNtlgbBD-SXnDg_GT_tJm8Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 02:55:32 GMT
age: 58100
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9430
Md5:    1f434933b5bd6377d299ada22d1ae7ef
Sha1:   075531f525e625b117b2497f31139c9824d0e9c5
Sha256: b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 4417
x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnGEcRIAMFaXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jb1eLyzn88lV_UTId-Fl3OnftDn8c7o5j8d16_nzHCNST_68MZ1pvA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:50:08 GMT
age: 76424
etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4417
Md5:    a2a5c8d4113d282600462749315f2c4f
Sha1:   e2b4d2e15bb7c086333c0da438873e4c139ba931
Sha256: 9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 9376
x-amzn-requestid: c52b3092-90d2-4289-b6e0-ab99c9d4710a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPmz3EVUoAMFWUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382eb4b-39f46c89238eff696e9f2dba;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 04:44:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ofQEhaEiX1vE25a_1xHeab9Px9zgGpk8omlX_aHmLE1oN1aZTPzWxQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:58:57 GMT
age: 75895
etag: "28c165bac8cf68cd1b0763c311aece00672cb3a5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9376
Md5:    cce27a1fe8c0222811a5ce0e7f89e1cb
Sha1:   28c165bac8cf68cd1b0763c311aece00672cb3a5
Sha256: 4530e34a47ef78c2c2b0d34a0511253a61f1927b192ab42f82361002ff10819e
                                        
                                            GET /heatwellshop/en/presale.html HTTP/1.1 
Host: thebestofferx.shop
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gyswhwuknmgszvuuizpr5973248354.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                        
                                             198.54.120.24
HTTP/2 200 OK
content-type: text/html
                                            
last-modified: Thu, 03 Nov 2022 21:28:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 14315
date: Tue, 29 Nov 2022 19:03:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (56171)
Size:   14315
Md5:    a0654cb6f53339818f8fc33e52d58855
Sha1:   8f9da6d91b8e281d6cb5f6265ca1ddd2766bff82
Sha256: c1d955cb150f2dc17f9e45666b980726b1e9f44814d759986955d7a8cacf7820
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Tue, 29 Nov 2022 19:03:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css?family=Open+Sans:300,400,600,700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             142.250.74.138
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                            
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 19:03:53 GMT
date: Tue, 29 Nov 2022 19:03:53 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1218
Md5:    ea848861fc2732d385e95a940a84f844
Sha1:   3709bce1f6f35d8e8e86fad4785b99bd56ce54f1
Sha256: f5495b5832380a1383ff7e4fe155a85809d58a93deefc8f1c3bfb8e33204a826
                                        
                                            GET /heatwellshop/en/assets/js/modernizr-custome4c3.js?v=1666085607204 HTTP/1.1 
Host: thebestofferx.shop
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             198.54.120.24
HTTP/2 200 OK
content-type: application/javascript
                                            
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 19:03:53 GMT
last-modified: Thu, 27 Oct 2022 13:54:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1552
date: Tue, 29 Nov 2022 19:03:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4277)
Size:   1552
Md5:    9c74f2e5dc813498595bc50eee6265d0
Sha1:   086ce2e94c15ceabde6a1b47bf0df1f9566172c2
Sha256: dac9d5fc489299c2e574e47789aaa4100703e29132dd696cb23f07516398504c
                                        
                                            GET /heatwellshop/en/assets/js/jquery-3.4.1.mine4c3.js?v=1666085607204 HTTP/1.1 
Host: thebestofferx.shop
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             198.54.120.24
HTTP/2 200 OK
content-type: application/javascript
                                            
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 19:03:53 GMT
last-modified: Wed, 02 Nov 2022 19:28:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30047
date: Tue, 29 Nov 2022 19:03:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   30047
Md5:    fb2fa79a9c7027aa0e9dd8b23a607d29
Sha1:   1f254951fbbbf3490feef1a8eb28d1cdb1c35258
Sha256: d43f300aa3d25a8f356e19496df590a60a2e23c09d4d768c40fc68a9ad1c96b6
                                        
                                            GET /heatwellshop/en/assets/js/blazy.mine4c3.js?v=1666085607204 HTTP/1.1 
Host: thebestofferx.shop
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             198.54.120.24
HTTP/2 200 OK
content-type: application/javascript
                                            
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 19:03:53 GMT
last-modified: Thu, 27 Oct 2022 13:54:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1886
date: Tue, 29 Nov 2022 19:03:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4991)
Size:   1886
Md5:    f40399ebe2ac5cde650cdf5db17c30cd
Sha1:   91d3f734596f0ff6b5c22974383e3951d37f2590
Sha256: 82c12bac3b3114555a894d18fc9edfc4a43c7ed4f27ca7910eb8262987172455
                                        
                                            GET /heatwellshop/en/assets/js/ctrwowUtils-v2.10.0.mine4c3.js?v=1666085607204 HTTP/1.1 
Host: thebestofferx.shop
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             198.54.120.24
HTTP/2 200 OK
content-type: application/javascript
                                            
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 19:03:53 GMT
last-modified: Thu, 27 Oct 2022 13:54:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10702
date: Tue, 29 Nov 2022 19:03:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (34825), with no line terminators
Size:   10702
Md5:    771daf4ffb50fb645b9695ab87871b99
Sha1:   383490df1fef483db04f6ada04431abf5d062220
Sha256: 04f9519c67d1cf649d1248a89662f4a22ea7a4563f671c1f09a0fc39f63382a0
                                        
                                            GET /heatwellshop/en/assets/css/presale-1e4c3.css?v=1666085607204 HTTP/1.1 
Host: thebestofferx.shop
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             198.54.120.24
HTTP/2 200 OK
content-type: text/css
                                            
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 19:03:53 GMT
last-modified: Tue, 18 Oct 2022 20:34:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4195
date: Tue, 29 Nov 2022 19:03:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (22999), with no line terminators
Size:   4195
Md5:    04eb3aa9db90c6361c7413bfc67c3107
Sha1:   93db43a18cf24c6fe1d02c5471bb4cc7f08d25c4
Sha256: 03e72c99ad5bb0a8f36ce03711d84285be23541d1e2c8730b379b89681dc8eb2
                                        
                                            GET /heatwellshop/en/assets/js/CTR_FP_TRACKING-v2.7.0.mine4c3.js?v=1666085607204 HTTP/1.1 
Host: thebestofferx.shop
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             198.54.120.24
HTTP/2 200 OK
content-type: application/javascript
                                            
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 19:03:53 GMT
last-modified: Thu, 27 Oct 2022 13:54:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 13292
date: Tue, 29 Nov 2022 19:03:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (48812), with no line terminators
Size:   13292
Md5:    98b0290391715d703fce6572e08ae88c
Sha1:   1e66a91bf6f13b5a7d4c6acc3677f3a786565454
Sha256: 162cdc90b6c8d80d3a538637e26aa204670849219415526bbc276add43a3a88a
                                        
                                            GET /heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/6770408f-524d-4080-bdef-397ab4c5d57d/1.jpg.webp HTTP/1.1 
Host: thebestofferx.shop
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             198.54.120.24
HTTP/2 200 OK
content-type: image/webp
                                            
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 19:03:53 GMT
last-modified: Thu, 03 Nov 2022 00:35:00 GMT
accept-ranges: bytes
content-length: 32562
date: Tue, 29 Nov 2022 19:03:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 730x457, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   32562
Md5:    f9f203a540537087c75368474399701b
Sha1:   64ec0becee7c82fda3c40106fcba612e30017cad
Sha256: bc301cc816e8d9f38449d13a5435c04c15c3ecfcba72017cb8af9b22d81111df
                                        
                                            GET /d16hdrba6dusey.cloudfront.net/sitecommon/js/components/blueshift_wow_v13860.js?v=1 HTTP/1.1 
Host: thebestofferx.shop
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             198.54.120.24
HTTP/2 404 Not Found
content-type: text/html
                                            
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-length: 1238
date: Tue, 29 Nov 2022 19:03:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   1238
Md5:    0bde7d4b3da67537eaf9188e6f8049cf
Sha1:   64300fc482d01d38b40ab20e15960b6509665e5a
Sha256: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
                                        
                                            GET /heatwellshop/en/assets/js/presale-1e4c3.js?v=1666085607204 HTTP/1.1 
Host: thebestofferx.shop
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             198.54.120.24
HTTP/2 200 OK
content-type: application/javascript
                                            
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 19:03:53 GMT
last-modified: Tue, 18 Oct 2022 20:34:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4238
date: Tue, 29 Nov 2022 19:03:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13830)
Size:   4238
Md5:    350d73b5b728ef33215d3381058cd95f
Sha1:   1e484f9e961acc5a38547a96c2865e2c9ef0b856
Sha256: 620e2407ad25caa12ef2e26ff8fadccf0a4ca04dbeb45e72bbc06f255f12ec65
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Tue, 29 Nov 2022 19:03:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thebestofferx.shop
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                            
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:52:41 GMT
expires: Tue, 28 Nov 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 87072
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size:   44856
Md5:    565ce506190ad3af920b40baf1794cec
Sha1:   ad3cba5d06100e09449a864d3b5e58403b478b3d
Sha256: 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Tue, 29 Nov 2022 19:03:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /d16hdrba6dusey.cloudfront.net/sitecommon/js/components/blueshift_wow_v13860.js?v=1 HTTP/1.1 
Host: thebestofferx.shop
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             198.54.120.24
HTTP/2 404 Not Found
content-type: text/html
                                            
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-length: 1238
date: Tue, 29 Nov 2022 19:03:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   1238
Md5:    0bde7d4b3da67537eaf9188e6f8049cf
Sha1:   64300fc482d01d38b40ab20e15960b6509665e5a
Sha256: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Tue, 29 Nov 2022 19:03:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtm.js?id=GTM-5W4SPMQ HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                            
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 19:03:53 GMT
expires: Tue, 29 Nov 2022 19:03:53 GMT
cache-control: private, max-age=900
last-modified: Tue, 29 Nov 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88563
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (63044)
Size:   88563
Md5:    115bdaf4d35fe63f229e8bd9992d575f
Sha1:   828c0d4550124034cb56476413a2e14e51346b49
Sha256: 5bb5d7cc50b736378334e6fa41c14d6c979ab46971227bdd37e4f5cb38d231e5
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Tue, 29 Nov 2022 19:03:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/f9409c8c-72ac-4ac6-80d9-678659824163/avenir-next-bold.ttf HTTP/1.1 
Host: thebestofferx.shop
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             198.54.120.24
HTTP/2 200 OK
content-type: font/ttf
                                            
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 19:03:53 GMT
last-modified: Thu, 27 Oct 2022 13:57:40 GMT
accept-ranges: bytes
content-length: 79184
date: Tue, 29 Nov 2022 19:03:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, 15 tables, 1st "FFTM", 32 names, Macintosh\012- data
Size:   79184
Md5:    39ef9af43b318a2b594c73ff402efa92
Sha1:   d4d9939986fe750feac1cad1cbcada5c025e8463
Sha256: e887d77d6100d4dbb180d336ee220e5b27623ec39514263f1c051fcf4c5b3788
                                        
                                            GET /heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/46c27627-d9c0-4583-84af-af37a2ccefee/avenir-next-regular.ttf HTTP/1.1 
Host: thebestofferx.shop
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             198.54.120.24
HTTP/2 200 OK
content-type: font/ttf
                                            
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 19:03:53 GMT
last-modified: Thu, 27 Oct 2022 13:57:46 GMT
accept-ranges: bytes
content-length: 79484
date: Tue, 29 Nov 2022 19:03:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, 15 tables, 1st "FFTM", 30 names, Macintosh\012- data
Size:   79484
Md5:    1c25c8052b1b35bcf1548f1ce8d28a60
Sha1:   b54e3935ef9882bfb6f3880a5077266d979d0987
Sha256: 2d62d3f3b86d29eee4b34c86178b1283e349c220913b81e3a99c8d091e99323b
                                        
                                            GET /heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/204e7a98-f905-4543-9992-b3a1383ec3b6/logo.png.webp HTTP/1.1 
Host: thebestofferx.shop
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             198.54.120.24
HTTP/2 200 OK
content-type: image/webp
                                            
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 19:03:53 GMT
last-modified: Thu, 03 Nov 2022 00:33:36 GMT
accept-ranges: bytes
content-length: 2820
date: Tue, 29 Nov 2022 19:03:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   2820
Md5:    0098bfb22b2000f5af0d760bcfd0a307
Sha1:   65a3fcf3e75da9fbb73a98fae564fd1f129a2c1f
Sha256: a7b5bad86da94d612be69cd189552d48cd5e77adc9e58691cc0c12f9ff3811e2
                                        
                                            GET /heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/167a5eb4-38cc-4e8d-bd65-3f492bcdf04d/side.jpg.webp HTTP/1.1 
Host: thebestofferx.shop
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             198.54.120.24
HTTP/2 200 OK
content-type: image/webp
                                            
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 19:03:53 GMT
last-modified: Thu, 03 Nov 2022 00:34:24 GMT
accept-ranges: bytes
content-length: 19012
date: Tue, 29 Nov 2022 19:03:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 200x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   19012
Md5:    475bc3565e00d8b83959290cba0a3306
Sha1:   44ee9515b50372e0e0a995d4d44e641f93db8ed5
Sha256: f50da356c5b9f1e9869a99dcd1f5f46042cf16d5093c33878b7f53fd16282de4
                                        
                                            GET /heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/cff1c68d-d98b-4dc9-a0eb-21b543745b86/avenir-next-demi.ttf HTTP/1.1 
Host: thebestofferx.shop
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             198.54.120.24
HTTP/2 200 OK
content-type: font/ttf
                                            
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 19:03:53 GMT
last-modified: Wed, 02 Nov 2022 19:29:56 GMT
accept-ranges: bytes
content-length: 80552
date: Tue, 29 Nov 2022 19:03:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, 15 tables, 1st "FFTM", 32 names, Macintosh\012- data
Size:   80552
Md5:    18c0b77e664800698055afd9a2a96039
Sha1:   88e4fe55959fe7396caf1bdb74234bb1b4261bde
Sha256: debd123b89383ea6bf80946b177506f744d3ba673169bf480dee212c05627015
                                        
                                            GET /heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/bf18bc55-581e-4fc4-9c54-426cdfb4be8d/shape-1-.png.webp HTTP/1.1 
Host: thebestofferx.shop
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             198.54.120.24
HTTP/2 404 Not Found
content-type: text/html
                                            
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-length: 1238
date: Tue, 29 Nov 2022 19:03:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   1238
Md5:    0bde7d4b3da67537eaf9188e6f8049cf
Sha1:   64300fc482d01d38b40ab20e15960b6509665e5a
Sha256: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
                                        
                                            POST / HTTP/1.1 
Host: ocsp.starfieldtech.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             192.124.249.36
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 19:03:54 GMT
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 28 Nov 2022 20:25:00 GMT
Expires: Tue, 29 Nov 2022 20:25:00 GMT
ETag: "97b29d006362e36bb18cf9b2aa803fd9e8da9630"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1845
Md5:    222d3287f8fae76914da92439a46447d
Sha1:   97b29d006362e36bb18cf9b2aa803fd9e8da9630
Sha256: 154ee35431f84dbda1ee10cdbb461207805d52ae934dd90baf53d93de2f7ec20
                                        
                                            GET /heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/cee6e83b-3eea-4920-90b4-765d04bbc7fc/favicon-2259852a-6926-4536-962f-0739fc1088ab.ico HTTP/1.1 
Host: thebestofferx.shop
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Cookie: _gcl_au=1.1.580604661.1669748633
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             198.54.120.24
HTTP/2 200 OK
content-type: image/x-icon
                                            
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 19:03:54 GMT
last-modified: Wed, 02 Nov 2022 19:29:36 GMT
accept-ranges: bytes
content-length: 1150
date: Tue, 29 Nov 2022 19:03:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size:   1150
Md5:    3694ff48f7c02658640efb606986ef29
Sha1:   0981297f906ad19ab4cbeb2e5a4c5497aa250e0e
Sha256: 25ddba2a7a49cf269dc3a81be6b32d43f002485989217aaece9c7dbcc379e78f
                                        
                                            GET /heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/bf18bc55-581e-4fc4-9c54-426cdfb4be8d/shape-1-.png.webp HTTP/1.1 
Host: thebestofferx.shop
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Cookie: _gcl_au=1.1.580604661.1669748633
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             198.54.120.24
HTTP/2 404 Not Found
content-type: text/html
                                            
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-length: 1238
date: Tue, 29 Nov 2022 19:03:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   1238
Md5:    0bde7d4b3da67537eaf9188e6f8049cf
Sha1:   64300fc482d01d38b40ab20e15960b6509665e5a
Sha256: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
                                        
                                            GET /web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-b82b2d5d1466816c0a27a49086c03744.js HTTP/1.1 
Host: dev.visualwebsiteoptimizer.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thebestofferx.shop
Connection: keep-alive
Referer: https://thebestofferx.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             34.96.102.137
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                            
date: Tue, 29 Nov 2022 19:03:54 GMT
content-length: 49311
last-modified: Tue, 29 Nov 2022 12:19:57 GMT
content-encoding: br
etag: "6385f8ed-c09f"
server: gams1
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (47951)
Size:   49311
Md5:    6ec527febb3686411723ebf5bb91755d
Sha1:   3115c467d17f9886191a52ba44312a98b5799fa3
Sha256: a1f7ff41bb727f0243cb26c7ba1d3258c7318033f89f37be3888e072d60aae9b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.starfieldtech.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             192.124.249.36
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 19:03:54 GMT
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 28 Nov 2022 20:25:00 GMT
Expires: Tue, 29 Nov 2022 20:25:00 GMT
ETag: "97b29d006362e36bb18cf9b2aa803fd9e8da9630"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1845
Md5:    222d3287f8fae76914da92439a46447d
Sha1:   97b29d006362e36bb18cf9b2aa803fd9e8da9630
Sha256: 154ee35431f84dbda1ee10cdbb461207805d52ae934dd90baf53d93de2f7ec20
                                        
                                            GET /v.gif?cd=0&a=463962&d=thebestofferx.shop&u=D6F5AC110EB9766DD73AC682299E84934&h=83d28bff5fb849031a799493d5a80a99&t=false&r=0.06167323713329009 HTTP/1.1 
Host: dev.visualwebsiteoptimizer.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             34.96.102.137
HTTP/2 200 OK
content-type: image/gif
                                            
date: Tue, 29 Nov 2022 19:03:54 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
expires: Mon, 10 Jan 2005 00:00:01 GMT
pragma: no-cache
x-content-type-options: nosniff
content-length: 35
server: gnv1c
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /www.googletagmanager.com/gtm5445.html?id=GTM-54874MQ HTTP/1.1 
Host: thebestofferx.shop
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Cookie: _gcl_au=1.1.580604661.1669748633; _vwo_uuid_v2=D6F5AC110EB9766DD73AC682299E84934|83d28bff5fb849031a799493d5a80a99; _clck=hvsqxp|1|f6z|0; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _vwo_uuid=D6F5AC110EB9766DD73AC682299E84934; _vwo_ds=3%241669748634%3A86.13258544%3A%3A; _vwo_sn=0%3A1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             198.54.120.24
HTTP/2 404 Not Found
content-type: text/html
                                            
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-length: 1238
date: Tue, 29 Nov 2022 19:03:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   1238
Md5:    0bde7d4b3da67537eaf9188e6f8049cf
Sha1:   64300fc482d01d38b40ab20e15960b6509665e5a
Sha256: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
                                        
                                            GET /j.php?a=463962&u=https%3A%2F%2Fthebestofferx.shop%2Fheatwellshop%2Fen%2Fpresale.html&f=1&r=0.5730992171477982 HTTP/1.1 
Host: dev.visualwebsiteoptimizer.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             34.96.102.137
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                            
date: Tue, 29 Nov 2022 19:03:54 GMT
vary: Accept-Encoding
cache-control: public, max-age=0, no-cache, must-revalidate
etag: W/"1669744938"
server: gams1
timing-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5123
Md5:    a8b1f0f46eafaf06f4fe72069c062315
Sha1:   b709f81ce180f13a5e799cf2396f276877a40880
Sha256: 101b92b35f4a29564a68c9978652201e4112172912467886516c7a432a80d22a
                                        
                                            GET /c.gif HTTP/1.1 
Host: c.clarity.ms
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             20.234.93.27
HTTP/2 302 Found
                                            
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=E665F6B1AE40473C88B14B7CFDADE53F&RedC=c.clarity.ms&MXFR=2C11B14A1EC36BAC169DA3211AC36529
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure; MUID=2C11B14A1EC36BAC169DA3211AC36529; domain=.clarity.ms; expires=Sun, 24-Dec-2023 19:03:55 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Tue, 29 Nov 2022 19:03:54 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /heatwellshop/en/assets/image/2bc8e588-69d0-4f7e-b753-a728b316efda/630c4448b06f10107c236678/bf18bc55-581e-4fc4-9c54-426cdfb4be8d/shape-1-.png.webp HTTP/1.1 
Host: thebestofferx.shop
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/heatwellshop/en/presale.html
Cookie: _gcl_au=1.1.580604661.1669748633; _vwo_uuid_v2=D6F5AC110EB9766DD73AC682299E84934|83d28bff5fb849031a799493d5a80a99; _clck=hvsqxp|1|f6z|0; _vis_opt_s=1%7C; _vis_opt_test_cookie=1; _vwo_uuid=D6F5AC110EB9766DD73AC682299E84934; _vwo_ds=3%241669748634%3A86.13258544%3A%3A; _vwo_sn=0%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             198.54.120.24
HTTP/2 404 Not Found
content-type: text/html
                                            
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-length: 1238
date: Tue, 29 Nov 2022 19:03:55 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   1238
Md5:    0bde7d4b3da67537eaf9188e6f8049cf
Sha1:   64300fc482d01d38b40ab20e15960b6509665e5a
Sha256: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
                                        
                                            GET /c.gif?CtsSyncId=E665F6B1AE40473C88B14B7CFDADE53F&RedC=c.clarity.ms&MXFR=2C11B14A1EC36BAC169DA3211AC36529 HTTP/1.1 
Host: c.bing.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thebestofferx.shop/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             13.107.21.200
HTTP/2 302 Found
                                            
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=E665F6B1AE40473C88B14B7CFDADE53F&MUID=0230E3853F8F6EAD0F2CF1EE3E7A6F8D
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=0230E3853F8F6EAD0F2CF1EE3E7A6F8D; domain=c.bing.com; expires=Sun, 24-Dec-2023 19:03:55 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F6C9FFC62D83453099ED01711123D06B Ref B: OSL30EDGE0206 Ref C: 2022-11-29T19:03:55Z
date: Tue, 29 Nov 2022 19:03:55 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /c.gif?CtsSyncId=E665F6B1AE40473C88B14B7CFDADE53F&MUID=0230E3853F8F6EAD0F2CF1EE3E7A6F8D HTTP/1.1 
Host: c.clarity.ms
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thebestofferx.shop/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             20.234.93.27
HTTP/2 200 OK
content-type: image/gif
                                            
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ranges: bytes
etag: "40db785d3fdfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Tue, 29-Nov-2022 19:13:55 GMT; path=/; SameSite=None; Secure;
date: Tue, 29 Nov 2022 19:03:54 GMT
content-length: 42
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    32023bb33cfb2a1990a4ef2d85b6ac16
Sha1:   23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
Sha256: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
                                        
                                            POST /collect HTTP/1.1 
Host: b.clarity.ms
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 722
Origin: https://thebestofferx.shop
Connection: keep-alive
Referer: https://thebestofferx.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             20.75.32.255
HTTP/2 204 No Content
                                            
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://thebestofferx.shop
access-control-allow-credentials: true
date: Tue, 29 Nov 2022 19:03:54 GMT
X-Firefox-Spdy: h2

                                        
                                            POST /collect HTTP/1.1 
Host: b.clarity.ms
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 84872
Origin: https://thebestofferx.shop
Connection: keep-alive
Referer: https://thebestofferx.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             20.75.32.255
HTTP/2 204 No Content
                                            
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://thebestofferx.shop
access-control-allow-credentials: true
date: Tue, 29 Nov 2022 19:03:54 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /?trackingId=630c4448b06f10107c236678 HTTP/1.1 
Host: ctrwow-prod-analytics-socketserver.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://thebestofferx.shop
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: miQG+Bqu2bZqjO3yWhJI1Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                        
                                             52.176.5.241
HTTP/1.1 101 Switching Protocols
                                            
Connection: Upgrade
Date: Tue, 29 Nov 2022 19:03:56 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: ARRAffinity=65f2f8bcc12e100e49d579aa6976195f0becca74103831531893092486430423;Path=/;HttpOnly;Secure;Domain=ctrwow-prod-analytics-socketserver.azurewebsites.net ARRAffinitySameSite=65f2f8bcc12e100e49d579aa6976195f0becca74103831531893092486430423;Path=/;HttpOnly;SameSite=None;Secure;Domain=ctrwow-prod-analytics-socketserver.azurewebsites.net
Upgrade: websocket
Sec-WebSocket-Accept: qUNZBBc9fRp+zNzVvbM6WKS6lnI=
Origin: https://thebestofferx.shop
X-Powered-By: ASP.NET

                                        
                                            POST /collect HTTP/1.1 
Host: b.clarity.ms
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 733
Origin: https://thebestofferx.shop
Connection: keep-alive
Referer: https://thebestofferx.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             20.75.32.255
HTTP/2 204 No Content
                                            
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://thebestofferx.shop
access-control-allow-credentials: true
date: Tue, 29 Nov 2022 19:03:56 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 8921
x-amzn-requestid: 98baf100-c007-4c44-89aa-b9cf55fa3f94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnwFYToAMFoWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852964-1227b5a9100c206e0c64f4b2;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: awi49MMMlK51wHPbyBrBkL4N4g9lX3ea40LxyrYbYxe_FsfqelTcTQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:57:05 GMT
etag: "c501de9eaa581a10b0b5fce40b54bb10f57f7c29"
age: 76014
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8921
Md5:    823e92f62ff7b3c2093828817d7f2866
Sha1:   c501de9eaa581a10b0b5fce40b54bb10f57f7c29
Sha256: 7d89669e23682f167b2fe1eff9edc5939112ec66b6b4e6389ef8aec78ccbdfe5
                                        
                                            GET /eus2/s/0.6.43/clarity.js HTTP/1.1 
Host: www.clarity.ms
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             13.107.219.53
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
                                            
cache-control: public,max-age=86400
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d9026a431ead4c"
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-cache: TCP_HIT
x-azure-ref-originshield: 0mhKFYwAAAABFQKccBdQZQLeRHjsDyBmIQU1TMDRFREdFMTkyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-azure-ref: 0mleGYwAAAAD1z9oKchZiQ6RCdPMDPMYZT1NMMjMxMDUwMjA1MDI1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
date: Tue, 29 Nov 2022 19:03:54 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    
Sha1:   
Sha256: 
                                        
                                            GET /tag/ecqx4egfsd?ref=gtm2 HTTP/1.1 
Host: www.clarity.ms
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             13.107.219.53
HTTP/2 200 OK
content-type: application/x-javascript
                                            
cache-control: no-cache, no-store
expires: -1
set-cookie: CLID=b802ae662a8843438d46ab1d60dc777b.20221129.20231129; expires=Wed, 29 Nov 2023 19:03:54 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
x-cache: CONFIG_NOCACHE
x-azure-ref: 0mleGYwAAAACM68sq+73mQKmXr+GySrZgT1NMMjMxMDUwMjA1MDI1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
date: Tue, 29 Nov 2022 19:03:54 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    
Sha1:   
Sha256: 
                                        
                                            GET /ctrwow_fp_analytics.min.js HTTP/1.1 
Host: d16hdrba6dusey.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebestofferx.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             54.230.245.93
HTTP/2 200 OK
content-type: application/javascript
                                            
last-modified: Thu, 18 Aug 2022 03:14:53 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 19:03:56 GMT
cache-control: max-age=31536000
etag: W/"b3f370ee7e0449a09eac8b3d80b621e7"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: J-IPy4zXpNa7bifPXlEYNfyTy5ig5pbzS04GAT8zuoM8eGhj7QgpoA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    
Sha1:   
Sha256: