all4you.lv/
45.84.207.41301 Moved Permanently 707 B IP 45.84.207.41:0
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET / HTTP/1.1
Host: all4you.lv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Wed, 11 Jan 2023 18:21:38 GMT
server: LiteSpeed
location: https://all4you.lv/
platform: hostinger
content-security-policy: upgrade-insecure-requests
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e6b7a72139d0ef7688330456e9be9a4c
e130a94e7d531768300071764dd1e81fee5bbbcb
d3818afd1493030105341b4cfb91037acbf27085c96068b3ef91c5071277c8e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3818AFD1493030105341B4CFB91037ACBF27085C96068B3EF91C5071277C8E5"
Last-Modified: Mon, 09 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3079
Expires: Wed, 11 Jan 2023 19:12:57 GMT
Date: Wed, 11 Jan 2023 18:21:38 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1f67827b21be68d925837dd729590f2d
dc24511141f5352e496b300d7d7e81b0cffb7475
afb1850e7c16f02d267a1310f1681367ecf598816fc62bd02447ffcd26117a9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AFB1850E7C16F02D267A1310F1681367ECF598816FC62BD02447FFCD26117A9F"
Last-Modified: Mon, 09 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6333
Expires: Wed, 11 Jan 2023 20:07:11 GMT
Date: Wed, 11 Jan 2023 18:21:38 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 11 Jan 2023 17:48:38 GMT
content-type: application/json
age: 1981
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 718fc486cd6a70fcacc1653759703fae
bf60ba7a37d2deef1b7000e91cc88da586bb75ca
398d02e16da466ffe87b64ac34b007615951cca14d43610b4acd58bc2a5fadff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "398D02E16DA466FFE87B64AC34B007615951CCA14D43610B4ACD58BC2A5FADFF"
Last-Modified: Tue, 10 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2755
Expires: Wed, 11 Jan 2023 19:07:34 GMT
Date: Wed, 11 Jan 2023 18:21:39 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: x1zQuarSb4bWxR0njoWVLpNy/qEWp97Uzpw0dXC43cwzPmICQzwMvllDGKnhmffanp/q78K76MhjJNhTPb/d7Q==
x-amz-request-id: T6P4B1DVTV4T7FNK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 11 Jan 2023 18:17:08 GMT
age: 271
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 18:21:39 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash b6814de21e79e28c4a59b9bef50020cb
5d6fcbdd6b70933b9367226523ce68364a1f0f1b
49821c9c4c570ff4e089276c96b05cef53c725e77e34f6c772d2b932e7c81c2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 18:21:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash b6814de21e79e28c4a59b9bef50020cb
5d6fcbdd6b70933b9367226523ce68364a1f0f1b
49821c9c4c570ff4e089276c96b05cef53c725e77e34f6c772d2b932e7c81c2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 18:21:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash b6814de21e79e28c4a59b9bef50020cb
5d6fcbdd6b70933b9367226523ce68364a1f0f1b
49821c9c4c570ff4e089276c96b05cef53c725e77e34f6c772d2b932e7c81c2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 18:21:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto:400%7CPoppins:400%2C600%2C500%2C800%2C700&display=swap
142.250.74.74200 OK 16 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400%7CPoppins:400%2C600%2C500%2C800%2C700&display=swap
IP 142.250.74.74:0
Hash c7dee6d1a16f5f31a1042aefa3a0abb6
73919b4fedea487101fc9eeb37c5e3e06178c9e6
6691efd20122d95acef8f352d14129826a06fffbd62c34a19de7a62807cb0505
GET /css?family=Roboto:400%7CPoppins:400%2C600%2C500%2C800%2C700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://all4you.lv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 11 Jan 2023 18:21:39 GMT
date: Wed, 11 Jan 2023 18:21:39 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 9a4ba4ab27cd47ead09d38283f795198
cf1d1e13fa427879530cb912e495012a42312b7d
8c0178a28c92e029ad04c5dbb4b8515117303e64cb3df9f3902a10f151ee1aab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 18:21:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 9a4ba4ab27cd47ead09d38283f795198
cf1d1e13fa427879530cb912e495012a42312b7d
8c0178a28c92e029ad04c5dbb4b8515117303e64cb3df9f3902a10f151ee1aab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 18:21:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.227200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://all4you.lv
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jan 2023 13:33:11 GMT
expires: Sat, 06 Jan 2024 13:33:11 GMT
cache-control: public, max-age=31536000
age: 449308
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2
216.58.207.227200 OK 5.5 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 5544, version 1.0\012- data
Hash 0ed299a4bb5262e17e2145783b2c18f1
65af2a037a5ef8a8d383d518377ea1f9f6837631
cb8bdeabc838774d9808eb7c4cfcea963b57855e34f84b54797076940c8e5986
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://all4you.lv
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5544
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Jan 2023 19:45:41 GMT
expires: Thu, 04 Jan 2024 19:45:41 GMT
cache-control: public, max-age=31536000
age: 599758
last-modified: Wed, 27 Apr 2022 17:03:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 9a4ba4ab27cd47ead09d38283f795198
cf1d1e13fa427879530cb912e495012a42312b7d
8c0178a28c92e029ad04c5dbb4b8515117303e64cb3df9f3902a10f151ee1aab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 18:21:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://all4you.lv
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Jan 2023 19:33:54 GMT
expires: Thu, 04 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 600465
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
216.58.207.227200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11872, version 1.0\012- data
Hash 87ace20058325aa069320aa4af875dff
b743548770c46d905ae1ba06310bc001c587fe8e
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://all4you.lv
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jan 2023 14:50:08 GMT
expires: Wed, 10 Jan 2024 14:50:08 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
age: 99091
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 11 Jan 2023 17:33:45 GMT
age: 2874
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ce604e6f88a42844a4ec7d404879bdcf
d462a2a194a67d39d091ff49c4435fdfc39b3e5b
9e0222bcc67f019bb5c61657fc921fc42aa0cd7a75f6b1358d05231c53cc26e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2849
Cache-Control: max-age=142358
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 18:21:40 GMT
Etag: "63be7c2a-1d7"
Expires: Fri, 13 Jan 2023 09:54:18 GMT
Last-Modified: Wed, 11 Jan 2023 09:06:50 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 46cc5fdbddfc861bb2a0fa0a121c9b4c
30defc7552ad80eb0bd4233cf8d53972ddb7f73a
3cb443b3a0f2246e2bbaa45a89b25f8585a0c1965a89b2d39999aaeca36c620b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3CB443B3A0F2246E2BBAA45A89B25F8585A0C1965A89B2D39999AAECA36C620B"
Last-Modified: Mon, 09 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16144
Expires: Wed, 11 Jan 2023 22:50:44 GMT
Date: Wed, 11 Jan 2023 18:21:40 GMT
Connection: keep-alive
files.findtrustclicks.com/scripts/stock.js?v=1.1.2
89.22.228.250200 OK 1.6 kB URL HTTP/1.1 files.findtrustclicks.com/scripts/stock.js?v=1.1.2
IP 89.22.228.250:0
File type ASCII text, with very long lines (4204), with no line terminators
Hash 240955a18e7f3ae327e2306c896cd951
0a1fe7f61b4989c537940a3bdfce3621edae23cc
28c95c49023d438a63df21c7f7d717fcc571628860a3a3be361932f80af668f6
Analyzer Verdict Alert fortinet Malware
GET /scripts/stock.js?v=1.1.2 HTTP/1.1
Host: files.findtrustclicks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://all4you.lv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 18:21:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Last-Modified: Fri, 09 Dec 2022 11:46:47 GMT
ETag: W/"106c-5ef63b5625cc2"
Content-Encoding: gzip
push.services.mozilla.com/
35.162.52.254101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.52.254:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3YLiFaTW9BMgoASltmB5Pg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: B73/4genX0mFoxvGdtSKDHuSm5A=
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b72ca2749ca7f8f4b87597b4331e0ec6
2babbbcedb878e3b9977848937021305a77e999d
12555f0c8ceff1b10fb538bf1f3bfaa75eaa1fbea7810b9fec7bef5e1676727a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12555F0C8CEFF1B10FB538BF1F3BFAA75EAA1FBEA7810B9FEC7BEF5E1676727A"
Last-Modified: Mon, 09 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20778
Expires: Thu, 12 Jan 2023 00:07:58 GMT
Date: Wed, 11 Jan 2023 18:21:40 GMT
Connection: keep-alive
way.specialblueitems.com/qqJVYyyv?&se_referrer=&default_keyword=M%C4%81jas%20Lapa%20%E2%87%A8%20All4You.lv&&frm639317151a8ac=script639317151a8ae&_cid=cd0fa365-cd5a-1ed9-e213-8e1ce3b6bb97
159.69.234.10200 OK 961 B URL HTTP/1.1 way.specialblueitems.com/qqJVYyyv?&se_referrer=&default_keyword=M%C4%81jas%20Lapa%20%E2%87%A8%20All4You.lv&&frm639317151a8ac=script639317151a8ae&_cid=cd0fa365-cd5a-1ed9-e213-8e1ce3b6bb97
IP 159.69.234.10:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2108), with no line terminators
Hash 33841c02138297a900cbd2fa27d9d0cb
605e6ecd07f1a2033f68fb0973d7e9fc9503c89d
436a0cbd784ad7d0e905acb0a67ec40a1f4195701de513935947854c9a313014
GET /qqJVYyyv?&se_referrer=&default_keyword=M%C4%81jas%20Lapa%20%E2%87%A8%20All4You.lv&&frm639317151a8ac=script639317151a8ae&_cid=cd0fa365-cd5a-1ed9-e213-8e1ce3b6bb97 HTTP/1.1
Host: way.specialblueitems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://all4you.lv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 18:21:40 GMT
Content-Type: application/javascript
Content-Length: 961
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Expires: 0
Pragma: no-cache
Set-Cookie: _subid=s8hnpa24hc9n;Expires=Saturday, 11-Feb-2023 18:21:40 GMT;Max-Age=2678400;Path=/
674be=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjZcIjoxNjczNDYxMzAwfSxcImNhbXBhaWduc1wiOntcIjJcIjoxNjczNDYxMzAwfSxcInRpbWVcIjoxNjczNDYxMzAwfSJ9.vwkxCMFqiaFUPpCnjB7L9qzjv9ko4cysj3LEUqXdRKM;Expires=Thursday, 23-Jan-2076 12:43:20 GMT;Max-Age=1673547700;Path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
way.specialblueitems.com/rs1TzB?&se_referrer=&default_keyword=M%C4%81jas%20Lapa%20%E2%87%A8%20All4You.lv&&frm63a6f90168315=script63a6f90168317&_cid=af444712-52bd-97d0-fa32-a615f5029a09
159.69.234.10200 OK 2.2 kB URL HTTP/1.1 way.specialblueitems.com/rs1TzB?&se_referrer=&default_keyword=M%C4%81jas%20Lapa%20%E2%87%A8%20All4You.lv&&frm63a6f90168315=script63a6f90168317&_cid=af444712-52bd-97d0-fa32-a615f5029a09
IP 159.69.234.10:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (6323), with no line terminators
Hash 2ed7c308aaa47521fae80483ab170607
3e309274c4579eeda14d86a6bb70560eab524639
7e4a30860e349ed8d823b340f9789593dec1d9600a9c167e9c9f24d6a9a62df3
GET /rs1TzB?&se_referrer=&default_keyword=M%C4%81jas%20Lapa%20%E2%87%A8%20All4You.lv&&frm63a6f90168315=script63a6f90168317&_cid=af444712-52bd-97d0-fa32-a615f5029a09 HTTP/1.1
Host: way.specialblueitems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://all4you.lv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 18:21:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Expires: 0
Pragma: no-cache
Set-Cookie: _subid=s8hnpa24hc9r;Expires=Saturday, 11-Feb-2023 18:21:40 GMT;Max-Age=2678400;Path=/
674be=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjI0XCI6MTY3MzQ2MTMwMH0sXCJjYW1wYWlnbnNcIjp7XCI2XCI6MTY3MzQ2MTMwMH0sXCJ0aW1lXCI6MTY3MzQ2MTMwMH0ifQ.WFEznTrYcdgYFEgj9iObXsDlIHjr15GMN_kOs5_BPOw;Expires=Thursday, 23-Jan-2076 12:43:20 GMT;Max-Age=1673547700;Path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5048
Expires: Wed, 11 Jan 2023 19:45:49 GMT
Date: Wed, 11 Jan 2023 18:21:41 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5048
Expires: Wed, 11 Jan 2023 19:45:49 GMT
Date: Wed, 11 Jan 2023 18:21:41 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5048
Expires: Wed, 11 Jan 2023 19:45:49 GMT
Date: Wed, 11 Jan 2023 18:21:41 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5048
Expires: Wed, 11 Jan 2023 19:45:49 GMT
Date: Wed, 11 Jan 2023 18:21:41 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5048
Expires: Wed, 11 Jan 2023 19:45:49 GMT
Date: Wed, 11 Jan 2023 18:21:41 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faabf1f2c-deb1-4d58-9ee6-5dd522512882.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faabf1f2c-deb1-4d58-9ee6-5dd522512882.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 56de8a53fb494855ff7717eeb39c1fed
438999ac8d0853e235a2c0e0f404291961c891ab
357db338b2f6fcf434bdd9c2561f91d3fc7e5d42a92e5068402ce3eeb6fba412
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faabf1f2c-deb1-4d58-9ee6-5dd522512882.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6400
x-amzn-requestid: f76c3961-a118-4639-a943-2ffbd3d28537
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eaD7hEEdoAMFs5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba4d16-3881379864dcae085aa4fd4d;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 04:56:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DmS2bnkBSYTi7rEZuQ_frZ6GwU-PHrD3GfDXv7rDkp_ytjR7c9FhWw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 09:00:56 GMT
age: 33645
etag: "438999ac8d0853e235a2c0e0f404291961c891ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad96383c-d707-4b10-ad6c-110acc0ed5e3.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad96383c-d707-4b10-ad6c-110acc0ed5e3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 35ee3a36f2d56adfa27324f734f8f7fc
6ec36e85e464004c5e6255739e962e6dcc4c24c6
6cedd3770eb8879c837799d36ebca9d631789d972d3631d730829fc5d64abb25
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad96383c-d707-4b10-ad6c-110acc0ed5e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8024
x-amzn-requestid: b331ee66-c166-4fa6-b950-287134d07fa2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWhZ6EM0oAMFQFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8e2a5-39ff669b44e3dd9339daa56b;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 03:10:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Fk214iXw9pGVhIOu0uwvDOrqHR-pOjicJOttxjMb0JDhxXbfpyRncg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 07:54:43 GMT
age: 37618
etag: "6ec36e85e464004c5e6255739e962e6dcc4c24c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash afcc8f4875f4b74ca0640829b689731e
584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df
3e487396389c4330abc99bc99053eecc6aaf56f7afa398d70c30e1f4709577a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13626
x-amzn-requestid: 4769eaeb-0c78-4054-ad47-eefdd6ab2d03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWHMZErbIAMF6sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8b8b5-4c7bacfe060899044e361f70;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 00:11:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JRzc2Mcl4EasyH6_1kFh7sr-57f1HNDu-YN8YptDe_kcTET9x8P9LA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 13:56:11 GMT
age: 15930
etag: "584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe61553-0d3d-4c00-8e9b-da1405590a9b.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe61553-0d3d-4c00-8e9b-da1405590a9b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a708649e0d6b128eb599b221445a8e06
59f9b06ee8e4c9608e29e7b19832fb925789f373
b4e17cfdee53b56ac33cb5a86253e4839ed7bd9bb1604209834bb22d881472f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe61553-0d3d-4c00-8e9b-da1405590a9b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7140
x-amzn-requestid: 96450c55-6068-4946-9e5f-650c19d2772a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ei739GoJIAMF0lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bdd9cc-2bf965d47a10fd61619d945f;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 21:34:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t5mK-tl3WskwkQLUXPKR2ljEW32-Yo6_BHwqP2dNVUr09WoMyxYeZw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 21:42:06 GMT
age: 74375
etag: "59f9b06ee8e4c9608e29e7b19832fb925789f373"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe834a7de-1ed4-4b8b-a3be-fce3151bd1b1.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe834a7de-1ed4-4b8b-a3be-fce3151bd1b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 68af9d9acdc08345ac38ae59f83a9a24
d3c0b7fa6ab4f421835acd595a75b5035d1ff9ee
1ae2e194f6bb20166d326002b39a4e3f44a9a97046e77ffd2a186eae384b7ce1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe834a7de-1ed4-4b8b-a3be-fce3151bd1b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10640
x-amzn-requestid: 0b0b6732-7692-4b35-9625-154dc39386dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ei745GEooAMFafA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bdd9d2-314dad90600e9d8c737adf05;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 21:34:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rr9hTjSynlIWtcOCn7hv3-rRhhGEl0A0_uV1jC2ljrpr8ybnZP72Zw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 21:42:10 GMT
age: 74371
etag: "d3c0b7fa6ab4f421835acd595a75b5035d1ff9ee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d03d252-a4d1-4207-aa34-25d15894724a.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d03d252-a4d1-4207-aa34-25d15894724a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cfdccf6a024cbd033eea815d49112057
0d987b906b2fd7e45d09169898e7cc14e0e62f64
739c6dadc197a3cf88c8fcdb8a6f35bc7bb98355b3804e0b2c71cd6a87f08900
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d03d252-a4d1-4207-aa34-25d15894724a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5434
x-amzn-requestid: a6d8944c-dae3-43f6-91bd-6dda6f9275b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ei75NErNIAMFlsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bdd9d4-44e8212239c649ba56cd3256;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 21:34:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: U9k7a673trCY9jdC0vpQVZG10T8iuDpEbB9NyrwVL-UIf7FNZ7bH6g==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 21:42:09 GMT
age: 74372
etag: "0d987b906b2fd7e45d09169898e7cc14e0e62f64"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
short.interestmoments.com/fl-way.php?id=573433-462-568533477&pid=2347&lid=5788473
194.135.30.40302 Found 0 B URL HTTP/2 short.interestmoments.com/fl-way.php?id=573433-462-568533477&pid=2347&lid=5788473
IP 194.135.30.40:0
ASN #2856 British Telecommunications PLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fl-way.php?id=573433-462-568533477&pid=2347&lid=5788473 HTTP/1.1
Host: short.interestmoments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://all4you.lv/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 11 Jan 2023 18:21:41 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://short.interestmoments.com/fl-way.php?id=856756-23-584324238&pid=367&zid=796&kid=45709543&from=HeroIce
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
short.interestmoments.com/fl-way.php?id=856756-23-584324238&pid=367&zid=796&kid=45709543&from=HeroIce
194.135.30.40200 OK 465 B URL HTTP/2 short.interestmoments.com/fl-way.php?id=856756-23-584324238&pid=367&zid=796&kid=45709543&from=HeroIce
IP 194.135.30.40:0
ASN #2856 British Telecommunications PLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 5637365902732d4f03b90d498b7cfe47
174fed1e9c83a845f081b1c45376d73c535a5165
3ffa2dbe4828542efae11084efe9fdaf538857882a7642ae0aa214a0cdc5fa30
GET /fl-way.php?id=856756-23-584324238&pid=367&zid=796&kid=45709543&from=HeroIce HTTP/1.1
Host: short.interestmoments.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://all4you.lv/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 18:21:41 GMT
content-type: text/html; charset=UTF-8
content-length: 465
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
c.srvpcn.com/click?id=cevfsdg56phkia68mdkg&e=3355ee21-8da6-4037-9f57-1e0eb736453a&px=134
3.221.137.176303 See Other 0 B URL HTTP/1.1 c.srvpcn.com/click?id=cevfsdg56phkia68mdkg&e=3355ee21-8da6-4037-9f57-1e0eb736453a&px=134
IP 3.221.137.176:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?id=cevfsdg56phkia68mdkg&e=3355ee21-8da6-4037-9f57-1e0eb736453a&px=134 HTTP/1.1
Host: c.srvpcn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 303 See Other
Date: Wed, 11 Jan 2023 18:21:42 GMT
Content-Length: 0
Connection: keep-alive
Location: https://us.slowww.xyz/postback/click?key=v2-1673461302120-4-2182-999800-d8f029b3-691a-1bb9-026c-3b86aedc5a0e
wholegrady.com/bp3dV.0OP/3_pIvFb/m/V/JLZ_DS0b0tNrTHcxysM/jEAswXLuTZQ/1/NSzqIXy/M/DREs
88.85.94.246200 OK 1.1 kB URL HTTP/2 wholegrady.com/bp3dV.0OP/3_pIvFb/m/V/JLZ_DS0b0tNrTHcxysM/jEAswXLuTZQ/1/NSzqIXy/M/DREs
IP 88.85.94.246:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (357)
Hash 0e66314270426b4c21f600f91de2e755
13e4a8274c83910d3eff3553d36a05ecc9d5348e
55008d1ce13494e1a7c0cc6529c2b16279d416a1987056e29e61b63b9609d97c
GET /bp3dV.0OP/3_pIvFb/m/V/JLZ_DS0b0tNrTHcxysM/jEAswXLuTZQ/1/NSzqIXy/M/DREs HTTP/1.1
Host: wholegrady.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://short.interestmoments.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 18:21:42 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
p3p: CP="CUR ADM OUR NOR STA NID"
last-modified: Wed, 11 Jan 2023 18:21:41 GMT
x-frame-options: DENY
referrer-policy: no-referrer
set-cookie: kadCCap=215297:1:1671843330;222775:1:1671023864;222513:1:1671568408;79610:1:1669272875;223454:1:1671925401;219047:1:1667194435;184246:1:1673226439;212269:1:1667199062;220790:1:1668460505;101716:1:1672946010;199455:1:1668245056;218665:1:1671785908;221352:1:1670163762;220335:1:1670435916;171526:1:1673252766;223255:1:1670393482;219652:1:1669330335;219484:1:1667715065;132751:1:1673417244;218693:1:1669515516;222582:1:1673423874;222555:1:1671433227;221398:1:1673031544;194136:1:1673252766; max-age=1704997302; path=/
kadACap=407100:1:1668246232;190964:1:1669272875;446718:1:1672964869;446498:1:1671420411;419303:1:1670918283;441369:1:1671297690;272913:1:1673272146;398832:1:1672025828;419321:1:1672807980;419299:1:1670986713;454815:1:1673201512;446013:1:1668228435;419295:1:1673143817;406293:1:1672977574;445499:1:1670164226;346329:1:1670226206;456883:1:1671781891;442019:1:1673186218;417177:1:1673216086;419293:1:1671780919;446716:1:1672031762;419301:1:1673205268;419323:1:1672975053;445506:1:1669286676;419297:1:1670740668;424441:1:1673451858;458045:1:1670528140;445735:1:1669286676;460522:1:1673215437;458041:1:1670526590;446531:1:1669270846;410252:1:1673233611;444748:1:1669841678;424443:1:1673201378;346327:2:1673269398;383700:1:1673274262;410254:1:1671377581;446720:1:1673017703;424445:1:1673123363;453839:1:1672548072;449523:1:1670210030;404163:1:1673226439;451147:1:1673144472;446714:1:1671329420;445081:1:1671894608;451724:1:1669565807;450649:1:1671968855;451139:1:1673438256;444785:1:1671894608;419291:1:1673140110;320498:1:1673384529;458498:1:1672536671;445788:1:1669918420;453831:1:1673164326;453850:1:1671627132;401659:1:1673234153; max-age=1704997302; path=/
kadCSCap=132751:1:1673417244;222582:1:1673423874; path=/
kadASCap=451139:1:1673438256;424441:1:1673451858;320498:1:1673384529; path=/
kadRPixJ=bnVsbA==; max-age=1704997302; path=/
kadUnP3=CAcQ0aT3nQYaDQioiJcCEAIYnKT5nQYaDQjdzZkCEAUY0aT3nQYiCggDEAcY0aT3nQYqDAikkygQAhicpPmdBioMCOK8KBAFGNGk950G; max-age=1704997302; path=/
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
us.slowww.xyz/postback/click?key=v2-1673461302120-4-2182-999800-d8f029b3-691a-1bb9-026c-3b86aedc5a0e
38.100.129.136302 Found 0 B URL HTTP/2 us.slowww.xyz/postback/click?key=v2-1673461302120-4-2182-999800-d8f029b3-691a-1bb9-026c-3b86aedc5a0e
IP 38.100.129.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /postback/click?key=v2-1673461302120-4-2182-999800-d8f029b3-691a-1bb9-026c-3b86aedc5a0e HTTP/1.1
Host: us.slowww.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty/1.15.8.3
date: Wed, 11 Jan 2023 18:21:43 GMT
content-length: 0
set-cookie: platform_user_id=desktop:b9ce734ea0955fdbdaef46d4d37c6039
platform_user_id_3rd_party=desktop:b9ce734ea0955fdbdaef46d4d37c6039; SameSite=None; Secure; Max-Age=31556952
platform_user_id_from_ssp=platform:812c20f47e6cc359c3bf235ad2116cb4
platform_user_id_from_ssp_3rd_party=platform:812c20f47e6cc359c3bf235ad2116cb4; SameSite=None; Secure; Max-Age=31556952
location: https://www.pricecomparedeals.com/no-no
X-Firefox-Spdy: h2
cdn.dealsfor.life/23x9/GG201910181329540253000000000000_bandeira_noruega.jpg
104.21.34.224200 OK 389 B URL HTTP/2 cdn.dealsfor.life/23x9/GG201910181329540253000000000000_bandeira_noruega.jpg
IP 104.21.34.224:0
File type PNG image data, 23 x 9, 8-bit/color RGB, non-interlaced\012- data
Hash 3985c40fe38e6b8cb2b7de1b2987cffe
7c0328120073e47ffe990c218a3318c8edd675c5
c82d89e379fa3c6a82fcf1b943144c7f61f007828904ff2beccfe127396e9369
GET /23x9/GG201910181329540253000000000000_bandeira_noruega.jpg HTTP/1.1
Host: cdn.dealsfor.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 18:21:43 GMT
content-type: image/png
content-length: 389
x-amz-id-2: IiusZnti6Fc7BErGOmKVn5uyZZ1stcsC2EzgNj+4XO4RSAaDs23tubfUnp2QwmDDN7MmZncjAhM=
x-amz-request-id: 5V2P1FFTF27KNSDX
last-modified: Thu, 28 Nov 2019 03:36:17 GMT
etag: "3985c40fe38e6b8cb2b7de1b2987cffe"
cache-control: max-age=86400
cf-cache-status: HIT
age: 6953
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7avBpmKZYu3m2ImbsGZlsmrCL8%2FwXw7ZknuM8Cs5MkqOfJKXOBwgNH10szfjnOnx8FQQfGikehdac8QxU721ideR8NyNeX4BAADJc09DkgdMknXkYTM8%2FSRhufFLUMRgpeQEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 787fac7afc220b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.dealsfor.life/630x525/GG202006090803570037000000000000_elektronics-v1.jpg
104.21.34.224200 OK 37 kB URL HTTP/2 cdn.dealsfor.life/630x525/GG202006090803570037000000000000_elektronics-v1.jpg
IP 104.21.34.224:0
File type JPEG image data, baseline, precision 8, 630x525, components 3\012- data
Hash 7f936cedd7e479eb865f1bfe1c63e945
4088966128f5171f9750dfd5f83ed2f8c517090e
cf3f17e5d372b10391a1ec46de26be3e83ca3c37f22d6103aee48e6d210d906a
GET /630x525/GG202006090803570037000000000000_elektronics-v1.jpg HTTP/1.1
Host: cdn.dealsfor.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 18:21:43 GMT
content-type: image/jpeg
content-length: 36766
x-amz-id-2: IMq+Sz4LUZ8TzgKFeRC0y762GUTn0rNSWCEjpr4iZLOb0//ZFbRumy9jOX7Bs0XWmwExjRcUDY8=
x-amz-request-id: G0SNKTHS1EEHKAYY
last-modified: Tue, 09 Jun 2020 08:22:04 GMT
etag: "7f936cedd7e479eb865f1bfe1c63e945"
cache-control: max-age=86400
cf-cache-status: HIT
age: 938
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pzq34qSgArGqay4CphyVUinYEvxgWC2gU2BcfoFhBI1ocySi2xb%2B9vV1%2F04wRZnhowYucr4UG%2B%2FzKgLPpUST%2B77UGQpEkvTjijzQwQvanDt%2FMLbeXuUjtEutkuXbcEIRnu0m5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 787fac7afc210b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.dealsfor.life/630x315/GG202006050817010094000000000000_fashion.jpg
104.21.34.224200 OK 25 kB URL HTTP/2 cdn.dealsfor.life/630x315/GG202006050817010094000000000000_fashion.jpg
IP 104.21.34.224:0
File type JPEG image data, baseline, precision 8, 630x315, components 3\012- data
Hash e4f10f00dbdfc76dac0b06e12e76dd81
4b016a4493756924b8fb40a9f1391d1378c07cf3
a8bef644a63472bb106be50ae79c3eaf5e10d49f1f8c207564036e07b01781d9
GET /630x315/GG202006050817010094000000000000_fashion.jpg HTTP/1.1
Host: cdn.dealsfor.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 18:21:43 GMT
content-type: image/jpeg
content-length: 25059
x-amz-id-2: SFrxRe2sKqmtTHg2kUJx1wbyxEhgFybnCJYi5BNqrVrAbwkmvZEFyZiJuduYcLWF5JD3QgkVXHc=
x-amz-request-id: G0SVY3EKCWSRK22K
last-modified: Fri, 05 Jun 2020 08:42:55 GMT
etag: "e4f10f00dbdfc76dac0b06e12e76dd81"
cache-control: max-age=86400
cf-cache-status: HIT
age: 942
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tMI8jQYHkdknRer1IlBVB3%2Fsvtk%2B9AiNK8kM%2Fh%2F0eKltpmOu0vOeylAz9lvWgxn0MOL02ZMw3RzY0afvMvjv3QXkRjlEdf4wbxtyIR7kDeZ52mMcxSHuA1RefM1oX4tHqN%2BOOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 787fac7afc2a0b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.dealsfor.life/420x210/GG202006050826060263000000000000_travel.jpg
104.21.34.224200 OK 18 kB URL HTTP/2 cdn.dealsfor.life/420x210/GG202006050826060263000000000000_travel.jpg
IP 104.21.34.224:0
File type JPEG image data, baseline, precision 8, 420x210, components 3\012- data
Hash d2e157616b039f93a4dc696b5b96938e
6e0e4a332b81a4388915f206f73d58dcde204b29
2cf032115b870ef9a2790db489949898c24d39f8b8e93ce82fe59adc9255405e
GET /420x210/GG202006050826060263000000000000_travel.jpg HTTP/1.1
Host: cdn.dealsfor.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 18:21:43 GMT
content-type: image/jpeg
content-length: 17960
x-amz-id-2: +jmNAUjjBw2hbB920mmdDVmSVrE7+aPyB7OpV4R5urq4cwxHFTmHcVfVf5hvJ9rh0pVjldA4qQQ=
x-amz-request-id: G0SS5X69TG09BDGC
last-modified: Fri, 05 Jun 2020 08:42:55 GMT
etag: "d2e157616b039f93a4dc696b5b96938e"
cache-control: max-age=86400
cf-cache-status: HIT
age: 942
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88QZT%2Fy9Mjbn65WqvFADprgFpKmmIjuzGZtrBljYgfRmwtZWBeYiCcSOeRPr8aVZBZoYMlwRH4dD8zC6DT9HLjg1KqtzWU%2BDGWNxTHkMjCu3WPpG7w5LMorRHqPbdxaC4RzQ2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 787fac7afc2c0b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 1.2 kB IP 216.58.211.3:0
Hash 46978aa7d3a53510550527f01facf7e8
bb949b0e4ee74858d9b077f768a1abc654500ef5
b0e97285ee1e8729ef0d0adf575290a7768568e9a5e7bf4db5527c9d56b5fdea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 18:21:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
use.fontawesome.com/releases/v5.7.2/css/all.css
172.64.132.15200 OK 86 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.2/css/all.css
IP 172.64.132.15:0
File type ASCII text, with very long lines (54456), with no line terminators
Hash a4c21e229aad7adb4311118f4922b27e
1cf8b134eb6a94e2313ba0bfb09c53bb21be5171
73e68db5d1d53cd2a05dbf39c72b02968e3c88ffb12788fd3e04e0ef8494d21e
GET /releases/v5.7.2/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pricecomparedeals.com
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 11 Jan 2023 18:21:43 GMT
content-type: text/css
x-amz-id-2: aGnoUMpXUN3MRTP8hgZ+N3sZ/IUsD73N0bONsO0g72lZm0QaRgYf7l9I4z+f4iZF31AFaSYe8As=
x-amz-request-id: N8PY0F5944V1WEE8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 27468
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fC4b%2B8iTY%2Fgsos3a%2FVbRwUqfSJjaGpdfubHC5cBJzQ%2F%2B%2Bg0qxKw%2FWpdLe4DI3lQgqre3Sd7RcWEgfLJ91H53mSGZpvrh%2F4la%2FWFbBbK7UUTD3f2cYaOngxiNd6G3%2BEIBnFTn0Nlp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 787fac7b1f974058-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 20 kB IP 216.58.211.3:0
Hash e38bdd115ed793bff0889a0130f949a1
3019d6e05c26f660e0d8e6a22950eb4d11094e40
d5084e69701c8bfe544c6428fb20a58c3002ee7ccaa493b0afdf2e3ef4753b8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 18:21:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 8.1 kB IP 216.58.211.3:0
Hash 6d77539b44b36063f617efb96d5f6457
d68d0641726c015211aeca59153508e0897e8bf7
06175f5f56c8494a6296dccce447909d8426a2652db81591a56b6d6597c207d2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 18:21:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Open+Sans:400,600,800
142.250.74.74200 OK 46 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,600,800
IP 142.250.74.74:0
Hash 3f585325bf9c02ecf1e46757b1cb0ebc
10600bcebb49ee11260f5faff173b6f32ba1c08d
a3ef472e44d527c6bba8dc1d13dff8ffd0fc9634c20114c3e1deb4f68f884ee0
GET /css?family=Open+Sans:400,600,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 11 Jan 2023 18:21:43 GMT
date: Wed, 11 Jan 2023 18:21:43 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f31dece9b4f4b59b01e9decdb6f72e78
46fd775cceb0e76b4cb79df7fa9c374e16613475
cd8bdde64f60d006d9995620e6bbe66ab8f3b0c1ee155fcbd97bd9ab3098e4b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1057
Cache-Control: max-age=128354
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 18:21:43 GMT
Etag: "63be4c78-1d7"
Expires: Fri, 13 Jan 2023 06:00:57 GMT
Last-Modified: Wed, 11 Jan 2023 05:43:20 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/pt_BR/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/pt_BR/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash f6464b9a37b6194bec218b8bce90e1a6
bee84b74500697bc892c50300f20baecf96b1fc0
49dd0aa7fede4ee173425ab09e4fc8d1f2cb4a3a6606dbf0bab53a314bb72802
GET /pt_BR/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pricecomparedeals.com
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 84837de8331a5758eae43c7f1261c49f
etag: "6e8908f8dfe0ded4aeba0acd6dfff47c"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 11 Jan 2023 18:39:31 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 9kZLmje2GUvsIYuLzpDhpg==
x-fb-debug: HwXwcHRDtqLZ3+W5+UWG0grCTcOA3R3c2p7L0uiiUGdA2MvkXgohu7g6pQQQZFIg+DYokHZx4D40LuilNbZJFA==
priority: u=3,i
content-length: 1687
x-fb-trip-id: 1904183273
date: Wed, 11 Jan 2023 18:21:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f31dece9b4f4b59b01e9decdb6f72e78
46fd775cceb0e76b4cb79df7fa9c374e16613475
cd8bdde64f60d006d9995620e6bbe66ab8f3b0c1ee155fcbd97bd9ab3098e4b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1057
Cache-Control: max-age=128354
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 18:21:43 GMT
Etag: "63be4c78-1d7"
Expires: Fri, 13 Jan 2023 06:00:57 GMT
Last-Modified: Wed, 11 Jan 2023 05:43:20 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/pt_BR/sdk.js?hash=230bf56f7d28fd1491f60bb081d1d956
31.13.72.12200 OK 89 kB URL HTTP/2 connect.facebook.net/pt_BR/sdk.js?hash=230bf56f7d28fd1491f60bb081d1d956
IP 31.13.72.12:0
Hash b69ead5e221ecb2de3222437e9d7ea79
6f9f3ffaf5d36dedc26a584e2b304be850e225cd
7153c691b640b4a00c49b963c7e4588a60fc23aa56111c2f409e4df52aa2a45d
GET /pt_BR/sdk.js?hash=230bf56f7d28fd1491f60bb081d1d956 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pricecomparedeals.com
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: e3c80a1ed3b106df13b7ed231e77fd80
etag: "6460996fb1b5c8366fd317c8389fcb89"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 11 Jan 2024 12:54:37 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: mv3c2DN7JhFDvJN/G8jVIA==
x-fb-debug: 6h1hlLCP4WDTPLoAolsjSJnwxeLWxJ+ZIe82ctAkgnCgjGd3rrB7xW9F75gvTb3g4ho1NT7QUxKSjoYrQ4lGuA==
priority: u=3,i
content-length: 86988
x-fb-trip-id: 1904183273
date: Wed, 11 Jan 2023 18:21:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=387357745142349&ev=fb_page_view&dl=https%3A%2F%2Fwww.pricecomparedeals.com%2Fno-no&rl=&if=false&ts=1673461289600&sw=1280&sh=1024&at=
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=387357745142349&ev=fb_page_view&dl=https%3A%2F%2Fwww.pricecomparedeals.com%2Fno-no&rl=&if=false&ts=1673461289600&sw=1280&sh=1024&at=
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=387357745142349&ev=fb_page_view&dl=https%3A%2F%2Fwww.pricecomparedeals.com%2Fno-no&rl=&if=false&ts=1673461289600&sw=1280&sh=1024&at= HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 11 Jan 2023 18:21:44 GMT
X-Firefox-Spdy: h2
img.tttcdn.com/product/xy/500/500/p/gu1/E/0/E11824-120/E11824-120-1-08e4-wUGo.jpg
54.230.111.80200 OK 57 kB URL HTTP/2 img.tttcdn.com/product/xy/500/500/p/gu1/E/0/E11824-120/E11824-120-1-08e4-wUGo.jpg
IP 54.230.111.80:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a73b37f94d3330e9f4e9ca202a575729
bd0a9b63812a17ee843a5a07829dcc9a748f21bf
838d8396369035ea6a63f267d56bc2c63807c0f0dbf890376d69a4f8ab95175a
GET /product/xy/500/500/p/gu1/E/0/E11824-120/E11824-120-1-08e4-wUGo.jpg HTTP/1.1
Host: img.tttcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 56762
x-amz-id-2: 70eCqXp+ovsPbPdXKK//eTvXEfcKf/Q7TgKcGm7zR2bokeG8uTyMyY9OCRGfZOFnDpsCROg1lDc=
x-amz-request-id: 3VWNG1CKTDMP5XNG
last-modified: Wed, 26 Aug 2020 07:01:21 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 11 Jan 2023 01:25:30 GMT
cache-control: max-age=2592000
etag: "a73b37f94d3330e9f4e9ca202a575729"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Q61icncA7TzqBG8wTycGs0z4pxXmJ_S7KNXKrt_PF6rvMeFfp-oCbQ==
age: 60975
X-Firefox-Spdy: h2
img.tttcdn.com/product/xy/500/500/p/gu1/E/8/E17018/E17018-1-52e0-XWgX.jpg
54.230.111.80200 OK 14 kB URL HTTP/2 img.tttcdn.com/product/xy/500/500/p/gu1/E/8/E17018/E17018-1-52e0-XWgX.jpg
IP 54.230.111.80:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9f70ab4d9b41bbafaac5514fa12f467a
3ab5632b39817c7feb5e64a0ab660329840a0357
1b4d70168fe2a181f98631958d46c6d640613464726e2d94cb9fc0db3ee95454
GET /product/xy/500/500/p/gu1/E/8/E17018/E17018-1-52e0-XWgX.jpg HTTP/1.1
Host: img.tttcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 13466
x-amz-id-2: Pcq1K2oBepKVZlaJoTNvm66hYJFCh6q9CVOsxc+V4MwS8Kg+QEE1PZEqYWkZ1CdOWJtREZsH8S4=
x-amz-request-id: X3A0EWYSR2WE9KYJ
date: Thu, 05 Jan 2023 01:56:46 GMT
last-modified: Wed, 19 May 2021 11:09:54 GMT
etag: "9f70ab4d9b41bbafaac5514fa12f467a"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WDVmOgan6Szo14R70VATrN72VgsLGBbKyzhMsQCwq6XF_00PJy-2vA==
age: 577498
X-Firefox-Spdy: h2
img.tttcdn.com/product/xy/500/500/p/gu1/V/5/V8665/V8665-1-31f2-lqFR.jpg
54.230.111.80200 OK 24 kB URL HTTP/2 img.tttcdn.com/product/xy/500/500/p/gu1/V/5/V8665/V8665-1-31f2-lqFR.jpg
IP 54.230.111.80:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6758e3bf1a38b99d917b68482c5becaf
c3109d816bc37b7c665f5f88eadf6ba1825535ad
86146536ee90cdb6687d9867c396c82c01733f688a9312f4409cbae121d48317
GET /product/xy/500/500/p/gu1/V/5/V8665/V8665-1-31f2-lqFR.jpg HTTP/1.1
Host: img.tttcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 23704
x-amz-id-2: 3khtYb1PyXJQQo5ubGGlweI1EezH3BxIsVn6Qcx1D/koNVfzk93X/ovtLZDGBCKt2fzRGheDKcc=
x-amz-request-id: T4PD56BJT2Y9R736
date: Sun, 01 Jan 2023 04:10:26 GMT
last-modified: Wed, 19 May 2021 11:13:00 GMT
etag: "6758e3bf1a38b99d917b68482c5becaf"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UNaimjls_sR2KzSSgKOyvUFXmusgKT9NjrQOrci--NIpSW86EVYcjA==
age: 915079
X-Firefox-Spdy: h2
img.tttcdn.com/product/xy/500/500/p/gu1/P/L/PAP0216DBL/PAP0216DBL-1-7c15-KkZh.jpg
54.230.111.80200 OK 48 kB URL HTTP/2 img.tttcdn.com/product/xy/500/500/p/gu1/P/L/PAP0216DBL/PAP0216DBL-1-7c15-KkZh.jpg
IP 54.230.111.80:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c083577c9bda386c9ebf82debca7f27f
56e9060d558c5eeeec8433e855da96d35fdac660
ab139c9577bd9fb36b83d5ce6fa08656ea65af486cd32e791010d2d52215950e
GET /product/xy/500/500/p/gu1/P/L/PAP0216DBL/PAP0216DBL-1-7c15-KkZh.jpg HTTP/1.1
Host: img.tttcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 47590
x-amz-id-2: wmJvoq+zTBcXXS8S0HNv6pNcqWv1uFYcSEmH8IRVBGcKuqExk1C48uQ2b+oKS0ISdunuWHc+1VI=
x-amz-request-id: 4717NP57TD9F87R7
last-modified: Mon, 07 May 2018 08:33:41 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 11 Jan 2023 01:10:10 GMT
cache-control: max-age=2592000
etag: "c083577c9bda386c9ebf82debca7f27f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iq-s4ngxGJVwseRahbEfOpD9zt7x210VvYVgf4ytefd__55sn8iREQ==
age: 61895
X-Firefox-Spdy: h2
img.tttcdn.com/product/xy/500/500/p/gu1/H/4/H33634/H33634-1-4d04-RoFb.jpg
54.230.111.80200 OK 68 kB URL HTTP/2 img.tttcdn.com/product/xy/500/500/p/gu1/H/4/H33634/H33634-1-4d04-RoFb.jpg
IP 54.230.111.80:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 47c360d15120fa0b4e54885bc02a9f2d
91e569d957a5090ec437fea291b66e2fc5f8c6a3
002df5d71751983a38702343f9ab8dc68fa5621308cb02e89f7be369eadf03bb
GET /product/xy/500/500/p/gu1/H/4/H33634/H33634-1-4d04-RoFb.jpg HTTP/1.1
Host: img.tttcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 67510
x-amz-id-2: 56545HY0ZADqFmOmlZUwsaT6J5W11uXtHaXaFMrc595Kg67Zk71PV7Re0dNcOjq6DdjOWaULJcs=
x-amz-request-id: 5MRYKYA7M5KJRXB6
last-modified: Wed, 24 Jun 2020 11:09:30 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 01 Jan 2023 20:26:59 GMT
cache-control: max-age=2592000
etag: "47c360d15120fa0b4e54885bc02a9f2d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WHpdtcFyxu99VdixrTbVDgjl9r4o36MnWdeE9bY0bPN31HbaxQNP7Q==
age: 856486
X-Firefox-Spdy: h2
img.tttcdn.com/product/xy/500/500/p/gu1/V/W/V7679W/V7679W-1-1924-MXP7.jpg
54.230.111.80200 OK 59 kB URL HTTP/2 img.tttcdn.com/product/xy/500/500/p/gu1/V/W/V7679W/V7679W-1-1924-MXP7.jpg
IP 54.230.111.80:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 04686c37e29d96a027bb5930f702369f
86f6bbfef81c2c2bfc58777281acb53d81f0628d
a680ce58966a29f38200277d5c68397412798422ed1778a992ec7fd10d39c314
GET /product/xy/500/500/p/gu1/V/W/V7679W/V7679W-1-1924-MXP7.jpg HTTP/1.1
Host: img.tttcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 58850
x-amz-id-2: b854V701APD3hMRdzQEiEW/i1Nq8kQbcUBJs5rFD1X5851hrKwzJlLofK4u5Kts4PptNwKn8eVg=
x-amz-request-id: 8XDSDDE7ABTJ9Y5F
date: Wed, 14 Dec 2022 01:17:22 GMT
last-modified: Wed, 03 Jun 2020 09:44:11 GMT
etag: "04686c37e29d96a027bb5930f702369f"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9vA2ozB2uUalbZTaBdIdaEzAc33EChFp8mU5d9gwX1-b0MQWekxb5w==
age: 2480662
X-Firefox-Spdy: h2
img.tttcdn.com/product/xy/500/500/p/gu1/K/3/K13672-3/K13672-3-1-9a78-Z0lc.jpg
54.230.111.80200 OK 52 kB URL HTTP/2 img.tttcdn.com/product/xy/500/500/p/gu1/K/3/K13672-3/K13672-3-1-9a78-Z0lc.jpg
IP 54.230.111.80:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ef919781362085a2b4a660accc192a4d
4f8eba8cb72bb8e82f2d12079c1c92ce1a0c1a06
3a59c017d2331fa5c78397b50bef6322c6d2b764c56ab536251d136d5cbc320b
GET /product/xy/500/500/p/gu1/K/3/K13672-3/K13672-3-1-9a78-Z0lc.jpg HTTP/1.1
Host: img.tttcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 52540
x-amz-id-2: 3QxsXIHqqiAfJe//J6WzjTEnLIvDRE6HAAqemrETZYdJdUbYS2bW4IuT3K2Ojgg5OHsujWsvzgM=
x-amz-request-id: 67S2ZH989DE353CX
date: Wed, 14 Dec 2022 00:44:56 GMT
last-modified: Fri, 20 Mar 2020 12:58:04 GMT
etag: "ef919781362085a2b4a660accc192a4d"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0v-zbq5TW6PGnm2OedGVBrS4lUxBcPlyRQEbN0hXfp4O-0bFbDCZlQ==
age: 2482609
X-Firefox-Spdy: h2
img.tttcdn.com/product/xy/500/500/p/gu1/Y/R/Y12169R-R/Y12169R-R-1-41ee-G6Z4.jpg
54.230.111.80200 OK 33 kB URL HTTP/2 img.tttcdn.com/product/xy/500/500/p/gu1/Y/R/Y12169R-R/Y12169R-R-1-41ee-G6Z4.jpg
IP 54.230.111.80:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c6f18cad8a801231812d7848af634060
470c9c006062f687a126975a016e358fc2776426
639ad1db7813dcad33b6fa985e16a30c937cf4f42e98133bfb3e9a5f54b41c35
GET /product/xy/500/500/p/gu1/Y/R/Y12169R-R/Y12169R-R-1-41ee-G6Z4.jpg HTTP/1.1
Host: img.tttcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 32968
x-amz-id-2: O5gAZpgETgZjZ/nK4SGln6Ds/gVUYc28aqMdfpr5weVHl0G+KaDOyW1Ruu5BXmqUvZVt6A1Hpiw=
x-amz-request-id: T7HHB9TG58WEZFAV
date: Tue, 10 Jan 2023 18:48:39 GMT
last-modified: Wed, 10 Jul 2019 02:38:52 GMT
etag: "c6f18cad8a801231812d7848af634060"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rduqCj-xpnhoK3VZ8OPcjkZUcPqRhmTlW2w9CKteZ0Sk81j7VipXbQ==
age: 84786
X-Firefox-Spdy: h2
img.tttcdn.com/product/xy/500/500/p/gu1/I/5/I3115/I3115-1-fa63-RCae.jpg
54.230.111.80200 OK 36 kB URL HTTP/2 img.tttcdn.com/product/xy/500/500/p/gu1/I/5/I3115/I3115-1-fa63-RCae.jpg
IP 54.230.111.80:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ce9cdb9d68c4194263b0d5a7fbb17902
8a14110fae4e86697e469a5760854dfb983376f4
0b119b667a28869a85382b9c7d7f9d68010372265fe9cca9f2c005cfb2046130
GET /product/xy/500/500/p/gu1/I/5/I3115/I3115-1-fa63-RCae.jpg HTTP/1.1
Host: img.tttcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 36328
x-amz-id-2: Og3OZSjA11IrT3Gg1jSUvivmZC0wVvKoUqMVhWZZPPq3ajJxjmJdHguJZWYjT3Qx8M08kwSD6Pk=
x-amz-request-id: RY1JDZNTH7Q80G6A
date: Thu, 05 Jan 2023 01:33:04 GMT
last-modified: Sat, 10 Mar 2018 11:14:10 GMT
etag: "ce9cdb9d68c4194263b0d5a7fbb17902"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vzlLcRvwnj6fd-X9kCB6cdS16KeazSg-nzvi5nOGeIXCEEi9ikBRjA==
age: 578920
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash d8318ab08c93be548af6b876bee43c40
e5d0803c11efd11d5beb136ce831c0d49e2ad70a
59fbb172f91acb0b0d3b6950cf87f7ceb89bea19601f5a8ae90242f35846d6b9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=139501
Date: Wed, 11 Jan 2023 18:21:44 GMT
Etag: "63be6ccd-1d7"
Expires: Fri, 13 Jan 2023 09:06:45 GMT
Last-Modified: Wed, 11 Jan 2023 08:01:17 GMT
Server: ECS (bsa/EB1C)
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eLOEdSF0KrGb6NBsYKVXgUcs-TLbkcdhLN5yjGyHEcAyjUpNeY6qBw==
Age: 3928
img.tttcdn.com/product/xy/500/500/p/gu1/K/L/K15392BL/K15392BL-1-7176-CfAU.jpg
54.230.111.80200 OK 27 kB URL HTTP/2 img.tttcdn.com/product/xy/500/500/p/gu1/K/L/K15392BL/K15392BL-1-7176-CfAU.jpg
IP 54.230.111.80:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7ee2a601c2876be06a81412a605f1b6c
1df94b6c87358af447518b6092b8e27b51fcb177
06e542beeb9ebdaa157ee9b57f5531603ca212903b37400b849e73ad6d4c5bff
GET /product/xy/500/500/p/gu1/K/L/K15392BL/K15392BL-1-7176-CfAU.jpg HTTP/1.1
Host: img.tttcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 26946
x-amz-id-2: 1UHtDstHCVTp0GFZsTqkEbrjR0+aTz6Ykq0u5yw+0kBy735SnlGSJAcga+pnZjlk0kNzGNHuF5M=
x-amz-request-id: GCFNKSHR6DTM6JSQ
last-modified: Tue, 14 Jul 2020 02:47:30 GMT
accept-ranges: bytes
server: AmazonS3
date: Sat, 07 Jan 2023 01:30:46 GMT
cache-control: max-age=2592000
etag: "7ee2a601c2876be06a81412a605f1b6c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RmVOriwUW6CxPX5qt0IexNJhAgZVd05XCY8Yt-6t70JpZJOByGaj0w==
age: 406259
X-Firefox-Spdy: h2
all4you.lv/
45.84.207.41200 OK 0 B IP 45.84.207.41:0
ASN #47583 Hostinger International Limited
GET / HTTP/1.1
Host: all4you.lv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.4.32
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
link: <https://all4you.lv/wp-json/>; rel="https://api.w.org/", <https://all4you.lv/wp-json/wp/v2/pages/9>; rel="alternate"; type="application/json", <https://all4you.lv/>; rel=shortlink
etag: "460-1673065231;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
date: Wed, 11 Jan 2023 18:21:39 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins&display=swap&ver=6.1
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins&display=swap&ver=6.1
IP 142.250.74.74:0
GET /css?family=Poppins&display=swap&ver=6.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://all4you.lv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 11 Jan 2023 18:21:39 GMT
date: Wed, 11 Jan 2023 18:21:39 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.pricecomparedeals.com/no-no
104.21.94.144200 OK 0 B URL HTTP/2 www.pricecomparedeals.com/no-no
IP 104.21.94.144:0
GET /no-no HTTP/1.1
Host: www.pricecomparedeals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 11 Jan 2023 18:21:43 GMT
content-type: text/html;charset=UTF-8
cache-control: max-age=1800
cf-cache-status: HIT
age: 545
last-modified: Wed, 11 Jan 2023 18:12:38 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2Bb076TozeX9b8rvUdXi0bilxuetEhLqf9I5hD4TTvFmLzFX%2B7nAU%2Fx7DNmXHm5CChj8EbUwlRekiZw4VMAdH4YOarZoJLLuFXjpqsRGa0nftHULHhGiKKpoNmvqFTb7iaj%2Feyf6QhctlRjn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 787fac798a3db52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.dealsfor.life/210x210/GG202006090809160963000000000000_decoration.jpg
104.21.34.224200 OK 0 B URL HTTP/2 cdn.dealsfor.life/210x210/GG202006090809160963000000000000_decoration.jpg
IP 104.21.34.224:0
GET /210x210/GG202006090809160963000000000000_decoration.jpg HTTP/1.1
Host: cdn.dealsfor.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 18:21:43 GMT
content-type: image/jpeg
content-length: 12794
x-amz-id-2: 6wnXaESSMB4fqASE7N+8ehTPOVbYvW3DlTDmjNmF7ppTk38+FuY2X/Q4Cz9O3q+wkmPY2nIV5dQ=
x-amz-request-id: G0SH0AH2J6PTJ52B
last-modified: Tue, 09 Jun 2020 08:22:03 GMT
etag: "a950c8fffccbf994e7eab4cbdc4afc79"
cache-control: max-age=86400
cf-cache-status: HIT
age: 938
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2Pu0rIiv%2F9dqedcLGKAZUd%2Bune0NPYtm1vMiHGh5ukor2A4GnHp5zL1wzcsxkonbm9ubLm%2FSJHgnCDlpmAZ0MFORH17o52yJPLvHeYB11cCJxWHg5oOCYe6LCn%2F75Rc3EMrfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 787fac7afc1f0b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2