masazuotojas.lt/limfodrenazinis-masazas-vilniuje/
45.84.204.83301 Moved Permanently 0 B URL HTTP/1.1 masazuotojas.lt/limfodrenazinis-masazas-vilniuje/
IP 45.84.204.83:0
ASN #47583 Hostinger International Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /limfodrenazinis-masazas-vilniuje/ HTTP/1.1
Host: masazuotojas.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.30
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: http://www.masazuotojas.lt/limfodrenazinis-masazas-vilniuje/
x-litespeed-cache: hit
content-length: 0
date: Tue, 04 Oct 2022 13:01:26 GMT
server: LiteSpeed
platform: hostinger
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 12:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: v6yUjcJBd6u_-oXNtEaM6eTUy_1t0huknxbjtbZpv8A9RSfssavGdg==
Age: 862
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4268
Expires: Tue, 04 Oct 2022 14:12:34 GMT
Date: Tue, 04 Oct 2022 13:01:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a1073a68ed38c8e3575e889224db944c
ee2a7a3e2da77a8540131f9ffaa0a20d4dd486bd
a9fb1f7ade7c8a79d2ee83e9b7215e66dc89ac733b11079297a8f4b9aceae1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A9FB1F7ADE7C8A79D2EE83E9B7215E66DC89AC733B11079297A8F4B9ACEAE1F5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2444
Expires: Tue, 04 Oct 2022 13:42:10 GMT
Date: Tue, 04 Oct 2022 13:01:26 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: rb0JQH06fyt2W2ngb1QrSF+uP/dGjzTwg0TIfKM53kUOswaYmAfvp6LjLOObRzfM2VsENEbkzUM=
x-amz-request-id: DGPYEHXN8EWXGFM0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 04 Oct 2022 12:51:21 GMT
age: 605
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 13:01:26 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 12:29:33 GMT
Expires: Tue, 04 Oct 2022 13:17:17 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YK1BfUFWcluysK0f5dPKo8t8U0kT8qym1eiiXIuRBF8cORpl90Ug_g==
Age: 1914
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 16ebfb2aa621547ecf581e26fc828a7d
f78993331f6f5b8af6409a9ad2fc50b77070f68a
0f81fd1d6be9ccc04b74f0348aafe642c7b9ab7dffb7e8a679b5d67cc2e5fac3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6004
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 13:01:27 GMT
Last-Modified: Tue, 04 Oct 2022 11:21:23 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.242.3.166101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.242.3.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: maWnM3T/iW7CRnaUHhcQYQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Njl2tx+LDTqMocgBk5mlracpzUs=
www.masazuotojas.lt/limfodrenazinis-masazas-vilniuje/
172.67.168.123200 OK 18 kB URL HTTP/1.1 www.masazuotojas.lt/limfodrenazinis-masazas-vilniuje/
IP 172.67.168.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (24556)
Hash 75bb85611539009a6dff87babc986a43
4af73df172615f8f7eb812732c74c25076d8c6ed
e38eb92c75c63cd3e5ba08fe3d4d9386d91039daa80e1a0d5a36ae08c04b4788
Analyzer Verdict Alert fortinet Malware
GET /limfodrenazinis-masazas-vilniuje/ HTTP/1.1
Host: www.masazuotojas.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 13:01:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
set-cookie: PHPSESSID=725978408c4ec552a9017cdb0aaf947b; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://www.masazuotojas.lt/wp-json/>; rel="https://api.w.org/", <https://www.masazuotojas.lt/wp-json/wp/v2/pages/7195>; rel="alternate"; type="application/json", <https://www.masazuotojas.lt/?p=7195>; rel=shortlink
x-litespeed-cache-control: no-cache
x-litespeed-tag: d58_HTTP.200,d58_page,d58_URL.4a79766611990fc67ad1bdd3939d064f,d58_Po.7195,d58_PGS,d58_
vary: Accept-Encoding
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9xl7PNJafkRfi%2BxXHj5GLA%2BwlmS%2BkOqehERwrjOLfAJFiJSpy9HoGUS4OjIWJKkJd9pqZB8fVkuwugpGWml3kiVoAEDMci8ptgeBBQCZfg62dTCWAUUVJG8tvrDTSysviS9W6sRZ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 754e1b324a1f0b55-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.masazuotojas.lt/wp-content/cache/autoptimize/css/autoptimize_single_36ea4805809e6b690c2f5126a0808297.css?ver=6.0.2
172.67.168.123200 OK 4.6 kB URL HTTP/1.1 www.masazuotojas.lt/wp-content/cache/autoptimize/css/autoptimize_single_36ea4805809e6b690c2f5126a0808297.css?ver=6.0.2
IP 172.67.168.123:0
File type ASCII text, with very long lines (26131), with no line terminators
Hash 103cc48a8c520905644f8fded990223e
e3d5e21fa1492487de675b6bea33ac208ea23c9d
19d6e4052d4309a7c2c964b601d1ac99070a742738c26b8c26018f77eda3a6ca
Analyzer Verdict Alert fortinet Malware
GET /wp-content/cache/autoptimize/css/autoptimize_single_36ea4805809e6b690c2f5126a0808297.css?ver=6.0.2 HTTP/1.1
Host: www.masazuotojas.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.masazuotojas.lt/limfodrenazinis-masazas-vilniuje/
Cookie: PHPSESSID=725978408c4ec552a9017cdb0aaf947b
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 13:01:27 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=26135
cache-control: public, max-age=30672000, immutable
etag: W/"6617-63329a41-acbab00a9fa32c19;gz"
expires: Sat, 23 Sep 2023 11:53:37 GMT
last-modified: Tue, 27 Sep 2022 06:37:53 GMT
platform: hostinger
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 90470
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98k1mx4gbSNpEjOBLBP5sEofAFaAd1RuqhnFTDFLigS8R%2BJwwVK3adqlfFmxmKwjtnJt0iKVpDuQXqFzXxyLRBudVyrxjiFX9S7WK%2Ba6CWhI49cclgblQFtCpj2%2FF8QV5L5e7Iij"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 754e1b392f8cb512-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.masazuotojas.lt/wp-content/cache/autoptimize/css/autoptimize_single_241da26dfe41adea872458235c7a0281.css?ver=6.0.2
172.67.168.123200 OK 6.3 kB URL HTTP/1.1 www.masazuotojas.lt/wp-content/cache/autoptimize/css/autoptimize_single_241da26dfe41adea872458235c7a0281.css?ver=6.0.2
IP 172.67.168.123:0
File type ASCII text, with very long lines (49200), with no line terminators
Hash eaddf46b74d33d372cfc5a63d822e2f7
ff834d8d19951571889e98e27147acef8d8e37be
9a76310c7b5dfddc80bed4cf33b58b4c306420c2f823cc4354a106ae3e109bac
Analyzer Verdict Alert fortinet Malware
GET /wp-content/cache/autoptimize/css/autoptimize_single_241da26dfe41adea872458235c7a0281.css?ver=6.0.2 HTTP/1.1
Host: www.masazuotojas.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.masazuotojas.lt/limfodrenazinis-masazas-vilniuje/
Cookie: PHPSESSID=725978408c4ec552a9017cdb0aaf947b
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 13:01:27 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=49205
cache-control: public, max-age=30672000, immutable
etag: W/"c035-63329a41-bae71c5843737f93;gz"
expires: Sat, 23 Sep 2023 11:53:37 GMT
last-modified: Tue, 27 Sep 2022 06:37:53 GMT
platform: hostinger
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 90470
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AADI7zu5vndp8uClODouWZlELmY2eVgIFAHtEFUrdOje6fdmLhcZNw7K%2Bbo0nZkEhmkMEavT%2BitWP%2Bs0%2FwTQKqOc%2BN3IVnNINceNh59OoNLe1xDCjNOkxANBs2Cc%2FNZMm1rbzpAX"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 754e1b3929801bfe-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.masazuotojas.lt/wp-content/cache/autoptimize/css/autoptimize_single_42b3f6422685e014414a0ef6e7cbba70.css?ver=f977acb25f39
172.67.168.123200 OK 9.5 kB URL HTTP/1.1 www.masazuotojas.lt/wp-content/cache/autoptimize/css/autoptimize_single_42b3f6422685e014414a0ef6e7cbba70.css?ver=f977acb25f39
IP 172.67.168.123:0
File type ASCII text, with very long lines (65251), with no line terminators
Hash 5dfecb8e06e39b472193abb15860688c
a8a64d935f4ac976dfa14fbe95f013117c1c9cca
cea442d65c69e188a80c0c0cbebb9bc0b01b2e4d06edce2bfbc86d396a0a471d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/cache/autoptimize/css/autoptimize_single_42b3f6422685e014414a0ef6e7cbba70.css?ver=f977acb25f39 HTTP/1.1
Host: www.masazuotojas.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.masazuotojas.lt/limfodrenazinis-masazas-vilniuje/
Cookie: PHPSESSID=725978408c4ec552a9017cdb0aaf947b
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 13:01:27 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=65317
cache-control: public, max-age=30672000, immutable
etag: W/"ff25-63329a41-a3bbe8107827bc5;gz"
expires: Sat, 23 Sep 2023 11:53:38 GMT
last-modified: Tue, 27 Sep 2022 06:37:53 GMT
platform: hostinger
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 90469
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2BpvgQLGkVuW99fRk7Dig0jMc7YPg%2Bm6S2ENL%2B1fjZKtmi%2BoQmBxe0pQZ8F2bSzgRQoV0%2Fy09K5Yt5agjZjXjicI%2BPVW1jSNIz1TodKQk%2BywtsTv6TeVPog%2FEtKVRjcojuPQ5yvB"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 754e1b3939971bfe-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.masazuotojas.lt/wp-content/cache/autoptimize/css/autoptimize_single_9a60d3d7e60f955d3464824491d69b32.css?ver=f977acb25f39
172.67.168.123200 OK 4.2 kB URL HTTP/1.1 www.masazuotojas.lt/wp-content/cache/autoptimize/css/autoptimize_single_9a60d3d7e60f955d3464824491d69b32.css?ver=f977acb25f39
IP 172.67.168.123:0
File type ASCII text, with very long lines (28871), with no line terminators
Hash 4db5e625d4436b00190f88c340299ea6
8fd3cf2a49db97a33f7556f629a3c8097603dd37
aa7973d2a3cfbacaddcca1f7c24a315f2c2e237c11551a9d27b576e0ab6bf6a9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/cache/autoptimize/css/autoptimize_single_9a60d3d7e60f955d3464824491d69b32.css?ver=f977acb25f39 HTTP/1.1
Host: www.masazuotojas.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.masazuotojas.lt/limfodrenazinis-masazas-vilniuje/
Cookie: PHPSESSID=725978408c4ec552a9017cdb0aaf947b
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 13:01:27 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
cache-control: public, max-age=30672000, immutable
etag: W/"70c7-63329a41-2e3c0ec1fe683d58;gz"
expires: Sat, 23 Sep 2023 11:53:37 GMT
last-modified: Tue, 27 Sep 2022 06:37:53 GMT
platform: hostinger
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 90470
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rCEiWNXFKftOBIiqijZMMTCNeCDwjRI1fcQ%2BeFyqhh7wVvjFONCfgZ%2Fs7hytRNndyAVMmcgMBgYcUWm0vQED2SHMyWcI8un3s1jcNmN3EO37cyyi6MgFekCPXaJDny6VzCbzGv0J"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 754e1b393facb512-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.masazuotojas.lt/wp-content/cache/autoptimize/css/autoptimize_single_8faea029e1621c26e384931f7e194242.css?ver=6.9.0
172.67.168.123200 OK 46 kB URL HTTP/1.1 www.masazuotojas.lt/wp-content/cache/autoptimize/css/autoptimize_single_8faea029e1621c26e384931f7e194242.css?ver=6.9.0
IP 172.67.168.123:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9528389ee3ca1ce57d9d3677127f4f7c
962a91f14b1bd9f59a5faf8ab1030c9d4d4cdf0a
b68b05a98a87bdce889735d3d12b50fe6a2fbaa57bb2041500be877af058d53f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/cache/autoptimize/css/autoptimize_single_8faea029e1621c26e384931f7e194242.css?ver=6.9.0 HTTP/1.1
Host: www.masazuotojas.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.masazuotojas.lt/limfodrenazinis-masazas-vilniuje/
Cookie: PHPSESSID=725978408c4ec552a9017cdb0aaf947b
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 13:01:27 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=492319
cache-control: public, max-age=30672000, immutable
etag: W/"7831f-63329a41-6a16ae746aa364b6;gz"
expires: Sat, 23 Sep 2023 11:53:38 GMT
last-modified: Tue, 27 Sep 2022 06:37:53 GMT
platform: hostinger
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 90469
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojd8ZlEWSHps9Ng1VtSU5HmBXwB4HpZCxNyzegaoEf0ziA3WMTVV0u8xIDejZQNvds07vENE9Zf9GWhhXajqH0A0YeUIKjF%2F45lGu0NqMkVQDx%2BbqnbUmqGKKFD%2FU5eCQPw42rbN"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 754e1b3928f1b523-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.masazuotojas.lt/wp-content/cache/autoptimize/css/autoptimize_single_12efabe7ba679185a357caeea02572d5.css?ver=f977acb25f39
172.67.168.123200 OK 30 kB URL HTTP/1.1 www.masazuotojas.lt/wp-content/cache/autoptimize/css/autoptimize_single_12efabe7ba679185a357caeea02572d5.css?ver=f977acb25f39
IP 172.67.168.123:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash c7026106a3dd8d9bb5296fcdcd02d11a
229cf4602f631b8045657afa918f48a51a1c5279
e7cb5b76ba25bec28fb419f87929ef9126aca804588e084ad5da7f28082a6988
Analyzer Verdict Alert fortinet Malware
GET /wp-content/cache/autoptimize/css/autoptimize_single_12efabe7ba679185a357caeea02572d5.css?ver=f977acb25f39 HTTP/1.1
Host: www.masazuotojas.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.masazuotojas.lt/limfodrenazinis-masazas-vilniuje/
Cookie: PHPSESSID=725978408c4ec552a9017cdb0aaf947b
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 13:01:27 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=239050
cache-control: public, max-age=30672000, immutable
etag: W/"3a5ca-63354bbc-9e1230a68baaae10;gz"
expires: Sat, 23 Sep 2023 11:53:38 GMT
last-modified: Thu, 29 Sep 2022 07:39:40 GMT
platform: hostinger
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 90469
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ErbzOBDZeBFqD9CTJEmOfLY8hQRDlGsrpK1SEUSEF%2FRMLyBWJnBRkSyPty%2BjlC49U8%2BQgDPPbA8FUEJHZ7f62y6Xh6QgudsByK%2B0AYEpyzuH7T1IArpPf8HI%2BtjlPe6sCL9cERT"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 754e1b393d64fab4-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.masazuotojas.lt/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
172.67.168.123200 OK 655 B URL HTTP/1.1 www.masazuotojas.lt/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 172.67.168.123:0
File type HTML document, ASCII text, with very long lines (1238)
Hash bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f
Analyzer Verdict Alert fortinet Malware
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: www.masazuotojas.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.masazuotojas.lt/limfodrenazinis-masazas-vilniuje/
Cookie: PHPSESSID=725978408c4ec552a9017cdb0aaf947b
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 13:01:27 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 11:11:52 GMT
ETag: W/"633188f8-4d7"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fAJV1ubVeaQSWAIQbayn2wCkmVrqji3uSZ2q4YMhma6mM%2BiXfZVColncNGUPEB%2FIWxfl0torlX6z9pGTqlr1GE1leEUrUccLJpQL%2BaDHugMrUudtW3vajkLLJ%2BoPMs5sOPArzgJe"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754e1b39998eb523-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Thu, 06 Oct 2022 13:01:27 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
www.masazuotojas.lt/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
172.67.168.123200 OK 3.9 kB URL HTTP/1.1 www.masazuotojas.lt/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 172.67.168.123:0
File type ASCII text, with very long lines (12331)
Hash 54c87b7a9007d256c837e382cab4170d
6c8f44204021f68596af9ae5a742c3ad1b76a6ec
3a09f98b09786cd8fbe71cc17d07660e767fc1c8d2ea467f912bc328766a54a1
Analyzer Verdict Alert fortinet Malware
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.masazuotojas.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.masazuotojas.lt/limfodrenazinis-masazas-vilniuje/
Cookie: PHPSESSID=725978408c4ec552a9017cdb0aaf947b
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 13:01:27 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 11:11:52 GMT
ETag: W/"633188f8-302c"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MkKGr74%2BrRrrBmHJS411traRjNV0GXrCvGIGto3x0XcrMRoG9UTJSidjP%2Bn6ITv5Y0CNqjr4NyugqvUQ1ZzrSqnhjc5vo%2FdR8OFRA8Nw7aEyiZhaPtml0S3qLAFsuwOQYCWTx1jZ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754e1b399dc9fab4-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Thu, 06 Oct 2022 13:01:27 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
www.masazuotojas.lt/wp-content/cache/autoptimize/css/autoptimize_single_fd6d8f532f01a09990426c144b71a9a5.css?ver=f977acb25f39
172.67.168.123200 OK 2.8 kB URL HTTP/1.1 www.masazuotojas.lt/wp-content/cache/autoptimize/css/autoptimize_single_fd6d8f532f01a09990426c144b71a9a5.css?ver=f977acb25f39
IP 172.67.168.123:0
File type ASCII text, with very long lines (16738), with no line terminators
Hash c35dbae329bc07b6809dcd19bb515b7a
eef7904eebea6fe702ffcab1e63dbffd21353d92
f9595e4ca8f0c3d5ebdf41a76900f978077f2986026b5b08c6a69923be5d7e6c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/cache/autoptimize/css/autoptimize_single_fd6d8f532f01a09990426c144b71a9a5.css?ver=f977acb25f39 HTTP/1.1
Host: www.masazuotojas.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.masazuotojas.lt/limfodrenazinis-masazas-vilniuje/
Cookie: PHPSESSID=725978408c4ec552a9017cdb0aaf947b
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 13:01:27 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=16758
cache-control: public, max-age=30672000, immutable
etag: W/"4176-63329a41-379b58220db5ceb;gz"
expires: Sat, 23 Sep 2023 11:53:38 GMT
last-modified: Tue, 27 Sep 2022 06:37:53 GMT
platform: hostinger
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 90469
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F6Gzn5xC2LHsUegfe%2B4bGzWbdNi4ZCowFbb9PR%2Fpm647HRqRQP1kY3nfDGhWIyj6r0PBjtBpHBz8PGHXzKA9hKFVqy9DnZJ%2B4FbMjojul6v9uPPvTMwddKeeY6GwjeA4OXRkX0XT"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 754e1b3999f01bfe-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.masazuotojas.lt/wp-content/cache/autoptimize/css/autoptimize_single_bf69aa6840db2eeeeaee5098ac454612.css?ver=f977acb25f39
172.67.168.123200 OK 1.2 kB URL HTTP/1.1 www.masazuotojas.lt/wp-content/cache/autoptimize/css/autoptimize_single_bf69aa6840db2eeeeaee5098ac454612.css?ver=f977acb25f39
IP 172.67.168.123:0
File type ASCII text, with very long lines (8937), with no line terminators
Hash 852e6878612dbae4819a90db810c0acd
032dfcc7b08c98b4a005e8991ce5685d0e1e05f3
ed94391a452cc20ad93082b06d39512ac8c6cd71bd9562422b77f4459cd4b7be
Analyzer Verdict Alert fortinet Malware
GET /wp-content/cache/autoptimize/css/autoptimize_single_bf69aa6840db2eeeeaee5098ac454612.css?ver=f977acb25f39 HTTP/1.1
Host: www.masazuotojas.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.masazuotojas.lt/limfodrenazinis-masazas-vilniuje/
Cookie: PHPSESSID=725978408c4ec552a9017cdb0aaf947b
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 13:01:27 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=8971
cache-control: public, max-age=30672000, immutable
etag: W/"230b-63329a41-791e7da7bd7fd2e;gz"
expires: Sat, 23 Sep 2023 11:53:38 GMT
last-modified: Tue, 27 Sep 2022 06:37:53 GMT
platform: hostinger
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 90469
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OxGbCAvS4NoR%2FFB8Ez3VolY80WCzUZg84o61FHqjbGxS8zk88A%2FnFyU3cQPx4DdG9XEpFpow%2FWxK3SoxVbyLibyJ7CyCPXJ7%2Bow%2BStErHh5pBgaCyHG7D%2FqsQ%2FbHj4qc8oc2RbrI"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 754e1b399821b512-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 13:01:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Open+Sans:400,600,700%7CMontserrat:400,600,700%7CRoboto:400,600,700
142.250.74.10200 OK 1.5 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,600,700%7CMontserrat:400,600,700%7CRoboto:400,600,700
IP 142.250.74.10:0
Hash d84304fceb9df0a12703550dbc31ae6f
fb3e4d42151566c8e8cff9482d4ab9a15bf19b0e
08a510eadc2e6617643f269b160c5817a513291b76ea866e6984ade7c03649bd
GET /css?family=Open+Sans:400,600,700%7CMontserrat:400,600,700%7CRoboto:400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.masazuotojas.lt/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 13:01:28 GMT
date: Tue, 04 Oct 2022 13:01:28 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.masazuotojas.lt/wp-content/plugins/generate-pdf-using-Contact-Form-7-pro/assets/css/cf7-pdf-generation-public.css?ver=1.2
172.67.168.123301 Moved Permanently 0 B URL HTTP/1.1 www.masazuotojas.lt/wp-content/plugins/generate-pdf-using-Contact-Form-7-pro/assets/css/cf7-pdf-generation-public.css?ver=1.2
IP 172.67.168.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/generate-pdf-using-Contact-Form-7-pro/assets/css/cf7-pdf-generation-public.css?ver=1.2 HTTP/1.1
Host: www.masazuotojas.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.masazuotojas.lt/limfodrenazinis-masazas-vilniuje/
Cookie: PHPSESSID=725978408c4ec552a9017cdb0aaf947b
HTTP/1.1 301 Moved Permanently
Date: Tue, 04 Oct 2022 13:01:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.30
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
location: https://www.masazuotojas.lt
x-litespeed-cache: miss
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dwO%2B%2BNanjFtsycqDENa5dYvsRi9YtnT29sdF5BqgFFQX56ccjNsOhWuwTgMi68geMr4Ybvs%2BxV1ga50v7La2E%2Bwy%2FlWFZx5hMYaE6MFQY1zk3vVDDj3H78WxB1gx0Q%2BY6GoEZBPU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754e1b391f57b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3430
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 13:01:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3430
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 13:01:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3430
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 13:01:28 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c6882c60d7ca6f918c77104e3ad1d52
20ef861be49c652a938e0145e4ca3a60159367e2
861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: O1yNc4H21kixhUEE7099oNqs7a5ZnJBBjlZbsbmLvaXyzXzrK0dL3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:33 GMT
age: 55015
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 515e23ff5ef0fc336ac5ec7fd31dfacd
a98da6b6ce993bd8f3b58ba42915cd9c4b45946c
77c186eb00def4a978d1bfd9eac755f70bf465f622991aaf6681227aec3e118a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8508
x-amzn-requestid: 63afa079-f66e-428a-b491-c5859aed2e3b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZJFU9EknoAMF1uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63338285-54f784262318d7ca0e560d44;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 23:08:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wueU8yVJPql7JutY2H26gdjyBCPTeyX_sG9c5mNE-PS57lyMGftW2g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 08:27:48 GMT
age: 16420
etag: "a98da6b6ce993bd8f3b58ba42915cd9c4b45946c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8c08f8066cc732de8befd6ccd629a95
22aab05208a01ae5def4d63dc145085630f57bcb
f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DOS5kVEVqBrCVMKRw07fX-6HDgWVb9lJwkVM2pXs0PQHys6CBJUVfQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 55028
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 54b3ef7aa50273b78b59c24511b0c1f9
e2ea2ef6805e391c497e62e101e76a0bdecfce64
296e8954022d5160137b3e02ab5085a15cee7c23cd6d4ca61b36880706062457
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11955
x-amzn-requestid: ce6bbe93-95b0-4b6e-a8bc-012796485e67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zcqb9FUtoAMF0WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b577f-59dc0a18523f900a059aa5df;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 44jC1Ww19YUJjZHw9_3cSSR5Y7nw5df412G-RxWFTcbRz1XDKaT3zQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:35 GMT
age: 55013
etag: "e2ea2ef6805e391c497e62e101e76a0bdecfce64"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6779181f9c06975f2a662da743893939
585e7146fd24cdc2496b05baafea04091dc541e2
8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: SGeDEPoXxsTV5UwkZnn3MJPbjhHhrKSsueHPxVapV_7Icl6daFk3oA==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 55028
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962fb2a2-ad40-48cf-87a7-de082c564a5e.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962fb2a2-ad40-48cf-87a7-de082c564a5e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f2287c489794dab0e9ba923a2057988f
2b9f6828a38da81b40dcad033572e48b4c5896db
e853fa2acf2425d14cb9746e8bbd45c8765598d2bb630859086b4668182dbf6c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962fb2a2-ad40-48cf-87a7-de082c564a5e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8534
x-amzn-requestid: 8ae51cd3-697b-47ed-8493-8f83e2bc7469
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHuHlXoAMFucg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-165d72034440cf810d42f3bd;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LPt8LUVoKhXjfz-jZHLmnWD15tQgSLRaxl-Bsl0UU83G7wm3jj7_mg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:34 GMT
age: 55014
etag: "2b9f6828a38da81b40dcad033572e48b4c5896db"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.masazuotojas.lt/wp-content/cache/autoptimize/css/autoptimize_15cf0577855259fc6b86ac8585743e66.css
172.67.168.123200 OK 219 kB URL HTTP/1.1 www.masazuotojas.lt/wp-content/cache/autoptimize/css/autoptimize_15cf0577855259fc6b86ac8585743e66.css
IP 172.67.168.123:0
File type ASCII text, with very long lines (43771)
Size 219 kB (218787 bytes)
Hash 0f7dc1ca427ecf1b4834fbb221aa6d6b
1d73c8dc52a7a70c545a37d0ae7a98981b666e5f
53be66a7466b6715c2aeefb953360a49c8ce0c7811929bbf3eca2494773a257e
GET /wp-content/cache/autoptimize/css/autoptimize_15cf0577855259fc6b86ac8585743e66.css HTTP/1.1
Host: www.masazuotojas.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.masazuotojas.lt/limfodrenazinis-masazas-vilniuje/
Cookie: PHPSESSID=725978408c4ec552a9017cdb0aaf947b
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 13:01:28 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: public, max-age=30672000, immutable
expires: Sun, 24 Sep 2023 13:01:27 GMT
last-modified: Sun, 02 Oct 2022 18:50:26 GMT
etag: "15a77c-6339dd72-53bde02af79ecc80;gz"
content-encoding: gzip
vary: Accept-Encoding
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3hGIjhMaxiripuwXN2LAyDCthcJBWbuZ25cAxFw%2BwwSnY4hoT3%2BRXlATXWtkDTndBiAwcWv5yqJHVLVG66XCjpv1JNj%2BXgtbugWQykBiSeq6xwD7TyYRBlpotOb73fr9qfRNgz8"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 754e1b3918d80b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.masazuotojas.lt/wp-content/cache/autoptimize/css/autoptimize_7c4ab43d7eb07ea1dd7259d3d983ec86.css
172.67.168.123200 OK 209 B URL HTTP/1.1 www.masazuotojas.lt/wp-content/cache/autoptimize/css/autoptimize_7c4ab43d7eb07ea1dd7259d3d983ec86.css
IP 172.67.168.123:0
File type ASCII text, with very long lines (405), with no line terminators
Hash 8d1c0ef0525716306aa6704b013aeffc
0dc4cd0dabdf42cf6c803edbafe1d53d9d59612c
18c0af173f04ff93aa5ca6599ade598fffcd10b35a4ded0442406f21d7cf012f
GET /wp-content/cache/autoptimize/css/autoptimize_7c4ab43d7eb07ea1dd7259d3d983ec86.css HTTP/1.1
Host: www.masazuotojas.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.masazuotojas.lt/limfodrenazinis-masazas-vilniuje/
Cookie: PHPSESSID=725978408c4ec552a9017cdb0aaf947b
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 13:01:30 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
cache-control: public, max-age=30672000, immutable
etag: W/"195-6332ae1f-fbbf7a6cc3893928;gz"
expires: Sat, 23 Sep 2023 11:53:38 GMT
last-modified: Tue, 27 Sep 2022 08:02:39 GMT
platform: hostinger
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 90472
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nIa%2BTItNZ9uLbKPbwRTwD3nrCU2QrueQc0Pm0qOqZMX9gTAMs4k2ERrW%2BaOeKArsd5Kq6oC7y9E%2Blv9us8okwPHZkO%2FP%2BfpSdBH9DTq3byQrNAyysKzBn6qhClP4ptgxpJ3zXh6%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 754e1b48a900fab4-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.masazuotojas.lt/wp-content/themes/dt-the7/fonts/icomoon-the7-font/icomoon-the7-font.ttf?wi57p5
172.67.168.123200 OK 25 kB URL HTTP/1.1 www.masazuotojas.lt/wp-content/themes/dt-the7/fonts/icomoon-the7-font/icomoon-the7-font.ttf?wi57p5
IP 172.67.168.123:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, the7-default-font\012- data
Hash 3a02835f6153eb717daae6dcd90f0b00
6e733f6484cb964fd9d9ef661d19f7c5b7e92450
c34fef2e3213dff3d2828811e493ec51ceb66d3fdda46a6462d7be31d724eebf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/dt-the7/fonts/icomoon-the7-font/icomoon-the7-font.ttf?wi57p5 HTTP/1.1
Host: www.masazuotojas.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.masazuotojas.lt/wp-content/cache/autoptimize/css/autoptimize_15cf0577855259fc6b86ac8585743e66.css
Cookie: PHPSESSID=725978408c4ec552a9017cdb0aaf947b
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 13:01:30 GMT
Content-Type: application/x-font-ttf
Content-Length: 24654
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 12:33:29 GMT
last-modified: Sun, 02 Oct 2022 16:24:34 GMT
etag: "bb94-6339bb42-40e8668f2dfca82e;gz"
content-encoding: gzip
vary: Accept-Encoding
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 88081
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7QfYcBze1KRdOcVlRoORWXMiEp%2FwqMErUEZ2oiuEGUUcOPPb6%2Bn8gulB%2B5Zb62hXO%2BayvfHWVRJ3VKxPeeaKhcqJMRpmYdtWb1HbxxbilIbBYj9dp1AjgaKnm0%2F%2B19hwRsL8IQ7c"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 754e1b48f961fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.masazuotojas.lt/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
172.67.168.123200 OK 31 kB URL HTTP/1.1 www.masazuotojas.lt/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 172.67.168.123:0
File type ASCII text, with very long lines (65447)
Hash b99fbf889244b035a876b80de25f2bd6
e24efa77d2cc1030794cc94022e474d85f840c7e
492f6a2d482b6021cef7457c187730c81f2a7372518936b51958028dcfee8e6d
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.masazuotojas.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.masazuotojas.lt/limfodrenazinis-masazas-vilniuje/
Cookie: PHPSESSID=725978408c4ec552a9017cdb0aaf947b
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 13:01:30 GMT
Content-Type: application/x-javascript
Content-Length: 30914
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 11:53:38 GMT
last-modified: Mon, 26 Jul 2021 13:32:29 GMT
etag: "15db1-60feb96d-44ddf844d9a2f81;gz"
content-encoding: gzip
vary: Accept-Encoding
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 90472
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4TrAmFTpFD28Fye1iho5eGADKd3ZaW8zSJNNnEBqIvefc1mHkKD%2BwdGJjYQAugBpV90ywpYsXV3bhTJWoPbYLgAsCx%2BEH3fDiPNWHst%2FVjgOProA4nGVlzM9N775Cpm1ATksogQx"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 754e1b494c3a1bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 13:01:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 13:01:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 13:01:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.masazuotojas.lt
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 16:40:18 GMT
expires: Fri, 29 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 418872
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.masazuotojas.lt/wp-content/themes/dt-the7/images/the7-chevron-down.svg
172.67.168.123200 OK 391 B URL HTTP/1.1 www.masazuotojas.lt/wp-content/themes/dt-the7/images/the7-chevron-down.svg
IP 172.67.168.123:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Hash c2eb257e2e4801b51f4209564c052d7e
c8e418aa22463d6d6c9c65512871de94f4360df5
a14f2263bc5328378fd7c76665c1e3477e7409dd5ac15bc46c2aaeb8f0fb39a0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/dt-the7/images/the7-chevron-down.svg HTTP/1.1
Host: www.masazuotojas.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.masazuotojas.lt/wp-content/cache/autoptimize/css/autoptimize_15cf0577855259fc6b86ac8585743e66.css
Cookie: PHPSESSID=725978408c4ec552a9017cdb0aaf947b
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 13:01:30 GMT
Content-Type: image/svg+xml
Content-Length: 391
Connection: keep-alive
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 13:01:30 GMT
last-modified: Sun, 02 Oct 2022 16:24:50 GMT
etag: "243-6339bb52-bab2976b3266091a;gz"
content-encoding: gzip
vary: Accept-Encoding
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IomI8uqULYjykxSyS2PFl9MDiOJxUnbkj2APT5oafcCVXJuH2m3Q3PUgf4D1m9HNxFxw7262PxkVIIZtvAUVLm4glt06oL8ChToQ%2BUfJFf%2Fhu47Pqcn%2Bl1BBEwrVT0Ff1ksmFINI"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 754e1b48aed3b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 31320, version 1.0\012- data
Hash 3fe71527811fbfedd2c07962e1bc49e7
f63e158a0480c5d711b5e268db0e75e57d87a8a5
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.masazuotojas.lt
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 18:57:58 GMT
expires: Tue, 03 Oct 2023 18:57:58 GMT
cache-control: public, max-age=31536000
age: 65012
last-modified: Mon, 15 Aug 2022 18:11:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.masazuotojas.lt/wp-content/cache/autoptimize/js/autoptimize_9cca5d5d933851da2e7cc5150aa8ce1e.js
172.67.168.123200 OK 572 kB URL HTTP/1.1 www.masazuotojas.lt/wp-content/cache/autoptimize/js/autoptimize_9cca5d5d933851da2e7cc5150aa8ce1e.js
IP 172.67.168.123:0
File type ASCII text, with very long lines (41497)
Size 572 kB (571818 bytes)
Hash 514d9652eef9160d99aef3b85c13043d
c7a80d147ab9686478ceaefb597c7c79fec83bc2
97c3ac74ad1d53cc91bbf909eb57e44289604ea49a9e9802091636fa7e02dc14
Analyzer Verdict Alert fortinet Malware
GET /wp-content/cache/autoptimize/js/autoptimize_9cca5d5d933851da2e7cc5150aa8ce1e.js HTTP/1.1
Host: www.masazuotojas.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.masazuotojas.lt/limfodrenazinis-masazas-vilniuje/
Cookie: PHPSESSID=725978408c4ec552a9017cdb0aaf947b
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 13:01:30 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=2061645
cache-control: public, max-age=604800, immutable
etag: W/"1f754d-6332ae1f-c1b033e4fc380553;gz"
expires: Mon, 10 Oct 2022 11:53:38 GMT
last-modified: Tue, 27 Sep 2022 08:02:39 GMT
platform: hostinger
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 90472
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OTqHhtqJNp4YDZTOSKpXVpbrTvlQqDjygsyuo3ED%2F7UzohQr80yJgGpqURv4W9yrjcJyTlUZgMMzI3m%2BJX8DwjVtG5NU1eqZM2oiDyny7du2jvNHVL4KV72ArTz%2BriR9%2Fz%2BnJuG1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 754e1b4939a3fab4-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 13:01:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.masazuotojas.lt
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 03:08:55 GMT
expires: Sun, 01 Oct 2023 03:08:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 294755
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b45b15bb651cc185ea82d91a51f06b5a
44987727be72bb12b4e4fc4fac50145835512750
f0b61426de169cf2efde87ac98d5123ea785004ad05c05932a099b644b2fdf64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 13:01:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5ba23234dfb31276cc3bf9a347508595
a225d0a9ecf5d7f0032816c6f3d4a5ae1f3b27a3
33558bed4856ac3f2a7267965521b316ccd3ccc669877994c6c590e2d2a1b559
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 13:01:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 13:01:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
216.58.207.195200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 25036, version 1.0\012- data
Hash 9dd150fb7229e143e0f71ba1fe8c8f63
664abfc4941054600213dda51a3d6f0d05b3c312
cffe139366b3882387dddbd10d59e7d9aa29345793fdbf51ddde809ca6a0bec2
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.masazuotojas.lt
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 02:12:57 GMT
expires: Sun, 01 Oct 2023 02:12:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 18:59:41 GMT
content-type: font/woff2
age: 298113
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5e89969841b429e3ca44b320d17ea98a
30486a886b793ad5431b73d983d091487e5709c6
2d08365a447343168153cf1178b3b847377c2923bce06d9f6485ad08d3a06d34
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6513
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 13:01:30 GMT
Last-Modified: Tue, 04 Oct 2022 11:12:57 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
www.google.com/recaptcha/api.js?render=6Le1lYUUAAAAALU08ZAH7HngoYs7_hUbE8hFO1cW&ver=3.0
142.250.74.164200 OK 586 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Le1lYUUAAAAALU08ZAH7HngoYs7_hUbE8hFO1cW&ver=3.0
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 25b0ad7b4ee1c102bb6eac429120c19c
90a4b827d3c97cd8736205e2ab6d69ce592b53a4
8a2756cd167b2ad95ddcf17db54b27a037e8d74e6a9461db6a91a778b4b5291e
GET /recaptcha/api.js?render=6Le1lYUUAAAAALU08ZAH7HngoYs7_hUbE8hFO1cW&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.masazuotojas.lt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 04 Oct 2022 13:01:30 GMT
date: Tue, 04 Oct 2022 13:01:30 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 586
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/lt_LT/sdk.js?ver=6.0.2
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/lt_LT/sdk.js?ver=6.0.2
IP 31.13.72.12:0
File type ASCII text, with very long lines (1961)
Hash 01054c076d2573e05509af85aba8bbff
40c730948d759e41619fd505080cc2078d837086
31c747d35cb1a5ae3195328bde07ca6d9f2d11ffc7c5d1f7d00696fcecc2d45d
GET /lt_LT/sdk.js?ver=6.0.2 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.masazuotojas.lt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: d9af46537b37512ed6aa7225cb24dbe4
etag: "2cabb21eb09efc2481ab654d25b3037b"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 04 Oct 2022 13:12:35 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: AQVMB20lc+BVCa+Fq6i7/w==
x-fb-debug: RgzwhxzSXUEcvWhzK7F7pqmxYsXF2U+inZ1GTRXGbwhe9cDThn7PUVfS1R4Mirvlc2f4FwkEAB2P0Q5Yaf+Aww==
priority: u=3,i
content-length: 1688
x-fb-trip-id: 1904183273
date: Tue, 04 Oct 2022 13:01:30 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-48634483-1
142.250.74.168200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-48634483-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (2039)
Hash 704c40e75f00e7b6f20551f6543a6acd
35714205ae52157aa2cd1e23e10d151632a0a676
6047bd6625a572379821f92c976056debd5b589826797b440cffc2056f81624d
GET /gtag/js?id=UA-48634483-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.masazuotojas.lt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 04 Oct 2022 13:01:30 GMT
expires: Tue, 04 Oct 2022 13:01:30 GMT
cache-control: private, max-age=900
last-modified: Tue, 04 Oct 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42327
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 13:01:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.masazuotojas.lt/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
172.67.168.123200 OK 5.0 kB URL HTTP/1.1 www.masazuotojas.lt/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 172.67.168.123:0
File type ASCII text, with very long lines (15660)
Hash ea5e234b404fd65b541a742069d9a84d
8fd4e732b40b0ba166ea62f1efbad135a5b26e37
00c2e28d8ef2efbe21cf339c620cb2a1031a2eb72f75f2faf33130397d064cc4
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: www.masazuotojas.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.masazuotojas.lt/limfodrenazinis-masazas-vilniuje/
Cookie: PHPSESSID=725978408c4ec552a9017cdb0aaf947b
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 13:01:30 GMT
Content-Type: application/x-javascript
Content-Length: 4987
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 11:53:39 GMT
last-modified: Thu, 26 May 2022 05:03:00 GMT
etag: "48b9-628f0a04-f36d81b034fe4c1e;gz"
content-encoding: gzip
vary: Accept-Encoding
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 90471
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikwh6XYJvEjJxwH%2FomYtBX84SyJ32px6nuRw2b4kLjSNajs3dL%2FtTx0x9my3e4aC2VZcMVEeiYbBNsXbGcwYIWhXXiDpKS2VbW1AjHc1p4ZW%2BgWyXVCDQ2mpDrkxrV8%2Bxv1pOInw"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 754e1b4acaa2fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 14455dde368eb7ed866263253751c304
df4a88581b22be63f22d8f5c91dae19a7af455b6
065f922b11579ae0d27c1057363275fef782d5d6c02d7c58388afcd0ba0645e7
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 13:01:30 GMT
Last-Modified: Tue, 04 Oct 2022 11:51:36 GMT
Server: ECS (nyb/1D13)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: PCCs19a1S0A3Z3BDXDwVaEZ0KsQ3LDutapfZJmM4FciYsbNe4i8rSA==
Age: 4194
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5ba23234dfb31276cc3bf9a347508595
a225d0a9ecf5d7f0032816c6f3d4a5ae1f3b27a3
33558bed4856ac3f2a7267965521b316ccd3ccc669877994c6c590e2d2a1b559
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 13:01:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5e89969841b429e3ca44b320d17ea98a
30486a886b793ad5431b73d983d091487e5709c6
2d08365a447343168153cf1178b3b847377c2923bce06d9f6485ad08d3a06d34
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6513
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 13:01:30 GMT
Last-Modified: Tue, 04 Oct 2022 11:12:57 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 129fe858bf2aa7291fd2c6dd4cf9d226
e3e048b964b851ebbdcfb5bd80ebdbad13720cf6
addc7e4ddab73c8c7ee50f6d33fc1e4ff73b71cc014e481049a393c3b87b0924
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 13:01:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
book.treatwell.lt/common/venue-menu/javascript/widget-button.js?v1
143.204.55.85302 Found 0 B URL HTTP/2 book.treatwell.lt/common/venue-menu/javascript/widget-button.js?v1
IP 143.204.55.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /common/venue-menu/javascript/widget-button.js?v1 HTTP/1.1
Host: book.treatwell.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.masazuotojas.lt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-length: 0
location: https://book.treatwell.lt/asset/widget-book-now-2dc89e.js
date: Tue, 04 Oct 2022 13:01:30 GMT
server: nginx
ruid: e9be364c-4ddb-49ce-b05d-72d181f3ee6b
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-whn-origin: ip-10-16-16-175
cache-control: no-cache, no-store, must-revalidate
via: 1.0 ip-10-16-16-175 (app nginx), 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-varnish: 374768597
strict-transport-security: max-age=3600;
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AGuBB445n3iIXXTUxXS8QQINtJeFn5ELh-hnSkg_vto0eY0aJCW_Dw==
age: 0
X-Firefox-Spdy: h2
book.treatwell.lt/asset/widget-book-now-2dc89e.js
143.204.55.85200 OK 1.4 kB URL HTTP/2 book.treatwell.lt/asset/widget-book-now-2dc89e.js
IP 143.204.55.85:0
File type ASCII text, with very long lines (3903)
Hash 5cd9a4d43ed42d5fd7f1f56b53ef3cae
fdcdd02345ba679369bfdf65567e0f6e45a51982
0e5e4095458095cfb3c0f4400ab12bfdddcd8acf4b265a93c2a5853fa3cc455d
GET /asset/widget-book-now-2dc89e.js HTTP/1.1
Host: book.treatwell.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.masazuotojas.lt/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=UTF-8
content-length: 1398
date: Sat, 03 Sep 2022 04:19:53 GMT
server: nginx
ruid: 8e55a32d-6677-4dde-bca5-5ee1409e0f7e
x-content-type-options: nosniff
x-whn-origin: ip-10-16-16-156
last-modified: Fri, 02 Sep 2022 09:54:11 GMT
cache-control: max-age=15811200
via: 1.0 ip-10-16-16-156 (app nginx), 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
content-encoding: br
x-varnish: 900773743
accept-ranges: bytes
strict-transport-security: max-age=3600;
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4noW9tiGsEnbuWOf6-u-771ZWc0Zh2_sGmHu6Tp0bbMOaMRUbieuOg==
age: 2709697
X-Firefox-Spdy: h2
book.treatwell.lt/common/venue-menu/css/widget-button.css
143.204.55.85200 OK 497 B URL HTTP/2 book.treatwell.lt/common/venue-menu/css/widget-button.css
IP 143.204.55.85:0
Hash 75fa7436915aeb8eb0a64a7f9383cdd4
803ad52819a29cb78541705a18fb9f076bbccecd
655ef8035b549cd8aba993c201e7730b5f76c5a5fb6b6b4e361526314986eedf
GET /common/venue-menu/css/widget-button.css HTTP/1.1
Host: book.treatwell.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.masazuotojas.lt/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css;charset=UTF-8
content-length: 497
date: Tue, 04 Oct 2022 13:01:30 GMT
server: nginx
ruid: d26ebc88-f9e9-4593-8a3b-f4702b701b40
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-whn-origin: ip-10-16-16-203
message-type: css/widget-venue-button
last-modified: Tue, 04 Oct 2022 11:34:41 GMT
cache-control: PUBLIC, max-age=31536000
expires: Wed, 04 Oct 2023 11:34:41 GMT
via: 1.0 ip-10-16-16-203 (app nginx), 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
content-encoding: br
x-varnish: 106301496 300513991
accept-ranges: bytes
strict-transport-security: max-age=3600;
vary: Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: C80hIqP14qvoN_tbg7ifdI6aVu2nM-cEyRFs713xwyKIJFKKR3J58Q==
age: 5209
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js
142.250.74.163200 OK 159 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (711)
Size 159 kB (158844 bytes)
Hash b4ed95d4318e3b78b936c9c0f1ffa96e
b53c9376b1459afb07fb4b5c2e8d8dad776d3a02
3c21880cb7be6bec40f9d40c23ad39c9758999cf950cec07b86c83b21fde175f
GET /recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.masazuotojas.lt
Connection: keep-alive
Referer: http://www.masazuotojas.lt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158844
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 01:05:31 GMT
expires: Sun, 01 Oct 2023 01:05:31 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
content-type: text/javascript
age: 302160
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.masazuotojas.lt/wp-includes/js/tinymce/skins/lightgray/img/loader.gif
172.67.168.123200 OK 2.6 kB URL HTTP/1.1 www.masazuotojas.lt/wp-includes/js/tinymce/skins/lightgray/img/loader.gif
IP 172.67.168.123:0
File type GIF image data, version 89a, 31 x 31\012- data
Hash 394bafc3cc4dfb3a0ee48c1f54669539
5640ea4d0eba1c390f587ec69463c9a5196b7fa2
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
GET /wp-includes/js/tinymce/skins/lightgray/img/loader.gif HTTP/1.1
Host: www.masazuotojas.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.masazuotojas.lt/limfodrenazinis-masazas-vilniuje/
Cookie: PHPSESSID=725978408c4ec552a9017cdb0aaf947b
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 13:01:31 GMT
Content-Type: image/gif
Content-Length: 2608
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 11:53:39 GMT
last-modified: Thu, 08 Oct 2020 15:22:58 GMT
etag: "a30-5f7f2ed2-3f61c803d6b4ec83;;;"
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 90472
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vYpxAy1cAOIqQlg8JbCmDwwRCuGmF26B15L7tKfth58kLohUyb88CkDtiyS35E6C3lHSw8nBilJyJ6PIAV9VdPJm9sM3FlMKO5DyS4QqR5vg%2BsSupWfhFUbRwSmQ2S4oYWnhNgdP"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754e1b4efe0bfab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.masazuotojas.lt
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 494843
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
216.58.207.195200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 11872, version 1.0\012- data
Hash 87ace20058325aa069320aa4af875dff
b743548770c46d905ae1ba06310bc001c587fe8e
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.masazuotojas.lt
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:35:48 GMT
expires: Thu, 28 Sep 2023 19:35:48 GMT
cache-control: public, max-age=31536000
age: 494743
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn1.treatwell.net/images/view/v2.i482051.w30.h30.x109F8E79.png
143.204.55.85200 OK 206 B URL HTTP/2 cdn1.treatwell.net/images/view/v2.i482051.w30.h30.x109F8E79.png
IP 143.204.55.85:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash e1d1a151e81ed1128f3d9591ab1c5871
7d70ac6efc081c56fef50f9f3f0d587f7fec3a93
3206fee1329c10638eb540409ba042615e24a17de2a4b34e92f2e32a150bfb7a
GET /images/view/v2.i482051.w30.h30.x109F8E79.png HTTP/1.1
Host: cdn1.treatwell.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://book.treatwell.lt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 206
x-amz-id-2: Rd2Gs7UQnOkl/V0rq+jh+1FXQi87yVduZ9pNwY+uZN8PWh7KRm66u1hYgjgI/R0RlGmUJ2lu+68=
x-amz-request-id: 1NB52QGYP736V1VD
last-modified: Fri, 03 May 2019 08:30:39 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 06:02:40 GMT
etag: "e1d1a151e81ed1128f3d9591ab1c5871"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2XkaBzJ9ah709gBXOuDPrYOCtBMn6xcKndKZA5HLgwE2CA7CWQhzqA==
age: 25132
X-Firefox-Spdy: h2
www.facebook.com/x/oauth/status?client_id=2150553238550577&input_token&origin=1&redirect_uri=http%3A%2F%2Fwww.masazuotojas.lt%2Flimfodrenazinis-masazas-vilniuje%2F&sdk=joey&wants_cookie_data=false
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/x/oauth/status?client_id=2150553238550577&input_token&origin=1&redirect_uri=http%3A%2F%2Fwww.masazuotojas.lt%2Flimfodrenazinis-masazas-vilniuje%2F&sdk=joey&wants_cookie_data=false
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/oauth/status?client_id=2150553238550577&input_token&origin=1&redirect_uri=http%3A%2F%2Fwww.masazuotojas.lt%2Flimfodrenazinis-masazas-vilniuje%2F&sdk=joey&wants_cookie_data=false HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.masazuotojas.lt/
Origin: http://www.masazuotojas.lt
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
access-control-expose-headers: fb-s
access-control-allow-credentials: true
access-control-allow-origin: http://www.masazuotojas.lt
fb-s: unknown
fb-error-description: "This endpoint may only be called from an HTTPS Origin."
document-policy: force-load-at-top
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
strict-transport-security: max-age=15552000; preload
x-fb-debug: ivQv25y7Tn/L6LZZEeaj7eRdkrKBYj4wVACiyLS6XgLO5O4KCd7fMK7KObfvHJFeDe6pxA1UheZT10h6beE+cw==
content-length: 0
date: Tue, 04 Oct 2022 13:01:32 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 13:01:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-48634483-1&cid=865206250.1664888491&jid=1975517002&gjid=704052698&_gid=497334859.1664888491&_u=YEBAAUAAAAAAACAAI~&z=34588361
74.125.131.157200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-48634483-1&cid=865206250.1664888491&jid=1975517002&gjid=704052698&_gid=497334859.1664888491&_u=YEBAAUAAAAAAACAAI~&z=34588361
IP 74.125.131.157:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-48634483-1&cid=865206250.1664888491&jid=1975517002&gjid=704052698&_gid=497334859.1664888491&_u=YEBAAUAAAAAAACAAI~&z=34588361 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.masazuotojas.lt
Connection: keep-alive
Referer: http://www.masazuotojas.lt/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.masazuotojas.lt
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 04 Oct 2022 13:01:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.masazuotojas.lt/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/images/checkbox.png
172.67.168.123200 OK 2.9 kB URL HTTP/1.1 www.masazuotojas.lt/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/images/checkbox.png
IP 172.67.168.123:0
File type PNG image data, 23 x 23, 8-bit/color RGBA, non-interlaced\012- data
Hash 34e958af1e79176f92991fd6de2a5f5f
dd6922083f24778bdf0e30cd487bea71b236a9c8
08893b609ca826c5c99ee2d23e75325154567190922db56e3257d154a1adb892
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/images/checkbox.png HTTP/1.1
Host: www.masazuotojas.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.masazuotojas.lt/wp-content/cache/autoptimize/css/autoptimize_15cf0577855259fc6b86ac8585743e66.css
Cookie: _ga=GA1.2.865206250.1664888491; _gid=GA1.2.497334859.1664888491; _gat_gtag_UA_48634483_1=1
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 13:01:32 GMT
Content-Type: image/png
Content-Length: 2911
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 10 Oct 2022 11:59:32 GMT
last-modified: Thu, 25 Aug 2022 17:55:08 GMT
etag: "b5f-6307b77c-4f71b636273265f4;;;"
platform: hostinger
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 90120
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BIt6TwBpjfJ88bFI6N770sVCRCETsbFXWGSXG3G9bqOFVr%2F7h0E%2FkajLy0RammC5XJ5ei%2FwhAoOseTXVc8uXk8ve%2B68AI10kFYLu%2BGbIpryPzWjlKDYmbffDFq5VvR9b9NvF6CWW"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754e1b53e931fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 13:01:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.masazuotojas.lt/
172.67.168.123200 OK 0 B IP 172.67.168.123:0
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.masazuotojas.lt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.masazuotojas.lt/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 13:01:28 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://www.masazuotojas.lt/wp-json/>; rel="https://api.w.org/", <https://www.masazuotojas.lt/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json", <https://www.masazuotojas.lt/>; rel=shortlink
x-litespeed-cache: hit
vary: Accept-Encoding
platform: hostinger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ltayhZ2Q1C5kmnRX5Q%2Fma2w7oKdav%2BJDSePCwbgEDMRuw1OxWMeX1M9J31xS7AT4MQDrpWgQneX%2BkrbXRMB7mE1sHn4CNErtkMh1B3ovvTHbOjpFhK%2BLGRyWe8PUeh528MC6fNd6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754e1b3cbadeb4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2