Overview

URL14.1.197.39/
IP 14.1.197.39 (Malaysia)
ASN#45960 YTL COMMUNICATIONS SDN BHD
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-29 07:46:44 UTC
StatusLoading report..
IDS alerts0
Blocklist alert1
urlquery alerts No alerts detected
Tags None

Domain Summary (15)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
14.1.197.39 (1) 0 No data No data 14.1.197.39 Unknown ranking
old.kliaekspres.com (23) 0 2022-07-06 16:46:33 UTC 2022-07-06 16:46:33 UTC 14.1.197.39 Unknown ranking
ocsp.godaddy.com (1) 698 2012-05-20 19:28:57 UTC 2020-05-02 20:58:10 UTC 192.124.249.22
r3.o.lencr.org (6) 344 No data No data 23.36.77.32
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
ocsp.pki.goog (9) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
fonts.googleapis.com (3) 8877 2013-06-10 20:14:26 UTC 2022-11-28 16:39:41 UTC 142.250.74.10
cdnjs.cloudflare.com (1) 235 2015-04-17 20:46:33 UTC 2022-11-28 14:12:27 UTC 104.17.25.14
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-28 05:55:58 UTC 34.102.187.140
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 35.163.1.35
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-28 05:53:26 UTC 34.117.237.239
www.googletagmanager.com (1) 75 2013-05-22 02:07:37 UTC 2022-11-28 20:10:04 UTC 142.250.74.168
fonts.gstatic.com (1) 0 2014-09-09 00:40:21 UTC 2022-11-28 23:28:37 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-29 2 14.1.197.39 Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 14.1.197.39
Date UQ / IDS / BL URL IP
2022-11-29 07:46:44 +0000 0 - 0 - 1 14.1.197.39/ 14.1.197.39


Last 1 reports on ASN: YTL COMMUNICATIONS SDN BHD
Date UQ / IDS / BL URL IP
2022-11-29 07:46:44 +0000 0 - 0 - 1 14.1.197.39/ 14.1.197.39


Last 1 reports on domain: 14.1.197.39
Date UQ / IDS / BL URL IP
2022-11-29 07:46:44 +0000 0 - 0 - 1 14.1.197.39/ 14.1.197.39


No other reports with similar screenshot

JavaScript

Executed Scripts (14)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (59)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10777
Expires: Tue, 29 Nov 2022 10:46:10 GMT
Date: Tue, 29 Nov 2022 07:46:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3224
Cache-Control: max-age=99512
Date: Tue, 29 Nov 2022 07:46:33 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 11:25:05 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 07:19:36 GMT
cache-control: public,max-age=3600
age: 1617
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6626
Expires: Tue, 29 Nov 2022 09:36:59 GMT
Date: Tue, 29 Nov 2022 07:46:33 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: bcwWbLiYHSjDatbp0ukyUPDW9GWKQvCn4MBxvdaQYLta+pPOARDB9zNGZlinThksGTR4kBAtAc63r+s6jI7CJg==
x-amz-request-id: 7AH01D692DYK2ZTG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 07:45:22 GMT
age: 71
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 29 Nov 2022 07:46:33 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 07:08:56 GMT
cache-control: public,max-age=3600
age: 2258
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET / HTTP/1.1 
Host: 14.1.197.39
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         14.1.197.39
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 29 Nov 2022 07:46:33 GMT
Server: Apache
X-Powered-By: PHP/5.6.25
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Origin: http://www.wishpond.com, https://www.wishpond.com
Access-Control-Allow-Origin: http://www.wishpond.com, https://www.wishpond.com
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
X-Redirect-By: WordPress
Set-Cookie: PHPSESSID=v01rk9v4gm900g6qf2hqh349v5; path=/
Location: https://old.kliaekspres.com/
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Length: 0
Connection: close


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6440
Cache-Control: max-age=97661
Date: Tue, 29 Nov 2022 07:46:34 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 10:54:15 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 29/EbLju3IXOw0cbkAxOvQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.163.1.35
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xRHc5DLmH6VyJ3MboKx08wkwK0o=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5157
Expires: Tue, 29 Nov 2022 09:12:32 GMT
Date: Tue, 29 Nov 2022 07:46:35 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5157
Expires: Tue, 29 Nov 2022 09:12:32 GMT
Date: Tue, 29 Nov 2022 07:46:35 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5157
Expires: Tue, 29 Nov 2022 09:12:32 GMT
Date: Tue, 29 Nov 2022 07:46:35 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5157
Expires: Tue, 29 Nov 2022 09:12:32 GMT
Date: Tue, 29 Nov 2022 07:46:35 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10176
x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMo3oHpSoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uGocx-Lv8ieJVvICjnTGQZyzaQzjVdICX2RZaNyBTQvUKeIcNxaCJQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:49:50 GMT
age: 10605
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10176
Md5:    03014221d7f49b50ffc2d1b0a0e75457
Sha1:   772d86ad983042a728ee3490630a9cf1134ad0dd
Sha256: 81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8921
x-amzn-requestid: 98baf100-c007-4c44-89aa-b9cf55fa3f94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnwFYToAMFoWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852964-1227b5a9100c206e0c64f4b2;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ivu6pzZ6dbt3I4tuFMg4oHcuPVdyNS-F3k_lQdmKoXFkdCfSseAEwQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:55 GMT
age: 35980
etag: "c501de9eaa581a10b0b5fce40b54bb10f57f7c29"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8921
Md5:    823e92f62ff7b3c2093828817d7f2866
Sha1:   c501de9eaa581a10b0b5fce40b54bb10f57f7c29
Sha256: 7d89669e23682f167b2fe1eff9edc5939112ec66b6b4e6389ef8aec78ccbdfe5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9fRfgj9_S00P8fI_T-tVt7khJ1kYZux_55K_yLYUsiyVEoiWRM9QAw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 22:07:26 GMT
age: 34749
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4803
Md5:    cc0a257323f882caff067adb86d906e4
Sha1:   cedf2f21be7cd366bd46055b62b5513db3011dfc
Sha256: c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b0dcfcd-38d5-4614-ad4e-405d8ad4ee91.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6037
x-amzn-requestid: eb17903e-1fd3-4a41-a6d1-8b671d890400
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPAJjFa3oAMFcLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382ad70-3db95fcd1aeb9c411c55d173;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 00:21:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NqtaziEIRl6auIGehos7TAJfBAY3CtGJX0vC-pWhjs377L_rEyM6hg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 10:14:18 GMT
age: 77537
etag: "3348f081a3357490a704592d105d02e81886df89"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6037
Md5:    b5e2bc1651b37b8e0467c2a6cb860fb3
Sha1:   3348f081a3357490a704592d105d02e81886df89
Sha256: 751c601e075c9338335c05b0f430ba8065b4e97440e6630993afd943f302b253
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9868f6d6-e29b-42b5-89c4-eec4771663b2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8402
x-amzn-requestid: d2d62f85-b6be-4394-9668-1d913e4120d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYeaGbgoAMFdCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d45c-2b6bfdcc72011cf01ddbd66b;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:07:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1il1ILDPBUseZWYjae_R0BQhpdyPTqqI0GycCljovgxjqhYezCwxCA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:17:21 GMT
age: 12554
etag: "47295f2cf1b039c4b85cbe463d7893671a563989"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8402
Md5:    faf3524970b0c3256eb5708f4ccf11ce
Sha1:   47295f2cf1b039c4b85cbe463d7893671a563989
Sha256: ba0c2ce23eae865936caa7fb47dd1ef6346b8a7bc8340db700df6e2f5e27ec27
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4417
x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnGEcRIAMFaXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wqEe45jzMOryT-E-vThc39-cLiZudKF4gn6cS3LBmeaJ2amJF5GPIA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:54 GMT
age: 35981
etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4417
Md5:    a2a5c8d4113d282600462749315f2c4f
Sha1:   e2b4d2e15bb7c086333c0da438873e4c139ba931
Sha256: 9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 07:46:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtag/js?id=GOOGLE_TRACKER_CODE HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://old.kliaekspres.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 07:46:37 GMT
expires: Tue, 29 Nov 2022 07:46:37 GMT
cache-control: private, max-age=900
last-modified: Tue, 29 Nov 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37496
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1921)
Size:   37496
Md5:    e5d8cae48c18936b2707fdcff1561f23
Sha1:   80a8752d6e5b09dc6c76462be2a24deebaf2347b
Sha256: f0c7f50bc2bada239a99f02873a8367434fb323227b563a0a29a5ce522cf9b30
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 07:46:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/kliaekspres/fancybox/jquery.fancybox.css HTTP/1.1 
Host: old.kliaekspres.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://old.kliaekspres.com/
Cookie: PHPSESSID=gkrpa3ojso2ja896h03nip08r5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         14.1.197.39
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 29 Nov 2022 07:46:38 GMT
Server: Apache
Last-Modified: Sat, 09 Nov 2013 01:11:54 GMT
ETag: "131f-4eab42f372a80"
Accept-Ranges: bytes
Content-Length: 4895
X-Frame-Options: SAMEORIGIN
Connection: close


--- Additional Info ---
Magic:  ASCII text
Size:   4895
Md5:    6c55951ce1e3115711f63f99b7501f3a
Sha1:   5f163444617b6cf267342f06ac166a237bb62df9
Sha256: 968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd
                                        
                                            GET / HTTP/1.1 
Host: old.kliaekspres.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         14.1.197.39
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 29 Nov 2022 07:46:35 GMT
Server: Apache
X-Powered-By: PHP/5.6.25
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Origin: http://www.wishpond.com, https://www.wishpond.com
Access-Control-Allow-Origin: http://www.wishpond.com, https://www.wishpond.com
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Link: <https://old.kliaekspres.com/wp-json/>; rel="https://api.w.org/", <https://old.kliaekspres.com/>; rel=shortlink
Set-Cookie: PHPSESSID=gkrpa3ojso2ja896h03nip08r5; path=/
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Connection: close
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1871), with CRLF, LF line terminators
Size:   54285
Md5:    1bd3bf221c5cd8fac489787d8c3cf9d2
Sha1:   2bc995e6f25b2c83926b71ef901f580d16f0b1eb
Sha256: b96e5b2cece1cf1d4f0dc8a7e9b4ad8a5e511e0ddc938197467c95684b4fcbfe
                                        
                                            GET /wp-content/themes/kliaekspres/css/ui-lightness/jquery-ui-1.9.2.custom.css HTTP/1.1 
Host: old.kliaekspres.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://old.kliaekspres.com/
Cookie: PHPSESSID=gkrpa3ojso2ja896h03nip08r5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         14.1.197.39
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 29 Nov 2022 07:46:38 GMT
Server: Apache
Last-Modified: Thu, 01 Aug 2013 09:21:44 GMT
ETag: "57bb-4e2df5edd7a00"
Accept-Ranges: bytes
Content-Length: 22459
X-Frame-Options: SAMEORIGIN
Connection: close


--- Additional Info ---
Magic:  ASCII text, with very long lines (1404)
Size:   22459
Md5:    9efd61fadce4141ed7dc34b3646981d6
Sha1:   a462bf6d8908c10f18c5ff0e1abdc525b320021a
Sha256: f81edb92a2e7fdc441b39a1e2affc54c1c659aae0e28b812ce209decfc0f22f2
                                        
                                            GET /wp-content/themes/kliaekspres/css/mobile.css?version=170120191 HTTP/1.1 
Host: old.kliaekspres.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://old.kliaekspres.com/
Cookie: PHPSESSID=gkrpa3ojso2ja896h03nip08r5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         14.1.197.39
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 29 Nov 2022 07:46:38 GMT
Server: Apache
Last-Modified: Thu, 31 Jan 2019 16:13:08 GMT
ETag: "4816-580c34d5fd84a"
Accept-Ranges: bytes
Content-Length: 18454
X-Frame-Options: SAMEORIGIN
Connection: close


--- Additional Info ---
Magic:  ASCII text
Size:   18454
Md5:    baba94021fb6f959780d727ca24af51f
Sha1:   34d9c866263e5dbdb272fc994d4f7cfb57032dc4
Sha256: 5c20b13a445406bcf1395fc5375860f2bfe595bfc009ffac755002511c665ce8
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 07:46:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 07:46:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 07:46:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=5.2.2 HTTP/1.1 
Host: old.kliaekspres.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://old.kliaekspres.com/
Cookie: PHPSESSID=gkrpa3ojso2ja896h03nip08r5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         14.1.197.39
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 29 Nov 2022 07:46:38 GMT
Server: Apache
Last-Modified: Wed, 10 Jul 2019 16:31:00 GMT
ETag: "726f-58d5633db239d"
Accept-Ranges: bytes
Content-Length: 29295
X-Frame-Options: SAMEORIGIN
Connection: close


--- Additional Info ---
Magic:  ASCII text, with very long lines (29295), with no line terminators
Size:   29295
Md5:    375bd65d60ff3c8723fccc343afb1b9b
Sha1:   b06ba18a307bdf4821dded9ebffd2489f7b01d6a
Sha256: 4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d
                                        
                                            GET /css?family=Open+Sans%3A400%2C400i%2C700%2C700i&ver=4.0.0.1 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://old.kliaekspres.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 07:46:38 GMT
date: Tue, 29 Nov 2022 07:46:38 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1266
Md5:    73dae0e73db4af13b9a692d30b7be77b
Sha1:   a998c22989e2eb02c75d6e328d313acf456c2121
Sha256: e5b069e229ef518c7d29021b71789624b97f9a50fceb30e09a3be236ae9991b5
                                        
                                            GET /wp-content/themes/kliaekspres/style.css?version=27032019 HTTP/1.1 
Host: old.kliaekspres.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://old.kliaekspres.com/
Cookie: PHPSESSID=gkrpa3ojso2ja896h03nip08r5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         14.1.197.39
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 29 Nov 2022 07:46:38 GMT
Server: Apache
Last-Modified: Wed, 27 Mar 2019 17:00:18 GMT
ETag: "dbe6-585165f4b6ad6"
Accept-Ranges: bytes
Content-Length: 56294
X-Frame-Options: SAMEORIGIN
Connection: close


--- Additional Info ---
Magic:  ASCII text
Size:   56294
Md5:    0b132cbbdfa485ecf5c6b1790b641f8e
Sha1:   2bb4b21b60967d3b572023cf9c35f45e562d5c8a
Sha256: 91f3aa08fece7f893fa42e91bdfa5ab3e3158b476a1a2295b48be8932352dba3
                                        
                                            GET /wp-content/plugins/appbanners/lib/smartbanner/jquery.smartbanner.min.css?ver=5.2.2 HTTP/1.1 
Host: old.kliaekspres.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://old.kliaekspres.com/
Cookie: PHPSESSID=gkrpa3ojso2ja896h03nip08r5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         14.1.197.39
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 29 Nov 2022 07:46:39 GMT
Server: Apache
Last-Modified: Tue, 17 May 2016 06:36:00 GMT
ETag: "ee1-53303f44a9400"
Accept-Ranges: bytes
Content-Length: 3809
X-Frame-Options: SAMEORIGIN
Connection: close


--- Additional Info ---
Magic:  ASCII text, with very long lines (3809), with no line terminators
Size:   3809
Md5:    bcda775caa80795913c92f8ed60d8158
Sha1:   1f6049d353e3f58efd3138a93b79d8cfea49b974
Sha256: 243fac45c341f7dd99dc4482268b90f65842fe52d7970bf1f6f5523a3067f045
                                        
                                            GET /wp-content/plugins/tablepress/css/default.min.css?ver=1.9.2 HTTP/1.1 
Host: old.kliaekspres.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://old.kliaekspres.com/
Cookie: PHPSESSID=gkrpa3ojso2ja896h03nip08r5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         14.1.197.39
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 29 Nov 2022 07:46:39 GMT
Server: Apache
Last-Modified: Wed, 27 Feb 2019 01:56:43 GMT
ETag: "16ef-582d67c463528"
Accept-Ranges: bytes
Content-Length: 5871
X-Frame-Options: SAMEORIGIN
Connection: close


--- Additional Info ---
Magic:  ASCII text, with very long lines (5871), with no line terminators
Size:   5871
Md5:    17a42baaae8926c5f8df316b9a3db617
Sha1:   4cd76dc34f8e2f31952b99db1b3b29f404d2996c
Sha256: 760bc4d420605c167dd90147b0e0d82b4e761a18bc35be7aeffaa4192b371635
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1 
Host: old.kliaekspres.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://old.kliaekspres.com/
Cookie: PHPSESSID=gkrpa3ojso2ja896h03nip08r5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         14.1.197.39
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 29 Nov 2022 07:46:39 GMT
Server: Apache
Last-Modified: Wed, 10 Jul 2019 16:31:00 GMT
ETag: "2748-58d5633dcaa3c"
Accept-Ranges: bytes
Content-Length: 10056
X-Frame-Options: SAMEORIGIN
Connection: close


--- Additional Info ---
Magic:  ASCII text, with very long lines (9959)
Size:   10056
Md5:    7121994eec5320fbe6586463bf9651c2
Sha1:   90532aff6d4121954254cdf04994d834f7ec169b
Sha256: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
                                        
                                            GET /wp-content/themes/kliaekspres/js/custom.js?version=26072018 HTTP/1.1 
Host: old.kliaekspres.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://old.kliaekspres.com/
Cookie: PHPSESSID=gkrpa3ojso2ja896h03nip08r5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         14.1.197.39
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 29 Nov 2022 07:46:39 GMT
Server: Apache
Last-Modified: Tue, 23 Oct 2018 17:07:27 GMT
ETag: "1c05-578e8677d2eac"
Accept-Ranges: bytes
Content-Length: 7173
X-Frame-Options: SAMEORIGIN
Connection: close


--- Additional Info ---
Magic:  ASCII text
Size:   7173
Md5:    baa7a0706dc547af98269c0d1b993b9a
Sha1:   ec8d5b68fffca1971aed84b3b2c95b83a8313118
Sha256: dcfcd48ef0b6e33ad3db472159976bb61d3e9e2c6ac3ac5b9fa363cc15ade9ce
                                        
                                            GET /wp-content/themes/kliaekspres/js/homepage.js?version=01122018 HTTP/1.1 
Host: old.kliaekspres.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://old.kliaekspres.com/
Cookie: PHPSESSID=gkrpa3ojso2ja896h03nip08r5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         14.1.197.39
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 29 Nov 2022 07:46:39 GMT
Server: Apache
Last-Modified: Wed, 05 Oct 2022 18:16:57 GMT
ETag: "4903-5ea4d950ba9bf"
Accept-Ranges: bytes
Content-Length: 18691
X-Frame-Options: SAMEORIGIN
Connection: close


--- Additional Info ---
Magic:  ASCII text, with very long lines (571), with CRLF line terminators
Size:   18691
Md5:    3915f3f198f65c8097a34569f6ab64c2
Sha1:   98b8d27e507bf5952cd689c921a7c672a1215280
Sha256: 4c384d88e4e0016f75da63640c029caeaad244c48a0c5b8437cf8d714bb8393c
                                        
                                            GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1 
Host: old.kliaekspres.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://old.kliaekspres.com/
Cookie: PHPSESSID=gkrpa3ojso2ja896h03nip08r5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         14.1.197.39
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 29 Nov 2022 07:46:39 GMT
Server: Apache
Last-Modified: Wed, 10 Jul 2019 16:31:00 GMT
ETag: "17a69-58d5633dc96b4"
Accept-Ranges: bytes
Content-Length: 96873
X-Frame-Options: SAMEORIGIN
Connection: close


--- Additional Info ---
Magic:  ASCII text, with very long lines (31997)
Size:   96873
Md5:    49edccea2e7ba985cadc9ba0531cbed1
Sha1:   f8747f8ee704d9af31d0950015e01d3f9635b070
Sha256: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
                                        
                                            GET /wp-content/themes/kliaekspres/fancybox/jquery.fancybox.pack.js HTTP/1.1 
Host: old.kliaekspres.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://old.kliaekspres.com/
Cookie: PHPSESSID=gkrpa3ojso2ja896h03nip08r5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         14.1.197.39
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 29 Nov 2022 07:46:40 GMT
Server: Apache
Last-Modified: Sat, 09 Nov 2013 01:11:49 GMT
ETag: "5a5f-4eab42eeadf40"
Accept-Ranges: bytes
Content-Length: 23135
X-Frame-Options: SAMEORIGIN
Connection: close


--- Additional Info ---
Magic:  ASCII text, with very long lines (645)
Size:   23135
Md5:    cc9e759f24ba773aeef8a131889d3728
Sha1:   53360764b429c212f424399384417ccc233bb3be
Sha256: bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
                                        
                                            GET /wp-content/themes/kliaekspres/js/promotions.js HTTP/1.1 
Host: old.kliaekspres.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://old.kliaekspres.com/
Cookie: PHPSESSID=gkrpa3ojso2ja896h03nip08r5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         14.1.197.39
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 29 Nov 2022 07:46:40 GMT
Server: Apache
Last-Modified: Mon, 13 May 2013 17:35:38 GMT
ETag: "50c-4dc9cf1e26e80"
Accept-Ranges: bytes
Content-Length: 1292
X-Frame-Options: SAMEORIGIN
Connection: close


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1292
Md5:    82586b2bf98b2df0db90d9296eebeea9
Sha1:   330e0fe80b55f5acc9b206a9c2777eb4a11c3b0b
Sha256: 4d356c7184e8817b7f01d7c8407b4ab51e366d0366bd7173de0032a195b80914
                                        
                                            GET /wp-content/themes/kliaekspres/js/jquery-ui-1.9.2.custom.min.js HTTP/1.1 
Host: old.kliaekspres.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://old.kliaekspres.com/
Cookie: PHPSESSID=gkrpa3ojso2ja896h03nip08r5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         14.1.197.39
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 29 Nov 2022 07:46:39 GMT
Server: Apache
Last-Modified: Wed, 25 Jul 2018 17:09:21 GMT
ETag: "a407-571d5f094d127"
Accept-Ranges: bytes
Content-Length: 41991
X-Frame-Options: SAMEORIGIN
Connection: close


--- Additional Info ---
Magic:  ASCII text, with very long lines (41990)
Size:   41991
Md5:    2c3deb9126801047f34eea026eb6a341
Sha1:   3266d4d1d91181e8fdef7cba6b628dbd23b31d02
Sha256: cd130ee2ba142cec475576e82038093cc2245ffdcd39bfe4c772ded1a0d58d7c
                                        
                                            GET /wp-content/themes/kliaekspres/js/mobile.js HTTP/1.1 
Host: old.kliaekspres.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://old.kliaekspres.com/
Cookie: PHPSESSID=gkrpa3ojso2ja896h03nip08r5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         14.1.197.39
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 29 Nov 2022 07:46:40 GMT
Server: Apache
Last-Modified: Thu, 31 Jan 2019 16:12:59 GMT
ETag: "8c7-580c34cd078b9"
Accept-Ranges: bytes
Content-Length: 2247
X-Frame-Options: SAMEORIGIN
Connection: close


--- Additional Info ---
Magic:  ASCII text
Size:   2247
Md5:    5e75e5c42497dd7a61ee521e2648d1a9
Sha1:   476740ba7970023150d47db9d77905917acf8888
Sha256: 6caf35cd2f305e30ea9352e92abab612604d1b544e80e7d57cef6f2e0565cba1
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 07:46:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 07:46:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 07:46:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://old.kliaekspres.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 05:42:51 GMT
expires: Fri, 24 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 439429
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size:   44856
Md5:    565ce506190ad3af920b40baf1794cec
Sha1:   ad3cba5d06100e09449a864d3b5e58403b478b3d
Sha256: 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 07:46:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/wordpress-popup/assets/hustle-ui/css/hustle-icons.min.css?ver=4.0.0.1 HTTP/1.1 
Host: old.kliaekspres.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://old.kliaekspres.com/
Cookie: PHPSESSID=gkrpa3ojso2ja896h03nip08r5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         14.1.197.39
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 29 Nov 2022 07:46:40 GMT
Server: Apache
Last-Modified: Wed, 10 Jul 2019 03:42:06 GMT
ETag: "a45-58d4b7617ea07"
Accept-Ranges: bytes
Content-Length: 2629
X-Frame-Options: SAMEORIGIN
Connection: close


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (2435)
Size:   2629
Md5:    f3815211a6368b9494cea0c52aa5665a
Sha1:   cc3e63edad3afed3b606c975018c785bba4d941d
Sha256: 90679e1f83730c5080aada253aa180a18b25dc291dfb4a2711ac898cbfc3b27d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         192.124.249.22
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 07:46:40 GMT
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 28 Nov 2022 20:15:20 GMT
Expires: Tue, 29 Nov 2022 20:15:20 GMT
ETag: "89d73cd28e9204823bd55f4bc92c6e5148518600"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    ec470c2af41a7ed3f8796c185a296f2c
Sha1:   89d73cd28e9204823bd55f4bc92c6e5148518600
Sha256: e0bd89c3b9f7ae7939aa3f6023aadc4866ce4035e75be99bbe9e3f8f87e91c67
                                        
                                            GET /wp-content/plugins/wordpress-popup/assets/hustle-ui/css/hustle-float.min.css?ver=4.0.0.1 HTTP/1.1 
Host: old.kliaekspres.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://old.kliaekspres.com/
Cookie: PHPSESSID=gkrpa3ojso2ja896h03nip08r5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         14.1.197.39
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 29 Nov 2022 07:46:41 GMT
Server: Apache
Last-Modified: Wed, 10 Jul 2019 03:42:06 GMT
ETag: "3613-58d4b7618c8af"
Accept-Ranges: bytes
Content-Length: 13843
X-Frame-Options: SAMEORIGIN
Connection: close


--- Additional Info ---
Magic:  ASCII text, with very long lines (13703)
Size:   13843
Md5:    7f97e725365f54fe023dc14e669830af
Sha1:   3b5eec8b0b3f43e3f4de0c479ad1651440d41176
Sha256: 7168bbb6dc14449e76ee43c9172f8fda77e16fde54dacb7c121241d97673d864
                                        
                                            GET /wp-content/plugins/wordpress-popup/assets/hustle-ui/css/hustle-popup.min.css?ver=4.0.0.1 HTTP/1.1 
Host: old.kliaekspres.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://old.kliaekspres.com/
Cookie: PHPSESSID=gkrpa3ojso2ja896h03nip08r5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         14.1.197.39
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 29 Nov 2022 07:46:40 GMT
Server: Apache
Last-Modified: Wed, 10 Jul 2019 03:42:06 GMT
ETag: "b52c-58d4b7618a19f"
Accept-Ranges: bytes
Content-Length: 46380
X-Frame-Options: SAMEORIGIN
Connection: close


--- Additional Info ---
Magic:  ASCII text, with very long lines (46240)
Size:   46380
Md5:    ebc2096ba714b280aed03e8004062f59
Sha1:   491f599df488d7e5ad8c12155054cfbef6d8a307
Sha256: 197cccd50de8b35799345a01bc89bb122ec28dc020b13b95e2e5be9acc66e93e
                                        
                                            GET /wp-content/plugins/wordpress-popup/assets/hustle-ui/css/hustle-slidein.min.css?ver=4.0.0.1 HTTP/1.1 
Host: old.kliaekspres.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://old.kliaekspres.com/
Cookie: PHPSESSID=gkrpa3ojso2ja896h03nip08r5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         14.1.197.39
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 29 Nov 2022 07:46:40 GMT
Server: Apache
Last-Modified: Wed, 10 Jul 2019 03:42:06 GMT
ETag: "b029-58d4b761818e7"
Accept-Ranges: bytes
Content-Length: 45097
X-Frame-Options: SAMEORIGIN
Connection: close


--- Additional Info ---
Magic:  ASCII text, with very long lines (44957)
Size:   45097
Md5:    529c7eb177358924b1ddaf5b9edbab99
Sha1:   df0df4b4ccced08db609a0d83650bd7b3f22b423
Sha256: 3baed7d6936536879b9d82cbae87adf712a924eaf50137f664fc00fccbfec79a
                                        
                                            GET /wp-content/plugins/wordpress-popup/assets/hustle-ui/css/hustle-inline.min.css?ver=4.0.0.1 HTTP/1.1 
Host: old.kliaekspres.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://old.kliaekspres.com/
Cookie: PHPSESSID=gkrpa3ojso2ja896h03nip08r5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         14.1.197.39
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 29 Nov 2022 07:46:41 GMT
Server: Apache
Last-Modified: Wed, 10 Jul 2019 03:42:06 GMT
ETag: "9f80-58d4b761847c7"
Accept-Ranges: bytes
Content-Length: 40832
X-Frame-Options: SAMEORIGIN
Connection: close


--- Additional Info ---
Magic:  ASCII text, with very long lines (40692)
Size:   40832
Md5:    53a2c52e50547a4a385ec4354c8e894a
Sha1:   514ab262cf397752ac9403a70f0b6815eccc2395
Sha256: ae4b42838bc01d710c352743b77355db0051a4be2ee0f77377bfabba7c785746
                                        
                                            GET /wp-content/plugins/wordpress-popup/assets/hustle-ui/css/hustle-optin.min.css?ver=4.0.0.1 HTTP/1.1 
Host: old.kliaekspres.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://old.kliaekspres.com/
Cookie: PHPSESSID=gkrpa3ojso2ja896h03nip08r5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         14.1.197.39
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 29 Nov 2022 07:46:41 GMT
Server: Apache
Last-Modified: Wed, 10 Jul 2019 03:42:06 GMT
ETag: "1d336-58d4b7617c2f7"
Accept-Ranges: bytes
Content-Length: 119606
X-Frame-Options: SAMEORIGIN
Connection: close


--- Additional Info ---
Magic:  ASCII text, with very long lines (65396)
Size:   119606
Md5:    8b4d34814b109dad7d2e3910dcdcb9bb
Sha1:   f47a34f74782d42c9140cd69cb5fabc961fa179e
Sha256: 6c441d5422581e17291f987755a925d1ba53ca72cb82901d3514b97c3aa888b8
                                        
                                            GET /ajax/libs/select2/4.0.6-rc.0/css/select2.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://old.kliaekspres.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.17.25.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Tue, 29 Nov 2022 07:46:41 GMT
content-length: 1640
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fcb-3bab"
last-modified: Mon, 04 May 2020 16:16:11 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1088128
expires: Sun, 19 Nov 2023 07:46:41 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mx0v%2B%2FYjdO%2BwXoWbsbFKQTTDz%2FZcTO1UhbXAJcgLAKV%2FQLQ86Zp2J8Hij3KWsgIolwNvdLimwWweqkt1sySO65a0xCRU4%2FIOmk%2FF%2BrT%2FZmBSjWFpjHYGl3miQlrsKs2ky3RslWz0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7719bb23085b0b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15274)
Size:   1640
Md5:    468ee17fe89b7712d9641b39d98014c0
Sha1:   20376fb7a88c11378af07c1249bf8365d70445c6
Sha256: dc6bd1a544e826abb8ed35d1e23eb599970638289dbf54727e04d7433abaa618
                                        
                                            GET /css?family=Source+Code+Pro&ver=4.0.0.1 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://old.kliaekspres.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 07:46:38 GMT
date: Tue, 29 Nov 2022 07:46:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/plugins/wordpress-popup/assets/hustle-ui/css/hustle-info.min.css?ver=4.0.0.1 HTTP/1.1 
Host: old.kliaekspres.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://old.kliaekspres.com/
Cookie: PHPSESSID=gkrpa3ojso2ja896h03nip08r5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         14.1.197.39
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 29 Nov 2022 07:46:41 GMT
Server: Apache
Last-Modified: Wed, 10 Jul 2019 03:42:06 GMT
ETag: "12e06-58d4b7618fb77"
Accept-Ranges: bytes
Content-Length: 77318
X-Frame-Options: SAMEORIGIN
Connection: close


--- Additional Info ---
                                        
                                            GET /css?family=Roboto+Condensed%3A300%2C300i%2C400%2C400i%2C700%2C700i%7CRoboto%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i&ver=4.0.0.1 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://old.kliaekspres.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 07:46:38 GMT
date: Tue, 29 Nov 2022 07:46:38 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---