register.procurorendaextra.com.br/
108.167.132.128301 Moved Permanently 244 B URL HTTP/1.1 register.procurorendaextra.com.br/
IP 108.167.132.128:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 109e944f45278449c6c722f09a118691
523f072f98d5243663523ed7ce584d55eee179d6
b65c1ee89032ac6cee2f060b9718c039155a191745cfb8f7bb4e973d9ea83ad6
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: register.procurorendaextra.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 03 Dec 2022 10:18:21 GMT
Server: Apache
Location: http://usa.procurorendaextra.com.br/
Content-Length: 244
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10769
Expires: Sat, 03 Dec 2022 13:17:50 GMT
Date: Sat, 03 Dec 2022 10:18:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9520
Expires: Sat, 03 Dec 2022 12:57:01 GMT
Date: Sat, 03 Dec 2022 10:18:21 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3383
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:18:21 GMT
Last-Modified: Sat, 03 Dec 2022 09:21:58 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 3K/OX1Ayba1XGp6B0aXB+Y+uv5GM2EFlqr6ZMn2xU9H6GC3eUt7wbGueHLouISyCvygeTLfXp/Y=
x-amz-request-id: 1FP167GT40XH4VN2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 09:46:31 GMT
age: 1910
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 09:19:59 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3502
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:18:21 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
usa.procurorendaextra.com.br/
167.86.84.206200 OK 406 B URL HTTP/1.1 usa.procurorendaextra.com.br/
IP 167.86.84.206:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash f89bd5eb52ca3cce4b7a59472136eaaa
1d2a2a023ecd74751ab1b4db9d4ce9dd6892a540
115b8b0d65c26373ac590644d77e13dbd4745ee8bfe7191c5011115c4a6f583d
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: usa.procurorendaextra.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Access-Control-Max-Age: 1728000
Set-Cookie: ASP.NET_SessionId=dr5fvuwx5nuf5a52d15co1uz; path=/; HttpOnly; SameSite=Lax
X-AspNetMvc-Version: 5.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
Date: Sat, 03 Dec 2022 10:18:22 GMT
Content-Length: 406
usa.procurorendaextra.com.br/favicon.ico
167.86.84.206200 OK 34 kB URL HTTP/1.1 usa.procurorendaextra.com.br/favicon.ico
IP 167.86.84.206:0
File type MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Hash 1a42c7f2d1cdaad2407791a19b632a7a
02208fb1cc613b9664a8139999c482b08d22370a
22089994beea7e7ee7c29bc6f69ddbb0b21cfae0c0bbf0ae5bcd903691de66e5
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: usa.procurorendaextra.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usa.procurorendaextra.com.br/
Cookie: ASP.NET_SessionId=dr5fvuwx5nuf5a52d15co1uz
HTTP/1.1 200 OK
Content-Type: image/x-icon
Last-Modified: Wed, 10 Aug 2022 22:27:01 GMT
Accept-Ranges: bytes
ETag: "f9b8804f8add81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
Date: Sat, 03 Dec 2022 10:18:22 GMT
Content-Length: 34494
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 10:08:58 GMT
cache-control: public,max-age=3600
age: 564
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash d528b612a44ef9b06cd4d88a5cec9c3b
160887d9fb21c91877f0e607f490aea8777c9d5e
24621d6be02722f83b21ff603f75f6caa871c0026afa41ac20b59ef9dcd62126
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=167435
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:18:22 GMT
Etag: "638b0d79-116"
Expires: Mon, 05 Dec 2022 08:48:57 GMT
Last-Modified: Sat, 03 Dec 2022 08:48:57 GMT
Server: nginx
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash d528b612a44ef9b06cd4d88a5cec9c3b
160887d9fb21c91877f0e607f490aea8777c9d5e
24621d6be02722f83b21ff603f75f6caa871c0026afa41ac20b59ef9dcd62126
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=167435
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:18:22 GMT
Etag: "638b0d79-116"
Expires: Mon, 05 Dec 2022 08:48:57 GMT
Last-Modified: Sat, 03 Dec 2022 08:48:57 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3373
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:18:22 GMT
Etag: "6389c02e-1d7"
Last-Modified: Sat, 03 Dec 2022 09:22:09 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:18:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ll-send.com/builder/elements/scripts/html5shiv.js
188.114.97.1200 OK 1.5 kB URL HTTP/2 ll-send.com/builder/elements/scripts/html5shiv.js
IP 188.114.97.1:0
File type HTML document, ASCII text, with very long lines (645), with CRLF line terminators
Hash 599218b867b510457b8c8e911a9a7f83
77db48374ec0ca4a2b0cd4d7da455c5cc216a125
77bb9efe808b64359cf7414d305a88d5526a3797f44513a1fe6a45d0ba626ebd
GET /builder/elements/scripts/html5shiv.js HTTP/1.1
Host: ll-send.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ll-send.com/domain
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:18:22 GMT
content-type: application/javascript
cache-control: max-age=31536000
last-modified: Wed, 10 Aug 2022 22:29:12 GMT
etag: W/"8375af9d8add81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
cf-cache-status: HIT
age: 722038
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eGufDF7u22Iafp%2FHQoLHydkZv2Uq5RtUl%2FLXOQmZYu2RFXFs2CNjNDqHNWwoCVn%2FywFTOovHol4ermT0mqxYqgz6zwWPCuTnsUcf6lPjtxaRHc7G26N6COOweacdTA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b8ed1ea721bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e7f5da332201779a88c8c253f27c232f
5850f27ddbb8d5293c356b8afaa6e3c6d05551ab
918ad7655d6b6594edcc4b77a804405fafc9f773fd4a1ae3d4c4315ad331fc7e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2539
Cache-Control: max-age=149801
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:18:22 GMT
Etag: "638abeac-117"
Expires: Mon, 05 Dec 2022 03:55:03 GMT
Last-Modified: Sat, 03 Dec 2022 03:12:44 GMT
Server: ECS (amb/6BA4)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:18:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
blob.contato.io/machine-files/builder/navdropdown.js
188.114.96.1200 OK 882 B URL HTTP/2 blob.contato.io/machine-files/builder/navdropdown.js
IP 188.114.96.1:0
File type ASCII text, with CRLF line terminators
Hash cc187b8a141d1ef1bdf93fcc5b85653d
e586fbe72f1bfde6b32b26ecccdf620161aad8d4
396f75b640d090c3d572a5982f33dacb0f8dcc6f6fff6e05fe12f6fbc67d3993
GET /machine-files/builder/navdropdown.js HTTP/1.1
Host: blob.contato.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ll-send.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:18:22 GMT
content-type: application/javascript
content-md5: x4bwYb8liVm/Lv/38O5IOw==
last-modified: Fri, 08 Jun 2018 21:05:03 GMT
x-ms-request-id: 17d8b067-301e-005b-6f47-f5a1bc000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: max-age=1800
cf-cache-status: HIT
age: 3215
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dAtL9vytoKHio94Qg65Tpjbv9kmwxULl1GsTVmLCKD5I%2Fv1utyWfPhWFCicSDSgTwqUd8lE3zAXWH88MqK6032HBPHQO%2BaaBWCE5EH1xaCySBua%2B2u3BVKG2PKLWEz%2FAzlg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773b8ed2cbed0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ll-send.com/builder/elements/scripts/respond.min.js
188.114.97.1200 OK 2.4 kB URL HTTP/2 ll-send.com/builder/elements/scripts/respond.min.js
IP 188.114.97.1:0
File type HTML document, ASCII text, with very long lines (4453), with CRLF line terminators
Hash 17de28c27656788140bd6fa424c023c6
f04fdc9f4a7f06594f9d5f26ca61e38457e9b1d5
b3619d5b67588b02dd98f07797fa89d0690f362656a0524ce922a5e2af75c7cc
GET /builder/elements/scripts/respond.min.js HTTP/1.1
Host: ll-send.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ll-send.com/domain
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:18:22 GMT
content-type: application/javascript
cache-control: max-age=31536000
last-modified: Wed, 10 Aug 2022 22:29:12 GMT
etag: W/"8375af9d8add81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
cf-cache-status: HIT
age: 722038
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8mCHWajj5iq1qBbuvAm9WvEiPC8YtgxUZg9Shq8lP8jeb7Ga%2F1xTJGgspBtp%2Fh37emmkOOF%2BidMb3Zf1Q8MHzhinn45nABSNsMR7hopJsA6gOLr3UMi69aQW4Ppr1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b8ed1ea751bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e7f5da332201779a88c8c253f27c232f
5850f27ddbb8d5293c356b8afaa6e3c6d05551ab
918ad7655d6b6594edcc4b77a804405fafc9f773fd4a1ae3d4c4315ad331fc7e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=147262
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:18:22 GMT
Etag: "638abeac-117"
Expires: Mon, 05 Dec 2022 03:12:44 GMT
Last-Modified: Sat, 03 Dec 2022 03:12:44 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e7f5da332201779a88c8c253f27c232f
5850f27ddbb8d5293c356b8afaa6e3c6d05551ab
918ad7655d6b6594edcc4b77a804405fafc9f773fd4a1ae3d4c4315ad331fc7e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=147262
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:18:22 GMT
Etag: "638abeac-117"
Expires: Mon, 05 Dec 2022 03:12:44 GMT
Last-Modified: Sat, 03 Dec 2022 03:12:44 GMT
Server: nginx
Content-Length: 279
push.services.mozilla.com/
52.34.4.233101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.34.4.233:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1nj62FsSMkrfSH776dR61w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Efki6N8F/5xwHg+FhKJ5pn1xAro=
blob.contato.io/machine-user-images/img-19861-20170227105931.png
188.114.96.1200 OK 1.4 kB URL HTTP/2 blob.contato.io/machine-user-images/img-19861-20170227105931.png
IP 188.114.96.1:0
File type PNG image data, 32 x 31, 8-bit/color RGBA, non-interlaced\012- data
Hash 5a3f32b08b08e76afa9de6331f782be4
67fa12be688fef578d3f4753700654939da09bac
960d29a336249535df9389f4c8c34e318d485d025556f7109a66f88054436e47
GET /machine-user-images/img-19861-20170227105931.png HTTP/1.1
Host: blob.contato.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ll-send.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:18:22 GMT
content-type: application/octet-stream
content-length: 1371
content-md5: Wj8ysIsI52r6neYzH3gr5A==
last-modified: Mon, 27 Feb 2017 14:00:12 GMT
etag: 0x8D45F18F2F22D9C
x-ms-request-id: 94ca2aba-f01e-0009-5a6f-00bc4e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuB6QU1LT3LRM8mmXBJCky31PHv5XoD52UMPjfGBoVpI3DU2uj5%2BJC2ZZ3FtS%2F45NQ2PkSIzhWKD1u7NL4GEdZYZN0jlhXbR5Z2jw%2Baygp5DD7zIeRd5%2BgyRQpHggvG6UI0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773b8ed2cbf20b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
blob.contato.io/machine-user-images/img-18341-20170109141657.png
188.114.96.1200 OK 21 kB URL HTTP/2 blob.contato.io/machine-user-images/img-18341-20170109141657.png
IP 188.114.96.1:0
File type PNG image data, 826 x 262, 8-bit/color RGBA, non-interlaced\012- data
Hash 4fa2d7b66b09ecd953afd595007bcb98
e4a646f4f48cb6a5e4c14de45df12b76b1336953
8ed09e20cd66ae03cb8e8931f27dfd0ad44f4a4ffc92f74c8f829ba3b1083e9b
GET /machine-user-images/img-18341-20170109141657.png HTTP/1.1
Host: blob.contato.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ll-send.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:18:23 GMT
content-type: application/octet-stream
content-length: 21269
content-md5: T6LXtmsJ7NlTr9WVAHvLmA==
last-modified: Mon, 09 Jan 2017 16:18:02 GMT
etag: 0x8D438AB15C04271
x-ms-request-id: 2a2a248f-e01e-003f-0f6f-00111c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zm%2BBU91BLZtvc3gw57OXyU8k8GzCKkZLYgU3OVkZX7TiNbc0eqdFBmC%2FxU%2FDWzAmbAa87q9xdIHHJybRYxGOSmUyypK%2BRnW%2FoJUwuCXG4PNqGLptGW50j4Vav71O6Zs%2FGKE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773b8ed2cbf00b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
blob.contato.io/machine-user-images/img-19861-20170227105934.png
188.114.96.1200 OK 2.1 kB URL HTTP/2 blob.contato.io/machine-user-images/img-19861-20170227105934.png
IP 188.114.96.1:0
File type PNG image data, 86 x 94, 8-bit/color RGBA, non-interlaced\012- data
Hash bc280fb62f71481826ae1707a201b20f
e63f774780464bd1ac4bfefbe8b5aaf365d814c5
92a6cefc23e68a3e306e8e2b3255288c89c031b91d8f5fcd4872918798673bc1
GET /machine-user-images/img-19861-20170227105934.png HTTP/1.1
Host: blob.contato.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ll-send.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:18:23 GMT
content-type: application/octet-stream
content-length: 2122
content-md5: vCgPti9xSBgmrhcHogGyDw==
last-modified: Mon, 27 Feb 2017 14:00:15 GMT
etag: 0x8D45F18F4D7C23F
x-ms-request-id: 902084fb-601e-0043-726f-008c29000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vlmLJ9DJ%2BAm9V523eQ1B32tGR7TUx61wt33AilenGcZ0mUfDCwUFbcJ8vQC%2F%2BVb%2BJDl58VKeFq0xEsOLbZOG5aC7ji%2FP0fPpUSZ%2BRFa2nI%2BaieHpQJyACNeHYFJkSIWfLcA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773b8ed2cbef0b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:18:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:18:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:18:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/hind/v16/5aU19_a8oxmIfMJaERySjQ.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/hind/v16/5aU19_a8oxmIfMJaERySjQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash 56815b67806b56493202b27cfd9f42c0
977eae4a3b34d8e39a5cb6a58a10ab2deba30d61
5e347565595b94716cf6f9fa7adfed6a5646bae6a163d35a20f73c067f48ad93
GET /s/hind/v16/5aU19_a8oxmIfMJaERySjQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ll-send.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 15:50:09 GMT
expires: Wed, 29 Nov 2023 15:50:09 GMT
cache-control: public, max-age=31536000
age: 325694
last-modified: Tue, 26 Apr 2022 15:54:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400,300,500,700,900
142.250.74.74200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,300,500,700,900
IP 142.250.74.74:0
Hash 4a7c8d35460f5cb091256fec6fa48c95
974580d8bf2204c985ae3b8f46ae97c408fdd9c1
fcabbc0d0d2dd83a91695bd392237b4e4bfe9f6954fc78026d2b18c909c9d2d0
GET /css?family=Roboto:400,300,500,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ll-send.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Dec 2022 10:18:22 GMT
date: Sat, 03 Dec 2022 10:18:22 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ll-send.com/builder/elements/css/magnific-popup.css
188.114.97.1200 OK 33 kB URL HTTP/2 ll-send.com/builder/elements/css/magnific-popup.css
IP 188.114.97.1:0
File type ASCII text, with CRLF line terminators
Hash 0f9cf74b7527deaed65468c03dd1aa1e
51f78fcb497177397ce9370accc1261c02e05630
e8a058be34b07b1228e96a44df3911585c5359872adf717ef660cc00791871dc
GET /builder/elements/css/magnific-popup.css HTTP/1.1
Host: ll-send.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ll-send.com/domain
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:18:22 GMT
content-type: text/css
cache-control: max-age=31536000
last-modified: Wed, 10 Aug 2022 22:29:12 GMT
etag: W/"6fe97d9d8add81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
cf-cache-status: HIT
age: 722040
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJZAdKzceBQjQbhZes7iTvdaTwSFXhZmZd3BFSRz3%2F9HHCgudBoouavw5Ejg0ZRq6ghpaMZG3B6gfdgi%2FVrTwlYCZ2zcK4%2FxK5GSRjwtzKhaml9LApQJC2PErckAYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b8ed1ea6a1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
216.58.207.227200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ll-send.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 21:08:51 GMT
expires: Tue, 28 Nov 2023 21:08:51 GMT
cache-control: public, max-age=31536000
age: 392972
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:18:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
blob.contato.io/machine-files/builder/allpages.builder.css
188.114.96.1200 OK 33 kB URL HTTP/2 blob.contato.io/machine-files/builder/allpages.builder.css
IP 188.114.96.1:0
File type Unicode text, UTF-8 text, with very long lines (368), with CRLF line terminators
Hash 450a4f442d405760cf01ae7fad8093c0
e9db200980fbf53817823493fcc1b1b8d0df73b0
b63313ca389622281df8534b3f9ff9087093f5170b31d7cfad5385fcc0267a62
GET /machine-files/builder/allpages.builder.css HTTP/1.1
Host: blob.contato.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ll-send.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:18:23 GMT
content-type: text/css
content-md5: XyTqW8HhCCJvbF7ufs+/zA==
last-modified: Thu, 11 Feb 2021 22:04:34 GMT
x-ms-request-id: cc558c5d-601e-0043-49e0-a48c29000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8WAKASwIpWdO0pkB2mgabqwzrWUQfqDbrb7W7xGt4oMgu3CJUyU6QRNzSHjX38liK%2BjJiCcfNo99tHXYtf8krJ58rL8B9Wyl6CqOQTqx6WlMehcZXAo1shu2xJjIrvx9vS8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773b8ed2dbf40b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 4dca4463cd5c73bb8f43083213162b27
8ecd1702f512f60a00b16311eb379dbedbd12185
782cb94082e1feb3fe9222c5a958321ac4e867bcfcb6041ea2df4b1da2895ae7
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 03 Dec 2022 10:18:23 GMT
Etag: "638a7167-1d7"
Last-Modified: Sat, 03 Dec 2022 08:29:59 GMT
Server: ECS (nyb/1D2B)
X-Cache: Miss from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kiPxDmpBkURlQY10HuYFBZ8x-SVrxHWoYGKIqSItA6rHOu2qBQJgdg==
Age: 6504
launcher.hotmart.com/launcher.js
52.2.19.9200 OK 2.6 kB URL HTTP/2 launcher.hotmart.com/launcher.js
IP 52.2.19.9:0
File type ASCII text, with very long lines (555)
Hash 45bcfaf33597229d8c5b061c2bd4f652
2916c0728eb2c49ffb362a9011524c7381dcb01e
9123637fa6c070788e140e483d01301f06e57b4746d8e7407cd58b6bb226c792
GET /launcher.js HTTP/1.1
Host: launcher.hotmart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ll-send.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:18:23 GMT
content-type: application/javascript
content-length: 2619
content-encoding: gzip
expires: Sat, 03 Dec 2022 10:18:23 GMT
cache-control: no-cache, max-age=0, must-revalidate, no-store
x-xss-protection: 1; mode=block
x-frame-options: DENY
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Sat, 03 Dec 2022 10:18:23 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3387
Expires: Sat, 03 Dec 2022 11:14:50 GMT
Date: Sat, 03 Dec 2022 10:18:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3387
Expires: Sat, 03 Dec 2022 11:14:50 GMT
Date: Sat, 03 Dec 2022 10:18:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3387
Expires: Sat, 03 Dec 2022 11:14:50 GMT
Date: Sat, 03 Dec 2022 10:18:23 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F652bfe35-9b09-4fba-b7b5-c6bd90cccdbe.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F652bfe35-9b09-4fba-b7b5-c6bd90cccdbe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ffa12df550123f63b20f67437cd8a04
398fd2d837c73f54c4591b69cd683f29bdf9184a
fd9ac4396488098923c27531295e64475047dd008a901e59915109a73a69f305
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F652bfe35-9b09-4fba-b7b5-c6bd90cccdbe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6119
x-amzn-requestid: b0bf3aed-f968-4ebb-953e-35300d74ef16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdCe8GgNIAMFQag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63884ac5-4b20ca67753e65c5232660f5;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 06:33:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: axyk2U1R7AX1RVQmdc303S2S2CUs_RgphyeYPsbGveGHMAjY3KEzdw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 13:19:35 GMT
age: 75528
etag: "398fd2d837c73f54c4591b69cd683f29bdf9184a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 06:00:50 GMT
age: 15453
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3abdcce275bb9723b4ac1d0c38cc8891
91f0d888c38db0899f106b652e3dcac062648099
ff411fc0d5abaf519d6600961ec51ad71ad9a02e23cc02ad818e27f0324b3d1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7657
x-amzn-requestid: c0dbd862-41cf-4fa8-ab6b-256763c63fbf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1Fo6IAMF9EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-554ffbc83fd70c557437120f;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ElvfdUly4Rb3YOQyMO2C_VelFUe6xcFbMh6x5fNrRzGjKCITdGSwLQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:37:47 GMT
age: 45636
etag: "91f0d888c38db0899f106b652e3dcac062648099"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XvG2dAUeB914GQ1qJwQRHovAtra8OSjG-CsXeR8UOBq5r8qVjEbPBQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 22:39:04 GMT
age: 41959
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e545217-31b4-442a-abef-bcaaffcd0407.png
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e545217-31b4-442a-abef-bcaaffcd0407.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 249aec334460c66dc88b9e8def4e48df
f86d1d278ba5b24587b10519b1b30d75044efd97
b083151804ced0533a5b33302ef110b50ddc4bf653de0fb8f6c7711f4bc29fe2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e545217-31b4-442a-abef-bcaaffcd0407.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9449
x-amzn-requestid: c21c52f9-d971-46d9-b632-0439a0e23da4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZkxHKbIAMFxkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6fb7-2b8cc0982af568626f4a4bbf;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:35:51 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: h_QxhlhIxUS0VSjt1z50xNf0u1eB6c1WPTJUfvwGQA-t4M0zmXo2AA==
via: 1.1 b838ef1ff22a4a994af82d5178c30e1c.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 22:03:42 GMT
etag: "f86d1d278ba5b24587b10519b1b30d75044efd97"
content-type: image/jpeg
age: 44081
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d568a89-ee21-427a-b971-0d1500164a62.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d568a89-ee21-427a-b971-0d1500164a62.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash becc8cdba57494c6fe212eb67634e1eb
c8bd6bd9086e0a52b83b89dfd755e7ebba222fb8
fbb25b88b10a818bb0c6ad385b1e5ba54b87672c73bfa8a9c1ecb17dcc689d5a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d568a89-ee21-427a-b971-0d1500164a62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11942
x-amzn-requestid: ba8a5d03-7796-4c6d-a6df-3cc71b1c5259
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: chqukGmWoAMFtLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a24c3-609dc90d769060d30a16e3df;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 16:16:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: m6j_3bDGFIAHQYzrZ1zXqUb-HbEJ8XCoGH5mgBFOWRbLzoSiuNBnhg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:37:55 GMT
etag: "c8bd6bd9086e0a52b83b89dfd755e7ebba222fb8"
content-type: image/jpeg
age: 45628
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
identification.hotmart.com/id.min.js?account=574947b9-c63d-4e0d-8de2-3259a2616df8
44.196.208.49200 OK 5.4 kB URL HTTP/2 identification.hotmart.com/id.min.js?account=574947b9-c63d-4e0d-8de2-3259a2616df8
IP 44.196.208.49:0
File type ASCII text, with very long lines (527), with CRLF, LF line terminators
Hash 4604a76d6f8a44f9d05d35b196b70ecb
0cc81ea855839d1a13995dda8582524007b8a671
22abb44ac609885ebd5ed2f512451085dc43e8457e9a2cfdf8bd86dd82073258
GET /id.min.js?account=574947b9-c63d-4e0d-8de2-3259a2616df8 HTTP/1.1
Host: identification.hotmart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ll-send.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:18:24 GMT
content-type: text/html;charset=utf-8
content-length: 5404
expires: 167006270466260000
cache-control: max-age=60
x-powered-by: Undertow/1
server: WildFly/9
last-modified: Sat, 03 Dec 2022 09:11:44 GMT
X-Firefox-Spdy: h2
identification.hotmart.com/id.gif?cid=1670062702698762765202553793000&bid=1670062702698762765202553793000
44.196.208.49200 OK 43 B URL HTTP/2 identification.hotmart.com/id.gif?cid=1670062702698762765202553793000&bid=1670062702698762765202553793000
IP 44.196.208.49:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /id.gif?cid=1670062702698762765202553793000&bid=1670062702698762765202553793000 HTTP/1.1
Host: identification.hotmart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ll-send.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:18:24 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache
x-powered-by: Undertow/1
server: WildFly/9
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 9f95c514f123e21233618235be8d5ce6
c43ee324c46cd460865919ec8ae54582eb1b57c6
18db06b04b13ef0ac212c82deddea75b6f6f114ac64a6b7f8a2a537e24e7e7b2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=87120
Date: Sat, 03 Dec 2022 10:18:25 GMT
Etag: "6389cb5b-1d7"
Expires: Sun, 04 Dec 2022 10:30:25 GMT
Last-Modified: Fri, 02 Dec 2022 09:54:35 GMT
Server: ECS (nyb/1D15)
X-Cache: Miss from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xKD8DwWBn_rgbxDHjTT3eTTQUwuMncE_oGpUKn0DObbSfiVB_O0GSA==
Age: 2151
tracking-api.hotmart.com/rest/track?hotid=eyJzaWQiOiI5NmQ2ODY1NzUyMTI0MzE1OTUwM2M4N2M1ZjFhOTY0NCIsImNpZCI6IjE2NzAwNjI3MDI2OTg3NjI3NjUyMDI1NTM3OTMwMDAiLCJiaWQiOiIxNjcwMDYyNzAyNjk4NzYyNzY1MjAyNTUzNzkzMDAwIiwicGFnZXZpZXdfaWQiOiJQVjJiaXl4ZDZiNzd0bGI3czdueTkiLCJ0cmFjZV9pZCI6IkxUemU4d3ZoczkyaWxiN3M3b21rIn0=&previous=http%3A%2F%2Fusa.procurorendaextra.com.br%2F&sid=96d68657521243159503c87c5f1a9644&cid=1670062702698762765202553793000&bid=1670062702698762765202553793000&account=574947b9-c63d-4e0d-8de2-3259a2616df8&locationHref=https%3A%2F%2Fll-send.com%2Fdomain
34.228.253.241200 OK 0 B URL HTTP/2 tracking-api.hotmart.com/rest/track?hotid=eyJzaWQiOiI5NmQ2ODY1NzUyMTI0MzE1OTUwM2M4N2M1ZjFhOTY0NCIsImNpZCI6IjE2NzAwNjI3MDI2OTg3NjI3NjUyMDI1NTM3OTMwMDAiLCJiaWQiOiIxNjcwMDYyNzAyNjk4NzYyNzY1MjAyNTUzNzkzMDAwIiwicGFnZXZpZXdfaWQiOiJQVjJiaXl4ZDZiNzd0bGI3czdueTkiLCJ0cmFjZV9pZCI6IkxUemU4d3ZoczkyaWxiN3M3b21rIn0=&previous=http%3A%2F%2Fusa.procurorendaextra.com.br%2F&sid=96d68657521243159503c87c5f1a9644&cid=1670062702698762765202553793000&bid=1670062702698762765202553793000&account=574947b9-c63d-4e0d-8de2-3259a2616df8&locationHref=https%3A%2F%2Fll-send.com%2Fdomain
IP 34.228.253.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rest/track?hotid=eyJzaWQiOiI5NmQ2ODY1NzUyMTI0MzE1OTUwM2M4N2M1ZjFhOTY0NCIsImNpZCI6IjE2NzAwNjI3MDI2OTg3NjI3NjUyMDI1NTM3OTMwMDAiLCJiaWQiOiIxNjcwMDYyNzAyNjk4NzYyNzY1MjAyNTUzNzkzMDAwIiwicGFnZXZpZXdfaWQiOiJQVjJiaXl4ZDZiNzd0bGI3czdueTkiLCJ0cmFjZV9pZCI6IkxUemU4d3ZoczkyaWxiN3M3b21rIn0=&previous=http%3A%2F%2Fusa.procurorendaextra.com.br%2F&sid=96d68657521243159503c87c5f1a9644&cid=1670062702698762765202553793000&bid=1670062702698762765202553793000&account=574947b9-c63d-4e0d-8de2-3259a2616df8&locationHref=https%3A%2F%2Fll-send.com%2Fdomain HTTP/1.1
Host: tracking-api.hotmart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: https://ll-send.com
Connection: keep-alive
Referer: https://ll-send.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:18:25 GMT
content-type: application/json
content-length: 0
access-control-allow-origin: https://ll-send.com
X-Firefox-Spdy: h2
ll-send.com/Content/font-awesome.css
188.114.97.1200 OK 0 B URL HTTP/2 ll-send.com/Content/font-awesome.css
IP 188.114.97.1:0
GET /Content/font-awesome.css HTTP/1.1
Host: ll-send.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ll-send.com/domain
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:18:22 GMT
content-type: text/css
cache-control: max-age=31536000
last-modified: Wed, 10 Aug 2022 22:29:12 GMT
etag: W/"f1ef59e8add81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
cf-cache-status: HIT
age: 722040
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uo%2FM0%2BUkIYRmXv9xLq9a6jIQ1O5221Yg%2B3zalEkWxemer848rpXAMbD2exLGd0ELbUYF6XnpSxL2JzTBCO3Sxyc3NaulQR1V9nC3Vk1AONyHWxvI%2Fq0F56D7GtPcvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b8ed1ea681bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ll-send.com/builder/elements/scripts/animations/animate.css
188.114.97.1200 OK 0 B URL HTTP/2 ll-send.com/builder/elements/scripts/animations/animate.css
IP 188.114.97.1:0
GET /builder/elements/scripts/animations/animate.css HTTP/1.1
Host: ll-send.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ll-send.com/domain
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:18:22 GMT
content-type: text/css
cache-control: max-age=31536000
last-modified: Wed, 10 Aug 2022 22:29:12 GMT
etag: W/"8375af9d8add81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
cf-cache-status: HIT
age: 722040
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2NPgEvaru64n6x%2Bs%2F6AYPxEWPp1cBAM9h%2B%2F2Hn1EWqJwnRtW4WoDK7P9nLnjT5papahByB53zdgP3u4vkAtz60LNzhhQOToDv0oOcdsCllq%2BVEjSEzJ4iz96WHcBBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b8ed1ea6f1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ll-send.com/builder/elements/scripts/animations/wow.min.js
188.114.97.1200 OK 0 B URL HTTP/2 ll-send.com/builder/elements/scripts/animations/wow.min.js
IP 188.114.97.1:0
GET /builder/elements/scripts/animations/wow.min.js HTTP/1.1
Host: ll-send.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ll-send.com/domain
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:18:22 GMT
content-type: application/javascript
cache-control: max-age=31536000
last-modified: Wed, 10 Aug 2022 22:29:12 GMT
etag: W/"8375af9d8add81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
cf-cache-status: HIT
age: 722036
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0DWYBdSAFJCI3dbHmbhLzyK5o%2B9aszMyVZ4%2F5fYeBrIhg6F8RWa0YqdAr5RCJFGk07s4AMIHV7ZIaz11AtMO44UIgU%2FEML66%2Fyn5Y72K5t0vaDfYcVC6Gzcmyaxfdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b8ed21aa21bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ll-send.com/builder/elements/scripts/jquery.autogrow-textarea.js
188.114.97.1200 OK 0 B URL HTTP/2 ll-send.com/builder/elements/scripts/jquery.autogrow-textarea.js
IP 188.114.97.1:0
GET /builder/elements/scripts/jquery.autogrow-textarea.js HTTP/1.1
Host: ll-send.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ll-send.com/domain
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:18:22 GMT
content-type: application/javascript
cache-control: max-age=31536000
last-modified: Wed, 10 Aug 2022 22:29:12 GMT
etag: W/"8375af9d8add81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
cf-cache-status: HIT
age: 722036
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZghI2Cs9q0npBfPNNOIp7ab6kS8Cge6Vf5yggoiY53Qu35Vewt3XktZL%2FIn0l566EDsVHvC3whMBrENC3hcIQWyXRNtd6Ysq%2BUyjAGmeeevkxguShD49JS%2FgPfjZ1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b8ed22ab41bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ll-send.com/builder/elements/css/iconfont-style.css
188.114.97.1200 OK 0 B URL HTTP/2 ll-send.com/builder/elements/css/iconfont-style.css
IP 188.114.97.1:0
GET /builder/elements/css/iconfont-style.css HTTP/1.1
Host: ll-send.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ll-send.com/domain
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:18:22 GMT
content-type: text/css
cache-control: max-age=31536000
last-modified: Wed, 10 Aug 2022 22:29:12 GMT
etag: W/"0ec6d9d8add81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
cf-cache-status: HIT
age: 996825
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LoQLQjjbhxwGEAwn4FwASNa0E3BCUxkVhyXl6lnHYHb37cyiE6PEC8nk4CQnmEPsdRTaqIhaXNnPI6LtqVON1IQRMn0Kq9GvF1K45DnC%2BLC%2Bgg8ecGChHlaZpE7mhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b8ed1ea6e1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ll-send.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
188.114.97.1200 OK 0 B URL HTTP/2 ll-send.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 188.114.97.1:0
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: ll-send.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ll-send.com/domain
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:18:22 GMT
content-type: application/javascript
last-modified: Wed, 30 Nov 2022 18:31:41 GMT
etag: W/"6387a18d-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eBpLO9PsCKDPJMXEb%2FBSY%2Ffr0dvtJ0%2FdE24OznHjifKJY%2FNPzs5UZCgZQbdtmqAaEhkh15FtNCGA%2BvkdCpl8xDHuMZQ%2F7U1%2BiqSSZDkic41W%2FWoRv%2BPbePu%2BKJ0gog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773b8ed1fa881bfa-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Mon, 05 Dec 2022 10:18:22 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
launcher.hotmart.com/rest/v1/module/load-js?hotid=eyJzaWQiOiI5NmQ2ODY1NzUyMTI0MzE1OTUwM2M4N2M1ZjFhOTY0NCIsInBhZ2V2aWV3X2lkIjoiUFYyYml5eGQ2Yjc3dGxiN3M3bnk5IiwidHJhY2VfaWQiOiJMVDY0NHE2enJjZWxnbGI3czdueTkifQ==&locationHref=https%3A%2F%2Fll-send.com%2Fdomain&account=574947b9-c63d-4e0d-8de2-3259a2616df8
52.2.19.9200 OK 0 B URL HTTP/2 launcher.hotmart.com/rest/v1/module/load-js?hotid=eyJzaWQiOiI5NmQ2ODY1NzUyMTI0MzE1OTUwM2M4N2M1ZjFhOTY0NCIsInBhZ2V2aWV3X2lkIjoiUFYyYml5eGQ2Yjc3dGxiN3M3bnk5IiwidHJhY2VfaWQiOiJMVDY0NHE2enJjZWxnbGI3czdueTkifQ==&locationHref=https%3A%2F%2Fll-send.com%2Fdomain&account=574947b9-c63d-4e0d-8de2-3259a2616df8
IP 52.2.19.9:0
GET /rest/v1/module/load-js?hotid=eyJzaWQiOiI5NmQ2ODY1NzUyMTI0MzE1OTUwM2M4N2M1ZjFhOTY0NCIsInBhZ2V2aWV3X2lkIjoiUFYyYml5eGQ2Yjc3dGxiN3M3bnk5IiwidHJhY2VfaWQiOiJMVDY0NHE2enJjZWxnbGI3czdueTkifQ==&locationHref=https%3A%2F%2Fll-send.com%2Fdomain&account=574947b9-c63d-4e0d-8de2-3259a2616df8 HTTP/1.1
Host: launcher.hotmart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: https://ll-send.com
Connection: keep-alive
Referer: https://ll-send.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:18:24 GMT
content-type: application/json
content-encoding: gzip
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: DENY
access-control-expose-headers: Content-Type, Location, Link, ETag
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
X-Firefox-Spdy: h2
ll-send.com/builder/elements/scripts/bootstrap.min.js
188.114.97.1200 OK 0 B URL HTTP/2 ll-send.com/builder/elements/scripts/bootstrap.min.js
IP 188.114.97.1:0
GET /builder/elements/scripts/bootstrap.min.js HTTP/1.1
Host: ll-send.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ll-send.com/domain
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:18:22 GMT
content-type: application/javascript
cache-control: max-age=31536000
last-modified: Wed, 10 Aug 2022 22:29:12 GMT
etag: W/"8375af9d8add81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
cf-cache-status: HIT
age: 722037
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0%2BGj2XfvjiG853O%2BB2m75FPXsW9P7Kyb3FOgBXfwR%2Fil3PEjpn7BRduIrAom8hrI6hl1xTui9BzSB5awwttltbz%2FMA917UKjHDP71QmrdFOgkN9hguhCKgBuLRsuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b8ed1fa8b1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ll-send.com/domain
188.114.97.1200 OK 0 B IP 188.114.97.1:0
GET /domain HTTP/1.1
Host: ll-send.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://usa.procurorendaextra.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:18:22 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
access-control-max-age: 1728000
set-cookie: ASP.NET_SessionId=vgksxl0wmtdlm2js4pzofwry; path=/; HttpOnly; SameSite=Lax
x-aspnetmvc-version: 5.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F0Qly%2Bjfz71QK6w5%2B%2BKoKqpRQI5FdyNzVxEDiNZ%2BnQQ4nMG7Vga4Jw1F6FXMY4ETOCq7FYOxHbUu%2FKkGgrJx2ve3jBl0MHygChyNnAfMeKcEsvVWjUEdormaXJWihg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b8ed0e9561bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ll-send.com/builder/elements/scripts/jquery.magnific-popup.min.js
188.114.97.1200 OK 0 B URL HTTP/2 ll-send.com/builder/elements/scripts/jquery.magnific-popup.min.js
IP 188.114.97.1:0
GET /builder/elements/scripts/jquery.magnific-popup.min.js HTTP/1.1
Host: ll-send.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ll-send.com/domain
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:18:22 GMT
content-type: application/javascript
cache-control: max-age=31536000
last-modified: Wed, 10 Aug 2022 22:29:12 GMT
etag: W/"8375af9d8add81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
cf-cache-status: HIT
age: 722037
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RYCoPB1RIqmaN9rYRuA%2BRdZXlU4saUNKzjEAAaKf8XcQ1Js7Mia2kVJbErgvbwfFFUd9K3cd5Mr9leHlSa1diuE08KU%2Bb2vtirXHt5Vjs%2B4WEiCMuwi2GOkvuUzpSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b8ed20a911bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ll-send.com/builder/elements/scripts/video.js
188.114.97.1200 OK 0 B URL HTTP/2 ll-send.com/builder/elements/scripts/video.js
IP 188.114.97.1:0
GET /builder/elements/scripts/video.js HTTP/1.1
Host: ll-send.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ll-send.com/domain
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:18:22 GMT
content-type: application/javascript
cache-control: max-age=31536000
last-modified: Wed, 10 Aug 2022 22:29:12 GMT
etag: W/"8375af9d8add81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
cf-cache-status: HIT
age: 54905
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rLjan7aQp0fWk7lomY8mGQlUprN4OgsOxSfoy%2BgiozuXvM1dAiT%2FbHzB8SJ92W1WVQHjeIFR6qdFZ1mJyMCF98vSxuN%2FrFRO24HDfxqkVZWHeiiTIIHmtiTGiX%2BQpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b8ed20a9e1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ll-send.com/builder/elements/scripts/jquery-1.11.2.min.js
188.114.97.1200 OK 0 B URL HTTP/2 ll-send.com/builder/elements/scripts/jquery-1.11.2.min.js
IP 188.114.97.1:0
GET /builder/elements/scripts/jquery-1.11.2.min.js HTTP/1.1
Host: ll-send.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ll-send.com/domain
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:18:22 GMT
content-type: application/javascript
cache-control: max-age=31536000
last-modified: Wed, 10 Aug 2022 22:29:12 GMT
etag: W/"8375af9d8add81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
cf-cache-status: HIT
age: 54908
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mil8mCqXHwvlSlxVLMnD0UTJ4V%2B1JHICuBTobnOwCfK7CZRJV5ODvePWeSPHJnQWXmgms74St7qnUW8bHYUuVlws8%2B1SncGsniyb50Qvu1f9Q%2FtpTkTo8azgxqO05g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b8ed1ea711bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ll-send.com/builder/elements/scripts/jquery.counterup.min.js
188.114.97.1200 OK 0 B URL HTTP/2 ll-send.com/builder/elements/scripts/jquery.counterup.min.js
IP 188.114.97.1:0
GET /builder/elements/scripts/jquery.counterup.min.js HTTP/1.1
Host: ll-send.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ll-send.com/domain
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:18:22 GMT
content-type: application/javascript
cache-control: max-age=31536000
last-modified: Wed, 10 Aug 2022 22:29:12 GMT
etag: W/"8375af9d8add81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
cf-cache-status: HIT
age: 722037
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LdP%2F%2F7X91vj0nWXiNqbBfHgCSkZFN2BCyMIZR3UwsqOLDGvjpWINAGpf6wubCptt0knkMQd3%2BCejdGxkIQV0ylYtzSmxiQT1UJeCiwkGV6tEJtmvVnsWELTxKTHIlw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b8ed20a931bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ll-send.com/builder/elements/scripts/bigvideo.js
188.114.97.1200 OK 0 B URL HTTP/2 ll-send.com/builder/elements/scripts/bigvideo.js
IP 188.114.97.1:0
GET /builder/elements/scripts/bigvideo.js HTTP/1.1
Host: ll-send.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ll-send.com/domain
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:18:22 GMT
content-type: application/javascript
cache-control: max-age=31536000
last-modified: Wed, 10 Aug 2022 22:29:12 GMT
etag: W/"8375af9d8add81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
cf-cache-status: HIT
age: 722036
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LRV9sUos8JmLk8aWA%2B7dHNzVHmdtpOEck7T1hIOyUTwnkkUHzfF2p5EKpGJEnfakSTudVfYjpPy2ucPQ9%2FHuLdXbBh7U0BEdjmwBrCjDF%2F7NQjC9o8TQmDVXyni%2F3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b8ed20a9f1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ll-send.com/builder/elements/scripts/waypoints.min.js
188.114.97.1200 OK 0 B URL HTTP/2 ll-send.com/builder/elements/scripts/waypoints.min.js
IP 188.114.97.1:0
GET /builder/elements/scripts/waypoints.min.js HTTP/1.1
Host: ll-send.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ll-send.com/domain
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:18:22 GMT
content-type: application/javascript
cache-control: max-age=31536000
last-modified: Wed, 10 Aug 2022 22:29:12 GMT
etag: W/"741b19d8add81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
cf-cache-status: HIT
age: 722037
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mcoGGxCXetjLLmluKBZ7RFS777SjSx9aS8Aq1AqwGXN5%2BMR0oysvK0aFbFAMZC0hKdipsfXZOqziKsLNzaXzIvatM1jikUlgIkwXEBulvI0SdgI5XK6vIMptZFCnLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b8ed20a9d1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ll-send.com/builder/elements/scripts/jquery.jCounter-0.1.4.js
188.114.97.1200 OK 0 B URL HTTP/2 ll-send.com/builder/elements/scripts/jquery.jCounter-0.1.4.js
IP 188.114.97.1:0
GET /builder/elements/scripts/jquery.jCounter-0.1.4.js HTTP/1.1
Host: ll-send.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ll-send.com/domain
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:18:22 GMT
content-type: application/javascript
cache-control: max-age=31536000
last-modified: Wed, 10 Aug 2022 22:29:12 GMT
etag: W/"8375af9d8add81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
cf-cache-status: HIT
age: 722036
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWgN7HjETrf5zcLdG3AY2Xel1oRcl%2FbI0zVviUEK%2F2M8IVFepPss4HvUSujAEvNUJpbdVjSpL40yeFmv4EBJi%2BI5f5pooDUE3bAi17yNnXH24tzhoFukjnk%2BvBDhCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b8ed22ab31bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ll-send.com/builder/elements/scripts/placeholders.jquery.min.js
188.114.97.1200 OK 0 B URL HTTP/2 ll-send.com/builder/elements/scripts/placeholders.jquery.min.js
IP 188.114.97.1:0
GET /builder/elements/scripts/placeholders.jquery.min.js HTTP/1.1
Host: ll-send.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ll-send.com/domain
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:18:22 GMT
content-type: application/javascript
cache-control: max-age=31536000
last-modified: Wed, 10 Aug 2022 22:29:12 GMT
etag: W/"8375af9d8add81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
cf-cache-status: HIT
age: 722037
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wvtQ5tWDPgu4XTGmOBkxTPk0D5ec1hwzpkiq3hXfFmPSvlz4DOKI876Pzut4SBPz9GGN8y1DxLv6os6PAT0K5i8Ohet0vCIVXBItmvwhJUyLN%2F5E3kDU6DxpuEHMHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b8ed20a901bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ll-send.com/builder/elements/css/bootstrap.css
188.114.97.1200 OK 0 B URL HTTP/2 ll-send.com/builder/elements/css/bootstrap.css
IP 188.114.97.1:0
GET /builder/elements/css/bootstrap.css HTTP/1.1
Host: ll-send.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ll-send.com/domain
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:18:22 GMT
content-type: text/css
cache-control: max-age=31536000
last-modified: Wed, 10 Aug 2022 22:29:12 GMT
etag: W/"1d5e7c9d8add81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
cf-cache-status: HIT
age: 722040
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgcxsAeWLy5lTSXgTxN%2FR8%2BxKXOXa6zsQLjHQfjChvtHCBiUytp1BI3%2Fs3Rz2C6lD0wW5hCGKpE6NGDol2tIZZUkZNhczg55DgqLj7RymEBBr0m3M8IO7Ht3PEl9yA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b8ed1da5e1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ll-send.com/builder/elements/css/popup.css
188.114.97.1200 OK 0 B URL HTTP/2 ll-send.com/builder/elements/css/popup.css
IP 188.114.97.1:0
GET /builder/elements/css/popup.css HTTP/1.1
Host: ll-send.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ll-send.com/domain
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:18:22 GMT
content-type: text/css
cache-control: max-age=31536000
last-modified: Wed, 10 Aug 2022 22:29:12 GMT
etag: W/"6fe97d9d8add81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
cf-cache-status: HIT
age: 54907
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oLdYZ5Tdurrj86EBZDhjc881eU1rB6XlnDWp5T3W618ruZI5rG1WbVeI4HsToFfvBeWfEBbW00l3FDx6jqSjv7GDzENrXKptwxSZ5nfItulw7Bw2SlSyhZwqRBssDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b8ed1ea701bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ll-send.com/builder/elements/scripts/smoothscroll.js
188.114.97.1200 OK 0 B URL HTTP/2 ll-send.com/builder/elements/scripts/smoothscroll.js
IP 188.114.97.1:0
GET /builder/elements/scripts/smoothscroll.js HTTP/1.1
Host: ll-send.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ll-send.com/domain
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:18:22 GMT
content-type: application/javascript
cache-control: max-age=31536000
last-modified: Wed, 10 Aug 2022 22:29:12 GMT
etag: W/"0ec6d9d8add81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
cf-cache-status: HIT
age: 996824
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4CBS403RFgt%2F1Up9dEhW3Fjld2AReHOCJ9qYBuyCuzHOnyrXt0VMNTDjFAQ5BXJY7JNXD9bGFskBFfj2kfYluJds2FGx779mxPewd%2F9opJvyJ%2B7c6%2FICPqh37LXYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b8ed20a8e1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ll-send.com/builder/elements/scripts/jquery.validate.min.js
188.114.97.1200 OK 0 B URL HTTP/2 ll-send.com/builder/elements/scripts/jquery.validate.min.js
IP 188.114.97.1:0
GET /builder/elements/scripts/jquery.validate.min.js HTTP/1.1
Host: ll-send.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ll-send.com/domain
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:18:22 GMT
content-type: application/javascript
cache-control: max-age=31536000
last-modified: Wed, 10 Aug 2022 22:29:12 GMT
etag: W/"8375af9d8add81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
cf-cache-status: HIT
age: 722037
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jBCExnLjFjd4OoJQsxYkDSrADAY67QNA8D4eME6BjEJFlpSSNHJsp0G5ZWa12mKpPcCvcMrTyPE%2F%2B3iJAoaxlbqadFw1QCdlaS245zOjJAvPm6Vks3Ixf%2BJ89ARW8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b8ed20a8c1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ll-send.com/builder/elements/scripts/jquery.smooth-scroll.min.js
188.114.97.1200 OK 0 B URL HTTP/2 ll-send.com/builder/elements/scripts/jquery.smooth-scroll.min.js
IP 188.114.97.1:0
GET /builder/elements/scripts/jquery.smooth-scroll.min.js HTTP/1.1
Host: ll-send.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ll-send.com/domain
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 10:18:22 GMT
content-type: application/javascript
cache-control: max-age=31536000
last-modified: Wed, 10 Aug 2022 22:29:12 GMT
etag: W/"8375af9d8add81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
cf-cache-status: HIT
age: 722037
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OnKJ42V93eYyGxbTBRWD9vi5yjNuya83AHSwie3JBqhB4WQojdAg5nH4t%2F1RHAFjxlepeT9FPfO5LHVt4v2JOt3p1AJ9comGXeG9KNF9FJt%2BZys2HfKl5wp9sA3MTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b8ed20a8f1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Hind:600,300|Roboto:500,100,300|Abril+Fatface|Open+Sans:400,700,800|Montserrat:400,700|Droid+Sans:400,700|Arvo:400,700|Cabin:400,700|Patua+One|Raleway:400,700|Lobster|Josefin+Sans:400,700|Poppins:400,700|Montserrat+Alternates:400,700
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Hind:600,300|Roboto:500,100,300|Abril+Fatface|Open+Sans:400,700,800|Montserrat:400,700|Droid+Sans:400,700|Arvo:400,700|Cabin:400,700|Patua+One|Raleway:400,700|Lobster|Josefin+Sans:400,700|Poppins:400,700|Montserrat+Alternates:400,700
IP 142.250.74.74:0
GET /css?family=Hind:600,300|Roboto:500,100,300|Abril+Fatface|Open+Sans:400,700,800|Montserrat:400,700|Droid+Sans:400,700|Arvo:400,700|Cabin:400,700|Patua+One|Raleway:400,700|Lobster|Josefin+Sans:400,700|Poppins:400,700|Montserrat+Alternates:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ll-send.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Dec 2022 10:18:22 GMT
date: Sat, 03 Dec 2022 10:18:22 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2