Report - headlampvision.ru.com/G49k2u8G9hVQ-NlMKsxSh0X-4aLXnsaCzgTBvbsZNZIi4sY1hQ

Report Overview

Visited public
2024-08-14 03:45:26
Tags
Submit Tags
URL
headlampvision.ru.com/G49k2u8G9hVQ-NlMKsxSh0X-4aLXnsaCzgTBvbsZNZIi4sY1hQ
Finishing URL
www.productsavingspot.com/redirect/ow/ettvhl/
IP / ASN
93.99.104.57
#16019 Vodafone Czech Republic a.s.
Title
Bot verification

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Sent	Received	IP
r10.o.lencr.org	unknown	1.3 kB	3.5 kB	23.36.77.32
headlampvision.ru.com	unknown	442 B	303 B	93.99.104.57
www.productsavingspot.com	unknown	3.0 kB	440 kB	172.67.137.9
maxcdn.bootstrapcdn.com	724	904 B	135 kB	104.18.11.207
www.gstatic.com	unknown	1.9 kB	459 kB	142.250.74.163
fonts.gstatic.com	unknown	511 B	16 kB	216.58.207.227
ajax.googleapis.com	12905	440 B	31 kB	142.250.74.74
www.google.com	7	3.0 kB	290 kB	142.250.74.164
o.pki.goog	unknown	975 B	2.1 kB	216.58.207.195
r11.o.lencr.org	unknown	654 B	1.8 kB	23.36.76.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-08-14	medium	headlampvision.ru.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (13)

	URL	From	Size	First Seen	Last Seen
	www.productsavingspot.com/redirect/ow/ettvhl/	ScriptElement	0 B	0001-01-01	2025-07-17
Pretty URL www.productsavingspot.com/redirect/ow/ettvhl/ IP 172.67.137.9 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-07-17 05:54 Times Seen5442406 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.productsavingspot.com/redirect/ow/ettvhl/	ScriptElement	0 B	0001-01-01	2025-07-17
Pretty URL www.productsavingspot.com/redirect/ow/ettvhl/ IP 172.67.137.9 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-07-17 05:54 Times Seen5442406 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__en.js	ScriptElement	544 kB	2024-08-01	2025-06-30
Pretty URL www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__en.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-01 14:45 Last Seen2025-06-30 20:37 Times Seen4194 Hash 1d96c92a257d170cba9e96057042088e 70c323e5d1fc37d0839b3643c0b3825b1fc554f1 e96a5e1e04ee3d7ffd8118f853ec2c0bcbf73b571cfa1c710238557baf5dd896 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js	ScriptElement	87 kB	2023-03-07	2025-07-17
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-17 05:54 Times Seen65888 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js	ScriptElement	37 kB	2023-03-07	2025-07-17
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-17 05:50 Times Seen35194 Hash 5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Loading...

	www.google.com/recaptcha/api.js	ScriptElement	870 B	2024-08-01	2024-08-22
Pretty URL www.google.com/recaptcha/api.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-01 14:48 Last Seen2024-08-22 17:23 Times Seen1062 Hash aa2728d09997079c4292657aabe3e50f 12deb1b28ea79952fb582cb6840e5e53e3d01667 1bd9d97ca6363b413d3721647ec0cb1cf6d0639221e47c91b62ce31b63862d50 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LdFPHAUAAAAAGwH1PWzjto1S36pZrq0c0VlSd1T&co=aHR0cHM6Ly93d3cucHJvZHVjdHNhdmluZ3Nwb3QuY29tOjQ0Mw..&hl=en&v=hfUfsXWZFeg83qqxrK27GB8P&size=normal&cb=868rxlrizota	ScriptElement	69 B	2023-03-07	2025-07-17
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LdFPHAUAAAAAGwH1PWzjto1S36pZrq0c0VlSd1T&co=aHR0cHM6Ly93d3cucHJvZHVjdHNhdmluZ3Nwb3QuY29tOjQ0Mw..&hl=en&v=hfUfsXWZFeg83qqxrK27GB8P&size=normal&cb=868rxlrizota IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-07-17 05:49 Times Seen142745 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LdFPHAUAAAAAGwH1PWzjto1S36pZrq0c0VlSd1T&co=aHR0cHM6Ly93d3cucHJvZHVjdHNhdmluZ3Nwb3QuY29tOjQ0Mw..&hl=en&v=hfUfsXWZFeg83qqxrK27GB8P&size=normal&cb=868rxlrizota	ScriptElement	41 kB	2024-08-19	2024-08-19
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LdFPHAUAAAAAGwH1PWzjto1S36pZrq0c0VlSd1T&co=aHR0cHM6Ly93d3cucHJvZHVjdHNhdmluZ3Nwb3QuY29tOjQ0Mw..&hl=en&v=hfUfsXWZFeg83qqxrK27GB8P&size=normal&cb=868rxlrizota IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 13:23 Last Seen2024-08-19 13:23 Times Seen1 Hash 47c91385a098001011724ec213be3a30 a1695ef89c569b4de3c6dbca95bd64bda2bf7514 452273c3bb49d5b983755c10813a978e112ff9a307e62f2ed518a12006065dc0 Loading...

	www.google.com/js/bg/ZoTKwIxtw-WG8NxqbM6q-j8x-yBtx2NQcT_-KALirKU.js	ScriptElement	18 kB	2024-08-03	2024-08-19
Pretty URL www.google.com/js/bg/ZoTKwIxtw-WG8NxqbM6q-j8x-yBtx2NQcT_-KALirKU.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-03 17:39 Last Seen2024-08-19 14:47 Times Seen129 Hash 9ef90eebd6dbf8b240fbee43d43ab5ea 31edff5293f69a0fb32a47e76a423e261c605067 6684cac08c6dc3e586f0dc6a6cceaafa3f31fb206dc76350713ffe2802e2aca5 Loading...

		Size	First Seen	Last Seen
	#1 Eval - d7dec3b315361fcd5acd14a0e12876d9	22 B	2024-08-03 17:39	2024-08-19 14:47
Pretty Observations First Seen2024-08-03 17:39 Last Seen2024-08-19 14:47 Times Seen126 Hash d7dec3b315361fcd5acd14a0e12876d9 52a014aebfe0f4c37965d945dc9c90d9843f998d 2b742e095f439c0e9c84be97bb83f601e1e4c1ea8ba77440fde61966c3f314f6 Loading...

	#2 Eval - 131040827df1e642771dc1b141082029	21 kB	2024-08-19 13:23	2024-08-19 13:23
Pretty Observations First Seen2024-08-19 13:23 Last Seen2024-08-19 13:23 Times Seen1 Hash 131040827df1e642771dc1b141082029 053f7267e353f2e4a9964d35913abe9705fa60aa 17bcf30aa1aa5fc6def39f43361c20061497780a3a9399c4ee9d73ed36318b3d Loading...

	#3 Eval - 118ee379fc4f2c7a7d20d51e71ac7275	22 B	2024-08-03 17:39	2024-08-19 14:47
Pretty Observations First Seen2024-08-03 17:39 Last Seen2024-08-19 14:47 Times Seen125 Hash 118ee379fc4f2c7a7d20d51e71ac7275 306f7b2bb759881fcae494bf42b3a7af7ec3cfc5 50b850e3cc576c4fcedabe819167026aaddfa6ba916f3fafef9e236e2ce033e3 Loading...

	#4 Eval - 0967b788c4ea22db6a3421ec7630233d	64 B	2024-08-03 17:39	2024-08-19 14:47
Pretty Observations First Seen2024-08-03 17:39 Last Seen2024-08-19 14:47 Times Seen128 Hash 0967b788c4ea22db6a3421ec7630233d 239c77a688df6a6e2f545c63bd862b2be9d2c336 614bdbb416b9bd4702d9d12fc8cc078ea0127921d4bd0a666d192defb5920918 Loading...

HTTP Transactions (29)

URL IP Response Size

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
90149b127cd563315012f026a9e0544f
1e148905fa524fb8fec15249f30f33085978dc2e
7098a3b23aece2b00e86fd3a23c5e532001a5002b061170d3ed53ddd36bf8f5b

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "7098A3B23AECE2B00E86FD3A23C5E532001A5002B061170D3ED53DDD36BF8F5B"
Last-Modified: Tue, 13 Aug 2024 18:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8907
Expires: Wed, 14 Aug 2024 06:13:24 GMT
Date: Wed, 14 Aug 2024 03:44:57 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
389a542ebc397ae476ffc158a86d2e95
a1c15d8b6ebcf7a620f9f890daf14ca19a09fe5a
3cd724bb377d35df975f03b768a4b11b944d196bb62b49cb5b8e3e27c7d9f562

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "3CD724BB377D35DF975F03B768A4B11B944D196BB62B49CB5B8E3E27C7D9F562"
Last-Modified: Tue, 13 Aug 2024 18:28:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8615
Expires: Wed, 14 Aug 2024 06:08:32 GMT
Date: Wed, 14 Aug 2024 03:44:57 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
024341a123220bb7f476663e0c2f941d
20e2ab3bdab6d6f5241eb3c45d44a9b191f6cb44
94e9518d845bb5293c2f009a196b74a3859a5ae3b3a1438234f867017c167e1b

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "94E9518D845BB5293C2F009A196B74A3859A5AE3B3A1438234F867017C167E1B"
Last-Modified: Tue, 13 Aug 2024 18:58:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13084
Expires: Wed, 14 Aug 2024 07:23:02 GMT
Date: Wed, 14 Aug 2024 03:44:58 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
e4a9f1133ab7ff8fdfec972dc9d80181
2a253964c7b022d903b90b57585333f32f730527
62acc6047405e1e5e89c898325a6f5ba2d9f993214648dc9e50cf0d4f5aa9baa

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "62ACC6047405E1E5E89C898325A6F5BA2D9F993214648DC9E50CF0D4F5AA9BAA"
Last-Modified: Tue, 13 Aug 2024 18:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6326
Expires: Wed, 14 Aug 2024 05:30:24 GMT
Date: Wed, 14 Aug 2024 03:44:58 GMT
Connection: keep-alive

GET headlampvision.ru.com/G49k2u8G9hVQ-NlMKsxSh0X-4aLXnsaCzgTBvbsZNZIi4sY1hQ

93.99.104.57

0 B

URL User Request GET
headlampvision.ru.com/G49k2u8G9hVQ-NlMKsxSh0X-4aLXnsaCzgTBvbsZNZIi4sY1hQ
IP
93.99.104.57:0
ASN
#16019 Vodafone Czech Republic a.s.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /G49k2u8G9hVQ-NlMKsxSh0X-4aLXnsaCzgTBvbsZNZIi4sY1hQ HTTP/1.1
Host: headlampvision.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Wed, 14 Aug 2024 03:44:58 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By: PHP/5.4.16
Location: http://www.productsavingspot.com/redirect/ow/ettvhl
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET www.productsavingspot.com/redirect/ow/ettvhl/

172.67.137.9

200 OK

167 B

URL User Request GET HTTP/3
www.productsavingspot.com/redirect/ow/ettvhl/
IP
172.67.137.9:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectproductsavingspot.com
Fingerprint30:96:61:60:F8:5E:A4:C2:B6:1D:5F:A0:00:85:88:99:3E:33:A9:D2
ValidityTue, 02 Jul 2024 10:54:56 GMT - Mon, 30 Sep 2024 10:54:55 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

HTTP Headers

GET /redirect/ow/ettvhl/ HTTP/1.1
Host: www.productsavingspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Wed, 14 Aug 2024 03:44:59 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 14 Aug 2024 04:44:59 GMT
Location: https://www.productsavingspot.com/redirect/ow/ettvhl/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=chHFZLtzGchxFcbQ7c1LdeYybLXdgv6HvHcFenm0lvO%2BaeiXt9QWMvuqGjpphirYua%2BfJys0o8Gau8hSrGyIJMtPU%2FBUJtTznrjGe1%2BmkwF1az3U%2F86twlEmXXfenXiiltaMW0OmMqAlpiGs"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8b2df3110f1d56b4-OSL
alt-svc: h2=":443"; ma=60

GET www.productsavingspot.com/redirect/ow/ettvhl/

172.67.137.9

200 OK

26 kB

URL User Request GET HTTP/3
www.productsavingspot.com/redirect/ow/ettvhl/
IP
172.67.137.9:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectproductsavingspot.com
Fingerprint30:96:61:60:F8:5E:A4:C2:B6:1D:5F:A0:00:85:88:99:3E:33:A9:D2
ValidityTue, 02 Jul 2024 10:54:56 GMT - Mon, 30 Sep 2024 10:54:55 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
26 kB (25725 bytes)
Hash
71e9b950312e6f5cf63e69c3b2b936fa
9967125865b84c03418aba55b4211065fa09cc19
d999319c67b331231806bda7c1d17072487d54b6bbb83537a78fb6c7e32f1fff

HTTP Headers

GET /redirect/ow/ettvhl/ HTTP/1.1
Host: www.productsavingspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 14 Aug 2024 03:44:59 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=cv0ts58gep6peaoru261psevmg; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8SLajtw4VZVT4W8a7O3RWSNeLFEx4NXQD9vAuA86DbkgdoSGLcbYcePS3prOmebo5oJ40EUTHit6Fi0NVuYxUa7BalkCVGo6pfxA4VFRjrYbznM1OeYX%2B9qiCblSAmYjQs6Dx8ZGarlitVhr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8b2df31129e3569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

104.18.11.207

200 OK

12 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.productsavingspot.com/redirect/ow/ettvhl/
Certificate
IssuerGoogle Trust Services
Subjectbootstrapcdn.com
FingerprintBE:14:2A:D4:32:CD:FF:FE:ED:79:48:4F:5C:7B:C4:52:09:C8:58:96
ValidityTue, 23 Jul 2024 01:50:30 GMT - Mon, 21 Oct 2024 01:50:29 GMT

File type
gzip compressed data, from Unix
Size
12 kB (11884 bytes)
Hash
add78871e8d692e06525a2d7615a28de
0e28b999df5f9dd16cf302ab723b15521ec5716e
69939fa26999891163e229cb224787444ea000e82d4a1984043567c882398ff7

HTTP Headers

GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.productsavingspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 14 Aug 2024 03:44:59 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"5869c96cc8f19086aee625d670d741f9"
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/31/2023 19:19:44
cdn-edgestorageid: 1029
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 961c2b7b2d788121b27e125e4b8e1833
cdn-cache: HIT
content-encoding: gzip
cf-cache-status: HIT
age: 5343540
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8b2df315089956c5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

142.250.74.74

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://www.productsavingspot.com/redirect/ow/ettvhl/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintC4:3F:12:39:D2:EC:4C:2C:1C:0A:A6:18:8E:2A:97:2C:D8:C2:7E:AF
ValidityTue, 30 Jul 2024 12:49:45 GMT - Tue, 22 Oct 2024 12:49:44 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
30 kB (30399 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.productsavingspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Aug 2024 03:09:58 GMT
expires: Thu, 14 Aug 2025 03:09:58 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 2101
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.google.com/recaptcha/api.js

142.250.74.164

200 OK

1.0 kB

URL GET HTTP/2
www.google.com/recaptcha/api.js
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.productsavingspot.com/redirect/ow/ettvhl/
Certificate
IssuerGoogle Trust Services
Subjectwww.google.com
Fingerprint78:90:10:00:62:E9:32:D2:E2:99:72:73:B5:44:27:CB:98:2E:AD:29
ValidityTue, 30 Jul 2024 12:50:13 GMT - Tue, 22 Oct 2024 12:50:12 GMT

File type
gzip compressed data
Size
1.0 kB (1039 bytes)
Hash
e3aa4bbd29e4cc8f61d27b632a8791b3
038e22ea9d5c58f43c360e5a8558eb24a7b00ea4
29c9d370a57ce91645f45bd2368080e6702ffc0b0e3bcce755a9bfe113095f14

HTTP Headers

GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.productsavingspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Wed, 14 Aug 2024 03:44:59 GMT
date: Wed, 14 Aug 2024 03:44:59 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

216.58.207.195

471 B

URL
o.pki.goog/wr2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b89424bb626b300ff7adfa1161c6de25
7796796fcaf3a7d189778e7d6f2ced532002d8a7
c3a38c2962568975563281bb01bfad14d2a3b2ed79cd6ad89cc37fa742f4b7c2

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Aug 2024 03:44:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

216.58.207.195

472 B

URL
o.pki.goog/wr2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
50a4a7906805a60318bdc9facec3b573
29d050938a52790e6cdad72830da0e51f0eaf125
d84de05fea477287d6a301c06e74d4cb60b990b10bbddccb8e38c1cb9006455f

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Aug 2024 03:45:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET www.productsavingspot.com/redirect/ow/ettvhl

172.67.137.9

301 Moved Permanently

215 kB

URL User Request GET HTTP/2
www.productsavingspot.com/redirect/ow/ettvhl
IP
172.67.137.9:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectproductsavingspot.com
Fingerprint30:96:61:60:F8:5E:A4:C2:B6:1D:5F:A0:00:85:88:99:3E:33:A9:D2
ValidityTue, 02 Jul 2024 10:54:56 GMT - Mon, 30 Sep 2024 10:54:55 GMT

File type
data
Size
215 kB (214718 bytes)
Hash
4f7e577c200eac4e898ee7ccf3fe3f9a
74b79422d2f955cbb3bd4cc02efdb1cc3eead2c3
bc39be5b028a9455fe893f74684b539c24409113d0f1e1e543ab9653309e99f7

HTTP Headers

GET /redirect/ow/ettvhl HTTP/1.1
Host: www.productsavingspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Wed, 14 Aug 2024 03:44:59 GMT
content-type: text/html
location: http://www.productsavingspot.com/redirect/ow/ettvhl/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pEQZwTIOE82YCVdeW%2Be%2FgkeI5LgGvOCGHDmzp51LzYzSBh%2FTR3lx7FYuClsoYmZg8jXTjbL%2Fnr4UebusHV2QAsFHO3v0AEG1vrTya0qa7%2FyqQ5rFPGbzK5yL42fOXfKGhb10k4yvB6PpB992"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8b2df30faa6fb4fa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

o.pki.goog/wr2

216.58.207.195

472 B

URL
o.pki.goog/wr2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
50a4a7906805a60318bdc9facec3b573
29d050938a52790e6cdad72830da0e51f0eaf125
d84de05fea477287d6a301c06e74d4cb60b990b10bbddccb8e38c1cb9006455f

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Aug 2024 03:45:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
77619f0113a62e8c4c44f195901b385c
1e1a5e3768ca683e66667aa14efa7042df57ee2f
520dbca26889dcd055ad1e36265c6d088b8b7c9d6907cc59eecc7ff47e4c9942

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "520DBCA26889DCD055AD1E36265C6D088B8B7C9D6907CC59EECC7FF47E4C9942"
Last-Modified: Mon, 12 Aug 2024 21:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9086
Expires: Wed, 14 Aug 2024 06:16:26 GMT
Date: Wed, 14 Aug 2024 03:45:00 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
77619f0113a62e8c4c44f195901b385c
1e1a5e3768ca683e66667aa14efa7042df57ee2f
520dbca26889dcd055ad1e36265c6d088b8b7c9d6907cc59eecc7ff47e4c9942

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "520DBCA26889DCD055AD1E36265C6D088B8B7C9D6907CC59EECC7FF47E4C9942"
Last-Modified: Mon, 12 Aug 2024 21:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9086
Expires: Wed, 14 Aug 2024 06:16:26 GMT
Date: Wed, 14 Aug 2024 03:45:00 GMT
Connection: keep-alive

GET www.productsavingspot.com/redirect/ow/ettvhl/jquery.min.js

172.67.137.9

404 Not Found

8.3 kB

URL GET HTTP/3
www.productsavingspot.com/redirect/ow/ettvhl/jquery.min.js
IP
172.67.137.9:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.productsavingspot.com/redirect/ow/ettvhl/
Certificate
IssuerGoogle Trust Services
Subjectproductsavingspot.com
Fingerprint30:96:61:60:F8:5E:A4:C2:B6:1D:5F:A0:00:85:88:99:3E:33:A9:D2
ValidityTue, 02 Jul 2024 10:54:56 GMT - Mon, 30 Sep 2024 10:54:55 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
8.3 kB (8289 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /redirect/ow/ettvhl/jquery.min.js HTTP/1.1
Host: www.productsavingspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.productsavingspot.com/redirect/ow/ettvhl/
Cookie: PHPSESSID=cv0ts58gep6peaoru261psevmg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Wed, 14 Aug 2024 03:44:59 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rEtpOh3FVh%2FfwSBpqYWZWBtMx%2BdZcnkxo%2FK6HWgJNTad%2FbUAfgZ5uWA1de%2FDgbFYOS5acjb8x5%2F5oWDOF25NtHw3t88nF6cHZYD3zfsq4j9uPuAA6lrambb08XHP2SW8Wsmuq%2FqkIUlmYKdQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b2df314db6e569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET www.productsavingspot.com/redirect/ow/ettvhl/bg.jpg

172.67.137.9

200 OK

187 kB

URL GET HTTP/3
www.productsavingspot.com/redirect/ow/ettvhl/bg.jpg
IP
172.67.137.9:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.productsavingspot.com/redirect/ow/ettvhl/
Certificate
IssuerGoogle Trust Services
Subjectproductsavingspot.com
Fingerprint30:96:61:60:F8:5E:A4:C2:B6:1D:5F:A0:00:85:88:99:3E:33:A9:D2
ValidityTue, 02 Jul 2024 10:54:56 GMT - Mon, 30 Sep 2024 10:54:55 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 998x587, components 3
Size
187 kB (186987 bytes)
Hash
a821ff7918647048e1ba2a47922ce650
accc08ea931ed32d16d74f1693f3432ecae8f7bf
372efbc305c745719a3f642a088515fd17e926809a9cea68681f046529c75bdc

HTTP Headers

GET /redirect/ow/ettvhl/bg.jpg HTTP/1.1
Host: www.productsavingspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.productsavingspot.com/redirect/ow/ettvhl/
Cookie: PHPSESSID=cv0ts58gep6peaoru261psevmg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 14 Aug 2024 03:45:00 GMT
content-type: image/jpeg
content-length: 186987
last-modified: Thu, 08 Aug 2024 06:56:38 GMT
etag: "66b46c26-2da6b"
expires: Fri, 13 Sep 2024 03:45:00 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n0hXEaHW28r1jTLLJj%2BtdR4NXJJi2KrMyWJBIaZV4rq%2FvufDU8e6ErRh1zyAYlgtJiTH%2BFIaqKlz0XPGu3c9oiRJab69XPus16omApFvqiaFg5JOlFtXGsKNJO5WCzxQVzMvfIBO2hTtmoQI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b2df3164c1c569f-OSL
alt-svc: h3=":443"; ma=86400

GET www.google.com/recaptcha/api2/anchor?ar=1&k=6LdFPHAUAAAAAGwH1PWzjto1S36pZrq0c0VlSd1T&co=aHR0cHM6Ly93d3cucHJvZHVjdHNhdmluZ3Nwb3QuY29tOjQ0Mw..&hl=en&v=hfUfsXWZFeg83qqxrK27GB8P&size=normal&cb=868rxlrizota

142.250.74.164

200 OK

56 kB

URL GET HTTP/3
www.google.com/recaptcha/api2/anchor?ar=1&k=6LdFPHAUAAAAAGwH1PWzjto1S36pZrq0c0VlSd1T&co=aHR0cHM6Ly93d3cucHJvZHVjdHNhdmluZ3Nwb3QuY29tOjQ0Mw..&hl=en&v=hfUfsXWZFeg83qqxrK27GB8P&size=normal&cb=868rxlrizota
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.productsavingspot.com/redirect/ow/ettvhl/
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintA9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69
ValidityTue, 30 Jul 2024 12:32:53 GMT - Tue, 22 Oct 2024 12:32:52 GMT

File type
HTML document, ASCII text, with very long lines (41004)
Size
56 kB (55701 bytes)
Hash
0df8a115810fc0d6b14cf84cd1916d37
c8af513eac8c90b01f6107d22c85dfdc76d49556
893d837b505f1228a6eb04e78ae52a60bc5fa65f5ed14113be3a81c203dc9550

HTTP Headers

GET /recaptcha/api2/anchor?ar=1&k=6LdFPHAUAAAAAGwH1PWzjto1S36pZrq0c0VlSd1T&co=aHR0cHM6Ly93d3cucHJvZHVjdHNhdmluZ3Nwb3QuY29tOjQ0Mw..&hl=en&v=hfUfsXWZFeg83qqxrK27GB8P&size=normal&cb=868rxlrizota HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.productsavingspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 14 Aug 2024 03:45:00 GMT
content-security-policy: script-src 'nonce-DvSgao32ZTnjSvD-xXXeHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__en.js

142.250.74.163

200 OK

215 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__en.js
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=hfUfsXWZFeg83qqxrK27GB8P
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintF2:15:54:4E:F3:58:7F:5A:14:9D:F2:45:37:0E:B1:A6:48:C6:2B:14
ValidityTue, 30 Jul 2024 12:49:30 GMT - Tue, 22 Oct 2024 12:49:29 GMT

File type
JavaScript source, ASCII text, with very long lines (644)
Size
215 kB (214556 bytes)
Hash
1d96c92a257d170cba9e96057042088e
70c323e5d1fc37d0839b3643c0b3825b1fc554f1
e96a5e1e04ee3d7ffd8118f853ec2c0bcbf73b571cfa1c710238557baf5dd896

HTTP Headers

GET /recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 214556
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Aug 2024 03:38:05 GMT
expires: Thu, 14 Aug 2025 03:38:05 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Jul 2024 04:00:39 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 415
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET www.google.com/recaptcha/api2/webworker.js?hl=en&v=hfUfsXWZFeg83qqxrK27GB8P

142.250.74.164

200 OK

215 kB

URL GET HTTP/3
www.google.com/recaptcha/api2/webworker.js?hl=en&v=hfUfsXWZFeg83qqxrK27GB8P
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdFPHAUAAAAAGwH1PWzjto1S36pZrq0c0VlSd1T&co=aHR0cHM6Ly93d3cucHJvZHVjdHNhdmluZ3Nwb3QuY29tOjQ0Mw..&hl=en&v=hfUfsXWZFeg83qqxrK27GB8P&size=normal&cb=868rxlrizota
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintA9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69
ValidityTue, 30 Jul 2024 12:32:53 GMT - Tue, 22 Oct 2024 12:32:52 GMT

File type
JavaScript source, ASCII text, with very long lines (644)
Size
215 kB (214668 bytes)
Hash
313fa4083a7fc5355cb34230c1ad8eec
31408055619c86a121abc5d4d18b79cd909a9947
ff6cf4fa5e2c41fa88830e4bc10d99c678bd78de50afffb46c2a980376f886fe

HTTP Headers

GET /recaptcha/api2/webworker.js?hl=en&v=hfUfsXWZFeg83qqxrK27GB8P HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdFPHAUAAAAAGwH1PWzjto1S36pZrq0c0VlSd1T&co=aHR0cHM6Ly93d3cucHJvZHVjdHNhdmluZ3Nwb3QuY29tOjQ0Mw..&hl=en&v=hfUfsXWZFeg83qqxrK27GB8P&size=normal&cb=868rxlrizota
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 14 Aug 2024 03:45:00 GMT
date: Wed, 14 Aug 2024 03:45:00 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdFPHAUAAAAAGwH1PWzjto1S36pZrq0c0VlSd1T&co=aHR0cHM6Ly93d3cucHJvZHVjdHNhdmluZ3Nwb3QuY29tOjQ0Mw..&hl=en&v=hfUfsXWZFeg83qqxrK27GB8P&size=normal&cb=868rxlrizota
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintF2:15:54:4E:F3:58:7F:5A:14:9D:F2:45:37:0E:B1:A6:48:C6:2B:14
ValidityTue, 30 Jul 2024 12:49:30 GMT - Tue, 22 Oct 2024 12:49:29 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Aug 2024 00:57:49 GMT
expires: Fri, 08 Aug 2025 00:57:49 GMT
cache-control: public, max-age=31536000
age: 528431
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.google.com/js/bg/ZoTKwIxtw-WG8NxqbM6q-j8x-yBtx2NQcT_-KALirKU.js

142.250.74.164

200 OK

7.5 kB

URL GET HTTP/3
www.google.com/js/bg/ZoTKwIxtw-WG8NxqbM6q-j8x-yBtx2NQcT_-KALirKU.js
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdFPHAUAAAAAGwH1PWzjto1S36pZrq0c0VlSd1T&co=aHR0cHM6Ly93d3cucHJvZHVjdHNhdmluZ3Nwb3QuY29tOjQ0Mw..&hl=en&v=hfUfsXWZFeg83qqxrK27GB8P&size=normal&cb=868rxlrizota
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintA9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69
ValidityTue, 30 Jul 2024 12:32:53 GMT - Tue, 22 Oct 2024 12:32:52 GMT

File type
JavaScript source, ASCII text, with very long lines (17783)
Size
7.5 kB (7499 bytes)
Hash
9ef90eebd6dbf8b240fbee43d43ab5ea
31edff5293f69a0fb32a47e76a423e261c605067
6684cac08c6dc3e586f0dc6a6cceaafa3f31fb206dc76350713ffe2802e2aca5

HTTP Headers

GET /js/bg/ZoTKwIxtw-WG8NxqbM6q-j8x-yBtx2NQcT_-KALirKU.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdFPHAUAAAAAGwH1PWzjto1S36pZrq0c0VlSd1T&co=aHR0cHM6Ly93d3cucHJvZHVjdHNhdmluZ3Nwb3QuY29tOjQ0Mw..&hl=en&v=hfUfsXWZFeg83qqxrK27GB8P&size=normal&cb=868rxlrizota
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 7499
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Aug 2024 03:10:20 GMT
expires: Thu, 14 Aug 2025 03:10:20 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Jul 2024 15:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 2080
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.163

200 OK

2.2 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdFPHAUAAAAAGwH1PWzjto1S36pZrq0c0VlSd1T&co=aHR0cHM6Ly93d3cucHJvZHVjdHNhdmluZ3Nwb3QuY29tOjQ0Mw..&hl=en&v=hfUfsXWZFeg83qqxrK27GB8P&size=normal&cb=868rxlrizota
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintF2:15:54:4E:F3:58:7F:5A:14:9D:F2:45:37:0E:B1:A6:48:C6:2B:14
ValidityTue, 30 Jul 2024 12:49:30 GMT - Tue, 22 Oct 2024 12:49:29 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Aug 2024 09:23:54 GMT
expires: Wed, 14 Aug 2024 09:23:54 GMT
cache-control: public, max-age=604800
age: 584466
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/styles__ltr.css

142.250.74.163

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/styles__ltr.css
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/bframe?hl=en&v=hfUfsXWZFeg83qqxrK27GB8P&k=6LdFPHAUAAAAAGwH1PWzjto1S36pZrq0c0VlSd1T
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintF2:15:54:4E:F3:58:7F:5A:14:9D:F2:45:37:0E:B1:A6:48:C6:2B:14
ValidityTue, 30 Jul 2024 12:49:30 GMT - Tue, 22 Oct 2024 12:49:29 GMT

File type
ASCII text, with very long lines (56359), with no line terminators
Size
25 kB (24613 bytes)
Hash
4adccf70587477c74e2fcd636e4ec895
af63034901c98e2d93faa7737f9c8f52e302d88b
0e04cd9eec042868e190cbdabf2f8f0c7172dcc54ab87eb616eca14258307b4d

HTTP Headers

GET /recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24613
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Aug 2024 03:20:22 GMT
expires: Thu, 14 Aug 2025 03:20:22 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Jul 2024 04:00:39 GMT
content-type: text/css
vary: Accept-Encoding
age: 1479
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__en.js

142.250.74.163

200 OK

215 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__en.js
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=hfUfsXWZFeg83qqxrK27GB8P
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintF2:15:54:4E:F3:58:7F:5A:14:9D:F2:45:37:0E:B1:A6:48:C6:2B:14
ValidityTue, 30 Jul 2024 12:49:30 GMT - Tue, 22 Oct 2024 12:49:29 GMT

File type
JavaScript source, ASCII text, with very long lines (644)
Size
215 kB (214556 bytes)
Hash
1d96c92a257d170cba9e96057042088e
70c323e5d1fc37d0839b3643c0b3825b1fc554f1
e96a5e1e04ee3d7ffd8118f853ec2c0bcbf73b571cfa1c710238557baf5dd896

HTTP Headers

GET /recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 214556
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Aug 2024 03:38:05 GMT
expires: Thu, 14 Aug 2025 03:38:05 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Jul 2024 04:00:39 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 416
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

104.18.11.207

200 OK

121 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.productsavingspot.com/redirect/ow/ettvhl/
Certificate
IssuerGoogle Trust Services
Subjectbootstrapcdn.com
FingerprintBE:14:2A:D4:32:CD:FF:FE:ED:79:48:4F:5C:7B:C4:52:09:C8:58:96
ValidityTue, 23 Jul 2024 01:50:30 GMT - Mon, 21 Oct 2024 01:50:29 GMT

File type
ASCII text, with very long lines (65371)
Size
121 kB (121200 bytes)
Hash
ec3bb52a00e176a7181d454dffaea219
6527d8bf3e1e9368bab8c7b60f56bc01fa3afd68
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

HTTP Headers

GET /bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.productsavingspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 14 Aug 2024 03:44:59 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"ec3bb52a00e176a7181d454dffaea219"
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/31/2023 19:15:06
cdn-edgestorageid: 940
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: c83fee2ffb8cb55535eaeb2520d7c34a
cdn-cache: HIT
content-encoding: gzip
cf-cache-status: HIT
age: 5343540
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8b2df314f88b56c5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.productsavingspot.com/redirect/ow/ettvhl/logo.png

172.67.137.9

404 Not Found

146 B

URL GET HTTP/3
www.productsavingspot.com/redirect/ow/ettvhl/logo.png
IP
172.67.137.9:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.productsavingspot.com/redirect/ow/ettvhl/
Certificate
IssuerGoogle Trust Services
Subjectproductsavingspot.com
Fingerprint30:96:61:60:F8:5E:A4:C2:B6:1D:5F:A0:00:85:88:99:3E:33:A9:D2
ValidityTue, 02 Jul 2024 10:54:56 GMT - Mon, 30 Sep 2024 10:54:55 GMT

File type
HTML document, ASCII text, with no line terminators
Size
146 B (146 bytes)
Hash
40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca

HTTP Headers

GET /redirect/ow/ettvhl/logo.png HTTP/1.1
Host: www.productsavingspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.productsavingspot.com/redirect/ow/ettvhl/
Cookie: PHPSESSID=cv0ts58gep6peaoru261psevmg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Wed, 14 Aug 2024 03:45:00 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vvwue4gMZXMIwEbnYim9Zl8Qg0FSUcH%2BSLVbvXsq0IrFFgJdpv1oAVaIr%2BD8jyrey9N5U11BxcbpWh%2Fm6xQnvBs9sRxKqmfJr5GIvF%2F0S6EULVIuJnekrm75fh7%2FXRmt73ghrXiZIVOzqiuO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b2df316fc91569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET www.google.com/recaptcha/api2/bframe?hl=en&v=hfUfsXWZFeg83qqxrK27GB8P&k=6LdFPHAUAAAAAGwH1PWzjto1S36pZrq0c0VlSd1T

142.250.74.164

200 OK

7.5 kB

URL GET HTTP/3
www.google.com/recaptcha/api2/bframe?hl=en&v=hfUfsXWZFeg83qqxrK27GB8P&k=6LdFPHAUAAAAAGwH1PWzjto1S36pZrq0c0VlSd1T
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.productsavingspot.com/redirect/ow/ettvhl/
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintA9:52:08:E0:FC:37:B4:6B:5F:CF:C5:AB:C4:10:C7:D6:00:4D:DC:69
ValidityTue, 30 Jul 2024 12:32:53 GMT - Tue, 22 Oct 2024 12:32:52 GMT

File type
HTML document, ASCII text, with very long lines (7683), with no line terminators
Size
7.5 kB (7452 bytes)
Hash
9c9ab854ad371561d74bad06df52753e
a42469ae6dc1909a98ad7ef6bccf1af1fe6aaf06
a03517a355364c4132d61f51836a683a6a7ed1fa50552e42d6ee6fbb156bffa8

HTTP Headers

GET /recaptcha/api2/bframe?hl=en&v=hfUfsXWZFeg83qqxrK27GB8P&k=6LdFPHAUAAAAAGwH1PWzjto1S36pZrq0c0VlSd1T HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.productsavingspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 14 Aug 2024 03:45:01 GMT
content-security-policy: script-src 'nonce-gXZzfDzM6qOqq6SsjuUCMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash