firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 12:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZZuSmogFhTNmJdTDpk2kmAyF9r1N1N_Udhs22cd2rEcR8-I-pA8kkQ==
Age: 624
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4553
Expires: Tue, 04 Oct 2022 14:13:22 GMT
Date: Tue, 04 Oct 2022 12:57:29 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VCP8COnMCFJdReIBXtf9v_wutdk6zy3WRFCFl9c6DprAkq_72Uhcsw==
age: 26942
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 12:57:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 12:29:33 GMT
Expires: Tue, 04 Oct 2022 13:17:17 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: T8yWl36PeLA1Fy-sUKQro8bEoT4WKMhlSBT9vaYl6RsIykisOstOtA==
Age: 1676
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 16ebfb2aa621547ecf581e26fc828a7d
f78993331f6f5b8af6409a9ad2fc50b77070f68a
0f81fd1d6be9ccc04b74f0348aafe642c7b9ab7dffb7e8a679b5d67cc2e5fac3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6506
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:57:29 GMT
Last-Modified: Tue, 04 Oct 2022 11:09:03 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.240.140.78101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.240.140.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dFl6KEVIuWkQF+VaNU7yXA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Objn8xmkhQCYw9q9xbY0Mt/yVQM=
www.googletagmanager.com/gtag/js?id=UA-115471247-4
142.250.74.168302 Found 255 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=UA-115471247-4
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 371dbea600d74335cf29015056e6690f
81b007e9c158406526f4881fa29e9da41fd1919b
6d0c6ac13370d37beba8158e7e3d5abbd32fbadafaa972f53e2fe5830609583b
GET /gtag/js?id=UA-115471247-4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=UA-115471247-4
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 04 Oct 2022 12:57:30 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 255
X-XSS-Protection: 0
guhzcoituz.com/product/chunli-black-dress-for-g3f/
198.54.120.179200 OK 15 kB URL HTTP/1.1 guhzcoituz.com/product/chunli-black-dress-for-g3f/
IP 198.54.120.179:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (8047)
Hash 5f12f08a6da274629b24d82b4d31ac3e
2e517f5b9664c360f3a6a8b3f634c0d971922b05
9fa54e5e9adb23ce65ac610a2f8973b69ef221da0fc1b6ea69e71cd95cc08586
Analyzer Verdict Alert fortinet Phishing
GET /product/chunli-black-dress-for-g3f/ HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
x-powered-by: PHP/7.4.30
content-type: text/html; charset=UTF-8
link: <https://guhzcoituz.com/wp-json/>; rel="https://api.w.org/", <https://guhzcoituz.com/wp-json/wp/v2/product/1303>; rel="alternate"; type="application/json", <https://guhzcoituz.com/?p=1303>; rel=shortlink
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Tue, 04 Oct 2022 12:57:30 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:57:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5ba23234dfb31276cc3bf9a347508595
a225d0a9ecf5d7f0032816c6f3d4a5ae1f3b27a3
33558bed4856ac3f2a7267965521b316ccd3ccc669877994c6c590e2d2a1b559
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:57:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-115471247-4
142.250.74.168200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-115471247-4
IP 142.250.74.168:0
File type ASCII text, with very long lines (2039)
Hash 3b6623c081bed19a45f2df521d48adb0
e4ec406b0e883144d7e08e0a2c140031216e6a44
0eae9e81e3e3c742ffd2eab9ba7d4ff9184a0241f780edd395c273e699225cfb
GET /gtag/js?id=UA-115471247-4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://guhzcoituz.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 04 Oct 2022 12:57:30 GMT
expires: Tue, 04 Oct 2022 12:57:30 GMT
cache-control: private, max-age=900
last-modified: Tue, 04 Oct 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42396
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
guhzcoituz.com/wp-content/plugins/woocommerce/assets/css/photoswipe/default-skin/default-skin.min.css?ver=6.9.2
198.54.120.179200 OK 2.2 kB URL HTTP/1.1 guhzcoituz.com/wp-content/plugins/woocommerce/assets/css/photoswipe/default-skin/default-skin.min.css?ver=6.9.2
IP 198.54.120.179:0
File type ASCII text, with very long lines (7887), with no line terminators
Hash 61154e9d96ec472cbcea1affc932be79
7151d9bd4589ef75509c74c1999f406536d0970f
874fcdd88da22368be5076d6e3d07ebc203380cb65c3aed0a06263545a6f94ee
GET /wp-content/plugins/woocommerce/assets/css/photoswipe/default-skin/default-skin.min.css?ver=6.9.2 HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:30 GMT
content-type: text/css
last-modified: Fri, 16 Sep 2022 07:27:52 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2199
date: Tue, 04 Oct 2022 12:57:30 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
guhzcoituz.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.9.2
198.54.120.179200 OK 3.1 kB URL HTTP/1.1 guhzcoituz.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.9.2
IP 198.54.120.179:0
File type ASCII text, with very long lines (17809), with no line terminators
Hash c8ae788e26d3d7f48505568e7c72132b
b805fc0b26324c98d6c520f4f7500b48788fce7a
a9d92cc15de84401f0427fb67cb14eb356cdc172e4def9c28681973a29845c3e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.9.2 HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:30 GMT
content-type: text/css
last-modified: Fri, 16 Sep 2022 07:27:52 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3060
date: Tue, 04 Oct 2022 12:57:30 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
guhzcoituz.com/wp-content/themes/hello-elementor/style.min.css?ver=2.6.1
198.54.120.179200 OK 2.1 kB URL HTTP/1.1 guhzcoituz.com/wp-content/themes/hello-elementor/style.min.css?ver=2.6.1
IP 198.54.120.179:0
File type ASCII text, with very long lines (6051), with no line terminators
Hash 2177170bbc1ea29a9e8d60dac0f4dac5
21cd7012356dc639396fc816b13bf0e44849d930
791e4d7cc79ec42be0e6873107ef56e402c114d6c58868875069b33180dc34fc
GET /wp-content/themes/hello-elementor/style.min.css?ver=2.6.1 HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:30 GMT
content-type: text/css
last-modified: Fri, 12 Aug 2022 04:26:46 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2123
date: Tue, 04 Oct 2022 12:57:30 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
guhzcoituz.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
198.54.120.179200 OK 15 kB URL HTTP/1.1 guhzcoituz.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 198.54.120.179:0
File type ASCII text, with very long lines (43771)
Hash 06bb89263c0bf7c83022cd53f3823611
342763c5bebefd3dcb03753c47dd27fa68a59bca
e64a3084730835919d5e79f913aeb550bfd5cd1cc43c331003e91019bac25ed0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:30 GMT
content-type: text/css
last-modified: Fri, 12 Aug 2022 04:14:24 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 15139
date: Tue, 04 Oct 2022 12:57:30 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
guhzcoituz.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.9.2
198.54.120.179200 OK 11 kB URL HTTP/1.1 guhzcoituz.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.9.2
IP 198.54.120.179:0
File type Unicode text, UTF-8 text, with very long lines (62753), with no line terminators
Hash 3926ca4b720339860698266161e0add1
3f48bea765fb5d24bca5c262108d9fdbc9459290
cbfea401c9bc342a444807d8d103c234c5c3254dccee3df58f3cce7572369dd8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.9.2 HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:30 GMT
content-type: text/css
last-modified: Fri, 16 Sep 2022 07:27:52 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 11080
date: Tue, 04 Oct 2022 12:57:30 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:57:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
guhzcoituz.com/wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1
198.54.120.179200 OK 3.3 kB URL HTTP/1.1 guhzcoituz.com/wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1
IP 198.54.120.179:0
File type ASCII text, with very long lines (15672), with no line terminators
Hash f8e7aa73b58e8bc7223af198d217e740
919fbdee0b7993c9a0ac7a7b4cbdd0f8fc3bebf2
d8b00605a26a5d41c2cc94ea3d31da9d698c87cf8c71de58a75c417590ee3080
GET /wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1 HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:30 GMT
content-type: text/css
last-modified: Fri, 12 Aug 2022 04:26:46 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3299
date: Tue, 04 Oct 2022 12:57:30 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5ba23234dfb31276cc3bf9a347508595
a225d0a9ecf5d7f0032816c6f3d4a5ae1f3b27a3
33558bed4856ac3f2a7267965521b316ccd3ccc669877994c6c590e2d2a1b559
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:57:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
guhzcoituz.com/wp-content/uploads/elementor/css/post-6153.css?ver=1660278484
198.54.120.179200 OK 394 B URL HTTP/1.1 guhzcoituz.com/wp-content/uploads/elementor/css/post-6153.css?ver=1660278484
IP 198.54.120.179:0
File type ASCII text, with very long lines (1169), with no line terminators
Hash 648693964614eed003ff8cb73715b18a
99bfb6504de254bb33ad51cccd1f359e0e369a6e
918b897c3a2fc274c8209afacc46ac792af0e8662ea9e050eaccc781035978d9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-6153.css?ver=1660278484 HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:30 GMT
content-type: text/css
last-modified: Fri, 12 Aug 2022 04:28:04 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 394
date: Tue, 04 Oct 2022 12:57:30 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
guhzcoituz.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.9.0
198.54.120.179200 OK 3.6 kB URL HTTP/1.1 guhzcoituz.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.9.0
IP 198.54.120.179:0
File type ASCII text, with very long lines (1571)
Hash 662d46b63ff7c7ed147da84f3136d2be
d37c3860bddb675ed3085acf4cccfe5eaa203fab
c6a1d02fe7cd4ed34a5231617a8dfe0a89c168b4ededebfff8c3ceb8f1233d54
GET /wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.9.0 HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:30 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 17:38:42 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3558
date: Tue, 04 Oct 2022 12:57:30 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
guhzcoituz.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
198.54.120.179200 OK 4.6 kB URL HTTP/1.1 guhzcoituz.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 198.54.120.179:0
File type ASCII text, with very long lines (11126)
Hash a5ffc5f13084a2c13c864ba30fea34aa
0ddd15b8c844e0a39734a45668f772907913901a
18846359c368facb0a297df866b58c9d9c1ac2cb6c4bb1222e8b9b195b2c201e
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:30 GMT
content-type: application/javascript
last-modified: Fri, 12 Aug 2022 04:14:24 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4564
date: Tue, 04 Oct 2022 12:57:30 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0196e9e69891de0b6ac94e7db35de37f
c6ff946ba80336fe8db7b690a9f3f407b93977e9
2716696075e7e6eb043607e89fb307afd6682b488fedf6f70ad6b6393e68a40e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2716696075E7E6EB043607E89FB307AFD6682B488FEDF6F70AD6B6393E68A40E"
Last-Modified: Sun, 02 Oct 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21522
Expires: Tue, 04 Oct 2022 18:56:12 GMT
Date: Tue, 04 Oct 2022 12:57:30 GMT
Connection: keep-alive
guhzcoituz.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.6
198.54.120.179200 OK 18 kB URL HTTP/1.1 guhzcoituz.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.6
IP 198.54.120.179:0
File type ASCII text, with very long lines (65497)
Hash be254e6aab259c4f2fd41fe9d0a191ef
de66022e727835a816af1fc979c9a99000afbea2
9a476f437f8cfdd86a871fa5fc64d6249af420573aafe3a87440bde399758c8b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.6 HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:30 GMT
content-type: text/css
last-modified: Fri, 16 Sep 2022 07:27:47 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 18041
date: Tue, 04 Oct 2022 12:57:30 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
guhzcoituz.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
198.54.120.179200 OK 36 kB URL HTTP/1.1 guhzcoituz.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 198.54.120.179:0
File type ASCII text, with very long lines (65447)
Hash a7c6bc20dcb2608ef036eae4d8e971ef
0276b11e4416e727b7af4ee5f62eb2483e4b2ce2
b4af4ea5a6c5544cf1a1c219a2bae269d4982b7819dc3e411304b6a880eb7a00
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:30 GMT
content-type: application/javascript
last-modified: Fri, 12 Aug 2022 04:14:24 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 36052
date: Tue, 04 Oct 2022 12:57:30 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
guhzcoituz.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.9.2
198.54.120.179200 OK 1.2 kB URL HTTP/1.1 guhzcoituz.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.9.2
IP 198.54.120.179:0
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 06a7a07004094fad9c600309be6953a2
ce64aba2c8b7b4801ea6784994d938aed1122e52
5422b0bc815668f0463bad8abd5328c15bc400800a96dbe6224ff574d1269e5d
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.9.2 HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:31 GMT
content-type: application/javascript
last-modified: Fri, 16 Sep 2022 07:27:52 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1174
date: Tue, 04 Oct 2022 12:57:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
guhzcoituz.com/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.7.0
198.54.120.179200 OK 389 B URL HTTP/1.1 guhzcoituz.com/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.7.0
IP 198.54.120.179:0
Hash d8f6fd391280254856cba08cb9cc0038
dff58c073b52eafe3c6f9752ae9c8b3cc3abd496
c4392cab51d5da49b3ec44020acdcd68f9e3cfe64a632d2a88706de0f02fe9cd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.7.0 HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:31 GMT
content-type: application/javascript
last-modified: Fri, 12 Aug 2022 04:14:37 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 389
date: Tue, 04 Oct 2022 12:57:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
guhzcoituz.com/wp-content/plugins/search-filter/style.css?ver=1
198.54.120.179200 OK 225 B URL HTTP/2 guhzcoituz.com/wp-content/plugins/search-filter/style.css?ver=1
IP 198.54.120.179:0
Hash 4c232d45b73325db5f0ec3a5497279f2
776cd6c187db3e25d9aabded1242ff82a02546e7
93a186672880c5ad603ad366fc196256a3b923cecdbed5d0e9141abf39f4650a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/search-filter/style.css?ver=1 HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guhzcoituz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:31 GMT
content-type: text/css
last-modified: Fri, 12 Aug 2022 04:14:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 225
date: Tue, 04 Oct 2022 12:57:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
guhzcoituz.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
198.54.120.179200 OK 5.8 kB URL HTTP/1.1 guhzcoituz.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 198.54.120.179:0
File type ASCII text, with very long lines (15660)
Hash 8d1ea9267894d63ba4c9ba45b845bf75
d42e28a1369c0c3e3d4eff65f21b8c72960cee0a
3be43ab5ea0a6131c8bc5b7a4207eff0516ac5c37fabddd5d879784bcbb299ba
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:31 GMT
content-type: application/javascript
last-modified: Fri, 12 Aug 2022 04:14:24 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 5806
date: Tue, 04 Oct 2022 12:57:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
guhzcoituz.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.3.2
198.54.120.179200 OK 2.3 kB URL HTTP/1.1 guhzcoituz.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.3.2
IP 198.54.120.179:0
File type ASCII text, with very long lines (10435), with no line terminators
Hash bc691db676adafb00ad62e956f11e815
d0fae56b2590dcfe64ab4086ee089ce2697908dc
1016c61921233d319f5409eec320cf010d5ded5de7fb847186039f421c7e5522
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.3.2 HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:31 GMT
content-type: text/css
last-modified: Fri, 16 Sep 2022 07:27:53 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2253
date: Tue, 04 Oct 2022 12:57:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
guhzcoituz.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
198.54.120.179200 OK 3.2 kB URL HTTP/1.1 guhzcoituz.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
IP 198.54.120.179:0
File type ASCII text, with very long lines (9680), with no line terminators
Hash 17f4262c1d656a158e6a622b2ee235b0
32be9d63183d1bb6dc5c1098dce9382573750976
6c839ad2435d9cb3ab774b68faf4e08e26f95131cfeb38cacae18518234c2bc7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:31 GMT
content-type: application/javascript
last-modified: Thu, 01 Sep 2022 17:38:24 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3197
date: Tue, 04 Oct 2022 12:57:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
guhzcoituz.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
198.54.120.179200 OK 1.0 kB URL HTTP/1.1 guhzcoituz.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
IP 198.54.120.179:0
Hash 2878b78cee4f1d95757df322afd6c523
affc237aefe4a37614fc20e35bd2c3cdba9a44f7
29a929599c21ebff1c78bf6161c341a6705abbcf41f576dfc1ff220a26c355a9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:31 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 17:38:24 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1048
date: Tue, 04 Oct 2022 12:57:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
guhzcoituz.com/wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.min.css?ver=6.9.2
198.54.120.179200 OK 1.1 kB URL HTTP/1.1 guhzcoituz.com/wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.min.css?ver=6.9.2
IP 198.54.120.179:0
File type ASCII text, with very long lines (3287), with no line terminators
Hash dd6ca56f7b68702bc18bbe9f5fd0402e
21cac8c45bbf9cec94a353b5315ce853f615a758
3f7fea303b5166679a36fd2faa76fd0227200f97f348473dabeba66a9209e2a3
GET /wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.min.css?ver=6.9.2 HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:31 GMT
content-type: text/css
last-modified: Fri, 16 Sep 2022 07:27:52 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1082
date: Tue, 04 Oct 2022 12:57:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3115
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 12:57:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3115
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 12:57:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3115
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 12:57:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 515e23ff5ef0fc336ac5ec7fd31dfacd
a98da6b6ce993bd8f3b58ba42915cd9c4b45946c
77c186eb00def4a978d1bfd9eac755f70bf465f622991aaf6681227aec3e118a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8508
x-amzn-requestid: 63afa079-f66e-428a-b491-c5859aed2e3b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZJFU9EknoAMF1uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63338285-54f784262318d7ca0e560d44;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 23:08:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GWTKxBPZnk_dqf9onY05WB16ubdsa93FcrjpqVxBrqBbCZXLSk_HHg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 14:41:51 GMT
age: 80140
etag: "a98da6b6ce993bd8f3b58ba42915cd9c4b45946c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 54b3ef7aa50273b78b59c24511b0c1f9
e2ea2ef6805e391c497e62e101e76a0bdecfce64
296e8954022d5160137b3e02ab5085a15cee7c23cd6d4ca61b36880706062457
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11955
x-amzn-requestid: ce6bbe93-95b0-4b6e-a8bc-012796485e67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zcqb9FUtoAMF0WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b577f-59dc0a18523f900a059aa5df;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: tJwzKfs7HnQ7dVcINwnlzxTChXiEi4JPj8jrS8p5KhurRx_o3ZVOZQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:10:59 GMT
etag: "e2ea2ef6805e391c497e62e101e76a0bdecfce64"
content-type: image/jpeg
age: 53192
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c6882c60d7ca6f918c77104e3ad1d52
20ef861be49c652a938e0145e4ca3a60159367e2
861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ovm2wuk28PygH4EZNEUoPchoHQggWCyXbYHOjMV1tZmfyDrL6PjPZA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:29:19 GMT
age: 52092
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6779181f9c06975f2a662da743893939
585e7146fd24cdc2496b05baafea04091dc541e2
8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MiSh_FjAciKCaOakY2mM_EHBN1Z6GIDYIP8mwS4ikkrToQN3Ktsv2g==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:56:46 GMT
age: 54045
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
guhzcoituz.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
198.54.120.179200 OK 4.4 kB URL HTTP/1.1 guhzcoituz.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
IP 198.54.120.179:0
File type HTML document, ASCII text, with very long lines (12211), with no line terminators
Hash 8579a773244ff98cce5f98fd252aca81
871debff0bc86d8f9b1fcd950b8bd70a08762026
c3e3fc1ad17c1e1c5b610649d79e202b3e3a8b7d441b62bc3d8dafeeae309bd8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:31 GMT
content-type: application/javascript
last-modified: Thu, 01 Sep 2022 17:38:24 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4376
date: Tue, 04 Oct 2022 12:57:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8c08f8066cc732de8befd6ccd629a95
22aab05208a01ae5def4d63dc145085630f57bcb
f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p5nOqBojKO6S-c_DxIu8B3p-NK0pzRHkz0DOPeyv7PQt9h0x1jdtoQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:55:54 GMT
age: 54097
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962fb2a2-ad40-48cf-87a7-de082c564a5e.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962fb2a2-ad40-48cf-87a7-de082c564a5e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f2287c489794dab0e9ba923a2057988f
2b9f6828a38da81b40dcad033572e48b4c5896db
e853fa2acf2425d14cb9746e8bbd45c8765598d2bb630859086b4668182dbf6c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962fb2a2-ad40-48cf-87a7-de082c564a5e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8534
x-amzn-requestid: 8ae51cd3-697b-47ed-8493-8f83e2bc7469
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHuHlXoAMFucg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-165d72034440cf810d42f3bd;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LPt8LUVoKhXjfz-jZHLmnWD15tQgSLRaxl-Bsl0UU83G7wm3jj7_mg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:37:24 GMT
age: 51607
etag: "2b9f6828a38da81b40dcad033572e48b4c5896db"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
guhzcoituz.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.3.2
198.54.120.179200 OK 30 kB URL HTTP/1.1 guhzcoituz.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.3.2
IP 198.54.120.179:0
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Hash 6bd592e8d65bcc47c2f45961bb53d630
46d228fcf22f30c91626c8eb1003495c514bad3d
a02769f661332365b2696a827b7571ca0b0d7d3827085df2b5db202d6244a0cd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.3.2 HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:31 GMT
content-type: text/css
last-modified: Fri, 16 Sep 2022 07:27:53 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 30290
date: Tue, 04 Oct 2022 12:57:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
guhzcoituz.com/wp-content/plugins/js_composer/assets/lib/flexslider/jquery.flexslider.min.js?ver=6.7.0
198.54.120.179200 OK 8.9 kB URL HTTP/1.1 guhzcoituz.com/wp-content/plugins/js_composer/assets/lib/flexslider/jquery.flexslider.min.js?ver=6.7.0
IP 198.54.120.179:0
File type ASCII text, with very long lines (30459)
Hash 4a01373ec4b96cc8a57205d597906bda
c7045a2cf2ead243135a69eb3cda09b15d452a3f
1a44da5c5ff3c6ed06a9afeab0f36d0ef75a569529692a23740e5f059271af6f
GET /wp-content/plugins/js_composer/assets/lib/flexslider/jquery.flexslider.min.js?ver=6.7.0 HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:31 GMT
content-type: application/javascript
last-modified: Fri, 12 Aug 2022 04:14:37 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 8871
date: Tue, 04 Oct 2022 12:57:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
guhzcoituz.com/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1.1-wc.6.9.2
198.54.120.179200 OK 13 kB URL HTTP/1.1 guhzcoituz.com/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1.1-wc.6.9.2
IP 198.54.120.179:0
File type ASCII text, with very long lines (30938)
Hash 5cd4918fdd3e1450185a4d059b70eb43
842b99e9a8b7b3bd8faba1b7bfa0f0ab89e33f08
d7b6268b82c256f0ef0a380a6087bf145ef7467a51a9afc745f5a7deb0c9f114
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1.1-wc.6.9.2 HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:31 GMT
content-type: application/javascript
last-modified: Fri, 16 Sep 2022 07:27:52 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 13198
date: Tue, 04 Oct 2022 12:57:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
guhzcoituz.com/wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21-wc.6.9.2
198.54.120.179200 OK 1.2 kB URL HTTP/1.1 guhzcoituz.com/wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21-wc.6.9.2
IP 198.54.120.179:0
File type ASCII text, with very long lines (2600)
Hash d11d98d7583b1b18837d8a405575bcd8
7553c6f36851fac0621661233ed7f8e5c171cf6f
3ead0082e91336638e956c2b1a49aa766bc63a74d17b1489eb61ac7ec9ea80bc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21-wc.6.9.2 HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:31 GMT
content-type: application/javascript
last-modified: Fri, 16 Sep 2022 07:27:52 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1229
date: Tue, 04 Oct 2022 12:57:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
guhzcoituz.com/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe-ui-default.min.js?ver=4.1.1-wc.6.9.2
198.54.120.179200 OK 3.9 kB URL HTTP/1.1 guhzcoituz.com/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe-ui-default.min.js?ver=4.1.1-wc.6.9.2
IP 198.54.120.179:0
File type HTML document, ASCII text, with very long lines (9536)
Hash 39b098ded212dbdaf992d2f6d41baae8
15c9cff852cc865f68d3eb2c5e925867da9ed7c3
b3b648e5f15bf08289930337e98f39b17de3d3a422575cf46724f32e1533a440
GET /wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe-ui-default.min.js?ver=4.1.1-wc.6.9.2 HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:31 GMT
content-type: application/javascript
last-modified: Fri, 16 Sep 2022 07:27:52 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3902
date: Tue, 04 Oct 2022 12:57:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
guhzcoituz.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.9.2
198.54.120.179200 OK 3.8 kB URL HTTP/1.1 guhzcoituz.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.9.2
IP 198.54.120.179:0
File type ASCII text, with very long lines (9115)
Hash 5fb7725a2ee6ed17dffb5b271ea7f924
a65afe4ac0372597e4eff66128afab42733a3263
8421bf3b41fcba9c48a0e2cd90112dee09058f8368c35ad5c38af247685504bb
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.9.2 HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:30 GMT
content-type: application/javascript
last-modified: Fri, 16 Sep 2022 07:27:52 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3763
date: Tue, 04 Oct 2022 12:57:30 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
guhzcoituz.com/wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=6.9.2
198.54.120.179200 OK 2.1 kB URL HTTP/1.1 guhzcoituz.com/wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=6.9.2
IP 198.54.120.179:0
File type Unicode text, UTF-8 text, with very long lines (6322), with no line terminators
Hash c89b17f27327d08e226c77f8674bcbf0
bf6e2f0cb7d0ff6f4431ed7bde51c903906c0c79
edf0a331b6b4939e73cc26c1671cca1a5b8789d896edc266989e08c4e9518310
GET /wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=6.9.2 HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:31 GMT
content-type: application/javascript
last-modified: Fri, 16 Sep 2022 07:27:52 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2083
date: Tue, 04 Oct 2022 12:57:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
guhzcoituz.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.9.2
198.54.120.179200 OK 1.0 kB URL HTTP/1.1 guhzcoituz.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.9.2
IP 198.54.120.179:0
File type ASCII text, with very long lines (1668)
Hash d7deb7ee25dbefd306d47300dda470c4
99e7371a8d131897bd9119562e5f963a9eb7c034
bfeb62c906eedb44b08a84e0eb3f61c2417b57124af8cacd3824339628e980a6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.9.2 HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:31 GMT
content-type: application/javascript
last-modified: Fri, 16 Sep 2022 07:27:52 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1002
date: Tue, 04 Oct 2022 12:57:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
guhzcoituz.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.9.2
198.54.120.179200 OK 1.1 kB URL HTTP/1.1 guhzcoituz.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.9.2
IP 198.54.120.179:0
File type ASCII text, with very long lines (2938), with no line terminators
Hash 7e78d2690c41928cdc4824c813604e07
d1a5d7c7250cdd49970a1cd18ad4b18fcfec71ba
15e7a4fa22e1578475d3a664b1baba0b919db90a28ee2375730dff2c33d093f9
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.9.2 HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:31 GMT
content-type: application/javascript
last-modified: Fri, 16 Sep 2022 07:27:52 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1103
date: Tue, 04 Oct 2022 12:57:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
guhzcoituz.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.9.2
198.54.120.179200 OK 843 B URL HTTP/1.1 guhzcoituz.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.9.2
IP 198.54.120.179:0
File type ASCII text, with very long lines (2139), with no line terminators
Hash 70873bef1381d7a38bdc4fd14aa1e7a9
70c93e2b3d71105e67dd625a95de4ff0498a48d9
c01c3001448f10876291254b9f846cddadefce5c41c15504a90790960308efe1
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.9.2 HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:31 GMT
content-type: application/javascript
last-modified: Fri, 16 Sep 2022 07:27:52 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 843
date: Tue, 04 Oct 2022 12:57:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:57:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:57:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://guhzcoituz.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 494603
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:57:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://guhzcoituz.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 02 Oct 2022 01:31:40 GMT
expires: Mon, 02 Oct 2023 01:31:40 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 213951
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://guhzcoituz.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 494603
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:57:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
guhzcoituz.com/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0
198.54.120.179200 OK 1.1 kB URL HTTP/1.1 guhzcoituz.com/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0
IP 198.54.120.179:0
File type ASCII text, with very long lines (3164), with no line terminators
Hash 5608198e535f503b523f9fde3360ee35
5a8acc704d299c469d2c4179d6562a31063e7685
667d5d01b5e3a35676356247b5e603a40e072b300c2f958803e7f67b7f3b7901
GET /wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0 HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:31 GMT
content-type: application/javascript
last-modified: Fri, 12 Aug 2022 04:26:46 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1086
date: Tue, 04 Oct 2022 12:57:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
guhzcoituz.com/wp-content/plugins/woocommerce-gateway-paypal-express-checkout/assets/js/wc-gateway-ppec-order-review.js?ver=2.1.3
198.54.120.179200 OK 396 B URL HTTP/1.1 guhzcoituz.com/wp-content/plugins/woocommerce-gateway-paypal-express-checkout/assets/js/wc-gateway-ppec-order-review.js?ver=2.1.3
IP 198.54.120.179:0
Hash 1362fe43507e6f2fb3f95225a7a2b5cd
3e15678e8e04285b291a34eabe0e36427b9ec7e2
ca59098fb3e8259eb9e656cb274323fef7a84b6a3d29d3e11600ef36fed1ad0b
GET /wp-content/plugins/woocommerce-gateway-paypal-express-checkout/assets/js/wc-gateway-ppec-order-review.js?ver=2.1.3 HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:31 GMT
content-type: application/javascript
last-modified: Fri, 12 Aug 2022 04:14:38 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 396
date: Tue, 04 Oct 2022 12:57:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
guhzcoituz.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.9.2
198.54.120.179200 OK 1.3 kB URL HTTP/1.1 guhzcoituz.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.9.2
IP 198.54.120.179:0
File type ASCII text, with very long lines (7043), with no line terminators
Hash 8fb1c2c7152e7b1a69c898bdf630bcf8
18a9cb14cea8da01e239aefe77d500b14e13d859
02e00ded13c91bb6cb1267252ee16e718f646bdf35ddb7aac49d31fdab343eab
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.9.2 HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:31 GMT
content-type: text/css
last-modified: Fri, 16 Sep 2022 07:27:52 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1331
date: Tue, 04 Oct 2022 12:57:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
guhzcoituz.com/wp-content/uploads/2018/04/chunli-man-768x1152-1-595x595.jpg
198.54.120.179200 OK 34 kB URL HTTP/2 guhzcoituz.com/wp-content/uploads/2018/04/chunli-man-768x1152-1-595x595.jpg
IP 198.54.120.179:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 595x595, components 3\012- data
Hash 9f3a1b76b0f45e0df524a7cb0a2011a1
e3caa28ea7c09c89dce2a1affe2092fb0c24f30a
9e179cb681c96b080176abee36b2e295c1344a9288609d6aba95f1f264a3fad4
GET /wp-content/uploads/2018/04/chunli-man-768x1152-1-595x595.jpg HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guhzcoituz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:31 GMT
content-type: image/jpeg
last-modified: Fri, 12 Aug 2022 04:14:27 GMT
accept-ranges: bytes
content-length: 34484
date: Tue, 04 Oct 2022 12:57:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
guhzcoituz.com/wp-content/plugins/woocommerce-paypal-payments/modules/ppcp-button/assets/js/button.js?ver=1.9.3
198.54.120.179200 OK 75 kB URL HTTP/1.1 guhzcoituz.com/wp-content/plugins/woocommerce-paypal-payments/modules/ppcp-button/assets/js/button.js?ver=1.9.3
IP 198.54.120.179:0
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash 96eeafdb147037f13ae465ff87f273f6
c4e873ce7f87e74758c0e40a4bbf116f1740dfad
76906ceafb1de1eabadfa5df154b9332274403dda19df9bc08e64bcdeffaf5ce
GET /wp-content/plugins/woocommerce-paypal-payments/modules/ppcp-button/assets/js/button.js?ver=1.9.3 HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:31 GMT
content-type: application/javascript
last-modified: Fri, 16 Sep 2022 07:27:55 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 74795
date: Tue, 04 Oct 2022 12:57:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
guhzcoituz.com/wp-content/uploads/2018/04/chunli-595x893.jpg
198.54.120.179200 OK 40 kB URL HTTP/2 guhzcoituz.com/wp-content/uploads/2018/04/chunli-595x893.jpg
IP 198.54.120.179:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 595x893, components 3\012- data
Hash 60668945b97174ec61a175b629514ed5
9979932b70ef4bd7443e8a12b375a52ee3f1ea09
fa36e47fec19dfeba079ff3fe833ea4c0c63611c674cc4e73a0c66e9ed37ecef
GET /wp-content/uploads/2018/04/chunli-595x893.jpg HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guhzcoituz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:31 GMT
content-type: image/jpeg
last-modified: Fri, 12 Aug 2022 04:14:27 GMT
accept-ranges: bytes
content-length: 40127
date: Tue, 04 Oct 2022 12:57:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fdf91f6e6430159255a855cfa8db51bd
6c1283d1b8dc5e95d3f1b01d40f11ddacea7907a
6f023549dea5615ad2c405c3c1ab1d9ef8f0c8792646644c13b15bd63a642633
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 471
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:57:32 GMT
Last-Modified: Tue, 04 Oct 2022 12:49:41 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
s.w.org/images/core/emoji/14.0.0/svg/1f50d.svg
192.0.77.48200 OK 460 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f50d.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (460), with no line terminators
Hash ddeb2a90dd32867b77e22b1eccf5fa55
4d82637afe3e2c9db1b4de57deff09c321d9bcc0
426d4db7bb4ca89f374e8c1b85807741e44b26a8d1691517f670256125624134
GET /images/core/emoji/14.0.0/svg/1f50d.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guhzcoituz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 12:57:32 GMT
content-type: image/svg+xml
content-length: 460
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
guhzcoituz.com/wp-content/uploads/2018/04/chun3-595x903.jpg
198.54.120.179200 OK 53 kB URL HTTP/2 guhzcoituz.com/wp-content/uploads/2018/04/chun3-595x903.jpg
IP 198.54.120.179:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 595x903, components 3\012- data
Hash fdf65507ae1fa04d5678532825acc22c
721b3f7ef37181aaa8f55e9ff9693a98efc5051c
797a63834bcda6b6cdf25d13a0ac5b52ed2d5a64e77f425d6503ea931744e4ea
GET /wp-content/uploads/2018/04/chun3-595x903.jpg HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guhzcoituz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:31 GMT
content-type: image/jpeg
last-modified: Fri, 12 Aug 2022 04:14:27 GMT
accept-ranges: bytes
content-length: 52638
date: Tue, 04 Oct 2022 12:57:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
guhzcoituz.com/wp-content/uploads/2018/04/chun4-595x903.jpg
198.54.120.179200 OK 68 kB URL HTTP/2 guhzcoituz.com/wp-content/uploads/2018/04/chun4-595x903.jpg
IP 198.54.120.179:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 595x903, components 3\012- data
Hash 5ff39bbd19e175f6bf49c95d84d5be43
7c1edc6d8f1b1b643b775f9fe5a0ea1468d3de13
a7fe17362157a91a1f523c3d39b61767f90cfdb0c9a6f73b61f0159ddd4709c0
GET /wp-content/uploads/2018/04/chun4-595x903.jpg HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guhzcoituz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:31 GMT
content-type: image/jpeg
last-modified: Fri, 12 Aug 2022 04:14:27 GMT
accept-ranges: bytes
content-length: 67565
date: Tue, 04 Oct 2022 12:57:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
guhzcoituz.com/wp-content/uploads/2018/04/chunli-man-768x1152-1-100x100.jpg
198.54.120.179200 OK 3.0 kB URL HTTP/2 guhzcoituz.com/wp-content/uploads/2018/04/chunli-man-768x1152-1-100x100.jpg
IP 198.54.120.179:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 100x100, components 3\012- data
Hash ce51d4432b0e22c30e419ecdaa3bd009
147e300cd6a7a3b8edc395a41b908332e2ac5df0
ae18093187aa478d80c1a95ab1b69379c522cfffe7fece159a63d081d48489d0
GET /wp-content/uploads/2018/04/chunli-man-768x1152-1-100x100.jpg HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guhzcoituz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:32 GMT
content-type: image/jpeg
last-modified: Fri, 12 Aug 2022 04:14:27 GMT
accept-ranges: bytes
content-length: 3030
date: Tue, 04 Oct 2022 12:57:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
guhzcoituz.com/wp-content/uploads/2018/04/chunli-100x100.jpg
198.54.120.179200 OK 2.6 kB URL HTTP/2 guhzcoituz.com/wp-content/uploads/2018/04/chunli-100x100.jpg
IP 198.54.120.179:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 100x100, components 3\012- data
Hash ca604807c2f1ebfecf1e702640e68d19
9cfdbf976345f06827cbff3dc3e3296e686e5058
7528e5f418fa36128d96dbf6ac9702697dbd85ccd2a1e9ea61382333fb9b375d
GET /wp-content/uploads/2018/04/chunli-100x100.jpg HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guhzcoituz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:32 GMT
content-type: image/jpeg
last-modified: Fri, 12 Aug 2022 04:14:27 GMT
accept-ranges: bytes
content-length: 2619
date: Tue, 04 Oct 2022 12:57:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
guhzcoituz.com/wp-content/uploads/2018/04/chun3-100x100.jpg
198.54.120.179200 OK 3.2 kB URL HTTP/2 guhzcoituz.com/wp-content/uploads/2018/04/chun3-100x100.jpg
IP 198.54.120.179:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 100x100, components 3\012- data
Hash 3d166be94dd56063a6109cfa1029e1e9
71cac7541ee674a9b11da7d6741ffc9807771a5d
0433365cdb946c544793f6dc4afa7822b3596081913086e0e38a1b41bd39036a
GET /wp-content/uploads/2018/04/chun3-100x100.jpg HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guhzcoituz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:32 GMT
content-type: image/jpeg
last-modified: Fri, 12 Aug 2022 04:14:27 GMT
accept-ranges: bytes
content-length: 3243
date: Tue, 04 Oct 2022 12:57:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
guhzcoituz.com/wp-content/uploads/2018/04/chun4-100x100.jpg
198.54.120.179200 OK 3.9 kB URL HTTP/2 guhzcoituz.com/wp-content/uploads/2018/04/chun4-100x100.jpg
IP 198.54.120.179:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 100x100, components 3\012- data
Hash 5ab6b16a2685c6b3d1230c421e565b69
20429e27388351204fe834b78374224ed4cd2b67
ebdf825983961198c4571fce4e27dd802478b2814217ef1b60a5ee5c21fe2a89
GET /wp-content/uploads/2018/04/chun4-100x100.jpg HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guhzcoituz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:32 GMT
content-type: image/jpeg
last-modified: Fri, 12 Aug 2022 04:14:27 GMT
accept-ranges: bytes
content-length: 3875
date: Tue, 04 Oct 2022 12:57:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.paypal.com/sdk/js?client-id=AQhQJTmrifE3cbdTJXX_Xv72VlNBH-JWSQS0biSLDHQVe9QMaM6Iw7UezQxv5h-Z7A-crpKSv2bPGL4R¤cy=USD&integration-date=2022-04-13&components=buttons,funding-eligibility&vault=false&commit=false&intent=capture&disable-funding=card,credit&enable-funding=venmo
151.101.65.21200 OK 92 kB URL HTTP/2 www.paypal.com/sdk/js?client-id=AQhQJTmrifE3cbdTJXX_Xv72VlNBH-JWSQS0biSLDHQVe9QMaM6Iw7UezQxv5h-Z7A-crpKSv2bPGL4R¤cy=USD&integration-date=2022-04-13&components=buttons,funding-eligibility&vault=false&commit=false&intent=capture&disable-funding=card,credit&enable-funding=venmo
IP 151.101.65.21:0
File type ASCII text, with very long lines (65472)
Hash 7cca45d50156863bb37eeb69c4beb4d7
3b08ea4fb3b860d0e2adb3a76fe0aa55f86620d4
3d375e71eeb050ac00d2892f36b0aeb2e2afe09e5acfc6fa0f98e6132ba96f99
GET /sdk/js?client-id=AQhQJTmrifE3cbdTJXX_Xv72VlNBH-JWSQS0biSLDHQVe9QMaM6Iw7UezQxv5h-Z7A-crpKSv2bPGL4R¤cy=USD&integration-date=2022-04-13&components=buttons,funding-eligibility&vault=false&commit=false&intent=capture&disable-funding=card,credit&enable-funding=venmo HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guhzcoituz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
content-encoding: gzip
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-gwy+v8RDf+HKvGbF2Abrex2g82BMV+a7XsClfWcCDksLKutG' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-gwy+v8RDf+HKvGbF2Abrex2g82BMV+a7XsClfWcCDksLKutG' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: application/javascript; charset=utf-8
etag: W/"1662e-OwjqT7O4YNDirbOnb+CqVfhmINQ"
p3p: true
paypal-debug-id: f8437629b2157
traceparent: 00-0000000000000000000f8437629b2157-bdc3cea931d13904-01
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 04 Oct 2022 12:57:33 GMT
age: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11541-HHN, cache-bma1645-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1664888253.865843,VS0,VE635
vary: Accept-Encoding
server-timing: "traceparent;desc="00-0000000000000000000f8437629b2157-ad0c753037b40598-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
content-length: 91694
X-Firefox-Spdy: h2
www.paypal.com/tagmanager/pptm.js?id=guhzcoituz.com&t=xo&v=5.0.334&source=payments_sdk&client_id=AQhQJTmrifE3cbdTJXX_Xv72VlNBH-JWSQS0biSLDHQVe9QMaM6Iw7UezQxv5h-Z7A-crpKSv2bPGL4R&comp=buttons,funding-eligibility&vault=false
151.101.65.21200 OK 4.8 kB URL HTTP/2 www.paypal.com/tagmanager/pptm.js?id=guhzcoituz.com&t=xo&v=5.0.334&source=payments_sdk&client_id=AQhQJTmrifE3cbdTJXX_Xv72VlNBH-JWSQS0biSLDHQVe9QMaM6Iw7UezQxv5h-Z7A-crpKSv2bPGL4R&comp=buttons,funding-eligibility&vault=false
IP 151.101.65.21:0
File type ASCII text, with very long lines (13605)
Hash f6957cd70edd834a6eb2b34ab9c1b763
caffcc648455d1efdb6d73469a63a8e43515b2a7
69f2d2363d7e93951b19230cb5513d61fabd6f5c6e0a902780003f4c96ab6b31
GET /tagmanager/pptm.js?id=guhzcoituz.com&t=xo&v=5.0.334&source=payments_sdk&client_id=AQhQJTmrifE3cbdTJXX_Xv72VlNBH-JWSQS0biSLDHQVe9QMaM6Iw7UezQxv5h-Z7A-crpKSv2bPGL4R&comp=buttons,funding-eligibility&vault=false HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guhzcoituz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-AQ4DPw5sP8RH0Gn3vbWMR12cgfhB3n5RAy6dKt2AK0QzI4uU' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-type: application/x-javascript; charset=utf-8
etag: W/"3550-z/69hoNSM92vaFx6ML0XZG7sRM8"
paypal-debug-id: f693122e68b17
traceparent: 00-0000000000000000000f693122e68b17-7d3bf0d9002fd3da-01
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 04 Oct 2022 12:57:33 GMT
age: 16644
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4070-HHN, cache-bma1645-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 1
x-timer: S1664888254.614967,VS0,VE2
vary: Accept-Encoding
server-timing: "traceparent;desc="00-0000000000000000000f693122e68b17-9dd7dae029defe82-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
content-length: 4757
X-Firefox-Spdy: h2
www.paypalobjects.com/muse/muse.js
192.229.221.25200 OK 16 kB URL HTTP/2 www.paypalobjects.com/muse/muse.js
IP 192.229.221.25:0
File type ASCII text, with very long lines (55891)
Hash 6aebbe482c72000aea20895991f70478
eff1d3370786f9ee4ea539776bc43ab9bece89ba
2acb950bc7678b9e6c265194821fac386bf555db582ee8c0e2d9e68ff3eaa862
GET /muse/muse.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guhzcoituz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-type: application/javascript
date: Tue, 04 Oct 2022 12:57:33 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "6271663d-da91"
expires: Tue, 04 Oct 2022 13:57:33 GMT
last-modified: Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id: 55d0c6c247ddd
server: ECAcc (ska/F6AB)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-000000000000000000055d0c6c247ddd-5b76398c2b118d54-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 16464
X-Firefox-Spdy: h2
www.paypalobjects.com/muse/analytics/index.html
192.229.221.25200 OK 17 kB URL HTTP/2 www.paypalobjects.com/muse/analytics/index.html
IP 192.229.221.25:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (55410)
Hash 56fc10c2e8100a7e4418dc987c23d7a5
5c11880437f36368f82da60522bfcb0d57b395cf
326df6156907ef357f13bf48a5a3798dd4e692345d04fb4edad8370058d1198a
GET /muse/analytics/index.html HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guhzcoituz.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-type: text/html
date: Tue, 04 Oct 2022 12:57:33 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "6271663d-d994"
expires: Tue, 04 Oct 2022 13:57:33 GMT
last-modified: Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id: c0e181490f2c5
server: ECAcc (ska/F764)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000c0e181490f2c5-4300392cc829bef3-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 16791
X-Firefox-Spdy: h2
guhzcoituz.com/wp-content/uploads/2018/04/chunli-man-768x1152-1.jpg
198.54.120.179200 OK 82 kB URL HTTP/2 guhzcoituz.com/wp-content/uploads/2018/04/chunli-man-768x1152-1.jpg
IP 198.54.120.179:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1152, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=768], baseline, precision 8, 768x768, components 3\012- data
Hash 83d7d942385d81ca29bf77d19f5aa3f9
e5ef3e78704726d7fae5c0d7ee16840aa695cf7a
f3d2c9ddd1bcdd9653a965b4de4c704b0eb4f4a0ff7762acd11b493d2c269d55
GET /wp-content/uploads/2018/04/chunli-man-768x1152-1.jpg HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guhzcoituz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:32 GMT
content-type: image/jpeg
last-modified: Fri, 12 Aug 2022 04:14:27 GMT
accept-ranges: bytes
content-length: 82411
date: Tue, 04 Oct 2022 12:57:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.paypal.com/targeting/graphql
151.101.65.21204 No Content 0 B URL HTTP/2 www.paypal.com/targeting/graphql
IP 151.101.65.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /targeting/graphql HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.paypalobjects.com/
Origin: https://www.paypalobjects.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: f825514bf933d
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Tue, 04 Oct 2022 21:43:29 GMT; HttpOnly; Secure
enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Wed, 04 Oct 2023 12:57:33 GMT; Secure
x-pp-s=eyJ0IjoiMTY2NDg4ODI1MzkxOCIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
nsid=s%3AKxPjG2OiJ1122puUN_0r_97ciCCogvkn.egHRtJH0Vjf8aqa8Za4qOSvPfUKre9rDA47Hl5Hm%2Fec; Path=/; HttpOnly; Secure
l7_az=dcg02.phx; Path=/; Domain=paypal.com; Expires=Tue, 04 Oct 2022 13:27:33 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1759582653%26vteXpYrS%3D1664890053%26vr%3Da312adca1830a7a08ede95bcfec9db4f%26vt%3Da312adca1830a7a08ede95bcfec9db4e%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Fri, 03 Oct 2025 12:57:33 GMT; HttpOnly; Secure
ts_c=vr%3Da312adca1830a7a08ede95bcfec9db4f%26vt%3Da312adca1830a7a08ede95bcfec9db4e; Path=/; Domain=paypal.com; Expires=Fri, 03 Oct 2025 12:57:33 GMT; Secure
traceparent: 00-0000000000000000000f825514bf933d-eb2cf2b55a013794-01
dc: ccg11-origin-www-1.paypal.com
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Tue, 04 Oct 2022 12:57:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11550-HHN, cache-bma1645-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1664888254.813332,VS0,VE193
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
X-Firefox-Spdy: h2
t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A66V5YUBPPYB6G-1&page=muse%3Aoffer%3A%3A%3A66V5YUBPPYB6G-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=7cbd2977-b107-4fbe-8ca3-3acc6e33f808&es=visitorInfoFlowStarted&mrid=66V5YUBPPYB6G&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Chunli%20Black%20Dress%20for%20G3F%20%E2%80%93%20Guhzcoituz&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1664888253302&g=0&completeurl=http%3A%2F%2Fguhzcoituz.com%2Fproduct%2Fchunli-black-dress-for-g3f%2F
151.101.65.35200 OK 42 B URL HTTP/2 t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A66V5YUBPPYB6G-1&page=muse%3Aoffer%3A%3A%3A66V5YUBPPYB6G-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=7cbd2977-b107-4fbe-8ca3-3acc6e33f808&es=visitorInfoFlowStarted&mrid=66V5YUBPPYB6G&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Chunli%20Black%20Dress%20for%20G3F%20%E2%80%93%20Guhzcoituz&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1664888253302&g=0&completeurl=http%3A%2F%2Fguhzcoituz.com%2Fproduct%2Fchunli-black-dress-for-g3f%2F
IP 151.101.65.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4682377ddfbe4e7dabfddb2e543e842
328e472721a93345801ed5533240eac2d1f8498c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
GET /ts?pgrp=muse%3Aoffer%3A%3A%3A66V5YUBPPYB6G-1&page=muse%3Aoffer%3A%3A%3A66V5YUBPPYB6G-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=7cbd2977-b107-4fbe-8ca3-3acc6e33f808&es=visitorInfoFlowStarted&mrid=66V5YUBPPYB6G&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Chunli%20Black%20Dress%20for%20G3F%20%E2%80%93%20Guhzcoituz&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1664888253302&g=0&completeurl=http%3A%2F%2Fguhzcoituz.com%2Fproduct%2Fchunli-black-dress-for-g3f%2F HTTP/1.1
Host: t.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guhzcoituz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
expires: Tue, 04 Oct 2022 12:57:33 GMT
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: eada5b40632ea
pragma: no-cache
set-cookie: ts=vreXpYrS%3D1759582653%26vteXpYrS%3D1664890053%26vr%3Da312addb1830a5b1e9c35412ffffffff%26vt%3Da312addb1830a5b1e9c35412fffffffe; Expires=Sat, 04 Oct 2025 12:57:33 GMT; Domain=.paypal.com; Path=/; Secure; HttpOnly
ts_c=vr%3Da312addb1830a5b1e9c35412ffffffff%26vt%3Da312addb1830a5b1e9c35412fffffffe; Expires=Sat, 04 Oct 2025 12:57:33 GMT; Domain=.paypal.com; Path=/; Secure
traceparent: 00-0000000000000000000eada5b40632ea-7714bafc52ed2d8e-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Tue, 04 Oct 2022 12:57:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11563-HHN, cache-bma1655-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1664888254.803438,VS0,VE204
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 42
X-Firefox-Spdy: h2
guhzcoituz.com/wp-content/uploads/2018/02/Catwoman-main-1-350x350.jpg
198.54.120.179200 OK 22 kB URL HTTP/2 guhzcoituz.com/wp-content/uploads/2018/02/Catwoman-main-1-350x350.jpg
IP 198.54.120.179:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 350x350, components 3\012- data
Hash e68e0f96f6d536b00837bfe2b16e3590
28b319543c17cbaabd5a4395a6f7381e5bd223e0
96434d88b3b2ec99a95c64fbf8c9f3020c5a138d8ecb29ac6970f60cc4c4db92
GET /wp-content/uploads/2018/02/Catwoman-main-1-350x350.jpg HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guhzcoituz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:33 GMT
content-type: image/jpeg
last-modified: Fri, 12 Aug 2022 04:14:27 GMT
accept-ranges: bytes
content-length: 21783
date: Tue, 04 Oct 2022 12:57:33 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
guhzcoituz.com/?wc-ajax=get_refreshed_fragments
198.54.120.179200 OK 210 B URL HTTP/1.1 guhzcoituz.com/?wc-ajax=get_refreshed_fragments
IP 198.54.120.179:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0c97a46508dc677362be2a79fd34feea
bce89aaf991907a16c951cc6a9a8121045374e22
3e799d21e1116a135fcd10c071506f34b99cf79d93b5548199e1376f88b62434
Analyzer Verdict Alert fortinet Phishing
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: http://guhzcoituz.com
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 200 OK
keep-alive: timeout=5, max=100
x-powered-by: PHP/7.4.30
access-control-allow-origin: http://guhzcoituz.com
access-control-allow-credentials: true
x-content-type-options: nosniff
x-robots-tag: noindex
content-type: application/json; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 210
date: Tue, 04 Oct 2022 12:57:34 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
guhzcoituz.com/wp-content/uploads/2020/03/black-widow-main-755x1024-1-350x350.jpg
198.54.120.179200 OK 17 kB URL HTTP/2 guhzcoituz.com/wp-content/uploads/2020/03/black-widow-main-755x1024-1-350x350.jpg
IP 198.54.120.179:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 350x350, components 3\012- data
Hash f3682f330bff23d926d82c71210fa33c
6d7497904268818f9852adc3cceaba6eadbc265f
b814e185b8642e8bda9fa172d285ee8f16a485768c813935ec42fd8968b597a6
GET /wp-content/uploads/2020/03/black-widow-main-755x1024-1-350x350.jpg HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guhzcoituz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:33 GMT
content-type: image/jpeg
last-modified: Fri, 12 Aug 2022 04:14:35 GMT
accept-ranges: bytes
content-length: 16743
date: Tue, 04 Oct 2022 12:57:33 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
guhzcoituz.com/wp-content/uploads/2017/07/gc_bodymorph_for_genesis_3_female_by_guhzcoituz-da05a5b-768x1024-1-350x350.jpg
198.54.120.179200 OK 14 kB URL HTTP/2 guhzcoituz.com/wp-content/uploads/2017/07/gc_bodymorph_for_genesis_3_female_by_guhzcoituz-da05a5b-768x1024-1-350x350.jpg
IP 198.54.120.179:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 350x350, components 3\012- data
Hash 4b8a5da198fe09bee24eb42326228043
e2e7757cff21a55357b818010da8076cb0830cba
58deaca2ed695f4ae41135d462832afd32696f70418c640e051ba027881c7b3b
GET /wp-content/uploads/2017/07/gc_bodymorph_for_genesis_3_female_by_guhzcoituz-da05a5b-768x1024-1-350x350.jpg HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guhzcoituz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:33 GMT
content-type: image/jpeg
last-modified: Fri, 12 Aug 2022 04:14:35 GMT
accept-ranges: bytes
content-length: 13890
date: Tue, 04 Oct 2022 12:57:33 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guhzcoituz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 04 Oct 2022 12:41:09 GMT
expires: Tue, 04 Oct 2022 14:41:09 GMT
cache-control: public, max-age=7200
age: 985
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
guhzcoituz.com/wp-content/uploads/2018/06/helena-SS-768x1097-1-350x350.jpg
198.54.120.179200 OK 23 kB URL HTTP/2 guhzcoituz.com/wp-content/uploads/2018/06/helena-SS-768x1097-1-350x350.jpg
IP 198.54.120.179:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 350x350, components 3\012- data
Hash d70c55d1eda30c92919861ebad5ad413
d0b6d34326b9896bda3836709a644470a6dbed7b
3f70e92ad8c9b73f5b00dd5e1e9fe1140ed807f970a575ffe5cb57aaf5d291bd
GET /wp-content/uploads/2018/06/helena-SS-768x1097-1-350x350.jpg HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guhzcoituz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 11 Oct 2022 12:57:33 GMT
content-type: image/jpeg
last-modified: Fri, 12 Aug 2022 04:14:26 GMT
accept-ranges: bytes
content-length: 23061
date: Tue, 04 Oct 2022 12:57:33 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.paypal.com/targeting/graphql
151.101.65.21200 OK 315 B URL HTTP/2 www.paypal.com/targeting/graphql
IP 151.101.65.21:0
File type JSON data\012- , ASCII text, with very long lines (434)
Hash 8387fb0e89e9074cfc5509933faaf368
c26ce851d088f8552c7574d0b9dba123b291894e
53490ffbb1682224bf806a8e8ca8ad67db4b35365c77d26006dd83b4b9a79b0a
POST /targeting/graphql HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.paypalobjects.com/
Content-Type: application/json
Origin: https://www.paypalobjects.com
Content-Length: 319
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-PU3zbo7Qs3PY+GgYW5HNS8mpj7VjBMNYOmj0LB/EHw2ej/jw' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-type: application/json; charset=utf-8
etag: W/W/"1b3-w2d/5nVniOV2FDJurtPiCUPfhaY"
paypal-debug-id: f825514f6a443
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Tue, 04 Oct 2022 21:43:30 GMT; HttpOnly; Secure
enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Wed, 04 Oct 2023 12:57:34 GMT; Secure
x-pp-s=eyJ0IjoiMTY2NDg4ODI1NDI0OSIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
tsrce=targetingnodeweb; Domain=.paypal.com; Path=/; Expires=Fri, 07 Oct 2022 12:57:34 GMT; HttpOnly; Secure; SameSite=None
nsid=s%3A6NP8x9CrdSDaXmDbQGr71CQPl6XWwnxp.1NPylRKEgxQGIifi%2BTtHGhhOfCyvL61DdQ5TpDvffvs; Path=/; HttpOnly; Secure
l7_az=dcg15.slc; Path=/; Domain=paypal.com; Expires=Tue, 04 Oct 2022 13:27:34 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1759582654%26vteXpYrS%3D1664890054%26vr%3Da312aeac1830a2d0871b5035fef1bea4%26vt%3Da312aeac1830a2d0871b5035fef1bea3%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Fri, 03 Oct 2025 12:57:34 GMT; HttpOnly; Secure
ts_c=vr%3Da312aeac1830a2d0871b5035fef1bea4%26vt%3Da312aeac1830a2d0871b5035fef1bea3; Path=/; Domain=paypal.com; Expires=Fri, 03 Oct 2025 12:57:34 GMT; Secure
traceparent: 00-0000000000000000000f825514f6a443-6f2abe849ca39ec5-01
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
content-encoding: br
date: Tue, 04 Oct 2022 12:57:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4059-HHN, cache-bma1645-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1664888254.017241,VS0,VE331
vary: Accept-Encoding
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
X-Firefox-Spdy: h2
guhzcoituz.com/favicon.ico
198.54.120.179404 Not Found 1.2 kB URL HTTP/1.1 guhzcoituz.com/favicon.ico
IP 198.54.120.179:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /favicon.ico HTTP/1.1
Host: guhzcoituz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guhzcoituz.com/product/chunli-black-dress-for-g3f/
HTTP/1.1 404 Not Found
keep-alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Tue, 04 Oct 2022 12:57:34 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
c.paypal.com/da/r/fb.js
192.229.221.25200 OK 20 kB IP 192.229.221.25:0
File type C source, ASCII text, with very long lines (58758), with no line terminators
Hash 234b5a0a6ae679e24e1e800c5ee27041
89cd42971e9dfcdc302ac360bce7f8e5034bbc75
b341cef0a6a711b115a65b4ff5c1b4357ac9689eca58f4c88dfcf0481a2b75d6
GET /da/r/fb.js HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paypal.com/
Cookie: tsrce=targetingnodeweb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
age: 1018682
cache-control: max-age=86400
content-type: application/javascript
date: Tue, 04 Oct 2022 12:57:35 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "62f2c748-e586"
expires: Wed, 05 Oct 2022 12:57:35 GMT
last-modified: Tue, 09 Aug 2022 20:44:56 GMT
paypal-debug-id: 9aef47e8b50de
server: ECAcc (ska/F6AA)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=2
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000009aef47e8b50de-c4f59dada6a07ccc-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 20053
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6a33d14ec5bb74911f795f48b07d9f81
5be1ead403185a557fd84f6f2cdc826b55c34e98
6d7242b535ef674534ba0754985a3447fcf503da39cf10e4421bdf2671552982
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3202
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:57:35 GMT
Last-Modified: Tue, 04 Oct 2022 12:04:13 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
b.stats.paypal.com/v2/counter.cgi?p=uid_0ffb8b9713_mti6ntc6mzm&s=SMART_PAYMENT_BUTTONS
64.4.245.84302 Found 0 B URL HTTP/1.1 b.stats.paypal.com/v2/counter.cgi?p=uid_0ffb8b9713_mti6ntc6mzm&s=SMART_PAYMENT_BUTTONS
IP 64.4.245.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2/counter.cgi?p=uid_0ffb8b9713_mti6ntc6mzm&s=SMART_PAYMENT_BUTTONS HTTP/1.1
Host: b.stats.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paypal.com/
Cookie: tsrce=targetingnodeweb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 302 Found
Connection: close
Server: PayPal-B.Stats/1.0
Location: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_0ffb8b9713_mti6ntc6mzm&s=SMART_PAYMENT_BUTTONS
Content-Length: 0
Set-Cookie: c=eb1498391c8bbc38ca84; Domain=stats.paypal.com; expires=Mon, 29 Sep 2042 12:57:35 GMT; Path=/
Content-Type: application/octet-stream
Date: Tue, 04 Oct 2022 12:57:35 GMT
c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
192.229.221.25200 OK 141 B URL HTTP/2 c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
IP 192.229.221.25:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f8f705741fe0f162a2dfebba38370665
df8c09ce52d3a5cbda8819e1f2352dd3bc739012
26cb10aeec63b613002b3a7598dac0085b14796111a45dd6d9e78d6169338c3e
GET /v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paypal.com/
Cookie: tsrce=targetingnodeweb
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: f8e1d6925fa65
date: Tue, 04 Oct 2022 12:57:34 GMT
paypal-debug-id: f8e1d6925fa65
server: ECAcc (frc/4CBE)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=195
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000f8e1d6925fa65-90a0948625fe9c7c-01
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 141
X-Firefox-Spdy: h2
c.paypal.com/da/r/fb.js
192.229.221.25304 Not Modified 0 B IP 192.229.221.25:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /da/r/fb.js HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Cookie: tsrce=targetingnodeweb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 09 Aug 2022 20:44:56 GMT
If-None-Match: "62f2c748-e586"
TE: trailers
HTTP/2 304 Not Modified
accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
age: 1018682
cache-control: max-age=86400
date: Tue, 04 Oct 2022 12:57:35 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "62f2c748-e586"
expires: Wed, 05 Oct 2022 12:57:35 GMT
last-modified: Tue, 09 Aug 2022 20:44:56 GMT
paypal-debug-id: 9aef47e8b50de
server: ECAcc (ska/F6AA)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=2
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000009aef47e8b50de-c4f59dada6a07ccc-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
X-Firefox-Spdy: h2
dub.stats.paypal.com/v2/counter2.cgi?p=uid_0ffb8b9713_mti6ntc6mzm&s=SMART_PAYMENT_BUTTONS
64.4.245.84200 OK 42 B URL HTTP/1.1 dub.stats.paypal.com/v2/counter2.cgi?p=uid_0ffb8b9713_mti6ntc6mzm&s=SMART_PAYMENT_BUTTONS
IP 64.4.245.84:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash accba0b69f352b4c9440f05891b015c5
9d01cc5dc8e042c0d4ad6cfb8b3ac38e84a5ef9f
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
GET /v2/counter2.cgi?p=uid_0ffb8b9713_mti6ntc6mzm&s=SMART_PAYMENT_BUTTONS HTTP/1.1
Host: dub.stats.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.paypal.com/
Connection: keep-alive
Cookie: tsrce=targetingnodeweb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Connection: close
Server: PayPal-B.Stats/1.0
Content-Type: image/jpeg
Content-Length: 42
Set-Cookie: c=0b4595901829be8b5a9d; Domain=stats.paypal.com; expires=Mon, 29 Sep 2042 12:57:35 GMT; Path=/
Date: Tue, 04 Oct 2022 12:57:35 GMT
c.paypal.com/v1/r/d/b/p2
192.229.221.25200 OK 125 B IP 192.229.221.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0fe6779cc38ce1813804c96e8489c0f0
3cc797700f4333ea7a268c35a1fd8e5b407b4760
8c036efb9b24f47c86f2ec47f64c826610507ffc576566982e7c9708b780e40f
POST /v1/r/d/b/p2 HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1392
Origin: https://c.paypal.com
Connection: keep-alive
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Cookie: tsrce=targetingnodeweb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json
correlation-id: 9bc365286eb92
date: Tue, 04 Oct 2022 12:57:35 GMT
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 9bc365286eb92
server: ECAcc (frc/4CEE)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=190
set-cookie: sc_f=dcUC1GbtgA7-B_ikP1E3KTakcjK8M6rWszRkNCdEe-mC4T0CTR4jqRG1GwPS1VQ7LSQZO5ePLVEaC3grhqMyh0z7JP1q0urZU7Qfpm;Domain=c.paypal.com;Max-Age=157680000;Path=/;Secure;Version=1;Expires=Sun, 03-Oct-2027 05:57:35 GMT; HttpOnly
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000009bc365286eb92-4fab7130d38ce976-01
content-length: 125
X-Firefox-Spdy: h2
c.paypal.com/v1/r/d/b/p1
192.229.221.25200 OK 125 B IP 192.229.221.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 29dcfa39b8bfdcece8028a78965abaab
07dd2e1aa8132fc46fc516119f637b0306ae49db
543b6ce02b5e79105008ca5d536cf509e5f9c0cbda1752e1f5d054df2c15fdf0
POST /v1/r/d/b/p1 HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 4334
Origin: https://c.paypal.com
Connection: keep-alive
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Cookie: tsrce=targetingnodeweb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json
correlation-id: d1267fb8e6c53
date: Tue, 04 Oct 2022 12:57:35 GMT
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: d1267fb8e6c53
server: ECAcc (frc/4C86)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=216
set-cookie: sc_f=_42LgNRLrv79UOb3T1VA72pqJbxPyNUl8VEE20EmpGrL62ZM1iuZfoPgoYJ-coQn7I9jc7mpBYjXd-KQSiJC65CUBkdF2j5ZISWy-G;Domain=c.paypal.com;Max-Age=157680000;Path=/;Secure;Version=1;Expires=Sun, 03-Oct-2027 05:57:35 GMT; HttpOnly
KHcl0EuY7AKSMgfvHl7J5E7hPtK=o4C7KkvL606jC9l9jvCvLfWq6EfdeFuBhyNtNhgyD_kzO_ff4ODZVl980H8nUHC2SUJqfyUS1rT3B18G;Domain=.paypal.com;Max-Age=630720000;Path=/;Secure;Version=1;Expires=Mon, 29-Sep-2042 05:57:35 GMT; HttpOnly
l7_az=dcg01.phx; Path=/; Domain=paypal.com; Expires=Tue, 04 Oct 2022 13:27:35 GMT; HttpOnly; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000d1267fb8e6c53-900f2676e039af53-01
content-length: 125
X-Firefox-Spdy: h2
www.paypal.com/xoplatform/logger/api/logger
151.101.65.21200 OK 642 B URL HTTP/2 www.paypal.com/xoplatform/logger/api/logger
IP 151.101.65.21:0
File type JSON data\012- , ASCII text, with very long lines (1008), with no line terminators
Hash b8ac0d2831089353ebdf0c1bb94cc43e
ecad481a0fe9b6e26e0e1688a517a400aebede24
9cd80a0509cd9430ef825b9adfe354566fa27178cef58b03fbe1f5b21993435f
POST /xoplatform/logger/api/logger HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 8200
Origin: https://www.paypal.com
Connection: keep-alive
Referer: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=true&style.menuPlacement=below&sdkVersion=5.0.334&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVFoUUpUbXJpZkUzY2JkVEpYWF9YdjcyVmxOQkgtSldTUVMwYmlTTERIUVZlOVFNYU02SXc3VWV6UXh2NWgtWjdBLWNycEtTdjJiUEdMNFImY3VycmVuY3k9VVNEJmludGVncmF0aW9uLWRhdGU9MjAyMi0wNC0xMyZjb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZ2YXVsdD1mYWxzZSZjb21taXQ9ZmFsc2UmaW50ZW50PWNhcHR1cmUmZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0JmVuYWJsZS1mdW5kaW5nPXZlbm1vIiwiYXR0cnMiOnsiZGF0YS1wYXJ0bmVyLWF0dHJpYnV0aW9uLWlkIjoiV29vX1BQQ1AiLCJkYXRhLXVpZCI6InVpZF9tc3lpYWt1aW1jbWJodmhtYW1raGRuZnljZ3dyaHcifX0&clientID=AQhQJTmrifE3cbdTJXX_Xv72VlNBH-JWSQS0biSLDHQVe9QMaM6Iw7UezQxv5h-Z7A-crpKSv2bPGL4R&sdkCorrelationID=06273676aa688&storageID=uid_4ad9cd5340_mti6ntc6mzm&sessionID=uid_0ffb8b9713_mti6ntc6mzm&buttonSessionID=uid_77c3ec1264_mti6ntc6mzm&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase¤cy=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&disableFunding.0=card&disableFunding.1=credit&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Cookie: tsrce=targetingnodeweb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json; charset=utf-8
etag: W/W/"3f0-bIMj7opazwcOVLNSJSr3J3NwScw"
paypal-debug-id: f940238479ea0
set-cookie: enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Wed, 04 Oct 2023 12:57:35 GMT; Secure
LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Tue, 04 Oct 2022 21:43:31 GMT; HttpOnly; Secure
tsrce=loggernodeweb; Max-Age=259199; Domain=.paypal.com; Path=/; Expires=Fri, 07 Oct 2022 12:57:34 GMT; HttpOnly; Secure
x-pp-s=eyJ0IjoiMTY2NDg4ODI1NTIxNSIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
l7_az=dcg13.slc; Path=/; Domain=paypal.com; Expires=Tue, 04 Oct 2022 13:27:35 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1759582655%26vteXpYrS%3D1664890055%26vr%3Da312b2d61830ad0088b7d9cafebede32%26vt%3Da312b2d61830ad0088b7d9cafebede31%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Fri, 03 Oct 2025 12:57:35 GMT; HttpOnly; Secure
ts_c=vr%3Da312b2d61830ad0088b7d9cafebede32%26vt%3Da312b2d61830ad0088b7d9cafebede31; Path=/; Domain=paypal.com; Expires=Fri, 03 Oct 2025 12:57:35 GMT; Secure
traceparent: 00-0000000000000000000f940238479ea0-2a78a052170bd0e4-01
x-content-type-options: nosniff
dc: ccg11-origin-www-1.paypal.com
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
content-encoding: br
date: Tue, 04 Oct 2022 12:57:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4064-HHN, cache-bma1645-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1664888255.086921,VS0,VE208
vary: Accept-Encoding
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
X-Firefox-Spdy: h2
www.paypal.com/xoplatform/logger/api/logger
151.101.65.21200 OK 0 B URL HTTP/2 www.paypal.com/xoplatform/logger/api/logger
IP 151.101.65.21:0
POST /xoplatform/logger/api/logger HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1454
Origin: http://guhzcoituz.com
Connection: keep-alive
Referer: http://guhzcoituz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: http://guhzcoituz.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json; charset=utf-8
etag: W/W/"3f8-9hhMIrYNPgcdB6FXD64DPyQS5LA"
paypal-debug-id: f94023879a52a
set-cookie: enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Wed, 04 Oct 2023 12:57:35 GMT; Secure
LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Tue, 04 Oct 2022 21:43:31 GMT; HttpOnly; Secure
tsrce=loggernodeweb; Max-Age=259199; Domain=.paypal.com; Path=/; Expires=Fri, 07 Oct 2022 12:57:34 GMT; HttpOnly; Secure
x-pp-s=eyJ0IjoiMTY2NDg4ODI1NTU5OCIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
l7_az=dcg01.phx; Path=/; Domain=paypal.com; Expires=Tue, 04 Oct 2022 13:27:35 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1759582655%26vteXpYrS%3D1664890055%26vr%3Da312b4541830a2d1f3ed558cfeefe17e%26vt%3Da312b4541830a2d1f3ed558cfeefe17d%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Fri, 03 Oct 2025 12:57:35 GMT; HttpOnly; Secure
ts_c=vr%3Da312b4541830a2d1f3ed558cfeefe17e%26vt%3Da312b4541830a2d1f3ed558cfeefe17d; Path=/; Domain=paypal.com; Expires=Fri, 03 Oct 2025 12:57:35 GMT; Secure
traceparent: 00-0000000000000000000f94023879a52a-274a890583178561-01
x-content-type-options: nosniff
dc: ccg11-origin-www-1.paypal.com
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
content-encoding: br
date: Tue, 04 Oct 2022 12:57:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11559-HHN, cache-bma1645-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1664888255.482411,VS0,VE209
vary: Accept-Encoding
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
X-Firefox-Spdy: h2
www.paypal.com/xoplatform/logger/api/logger
151.101.65.21200 OK 0 B URL HTTP/2 www.paypal.com/xoplatform/logger/api/logger
IP 151.101.65.21:0
POST /xoplatform/logger/api/logger HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1448
Origin: https://www.paypal.com
Connection: keep-alive
Referer: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=true&style.menuPlacement=below&sdkVersion=5.0.334&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVFoUUpUbXJpZkUzY2JkVEpYWF9YdjcyVmxOQkgtSldTUVMwYmlTTERIUVZlOVFNYU02SXc3VWV6UXh2NWgtWjdBLWNycEtTdjJiUEdMNFImY3VycmVuY3k9VVNEJmludGVncmF0aW9uLWRhdGU9MjAyMi0wNC0xMyZjb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZ2YXVsdD1mYWxzZSZjb21taXQ9ZmFsc2UmaW50ZW50PWNhcHR1cmUmZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0JmVuYWJsZS1mdW5kaW5nPXZlbm1vIiwiYXR0cnMiOnsiZGF0YS1wYXJ0bmVyLWF0dHJpYnV0aW9uLWlkIjoiV29vX1BQQ1AiLCJkYXRhLXVpZCI6InVpZF9tc3lpYWt1aW1jbWJodmhtYW1raGRuZnljZ3dyaHcifX0&clientID=AQhQJTmrifE3cbdTJXX_Xv72VlNBH-JWSQS0biSLDHQVe9QMaM6Iw7UezQxv5h-Z7A-crpKSv2bPGL4R&sdkCorrelationID=06273676aa688&storageID=uid_4ad9cd5340_mti6ntc6mzm&sessionID=uid_0ffb8b9713_mti6ntc6mzm&buttonSessionID=uid_77c3ec1264_mti6ntc6mzm&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase¤cy=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&disableFunding.0=card&disableFunding.1=credit&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Cookie: tsrce=targetingnodeweb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json; charset=utf-8
etag: W/W/"3fb-Lx6rJ2Lai8kSJsXU4GzHY4ezgIk"
paypal-debug-id: f94023895c0bf
set-cookie: enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Wed, 04 Oct 2023 12:57:35 GMT; Secure
LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Tue, 04 Oct 2022 21:43:31 GMT; HttpOnly; Secure
tsrce=loggernodeweb; Max-Age=259199; Domain=.paypal.com; Path=/; Expires=Fri, 07 Oct 2022 12:57:34 GMT; HttpOnly; Secure
x-pp-s=eyJ0IjoiMTY2NDg4ODI1NTYwNCIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
l7_az=dcg15.slc; Path=/; Domain=paypal.com; Expires=Tue, 04 Oct 2022 13:27:35 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1759582655%26vteXpYrS%3D1664890055%26vr%3Da312b4541830a7a85ab39f63fec9a778%26vt%3Da312b4541830a7a85ab39f63fec9a777%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Fri, 03 Oct 2025 12:57:35 GMT; HttpOnly; Secure
ts_c=vr%3Da312b4541830a7a85ab39f63fec9a778%26vt%3Da312b4541830a7a85ab39f63fec9a777; Path=/; Domain=paypal.com; Expires=Fri, 03 Oct 2025 12:57:35 GMT; Secure
traceparent: 00-0000000000000000000f94023895c0bf-8e58ec54a49e9cde-01
x-content-type-options: nosniff
dc: ccg11-origin-www-1.paypal.com
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
content-encoding: br
date: Tue, 04 Oct 2022 12:57:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4074-HHN, cache-bma1645-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1664888255.483719,VS0,VE209
vary: Accept-Encoding
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2
IP 142.250.74.10:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guhzcoituz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 12:57:30 GMT
date: Tue, 04 Oct 2022 12:57:30 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
saskmade.net/foot.js?ver=2.0.0
172.67.151.247404 Not Found 0 B URL HTTP/2 saskmade.net/foot.js?ver=2.0.0
IP 172.67.151.247:0
Analyzer Verdict Alert quad9 Sinkholed
GET /foot.js?ver=2.0.0 HTTP/1.1
Host: saskmade.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guhzcoituz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Tue, 04 Oct 2022 12:57:30 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
link: <https://saskmade.net/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I4ocz7z0lP%2FJgt6TOonc1sKdKvhQ18RoIc0V0OIQEvJsUbROAPJmQGtXd9I31diSedXyGQ2MLKHzDknxry0QK9jyJAF%2FCw5cAPG3ADd%2F2I2q%2FMHb0nY83%2F%2Bw3ixT%2Fk8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754e156d88120b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.paypal.com/xoplatform/logger/api/logger
151.101.65.21200 OK 0 B URL HTTP/2 www.paypal.com/xoplatform/logger/api/logger
IP 151.101.65.21:0
OPTIONS /xoplatform/logger/api/logger HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://guhzcoituz.com/
Origin: http://guhzcoituz.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: http://guhzcoituz.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: f8255146b5a52
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Tue, 04 Oct 2022 21:43:29 GMT; HttpOnly; Secure
enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Wed, 04 Oct 2023 12:57:33 GMT; Secure
x-pp-s=eyJ0IjoiMTY2NDg4ODI1MzgyMSIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
tsrce=loggernodeweb; Domain=.paypal.com; Path=/; Expires=Fri, 07 Oct 2022 12:57:33 GMT; HttpOnly; Secure; SameSite=None
l7_az=dcg01.phx; Path=/; Domain=paypal.com; Expires=Tue, 04 Oct 2022 13:27:33 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1759582653%26vteXpYrS%3D1664890053%26vr%3Da312ad5d1830a2d1f1a7c4f7feeb5984%26vt%3Da312ad5d1830a2d1f1a7c4f7feeb5983%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Fri, 03 Oct 2025 12:57:33 GMT; HttpOnly; Secure
ts_c=vr%3Da312ad5d1830a2d1f1a7c4f7feeb5984%26vt%3Da312ad5d1830a2d1f1a7c4f7feeb5983; Path=/; Domain=paypal.com; Expires=Fri, 03 Oct 2025 12:57:33 GMT; Secure
traceparent: 00-0000000000000000000f8255146b5a52-b1911a79acac8a7f-01
x-content-type-options: nosniff
dc: ccg11-origin-www-1.paypal.com
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Tue, 04 Oct 2022 12:57:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11567-HHN, cache-bma1645-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1664888254.701697,VS0,VE225
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
X-Firefox-Spdy: h2
www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=true&style.menuPlacement=below&sdkVersion=5.0.334&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVFoUUpUbXJpZkUzY2JkVEpYWF9YdjcyVmxOQkgtSldTUVMwYmlTTERIUVZlOVFNYU02SXc3VWV6UXh2NWgtWjdBLWNycEtTdjJiUEdMNFImY3VycmVuY3k9VVNEJmludGVncmF0aW9uLWRhdGU9MjAyMi0wNC0xMyZjb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZ2YXVsdD1mYWxzZSZjb21taXQ9ZmFsc2UmaW50ZW50PWNhcHR1cmUmZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0JmVuYWJsZS1mdW5kaW5nPXZlbm1vIiwiYXR0cnMiOnsiZGF0YS1wYXJ0bmVyLWF0dHJpYnV0aW9uLWlkIjoiV29vX1BQQ1AiLCJkYXRhLXVpZCI6InVpZF9tc3lpYWt1aW1jbWJodmhtYW1raGRuZnljZ3dyaHcifX0&clientID=AQhQJTmrifE3cbdTJXX_Xv72VlNBH-JWSQS0biSLDHQVe9QMaM6Iw7UezQxv5h-Z7A-crpKSv2bPGL4R&sdkCorrelationID=06273676aa688&storageID=uid_4ad9cd5340_mti6ntc6mzm&sessionID=uid_0ffb8b9713_mti6ntc6mzm&buttonSessionID=uid_77c3ec1264_mti6ntc6mzm&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase¤cy=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&disableFunding.0=card&disableFunding.1=credit&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
151.101.65.21200 OK 0 B URL HTTP/2 www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=true&style.menuPlacement=below&sdkVersion=5.0.334&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVFoUUpUbXJpZkUzY2JkVEpYWF9YdjcyVmxOQkgtSldTUVMwYmlTTERIUVZlOVFNYU02SXc3VWV6UXh2NWgtWjdBLWNycEtTdjJiUEdMNFImY3VycmVuY3k9VVNEJmludGVncmF0aW9uLWRhdGU9MjAyMi0wNC0xMyZjb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZ2YXVsdD1mYWxzZSZjb21taXQ9ZmFsc2UmaW50ZW50PWNhcHR1cmUmZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0JmVuYWJsZS1mdW5kaW5nPXZlbm1vIiwiYXR0cnMiOnsiZGF0YS1wYXJ0bmVyLWF0dHJpYnV0aW9uLWlkIjoiV29vX1BQQ1AiLCJkYXRhLXVpZCI6InVpZF9tc3lpYWt1aW1jbWJodmhtYW1raGRuZnljZ3dyaHcifX0&clientID=AQhQJTmrifE3cbdTJXX_Xv72VlNBH-JWSQS0biSLDHQVe9QMaM6Iw7UezQxv5h-Z7A-crpKSv2bPGL4R&sdkCorrelationID=06273676aa688&storageID=uid_4ad9cd5340_mti6ntc6mzm&sessionID=uid_0ffb8b9713_mti6ntc6mzm&buttonSessionID=uid_77c3ec1264_mti6ntc6mzm&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase¤cy=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&disableFunding.0=card&disableFunding.1=credit&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
IP 151.101.65.21:0
GET /smart/buttons?style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=true&style.menuPlacement=below&sdkVersion=5.0.334&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVFoUUpUbXJpZkUzY2JkVEpYWF9YdjcyVmxOQkgtSldTUVMwYmlTTERIUVZlOVFNYU02SXc3VWV6UXh2NWgtWjdBLWNycEtTdjJiUEdMNFImY3VycmVuY3k9VVNEJmludGVncmF0aW9uLWRhdGU9MjAyMi0wNC0xMyZjb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZ2YXVsdD1mYWxzZSZjb21taXQ9ZmFsc2UmaW50ZW50PWNhcHR1cmUmZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0JmVuYWJsZS1mdW5kaW5nPXZlbm1vIiwiYXR0cnMiOnsiZGF0YS1wYXJ0bmVyLWF0dHJpYnV0aW9uLWlkIjoiV29vX1BQQ1AiLCJkYXRhLXVpZCI6InVpZF9tc3lpYWt1aW1jbWJodmhtYW1raGRuZnljZ3dyaHcifX0&clientID=AQhQJTmrifE3cbdTJXX_Xv72VlNBH-JWSQS0biSLDHQVe9QMaM6Iw7UezQxv5h-Z7A-crpKSv2bPGL4R&sdkCorrelationID=06273676aa688&storageID=uid_4ad9cd5340_mti6ntc6mzm&sessionID=uid_0ffb8b9713_mti6ntc6mzm&buttonSessionID=uid_77c3ec1264_mti6ntc6mzm&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase¤cy=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&disableFunding.0=card&disableFunding.1=credit&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guhzcoituz.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
etag: W/W/"651c0-Mvar6wBMIkqMuXwDBHLiXZ9QBZk"
p3p: true
paypal-debug-id: f825514ba017f
set-cookie: tsrce=smartcomponentnodeweb; Domain=.paypal.com; Path=/; Expires=Fri, 07 Oct 2022 12:57:33 GMT; HttpOnly; Secure; SameSite=None
l7_az=dcg14.slc; Path=/; Domain=paypal.com; Expires=Tue, 04 Oct 2022 13:27:33 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1759582653%26vteXpYrS%3D1664890053%26vr%3Da312ad631830a1d6770c5cd5fee753ac%26vt%3Da312ad631830a1d6770c5cd5fee753ab%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Fri, 03 Oct 2025 12:57:33 GMT; HttpOnly; Secure
ts_c=vr%3Da312ad631830a1d6770c5cd5fee753ac%26vt%3Da312ad631830a1d6770c5cd5fee753ab; Path=/; Domain=paypal.com; Expires=Fri, 03 Oct 2025 12:57:33 GMT; Secure
traceparent: 00-0000000000000000000f825514ba017f-8ab87fd83c09664d-01
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
content-encoding: br
date: Tue, 04 Oct 2022 12:57:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11542-HHN, cache-bma1645-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1664888254.683857,VS0,VE374
vary: Accept-Encoding
server-timing: "traceparent;desc="00-0000000000000000000f825514ba017f-a9a396cf05fe0128-01"";content-encoding;desc="br",x-cdn;desc="fastly"
X-Firefox-Spdy: h2
www.paypal.com/xoplatform/logger/api/logger
151.101.65.21200 OK 0 B URL HTTP/2 www.paypal.com/xoplatform/logger/api/logger
IP 151.101.65.21:0
POST /xoplatform/logger/api/logger HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 9827
Origin: http://guhzcoituz.com
Connection: keep-alive
Referer: http://guhzcoituz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: http://guhzcoituz.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json; charset=utf-8
etag: W/W/"3fa-p195TjOPFDvVPHaCKRqwQhB7z6s"
paypal-debug-id: f825514c98213
set-cookie: enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Wed, 04 Oct 2023 12:57:34 GMT; Secure
LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Tue, 04 Oct 2022 21:43:30 GMT; HttpOnly; Secure
tsrce=loggernodeweb; Max-Age=259199; Domain=.paypal.com; Path=/; Expires=Fri, 07 Oct 2022 12:57:33 GMT; HttpOnly; Secure
x-pp-s=eyJ0IjoiMTY2NDg4ODI1NDA3OSIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
l7_az=dcg15.slc; Path=/; Domain=paypal.com; Expires=Tue, 04 Oct 2022 13:27:34 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1759582654%26vteXpYrS%3D1664890054%26vr%3Da312ae501830a1d676cfeab3feec323e%26vt%3Da312ae501830a1d676cfeab3feec323d%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Fri, 03 Oct 2025 12:57:34 GMT; HttpOnly; Secure
ts_c=vr%3Da312ae501830a1d676cfeab3feec323e%26vt%3Da312ae501830a1d676cfeab3feec323d; Path=/; Domain=paypal.com; Expires=Fri, 03 Oct 2025 12:57:34 GMT; Secure
traceparent: 00-0000000000000000000f825514c98213-1ecc2ecc68d45e81-01
x-content-type-options: nosniff
dc: ccg11-origin-www-1.paypal.com
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
content-encoding: br
date: Tue, 04 Oct 2022 12:57:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11544-HHN, cache-bma1645-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1664888254.938671,VS0,VE238
vary: Accept-Encoding
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
X-Firefox-Spdy: h2