r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12168
Expires: Fri, 02 Dec 2022 08:29:30 GMT
Date: Fri, 02 Dec 2022 05:06:42 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3886
Cache-Control: max-age=109756
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 05:06:42 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 11:35:58 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 04:19:50 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2812
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9908
Expires: Fri, 02 Dec 2022 07:51:50 GMT
Date: Fri, 02 Dec 2022 05:06:42 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8KwTON6t6j/x6gEy3RRu0GPwbRHbwAdqdmgAyPtm+SyAltCc87kZ2LjV/A07EuALUI5J627cNps=
x-amz-request-id: 059N1NBDV9W536P0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 04:45:58 GMT
age: 1244
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
tagdem.com.sa/
162.55.2.253200 OK 51 kB IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (342), with CRLF, LF line terminators
Hash 33a8c92e68db289454fc4a42d245b4c6
ab188582533bf0bee873b6e7385a7be5a0c5f327
4e2c02b6c45f3909c10a72f5845841527444f632c6bce140484be3322df98d6f
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; path=/; HttpOnly
default=d3220607be6dcf321b70ac0ef95e85d5; path=/; HttpOnly
language=ar; expires=Sun, 01-Jan-2023 05:06:42 GMT; Max-Age=2592000; path=/; domain=tagdem.com.sa
currency=SAR; expires=Sun, 01-Jan-2023 05:06:42 GMT; Max-Age=2592000; path=/; domain=tagdem.com.sa
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 05:06:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
tagdem.com.sa/catalog/view/theme/default/assets/js/lib/bootstrap.min.js
162.55.2.253200 OK 39 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/assets/js/lib/bootstrap.min.js
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (32033)
Hash aa1e8d3335720dae1cd87247e5e6096f
8e20c22df2f7fd41920354868b2ab934454594fe
e8e31d81c5a1df452aa1638025959424937009ab61a6c8bbce058c5ead801d21
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/theme/default/assets/js/lib/bootstrap.min.js HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 16 Feb 2021 15:40:08 GMT
Accept-Ranges: bytes
Content-Length: 38841
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
tagdem.com.sa/catalog/view/theme/default/stylesheet/quickcheckout.css
162.55.2.253200 OK 2.5 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/stylesheet/quickcheckout.css
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type troff or preprocessor input text\012- assembler source, ASCII text, with CRLF line terminators
Hash 195e8ca589af769fd7458856d164e6ed
9e031952b4efd6a630c348aaa25355a3ab67ea9b
b4f3c5568756a0fa2eea69280d811097d5e1f584fba14e058b850c8acd985173
GET /catalog/view/theme/default/stylesheet/quickcheckout.css HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 19 May 2021 08:42:24 GMT
Accept-Ranges: bytes
Content-Length: 2505
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
tagdem.com.sa/catalog/view/theme/default/assets/js/lib/wow.min.js
162.55.2.253200 OK 10 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/assets/js/lib/wow.min.js
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (9895)
Hash 8077fc59583445982fc388c73cf3fb30
bef31961592aa5277c6a789e1a3c29734a266257
b4711f1b72ff794baa2ceee602046fb34f181a3a0cca5f3afdf5caceb89a8abf
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/theme/default/assets/js/lib/wow.min.js HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 04 Oct 2016 17:29:14 GMT
Accept-Ranges: bytes
Content-Length: 9951
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
tagdem.com.sa/catalog/view/theme/default/assets/js/lib/jquery.bez.js
162.55.2.253200 OK 3.8 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/assets/js/lib/jquery.bez.js
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1796)
Hash cb07bcd2ce26068b4403b01e327bb4a8
c778c4b73a9f574d1ede7701e8369a10462a6e29
5e25efa2e66e49ac05d00e7c6641327f8f728be5cd3af97a6ca94276844774aa
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/theme/default/assets/js/lib/jquery.bez.js HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 18 Feb 2021 16:38:40 GMT
Accept-Ranges: bytes
Content-Length: 3798
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
tagdem.com.sa/catalog/view/theme/default/assets/js/lib/bootstrap-select.min.js
162.55.2.253200 OK 35 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/assets/js/lib/bootstrap-select.min.js
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (32004)
Hash 076e5e38cd5a59b9907b3178e2320a89
a3281c2379c6d30df507edf63bccc19285e70b40
4de481cad969a23edff461644c88666b722317915b1933b9c5132f3bea524b1d
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/theme/default/assets/js/lib/bootstrap-select.min.js HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Mon, 01 Oct 2018 13:45:18 GMT
Accept-Ranges: bytes
Content-Length: 35175
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
tagdem.com.sa/catalog/view/theme/default/assets/js/lib/jquery-2.1.1.min.js
162.55.2.253200 OK 86 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/assets/js/lib/jquery-2.1.1.min.js
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (32061)
Hash 5a0ae19254cbf7205a6e4514e3e7c184
65a5263f719ceab18fd3fdda7e28283c9d56cf59
d18dcb96e0b48215b8e07290c3d110091b8ea5733e800ee73d1949a14494722f
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/theme/default/assets/js/lib/jquery-2.1.1.min.js HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 11 Jun 2020 21:55:06 GMT
Accept-Ranges: bytes
Content-Length: 86041
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
tagdem.com.sa/catalog/view/javascript/jquery/quickcheckout/bootstrap-datetimepicker.min.css
162.55.2.253200 OK 7.8 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/javascript/jquery/quickcheckout/bootstrap-datetimepicker.min.css
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (7655), with CRLF line terminators
Hash 3fde88619222e012ff01e47e9f2b7725
fd972eb9115f52a00edcf6354ce44fcee48ce986
673f392d2ff5f8dfca21c26ccbd9b87b72c68de57fcbb555a5b94cd53fff947c
GET /catalog/view/javascript/jquery/quickcheckout/bootstrap-datetimepicker.min.css HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 19 May 2021 08:42:24 GMT
Accept-Ranges: bytes
Content-Length: 7775
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
tagdem.com.sa/catalog/view/theme/default/assets/js/lib/pace.js
162.55.2.253200 OK 28 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/assets/js/lib/pace.js
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1796)
Hash c633f9af52b94e10e0d682a8586ed24b
ff603df5c50de4ffc1c06ee9867e9ebbe1c5d05a
65016a78f5600457528d749bfcb769fb024eea777b6a8eabf63526c008e71686
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/theme/default/assets/js/lib/pace.js HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 13 Jun 2019 02:28:26 GMT
Accept-Ranges: bytes
Content-Length: 28364
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
tagdem.com.sa/catalog/view/theme/default/assets/js/main.js
162.55.2.253200 OK 16 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/assets/js/main.js
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1799), with CRLF line terminators
Hash b13dcd15859ea56c16cbaa16f4ace323
3d753a2b32434c685e7283dfb62e2e19a2ec2441
381db81974851ac2f53e06375cf5d51d46ce8bec9716fc48bb799b0b7e4b8ff4
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/theme/default/assets/js/main.js HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Mon, 29 Mar 2021 14:22:29 GMT
Accept-Ranges: bytes
Content-Length: 15574
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
tagdem.com.sa/catalog/view/theme/default/assets/js/lib/jquery.fancybox.min.js
162.55.2.253200 OK 70 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/assets/js/lib/jquery.fancybox.min.js
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with very long lines (31972), with CRLF line terminators
Hash 7daaab5a7202912c75f9018c0e853efb
0cd63b5e5fd817c1611f0d5c8e2c3ac1b1a9f359
aa028ee3e2717b2cbeba5e69c75dc059ac9a132ddc1f9c6c9bf9beeedfbf04ed
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/theme/default/assets/js/lib/jquery.fancybox.min.js HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 23 Mar 2021 16:04:11 GMT
Accept-Ranges: bytes
Content-Length: 70064
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
tagdem.com.sa/catalog/view/javascript/common.js
162.55.2.253200 OK 16 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/javascript/common.js
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (1814), with CRLF line terminators
Hash 167ee841ab57245a262891652d46a7e8
19f7708b215ba96a7980858b4b66f7facbec7610
8ac4a019f2642ca04478e949a85062fa1c10e3cbd939df62dcbce0c81871a280
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/javascript/common.js HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Sat, 13 Mar 2021 06:15:56 GMT
Accept-Ranges: bytes
Content-Length: 15938
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
tagdem.com.sa/catalog/view/javascript/jquery/quickcheckout/quickcheckout.js
162.55.2.253200 OK 3.1 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/javascript/jquery/quickcheckout/quickcheckout.js
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1797), with CRLF line terminators
Hash b2c2a6eb1862f0d2e6d6f917b4b03e54
3313a5c714f2733efab1ecf7627e10069e2031c3
57a85584fb704bcb4db6964751086009cca92338af3fe0fb9311be454b45b14a
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/javascript/jquery/quickcheckout/quickcheckout.js HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 19 May 2021 08:42:24 GMT
Accept-Ranges: bytes
Content-Length: 3135
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
w7.pngwing.com/pngs/728/671/png-transparent-logo-mastercard-font-gif-mastercard.png
172.67.186.206200 OK 12 kB URL HTTP/2 w7.pngwing.com/pngs/728/671/png-transparent-logo-mastercard-font-gif-mastercard.png
IP 172.67.186.206:0
File type PNG image data, 920 x 483, 4-bit colormap, non-interlaced\012- data
Hash 69ed601efab373685894e156cfdbaadf
7120ac385be6c5d63623fad6d870b1cda0cf13b9
df415399a21606a028a0559a1c7673d20d7ed6bc872a944af383a09cbaf0c9da
GET /pngs/728/671/png-transparent-logo-mastercard-font-gif-mastercard.png HTTP/1.1
Host: w7.pngwing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tagdem.com.sa/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 05:06:42 GMT
content-type: image/png
content-length: 12469
last-modified: Sat, 06 Jun 2020 17:46:18 GMT
etag: "5edbd66a-30b5"
expires: Mon, 27 Nov 2023 05:06:42 GMT
cache-control: max-age=31104000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qY9QsXN4ZDoArq2DBFjX0fGeayuhPkF0W6wydJWvUmzIvcol95LiEqfCrokimrCA5eLx9UkA%2B4aIlbKivObFeOrpepn%2FtqrDP0QqQbBooYk35vxTYK7EBWnz88QBKwn4SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773188e8fb040b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tagdem.com.sa/catalog/view/javascript/jquery/quickcheckout/quickcheckout.block.js
162.55.2.253200 OK 22 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/javascript/jquery/quickcheckout/quickcheckout.block.js
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1801), with CRLF line terminators
Hash 310961f1d81863713529fdf449eb2725
c6fd11207e637e77365489f986f1f24b87e24cc5
19ce592ba6d4dde75fe6958f49310d30c9b3030a3e0c991ee0f6d0bffe5a8d8d
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/javascript/jquery/quickcheckout/quickcheckout.block.js HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 19 May 2021 08:42:24 GMT
Accept-Ranges: bytes
Content-Length: 22323
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
tagdem.com.sa/catalog/view/javascript/jquery/datetimepicker/moment.js
162.55.2.253200 OK 97 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/javascript/jquery/datetimepicker/moment.js
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash bfed500d95116bbe9164833f6d623227
ee1b77e0365efaf43a96f658bde5a985b1e83949
52a22847f7f58794fa838ecace0ea5d34832099b928539ad4ffcd7b6b7391afd
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/javascript/jquery/datetimepicker/moment.js HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Mon, 01 Oct 2018 13:45:46 GMT
Accept-Ranges: bytes
Content-Length: 97395
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
tagdem.com.sa/catalog/view/theme/default/assets/css/lib/all.min.css
162.55.2.253200 OK 59 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/assets/css/lib/all.min.css
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (58911)
Hash 91c0743cf8cc18a5540794497bc16d7e
1ddc3c2238bed9bec9a696a30bf73918d5413e57
8eccfa6c3c81eae4210e6439680bb5bc54d1ee923d51427d5d2f9f1920ffead2
GET /catalog/view/theme/default/assets/css/lib/all.min.css HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 13 Aug 2020 15:55:00 GMT
Accept-Ranges: bytes
Content-Length: 59097
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
tagdem.com.sa/catalog/view/theme/default/assets/css/lib/bootstrap-rtl.min.css
162.55.2.253200 OK 25 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/assets/css/lib/bootstrap-rtl.min.css
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (24529)
Hash 8e59c9a11c4dbc6fe754490d7e648bca
c124c2284060a2e47d62858c82ab0146f135599a
41a4650481e83752c89317b3896df89e49ce56b09ab272c963a7ac7f795dbfe9
GET /catalog/view/theme/default/assets/css/lib/bootstrap-rtl.min.css HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 16 Feb 2021 16:32:54 GMT
Accept-Ranges: bytes
Content-Length: 24903
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
tagdem.com.sa/catalog/view/theme/default/assets/css/lib/bootstrap.css
162.55.2.253200 OK 146 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/assets/css/lib/bootstrap.css
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (540)
Size 146 kB (146010 bytes)
Hash 2a31dca112f26923b51676cb764c58d5
f597f59f955cda06e5d7a79342d9e0c22b5ec6d2
7e630d90c7234b0df1729f62b8f9e4bbfaf293d91a5a0ac46df25f2a6759e39a
GET /catalog/view/theme/default/assets/css/lib/bootstrap.css HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 11 Jun 2020 21:55:06 GMT
Accept-Ranges: bytes
Content-Length: 146010
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
tagdem.com.sa/catalog/view/theme/default/assets/js/lib/gsap.min.js
162.55.2.253200 OK 58 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/assets/js/lib/gsap.min.js
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (56420)
Hash 3de9cfd3802acfc79da81d3a7b8df90e
29814c07d3b3d5be4ada397d07ea22cc5acfec69
3a7d3e93c2d3ade023d03e40e79ad1433acad9d40a835d3f8ebf1c2fad139c2d
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/theme/default/assets/js/lib/gsap.min.js HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 04 Mar 2021 17:40:18 GMT
Accept-Ranges: bytes
Content-Length: 58549
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
tagdem.com.sa/catalog/view/theme/default/assets/css/lib/owl.carousel.min.css
162.55.2.253200 OK 3.4 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/assets/css/lib/owl.carousel.min.css
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (3184)
Hash b2752a850d44f50036628eeaef3bfcfa
fba46353cf90450ef3d362a123f1e7af3e8c561e
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
GET /catalog/view/theme/default/assets/css/lib/owl.carousel.min.css HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 20 Apr 2018 19:22:10 GMT
Accept-Ranges: bytes
Content-Length: 3351
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
tagdem.com.sa/catalog/view/javascript/jquery/quickcheckout/bootstrap-datetimepicker.min.js
162.55.2.253200 OK 40 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/javascript/jquery/quickcheckout/bootstrap-datetimepicker.min.js
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with very long lines (32010), with CRLF line terminators
Hash b6494d9fd3e9ed26d6559eb3dacd3132
20e59166b846cc0effb677f94f0b5388e3bc664f
3b466a0714b8fbb78b42e49fe80e695b38d8aa188a5eb327229dc2535ae2cc03
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/javascript/jquery/quickcheckout/bootstrap-datetimepicker.min.js HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 19 May 2021 08:42:24 GMT
Accept-Ranges: bytes
Content-Length: 39759
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
tagdem.com.sa/catalog/view/theme/default/assets/css/lib/stylesheet-a.css
162.55.2.253200 OK 27 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/assets/css/lib/stylesheet-a.css
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (529), with CRLF line terminators
Hash 2d700efe9bc8efbccc0ce10b2011427f
306dc4544ff215c58697c3c8553d5ecefe4e9a7d
c55cab61fb95e2d9517fe233d90fb8bdcde56778a43512627d66718626dc1c3d
GET /catalog/view/theme/default/assets/css/lib/stylesheet-a.css HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 16 Dec 2020 07:49:16 GMT
Accept-Ranges: bytes
Content-Length: 26855
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
tagdem.com.sa/catalog/view/theme/default/assets/css/lib/owl.theme.default.css
162.55.2.253200 OK 1.4 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/assets/css/lib/owl.theme.default.css
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
Hash 6c830c91a0a08fca0fe883504abc7d2b
5193b985aa3f992ce7bad494b6ab519707c48cc1
9d7055ec6af6954d2df80c0ab274b4e4362dcd9f35a184d74ba923ecb0501df3
GET /catalog/view/theme/default/assets/css/lib/owl.theme.default.css HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 20 Apr 2018 10:22:10 GMT
Accept-Ranges: bytes
Content-Length: 1380
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css
tagdem.com.sa/catalog/view/theme/default/assets/css/lib/swiper-bundle.min.css
162.55.2.253200 OK 14 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/assets/css/lib/swiper-bundle.min.css
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (13663)
Hash 4d0619d7577a990881a0079718c5c92e
02553ae8ed1026ae5e1fe6cc5883fd42379e5e68
f9a55bcc80d6d8b2815299c5501cddaa8e5f3f697cdb8f5ce1e3e924097117ba
GET /catalog/view/theme/default/assets/css/lib/swiper-bundle.min.css HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 04 Mar 2021 19:14:10 GMT
Accept-Ranges: bytes
Content-Length: 13921
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
tagdem.com.sa/catalog/view/theme/default/assets/css/lib/bootstrap-select.min.css
162.55.2.253200 OK 6.7 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/assets/css/lib/bootstrap-select.min.css
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (6433), with CRLF line terminators
Hash 1dde27fd625567362692b22765e51596
8534be7ac8920f1dff0f084256e812c2fd8db919
feeb377a08b6715a7498491547c727a8bb2e0d8e819ab0eebd33d4b84af51c94
GET /catalog/view/theme/default/assets/css/lib/bootstrap-select.min.css HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Mon, 01 Oct 2018 13:45:44 GMT
Accept-Ranges: bytes
Content-Length: 6655
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
tagdem.com.sa/catalog/view/theme/default/assets/css/lib/sweetalert2.min.css
162.55.2.253200 OK 16 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/assets/css/lib/sweetalert2.min.css
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
Hash 5305b7af8ef42b37be7e2caa9182f393
9f9f8d2ab49bbf537c33cd0b6c3ecea164bfef9f
fd1607ffbcaa2458a02136e611ef9f2e7c1fec78d118696f08ccf8cf79e3bd32
GET /catalog/view/theme/default/assets/css/lib/sweetalert2.min.css HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 12 Mar 2021 06:32:36 GMT
Accept-Ranges: bytes
Content-Length: 15692
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
tagdem.com.sa/catalog/view/theme/default/assets/css/media.css?v=1
162.55.2.253200 OK 2.9 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/assets/css/media.css?v=1
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 291476ffbff9132361afd1b01f1ef204
6e8efb832faa27751d7b10ae405104ab11bb218f
5674c32a3d9d1b2b686379366e4e722970fee3c28f164ad86f011f273856a4a8
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/theme/default/assets/css/media.css?v=1 HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 19 May 2021 07:57:58 GMT
Accept-Ranges: bytes
Content-Length: 2867
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/css
tagdem.com.sa/catalog/view/theme/default/assets/css/lib/jquery.fancybox.min.css
162.55.2.253200 OK 13 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/assets/css/lib/jquery.fancybox.min.css
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (12795), with no line terminators
Hash a2d42584292f64c5827e8b67b1b38726
1be9b79be02a1cfc5d96c4a5e0feb8f472babd95
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
GET /catalog/view/theme/default/assets/css/lib/jquery.fancybox.min.css HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 23 Mar 2021 16:03:27 GMT
Accept-Ranges: bytes
Content-Length: 12795
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
tagdem.com.sa/catalog/view/theme/default/assets/js/lib/sweetalert2.min.js
162.55.2.253200 OK 23 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/assets/js/lib/sweetalert2.min.js
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (22984), with no line terminators
Hash 93f06f5547d987349cfd08b4e7a4145d
6c771a4057aee7ac945d90c50aba145a44438714
274a8db351bd0102b07f4e2ec2d5b9243e07da82c87a4d92a586acf73f2be1c6
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/theme/default/assets/js/lib/sweetalert2.min.js HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Mon, 01 Oct 2018 13:45:18 GMT
Accept-Ranges: bytes
Content-Length: 22984
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
tagdem.com.sa/catalog/view/theme/default/assets/css/style.css
162.55.2.253200 OK 104 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/assets/css/style.css
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
Size 104 kB (103953 bytes)
Hash 9d40cea6cb3392f6347e0aff5c3afbd6
f4ece9fce2d001027900475974a9c4ced5838326
be21ef104f3e85cef605627f0ea786973a70b535def3c93b7866ed2fff26a1da
GET /catalog/view/theme/default/assets/css/style.css HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 31 Mar 2021 13:57:03 GMT
Accept-Ranges: bytes
Content-Length: 103953
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 04:08:57 GMT
cache-control: public,max-age=3600
age: 3466
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
tagdem.com.sa/catalog/view/theme/default/assets/js/lib/owl.carousel.min.js
162.55.2.253200 OK 46 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/assets/js/lib/owl.carousel.min.js
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (31997)
Hash 03512eea3b30b6cbe9fd93d9f93f28ae
7600a529181ce98b404b07971e277e8c121da35b
45e591b2e71e9b0e553371ccd435db2dd6f7e039aa148d10993b03cac59fba6e
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/theme/default/assets/js/lib/owl.carousel.min.js HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 20 Apr 2018 19:22:10 GMT
Accept-Ranges: bytes
Content-Length: 46138
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
tagdem.com.sa/image/catalog/black_kian.png
162.55.2.253200 OK 59 kB URL HTTP/1.1 tagdem.com.sa/image/catalog/black_kian.png
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 1199 x 610, 8-bit/color RGBA, non-interlaced\012- data
Hash 9d98ee2b0e83bcff28f514ad68ed6f03
573a8f2e39b8d4450a97401f9591be6e39d80fd0
60f8c1e30c96fb5473e7e2da219fac8165c2bacc745cec7d8635dd2fca98f6b7
GET /image/catalog/black_kian.png HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Mon, 04 Jan 2021 19:34:08 GMT
Accept-Ranges: bytes
Content-Length: 58609
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
tagdem.com.sa/image/catalog/footer_logo.png
162.55.2.253200 OK 11 kB URL HTTP/1.1 tagdem.com.sa/image/catalog/footer_logo.png
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 129 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash e2407c1c6f7ab3ccbcb19dbcd35a423d
25052e1f03373224855ed93598c95ad2a9eeaa00
447d67440ca288be454163a297e83e6817f78cd998ee66bf1a9c3f91c8ffea5b
GET /image/catalog/footer_logo.png HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 04 Mar 2021 23:06:14 GMT
Accept-Ranges: bytes
Content-Length: 11033
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
tagdem.com.sa/image/cache/catalog/75A63951-471F-4303-B71B-AD1A698DB44B-1920x1280-category_image.jpeg
162.55.2.253200 OK 230 kB URL HTTP/1.1 tagdem.com.sa/image/cache/catalog/75A63951-471F-4303-B71B-AD1A698DB44B-1920x1280-category_image.jpeg
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 1920x1280, components 3\012- data
Size 230 kB (229512 bytes)
Hash 90e6c2c0422ab4b13c73a51a8ffc646b
b608907e884f2fadedfd0e23348da2d4031e398a
2420b4846bb315f714a91391a3aa7a36abf406026c6b09911120ed64c1640798
Analyzer Verdict Alert fortinet Malware
GET /image/cache/catalog/75A63951-471F-4303-B71B-AD1A698DB44B-1920x1280-category_image.jpeg HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Mon, 25 Apr 2022 14:44:50 GMT
Accept-Ranges: bytes
Content-Length: 229512
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
tagdem.com.sa/image/cache/catalog/CBEBE07E-74E8-41BE-8245-796AA6AE369F-1920x1280-category_image.jpeg
162.55.2.253200 OK 158 kB URL HTTP/1.1 tagdem.com.sa/image/cache/catalog/CBEBE07E-74E8-41BE-8245-796AA6AE369F-1920x1280-category_image.jpeg
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 1920x1280, components 3\012- data
Size 158 kB (157598 bytes)
Hash b4a347d3b5079db13003cee21c7a2160
6b9e0b3fe6b0bd109ee0655fa957e9aebb4c43a5
ac3c1a94ab6dcde9f232caa27521c88527adc5007e83af7ccb12a11d4ad82092
Analyzer Verdict Alert fortinet Malware
GET /image/cache/catalog/CBEBE07E-74E8-41BE-8245-796AA6AE369F-1920x1280-category_image.jpeg HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Mon, 25 Apr 2022 14:44:50 GMT
Accept-Ranges: bytes
Content-Length: 157598
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
tagdem.com.sa/image/catalog/logo.png
162.55.2.253200 OK 20 kB URL HTTP/1.1 tagdem.com.sa/image/catalog/logo.png
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 425 x 660, 8-bit/color RGBA, non-interlaced\012- data
Hash b983961280604030ab9374b95000c592
960991a9c40be32cd7c8fc2690831ab6dfbae90a
faeb5e4abd30ceef2612677bcb459d2a7045a51812013117ddd30a26ae701bd0
GET /image/catalog/logo.png HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Sun, 28 Feb 2021 17:05:14 GMT
Accept-Ranges: bytes
Content-Length: 19676
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
tagdem.com.sa/image/cache/catalog/E972B965-903F-4CCD-BBFC-B5E996232B30-1920x1280-category_image.jpeg
162.55.2.253200 OK 357 kB URL HTTP/1.1 tagdem.com.sa/image/cache/catalog/E972B965-903F-4CCD-BBFC-B5E996232B30-1920x1280-category_image.jpeg
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 1920x1280, components 3\012- data
Size 357 kB (356755 bytes)
Hash a3c780e9fd9ef8953c7f9a67d2d82926
b0853fd84cdc9edad321f26ff9f80c7a8df24051
9eccb4d91ca3a37fac6ac3178d6884d5e77c6368d9fb6e7391c2c85ab52ca500
Analyzer Verdict Alert fortinet Malware
GET /image/cache/catalog/E972B965-903F-4CCD-BBFC-B5E996232B30-1920x1280-category_image.jpeg HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Mon, 25 Apr 2022 14:44:50 GMT
Accept-Ranges: bytes
Content-Length: 356755
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
tagdem.com.sa/catalog/view/theme/default/assets/images/icon.png
162.55.2.253200 OK 678 B URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/assets/images/icon.png
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 42 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 3635e97693f2f68be66332f1a53e9aad
8038ab64f667ed3fad63a93bade7aab44f2d55ee
3f384a4db2f4675fef338cb080e0a87202c787ae4a8a977aa6ea6bc11f1926f6
GET /catalog/view/theme/default/assets/images/icon.png HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/catalog/view/theme/default/assets/css/style.css
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 03 Mar 2021 20:03:12 GMT
Accept-Ranges: bytes
Content-Length: 678
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
tagdem.com.sa/catalog/view/theme/default/assets/images/white_icon.png
162.55.2.253200 OK 721 B URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/assets/images/white_icon.png
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 42 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 614d6f5a731c3f4716d3b2e27beba1e2
9147617d668242b4350fb40f1de562f623e43c54
c92e50ed59ea5d9258f50fb7ae3efca86e5f3803e1f4e6e0c2b20227a1bb8a5e
GET /catalog/view/theme/default/assets/images/white_icon.png HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/catalog/view/theme/default/assets/css/style.css
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 04 Mar 2021 20:46:40 GMT
Accept-Ranges: bytes
Content-Length: 721
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
tagdem.com.sa/image/catalog/exclusive.png
162.55.2.253200 OK 498 kB URL HTTP/1.1 tagdem.com.sa/image/catalog/exclusive.png
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 1920 x 925, 8-bit/color RGBA, non-interlaced\012- data
Size 498 kB (497829 bytes)
Hash f23054452d13dc38d63cb281b79c7125
263612185120979e3a5c23e8554b225f53783ede
38b0218e5eeca0ae2a005542927f9e0b536cc1aaa3743523bc26e5ed3d2be481
GET /image/catalog/exclusive.png HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 03 Mar 2021 20:03:34 GMT
Accept-Ranges: bytes
Content-Length: 497829
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
tagdem.com.sa/catalog/view/theme/default/assets/fonts/tajawal/Tajawal-Regular.ttf
162.55.2.253200 OK 55 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/assets/fonts/tajawal/Tajawal-Regular.ttf
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type TrueType Font data, 15 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, (c) 2017 by Boutros International. All rights reserved.TajawalRegular1.000;1bou;Tajawal-RegularV\012- data
Hash d8304accb48d86d9361ad30569823a0d
f3c4f85dad20e30f20878022d0a26568555b7f97
497f243d6ef4f4360d55d4ebd474d5c9dc4d0891426e162f34fa37e7c37d90b5
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/theme/default/assets/fonts/tajawal/Tajawal-Regular.ttf HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/catalog/view/theme/default/assets/css/style.css
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 22 Sep 2020 15:39:10 GMT
Accept-Ranges: bytes
Content-Length: 55072
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: font/ttf
tagdem.com.sa/catalog/view/theme/default/assets/fonts/webfonts/fa-brands-400.woff2
162.55.2.253200 OK 77 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/assets/fonts/webfonts/fa-brands-400.woff2
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format (Version 2), TrueType, length 77400, version 331.17301\012- data
Hash cac68c831145804808381a7032fdc7c2
62584b9868428fd75af3fc5ee2f9918dda428be5
1c87d2b26de7d55c66037916bbb4cba6c791da0e2adfa378332678ff13e12d9d
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/theme/default/assets/fonts/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: http://tagdem.com.sa/catalog/view/theme/default/assets/css/lib/all.min.css
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 15 Jul 2020 20:59:48 GMT
Accept-Ranges: bytes
Content-Length: 77400
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: font/woff2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3878
Cache-Control: max-age=104684
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 05:06:43 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 10:11:27 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
tagdem.com.sa/catalog/view/theme/default/assets/images/footer.png
162.55.2.253200 OK 31 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/assets/images/footer.png
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 886 x 551, 8-bit/color RGBA, non-interlaced\012- data
Hash ed0fb694f605e9fd82bffcc15ae6a4e1
cccaba7294cd3ab2e9108990c48dad8b787ef483
0958e231b0a861327dc8fb4ec3e3771821985623f8eca96d23fa2ab565e72906
GET /catalog/view/theme/default/assets/images/footer.png HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/catalog/view/theme/default/assets/css/style.css
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 03 Mar 2021 20:04:10 GMT
Accept-Ranges: bytes
Content-Length: 30892
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
tagdem.com.sa/catalog/view/theme/default/assets/fonts/webfonts/fa-solid-900.woff2
162.55.2.253200 OK 80 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/assets/fonts/webfonts/fa-solid-900.woff2
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format (Version 2), TrueType, length 80148, version 331.17301\012- data
Hash c500da19d776384ba69573ae6fe274e7
6290834672aba86d5b6c1c73b30b57c9c53996f7
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/theme/default/assets/fonts/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: http://tagdem.com.sa/catalog/view/theme/default/assets/css/lib/all.min.css
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 15 Jul 2020 20:59:48 GMT
Accept-Ranges: bytes
Content-Length: 80148
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: font/woff2
tagdem.com.sa/catalog/view/theme/default/assets/fonts/webfonts/fa-regular-400.woff2
162.55.2.253200 OK 14 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/assets/fonts/webfonts/fa-regular-400.woff2
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format (Version 2), TrueType, length 13600, version 331.17301\012- data
Hash 3a3398a6ef60fc64eacf45665958342e
5e4d45052f43e55aaad7f14d13280215e39aa45b
245818b22d1ec4892fcb722437e32888e97f63a0316bd22aaf9f44cde01f4c91
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/theme/default/assets/fonts/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: http://tagdem.com.sa/catalog/view/theme/default/assets/css/lib/all.min.css
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 15 Jul 2020 20:59:48 GMT
Accept-Ranges: bytes
Content-Length: 13600
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: font/woff2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3f373bff74d65397a353587fea05e82f
f76493c055af0b08e83dff16c4252c581c165bcd
417bbf8a2b8cc3ee58d9fa4db4b14d1849a4787a606df3c6d1f2376d96558b92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5609
Cache-Control: max-age=129099
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 05:06:43 GMT
Etag: "6388c745-117"
Expires: Sat, 03 Dec 2022 16:58:22 GMT
Last-Modified: Thu, 01 Dec 2022 15:24:53 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279
tagdem.com.sa/catalog/view/theme/default/assets/fonts/tajawal/Tajawal-Medium.ttf
162.55.2.253200 OK 56 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/assets/fonts/tajawal/Tajawal-Medium.ttf
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type TrueType Font data, 15 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, (c) 2017 by Boutros International. All rights reserved.Tajawal MediumRegular1.000;1BOU;Tajawal-M\012- data
Hash 1472d65abf09fa765956fd3d32dadf48
18fecab4a7d562e918df5991bcdd1cdcaf27688e
26848fce2e7dfe2ccf87caff391c1173457cd2191f7e077a083d97d42eb6af2e
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/theme/default/assets/fonts/tajawal/Tajawal-Medium.ttf HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/catalog/view/theme/default/assets/css/style.css
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 22 Sep 2020 15:39:38 GMT
Accept-Ranges: bytes
Content-Length: 56284
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: font/ttf
tagdem.com.sa/catalog/view/theme/default/assets/fonts/tajawal/Tajawal-Bold.ttf
162.55.2.253200 OK 56 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/assets/fonts/tajawal/Tajawal-Bold.ttf
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type TrueType Font data, 15 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, (c) 2017 by Boutros International. All rights reserved.TajawalBold1.000;1BOU;Tajawal-BoldTajawal\012- data
Hash 73222b42f57d11db8ed71c1752e121c0
b8b9548ff8e7cdd05b4817cbe02d1e16038dc1fb
abd4d0fc11d60ccdd5eb7c569fcd212885e1a463c0913aae33a0c3a45b07fb41
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/theme/default/assets/fonts/tajawal/Tajawal-Bold.ttf HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/catalog/view/theme/default/assets/css/style.css
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 22 Sep 2020 15:40:04 GMT
Accept-Ranges: bytes
Content-Length: 55520
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: font/ttf
tagdem.com.sa/image/cache/catalog/96D9BB98-83FC-4BE3-96EA-262D02F398E3-1920x1280-category_image.jpeg
162.55.2.253200 OK 310 kB URL HTTP/1.1 tagdem.com.sa/image/cache/catalog/96D9BB98-83FC-4BE3-96EA-262D02F398E3-1920x1280-category_image.jpeg
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 1920x1280, components 3\012- data
Size 310 kB (310077 bytes)
Hash e21037307cc40a890c924b4e9cf01cfc
e570f22d153c4a3667086795a03e80969ef46817
dc544c3e2e0175cb38358e5d1045a67faefcba8f6477720230f1a30c15be89f8
Analyzer Verdict Alert fortinet Malware
GET /image/cache/catalog/96D9BB98-83FC-4BE3-96EA-262D02F398E3-1920x1280-category_image.jpeg HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Mon, 25 Apr 2022 14:44:50 GMT
Accept-Ranges: bytes
Content-Length: 310077
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
tagdem.com.sa/image/cache/catalog/79526574-7975-478F-BDA2-D564D1C42068-1920x1280-category_image.jpeg
162.55.2.253200 OK 370 kB URL HTTP/1.1 tagdem.com.sa/image/cache/catalog/79526574-7975-478F-BDA2-D564D1C42068-1920x1280-category_image.jpeg
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 1920x1280, components 3\012- data
Size 370 kB (369562 bytes)
Hash 58c783b8818b23618bfd3228e8a59a60
84ea6042041acbaf0ca7ce34d6f2b59f1003b718
c12edcd3aa2b249e0021268e303b5914421a8c977f7d594557b495516ee31849
Analyzer Verdict Alert fortinet Malware
GET /image/cache/catalog/79526574-7975-478F-BDA2-D564D1C42068-1920x1280-category_image.jpeg HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Mon, 25 Apr 2022 14:44:50 GMT
Accept-Ranges: bytes
Content-Length: 369562
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
tagdem.com.sa/image/cache/catalog/B0CE1CC7-C069-4A62-B47C-1B6BEF71066C-1920x1280-category_image.jpeg
162.55.2.253200 OK 375 kB URL HTTP/1.1 tagdem.com.sa/image/cache/catalog/B0CE1CC7-C069-4A62-B47C-1B6BEF71066C-1920x1280-category_image.jpeg
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 1920x1280, components 3\012- data
Size 375 kB (375436 bytes)
Hash ac0611885ecb95af2e548e2a73e3492b
4759b99edcdf9f38ee25e6764fb60ddb7ded42d8
0aa5f1ddb921cd183886a820af614203112770dfa8d44fd4550d779fa4f85149
Analyzer Verdict Alert fortinet Malware
GET /image/cache/catalog/B0CE1CC7-C069-4A62-B47C-1B6BEF71066C-1920x1280-category_image.jpeg HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Mon, 25 Apr 2022 14:44:50 GMT
Accept-Ranges: bytes
Content-Length: 375436
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
tagdem.com.sa/catalog/view/theme/default/assets/images/qoute.png
162.55.2.253200 OK 5.0 kB URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/assets/images/qoute.png
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 296 x 297, 8-bit/color RGBA, non-interlaced\012- data
Hash 523ee05476e54708519da6202350de31
41107d421de0555618788c4443ea88bebe4c531e
722baee8daa6d32942613d352653d0d1703fd1f8fa0430e75cd264cd5fa28e62
GET /catalog/view/theme/default/assets/images/qoute.png HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/catalog/view/theme/default/assets/css/style.css
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 03 Mar 2021 20:04:30 GMT
Accept-Ranges: bytes
Content-Length: 5004
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png
push.services.mozilla.com/
34.213.121.129101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.213.121.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FdRe4AStDLQTMO5yO6pvOw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: C2YP0Vox5kKLEfB3KzelAjNs6BY=
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3f373bff74d65397a353587fea05e82f
f76493c055af0b08e83dff16c4252c581c165bcd
417bbf8a2b8cc3ee58d9fa4db4b14d1849a4787a606df3c6d1f2376d96558b92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5609
Cache-Control: max-age=129099
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 05:06:43 GMT
Etag: "6388c745-117"
Expires: Sat, 03 Dec 2022 16:58:22 GMT
Last-Modified: Thu, 01 Dec 2022 15:24:53 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6785
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 05:06:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6785
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 05:06:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6785
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 05:06:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6785
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 05:06:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6785
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 05:06:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:47 GMT
age: 27117
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd78aa69439c995167f32b8a41a1f4f6
d07d6145182f312f3ed86ecf96b4ffa175416fa0
3b08cf3fad31ee0cf3ee25abc2484fb4283543865a42dfc568b14f9856fd3bb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7722
x-amzn-requestid: 8d7c4800-6c06-43ed-afa1-94840d42f591
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGy2Gr1IAMFWeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e78-429ae3135d47e3b020c4c7a1;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Z8thSamrCRejcAcQEGAp4WpSMzMEvstuZtVpKAjiCH4dyJyf1yihBA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:50:11 GMT
age: 26193
etag: "d07d6145182f312f3ed86ecf96b4ffa175416fa0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:15:42 GMT
age: 78662
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1250c1e7-37f4-4697-8233-d05f398cb066.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1250c1e7-37f4-4697-8233-d05f398cb066.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0fc684e61682c4078a82ee3d901ae52
ea65ad98933ec58afa3fa5c7642491d77db7e6c2
5e953012dba2b85cfda5befe2448ab87fbc2432a071e11a33b44be4f5148a4a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1250c1e7-37f4-4697-8233-d05f398cb066.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6752
x-amzn-requestid: f398ce98-353e-4783-aa42-dbf1ad036ab7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGepE6roAMF4zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-0753d209291e197e7c6422a6;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JZAFwGz7kAWplsA1qeraQTjirrZb29JTnUPii5BcPg5tzxcBLtt0WA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:24:25 GMT
etag: "ea65ad98933ec58afa3fa5c7642491d77db7e6c2"
content-type: image/jpeg
age: 24139
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe82fdd03-be1f-4def-adb8-61eefd79def6.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe82fdd03-be1f-4def-adb8-61eefd79def6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e65083422468e512aa73eb68f20b2ec
73884daab5e71e4917637b3679c0bb5a1f0447de
f0d97bb9e3f01bbdbe91ba1f9b6ea0f649c66192383c51fe5c7ca9ac2a38ebdb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe82fdd03-be1f-4def-adb8-61eefd79def6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9719
x-amzn-requestid: c4ba3502-e191-40fa-8ae0-71dc6f733db4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPjhHE8woAMFyKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382e606-70ab0e5523c91e5420efec78;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 04:22:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oBn917CDV6DjSs9TAL2iBU0Rn8_f8ny1rAVXrbI9KML2P7pxusbdjA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 03:43:01 GMT
age: 5023
etag: "73884daab5e71e4917637b3679c0bb5a1f0447de"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd8ad22c2eb1eb91c76970fa449f1bc4
0de97f3a4964038222bd751e043e413113e6db9d
668f805815aede3bc04f8564bd6aefd56029362bb0aa8a794673eb78ab2d4643
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4834
x-amzn-requestid: 63a0b8b5-5cb3-4a1f-aa46-47c84abe726f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQrjEeAIAMF3sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c7e3-0032799009f893ba79f314db;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:02:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bBj-TXtavCuORZ9qBoZeVj-GXeRljAeW-98HY7lTk5_VRSKF4_07VQ==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 04:22:38 GMT
age: 2646
etag: "0de97f3a4964038222bd751e043e413113e6db9d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
151.101.129.229200 OK 67 kB URL HTTP/2 cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
IP 151.101.129.229:0
Hash 8fcf4b887a890ab7d836de2b1c85461f
11390f63782b97f3dd7911b0b31a223db9a4f660
400dcf769f3712271a53031e178dbc79f147271e7f6536583d67efe3c650e024
GET /emojione/2.2.7/lib/js/emojione.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tagdem.com.sa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 02 Dec 2022 05:06:45 GMT
age: 22103961
x-served-by: cache-fra19156-FRA, cache-bma1631-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 53889
X-Firefox-Spdy: h2
vsb83.tawk.to/s/?k=638987e50b1cb1cc369fdc47&cver=0&pop=false&asver=10&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MGU1ODFiMzY0OWUwYTBhNWNjYWY2YjkiLCJ2aWQiOiI2MGU1ODFiMzY0OWUwYTBhNWNjYWY2YjktUG5iNUUwWVg2OHZ2QzNrR1AxS1ZYIiwic2lkIjoiNjM4OTg3ZTUwYjFjYjFjYzM2OWZkYzQ3IiwiaWF0IjoxNjY5OTU3NjA1LCJleHAiOjE2Njk5NTk0MDUsImp0aSI6IlBtN3JHeFE2d2pUcVRUNmh6aWVGbSJ9.oPKWVcYkHLq9yvtCRKs9CA2n3aJ5U-6BdtLrDyjPKX_-lpQ5dBA3elrckUKAJkvs1htEk3XJy9VXAnCcXtVwHQ&EIO=3&transport=websocket&__t=OJHEj5A
172.67.38.66101 Switching Protocols 4.5 kB URL HTTP/1.1 vsb83.tawk.to/s/?k=638987e50b1cb1cc369fdc47&cver=0&pop=false&asver=10&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MGU1ODFiMzY0OWUwYTBhNWNjYWY2YjkiLCJ2aWQiOiI2MGU1ODFiMzY0OWUwYTBhNWNjYWY2YjktUG5iNUUwWVg2OHZ2QzNrR1AxS1ZYIiwic2lkIjoiNjM4OTg3ZTUwYjFjYjFjYzM2OWZkYzQ3IiwiaWF0IjoxNjY5OTU3NjA1LCJleHAiOjE2Njk5NTk0MDUsImp0aSI6IlBtN3JHeFE2d2pUcVRUNmh6aWVGbSJ9.oPKWVcYkHLq9yvtCRKs9CA2n3aJ5U-6BdtLrDyjPKX_-lpQ5dBA3elrckUKAJkvs1htEk3XJy9VXAnCcXtVwHQ&EIO=3&transport=websocket&__t=OJHEj5A
IP 172.67.38.66:0
Hash 4d6951f2abe146a74c3d52917ad53ac2
d33741751a816b64d3860c64d9aa8b66e2ce7d69
89f515ea82eceacf6b76adc3e584983413099ebe1d1a421bb6f5e4932781fec3
GET /s/?k=638987e50b1cb1cc369fdc47&cver=0&pop=false&asver=10&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MGU1ODFiMzY0OWUwYTBhNWNjYWY2YjkiLCJ2aWQiOiI2MGU1ODFiMzY0OWUwYTBhNWNjYWY2YjktUG5iNUUwWVg2OHZ2QzNrR1AxS1ZYIiwic2lkIjoiNjM4OTg3ZTUwYjFjYjFjYzM2OWZkYzQ3IiwiaWF0IjoxNjY5OTU3NjA1LCJleHAiOjE2Njk5NTk0MDUsImp0aSI6IlBtN3JHeFE2d2pUcVRUNmh6aWVGbSJ9.oPKWVcYkHLq9yvtCRKs9CA2n3aJ5U-6BdtLrDyjPKX_-lpQ5dBA3elrckUKAJkvs1htEk3XJy9VXAnCcXtVwHQ&EIO=3&transport=websocket&__t=OJHEj5A HTTP/1.1
Host: vsb83.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://tagdem.com.sa
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lwEpn1uc8kM/lth3p/zBzg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 02 Dec 2022 05:06:45 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: FNjlRFUqBTZkxBivH9QnPH7pgd4=
sec-websocket-extensions: permessage-deflate
strict-transport-security: max-age=0; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 773188f9bf320b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-runtime.js
104.22.25.131200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-runtime.js
IP 104.22.25.131:0
GET /_s/v4/app/637ddf31c8f/js/twk-runtime.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://tagdem.com.sa
Connection: keep-alive
Referer: http://tagdem.com.sa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 05:06:44 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"9075c2f5460b2832318d3c7217cc68cb"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 773188f0d92db515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tagdem.com.sa/catalog/view/theme/default/assets/js/lib/swiper-bundle.min.js
162.55.2.253200 OK 0 B URL HTTP/1.1 tagdem.com.sa/catalog/view/theme/default/assets/js/lib/swiper-bundle.min.js
IP 162.55.2.253:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/theme/default/assets/js/lib/swiper-bundle.min.js HTTP/1.1
Host: tagdem.com.sa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tagdem.com.sa/
Connection: keep-alive
Cookie: PHPSESSID=ef98b0b44afc8b95370d753fd05efa01; default=d3220607be6dcf321b70ac0ef95e85d5; language=ar; currency=SAR
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:06:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 04 Mar 2021 19:14:28 GMT
Accept-Ranges: bytes
Content-Length: 141757
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Expect-CT: max-age=7776000, enforce
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: same-origin
Feature-Policy: geolocation 'self'; vibrate 'none'
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-app.js
104.22.25.131200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-app.js
IP 104.22.25.131:0
GET /_s/v4/app/637ddf31c8f/js/twk-app.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://tagdem.com.sa
Connection: keep-alive
Referer: http://tagdem.com.sa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 05:06:44 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 773188f0d92eb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-vendor.js
104.22.25.131200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-vendor.js
IP 104.22.25.131:0
GET /_s/v4/app/637ddf31c8f/js/twk-vendor.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://tagdem.com.sa
Connection: keep-alive
Referer: http://tagdem.com.sa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 05:06:44 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 773188f0c921b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-common.js
104.22.25.131200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-common.js
IP 104.22.25.131:0
GET /_s/v4/app/637ddf31c8f/js/twk-chunk-common.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://tagdem.com.sa
Connection: keep-alive
Referer: http://tagdem.com.sa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 05:06:44 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"bde99510bdf9ab7bbc9ce82519a19a36"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 773188f0d92cb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-vendors.js
104.22.25.131200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-vendors.js
IP 104.22.25.131:0
GET /_s/v4/app/637ddf31c8f/js/twk-chunk-vendors.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://tagdem.com.sa
Connection: keep-alive
Referer: http://tagdem.com.sa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 05:06:44 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"70dac54eca3bb2143032bc4db3237623"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 773188f0c926b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/60e581b3649e0a0a5ccaf6b9/1fa085ar3
104.22.25.131200 OK 0 B URL HTTP/2 embed.tawk.to/60e581b3649e0a0a5ccaf6b9/1fa085ar3
IP 104.22.25.131:0
GET /60e581b3649e0a0a5ccaf6b9/1fa085ar3 HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://tagdem.com.sa
Connection: keep-alive
Referer: http://tagdem.com.sa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 05:06:43 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-637ddf31c8f"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 773188ed1e75b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2