Report - x1mails.com/

Report Overview

Submitted URL
x1mails.com/
IP
18.130.191.149
ASN
#16509 AMAZON-02
Submitted
2022-09-07 18:59:31
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	5.6 kB	142.250.74.3
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	21 kB	142.250.74.174
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	55 kB	34.120.237.76
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	493 B	694 B	142.250.74.3
vsa84.tawk.to	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	439 B	104.22.25.131
x1mails.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	331 B	379 B	18.130.191.149
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
widget.trustpilot.com	6018	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	4.8 kB	143.204.55.78
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	494 B	694 B	142.250.74.164
static.cloudflareinsights.com	1294	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	429 B	393 B	172.64.156.26
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	658 B	1.5 kB	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.161.231.36
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.27
daaz.com	283087	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	48 kB	231 kB	104.26.15.116
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	366 B	43 kB	142.250.74.72
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	507 B	499 B	31.13.72.36
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	576 B	703 B	142.251.1.154
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	370 B	55 kB	151.101.85.229
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356 B	1.9 kB	104.18.21.226
embed.tawk.to	8650	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	1.7 kB	104.22.25.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-07	medium	x1mails.com/	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (29)

	URL	Size	First Seen	Last Seen
	www.googletagmanager.com/gtag/js?id=UA-123664494-1	108 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtag/js?id=UA-123664494-1 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:43:39 Last Seen2023-03-07 13:43:39 Times Seen1 Hash f5c13a0f674ee137fe8e252eaf4bc82e 69f169c404b7694cf86ba8997456b4e5c5a0f588 c275e03d878d946cc9e2fb4c62b9a0d65ab0eae84302dc9394e1c9cfe96794a0 Loading...

	daaz.com/assets/fb/sdk.js	3.1 kB	2023-03-07	2024-04-17
Pretty URL daaz.com/assets/fb/sdk.js IP 172.67.73.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:21 Last Seen2024-04-17 07:51:02 Times Seen369 Hash be9622348c269c9685e83d047d568a69 1fd6129d3229dd7ca4d207102684e7505d7c3825 dd0b27bbe246f503da17d50db1717304449f178768d9fa2b51c6c995c3cec875 Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 12:41:12 Times Seen37091510 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-32507910.js	74 kB	2023-03-07	2023-03-17
Pretty URL embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-32507910.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:09 Last Seen2023-03-17 11:41:10 Times Seen1 Hash 06e2686edf8c9d8f044eaa817aab00b8 a80b25e4e42e994d5dccaef078a0815ceb61e758 274328d8e070caeb59822084f866342b32b952a867a657715221e6ed032d59aa Loading...

	daaz.com/make/offer/domains/x1mails.com	5.9 kB	2023-03-07	2023-03-17
Pretty URL daaz.com/make/offer/domains/x1mails.com IP 104.26.15.116 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:21 Last Seen2023-03-17 12:42:28 Times Seen1 Hash c50fc32012fbe5b76ae9f0752d3eb28e d8b71fed66fbe121121b506f0cc7a8a09ece03fe 4556e12036fbcc66f5214eb82ef4ea29ba95bad019edd6c31964e4f2d45b5cda Loading...

	embed.tawk.to/_s/v4/app/630c16bea60/js/twk-main.js	121 B	2023-03-07	2024-04-26
Pretty URL embed.tawk.to/_s/v4/app/630c16bea60/js/twk-main.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-26 08:36:19 Times Seen45931 Hash da5bb1dc647470204df0e49f5afac2de f5cbf596ca5e4fe208e4c55af6e45b71f9febbe8 705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-04-25
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-25 19:24:16 Times Seen842 Hash d40531c5e99a6f84e42535859476fe35 a901817d77b2fe5259c298c91bc65c54d7f8a1a9 a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Loading...

	embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-696bc286.js	17 kB	2023-03-07	2023-03-17
Pretty URL embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-696bc286.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:09 Last Seen2023-03-17 11:41:10 Times Seen1 Hash bb4756160fb4d6738e39056c756e3b37 967c67975a62d5ad1624cb8b59dd5a1e7c29955a 540723962f14452647efcfb1d2870d593fec7104b71df635e78d29ef6b83b91f Loading...

	embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-48f46bef.js	16 kB	2023-03-07	2023-03-17
Pretty URL embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-48f46bef.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:09 Last Seen2023-03-17 11:41:10 Times Seen1 Hash a59c9d2459b36a5949234182761d31c5 6e953904e1708eacf5f548d76997719a96757d85 5169a21e0e4c05de69c6e9997ada44938f8cfdb9fd54f9de27d4b03a145bc947 Loading...

	embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-f163fcd0.js	11 kB	2023-03-07	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-f163fcd0.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2023-12-01 20:53:29 Times Seen11867 Hash a92075fd9ac5ba130387a80453676099 4b5b13cf9479b8311d574356e53f8da74200c57a 544039b2ff06226afd008c3625818bbfe76a2598d7159145d06965afaf4f09de Loading...

	daaz.com/assets/themes/js/fittext.js	594 B	2023-03-07	2024-04-17
Pretty URL daaz.com/assets/themes/js/fittext.js IP 172.67.73.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:21 Last Seen2024-04-17 07:51:02 Times Seen419 Hash 091c6d511a24841da0c66af2764754c5 40946466f5e7e7e01ad80423e022c02bab758f23 589e37bb6965bd56665f6944d73e54c57c55227a49168c6680665748cf6896cb Loading...

	daaz.com/assets/templates/js/platform.js	54 kB	2023-03-07	2024-04-17
Pretty URL daaz.com/assets/templates/js/platform.js IP 172.67.73.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:21 Last Seen2024-04-17 07:51:03 Times Seen605 Hash 44e522a850a0ebb98da5ff47f55add42 934a75ca63d9ee9a2a0743253732916e10dfb52e da1dab85b2bae7ceb9287c6ced2cbf12216c5559b2ba573e276620f44091d5cf Loading...

	embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-2c78ba82.js	7.1 kB	2023-03-07	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-2c78ba82.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:09 Last Seen2023-12-01 20:53:29 Times Seen7234 Hash fac25ff2d2c405e1ac7e156dca1f819c 9e7c83d4eefe4f64b4f1c43d15f21b248697a125 97ca66991150a4c1263837600fe4338f33d96b74979cd7740ab07d22b883b8e0 Loading...

	embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-2d0b9454.js	546 B	2023-03-07	2023-12-03
Pretty URL embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-2d0b9454.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2023-12-03 21:40:45 Times Seen7208 Hash 09c3819d373bd4178a620d721429fada fc407211bc5ed4384dc85e981c5947f727254bd9 48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c Loading...

	widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/main.js	58 kB	2023-03-07	2023-03-17
Pretty URL widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/main.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:21 Last Seen2023-03-17 12:42:28 Times Seen1 Hash 4cb0c3edacb69a9fb97d357e7e881561 1c4dc929a16f18028e465426646abf8808fed95f 54053afe5c80f4683f534bde92447cfdf19b8711a08a6ceaccdd4c87082b181c Loading...

	embed.tawk.to/_s/v4/app/630c16bea60/js/twk-vendor.js	78 kB	2023-03-07	2024-01-03
Pretty URL embed.tawk.to/_s/v4/app/630c16bea60/js/twk-vendor.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-01-03 04:29:13 Times Seen8812 Hash 7dcb496e4882926f93f2e73fa87062c0 f84d8f772336f305bbbd882a1e5d48d9aa8bd16a 5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7 Loading...

	embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-vendors.js	211 kB	2023-03-07	2023-03-17
Pretty URL embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-vendors.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2023-03-17 12:54:31 Times Seen1 Hash 81c2642aac0b88b6b237d279f5f8ce67 0b3a43ff98c33f8c9d9a3f1293099325cc2f479e 6ac9be67fa3accd7aff2078733f332843a2b98b227e4cfe7a3bbd48c3c01e0b8 Loading...

	embed.tawk.to/_s/v4/app/630c16bea60/js/twk-runtime.js	2.3 kB	2023-03-07	2023-03-17
Pretty URL embed.tawk.to/_s/v4/app/630c16bea60/js/twk-runtime.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:09 Last Seen2023-03-17 11:41:10 Times Seen1 Hash c5ac9b5bce70724c3422e4824abf1613 6f3bb25b3981e918da37ed5a9caa0139a80841b9 f47c3b3aedc61909dbc07804d8cddc4cb8523d5bd99d83f94069ad78f038100b Loading...

	daaz.com/assets/templates/js/tp.widget.bootstrap.min.js	19 kB	2023-03-07	2024-04-17
Pretty URL daaz.com/assets/templates/js/tp.widget.bootstrap.min.js IP 172.67.73.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:21 Last Seen2024-04-17 07:51:02 Times Seen321 Hash d31b8b2edac209370fb7e7882b74930c db0f92f2228df1bcb18d58588586edcd7e17e4d0 b99590413d5e22ce7b94d73504a5f39b600e5cb766bee40ae2b80427add977a7 Loading...

	static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194	14 kB	2023-03-07	2024-04-26
Pretty URL static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 IP 172.64.156.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-26 05:43:44 Times Seen1638 Hash 19514b1be5ee33b45d32c1fcd4c67ec2 bdeab77b43cafcc638df9d7c26f1aa7f46bf1fd5 fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505 Loading...

	daaz.com/make/offer/domains/x1mails.com	208 B	2023-03-07	2024-04-17
Pretty URL daaz.com/make/offer/domains/x1mails.com IP 104.26.15.116 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:21 Last Seen2024-04-17 07:51:02 Times Seen332 Hash 00930d5e600c05ef214a6239aea27545 56cfc76343616fd22854ad1fbd0c454493988d3e f7eef0b0bd20763c04e1444f470137dae5dd1461b9be00d02668414fb1531959 Loading...

	embed.tawk.to/5ac5c33e4b401e45400e5bda/default	2.1 kB	2023-03-07	2023-03-17
Pretty URL embed.tawk.to/5ac5c33e4b401e45400e5bda/default IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:44 Last Seen2023-03-17 11:37:19 Times Seen1 Hash 32a6407a1ba1e8b6876473e66c952b62 c65273a955bd8d098e8eb7ce703db03c0bed5330 ec97b3b2129ffd3cfcb28102e9feb0e914b6bd61a652aa7ed02a8843271c0603 Loading...

	daaz.com/assets/themes/js/jquery.js	83 kB	2023-03-07	2024-04-17
Pretty URL daaz.com/assets/themes/js/jquery.js IP 172.67.73.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:21 Last Seen2024-04-17 07:51:03 Times Seen171 Hash dc339da9fca8ec818e06ccbd6ced5aca d695b4ea1591e4048cfc7c3f07188297a3cadaa8 e50b7d877bfa65039ac9e3827c202eff3abdabbeff7a45ae29b8bc09821b64e3 Loading...

	embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-common.js	196 kB	2023-03-07	2023-03-17
Pretty URL embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-common.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:09 Last Seen2023-03-17 11:41:10 Times Seen1 Hash a60e52c6e06e37e6cb034be34513f89a 266695701a9ff7d0902fcd82eaf760605415a39e 47038d71ff586a6d2854c7e7b1fd62dbcce3e0455d9eaf5c116183bbe5730073 Loading...

	embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-4fe9d5dd.js	942 B	2023-03-07	2023-12-03
Pretty URL embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-4fe9d5dd.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2023-12-03 21:40:45 Times Seen7224 Hash 5f434bdd806571a4e1b385bee9316ff6 ca69e13015a6b7769e4174179dc8befd4c543c43 fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867 Loading...

	daaz.com/make/offer/domains/x1mails.com	480 B	2023-03-07	2024-04-17
Pretty URL daaz.com/make/offer/domains/x1mails.com IP 104.26.15.116 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:21 Last Seen2024-04-17 07:51:02 Times Seen333 Hash 0fbf847de4d2dfe0b43a9b28fe4a9f42 a0c2cf96ec2b34ac78280b232806690b97ee1013 0973c2f096b194cc8c2aeec7f11e0ee74678dd80a623d10316f35d5a4a088300 Loading...

	daaz.com/make/offer/domains/x1mails.com	5.9 kB	2023-03-07	2023-03-07
Pretty URL daaz.com/make/offer/domains/x1mails.com IP 104.26.15.116 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:43:39 Last Seen2023-03-07 13:43:39 Times Seen1 Hash bd44a841e222eadec1528b1d2e41d52b 8894294b844a226497ab251545589173a34a7c30 f912c9137399184a45c773494cf3f2b6eb2f34d23c8cedf8cc566921a74679a2 Loading...

	embed.tawk.to/_s/v4/app/630c16bea60/js/twk-app.js	151 B	2023-03-07	2024-04-26
Pretty URL embed.tawk.to/_s/v4/app/630c16bea60/js/twk-app.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2024-04-26 08:36:19 Times Seen46611 Hash e736e189edb5d0d9d5b8e7f23dd9114a bcabee193f13756fa9154fc492fe420c47140343 13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd Loading...

	embed.tawk.to/_s/v4/app/630c16bea60/languages/en.js	17 kB	2023-03-07	2024-02-05
Pretty URL embed.tawk.to/_s/v4/app/630c16bea60/languages/en.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:47 Last Seen2024-02-05 02:14:35 Times Seen39084 Hash 585ba00b2c167b90c210161454f843b5 89ee8372cc6d5eb307cf5840b70d8f3dab3c57f2 e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0 Loading...

HTTP Transactions (75)

URL IP Response Size

x1mails.com/

18.130.191.149

301 Moved Permanently

169 B

URL HTTP/1.1
x1mails.com/
IP
18.130.191.149:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
169 B (169 bytes)
Hash
1d7e105f6929fa04f2ec0e8cc2bf18d3
9259ce376f72bf5861e0b455712baca565235602
9e5fe1fc9fb5e65dbb0af3bc4fcd3443a2dbf812bcd75f2bf7b17c3d7524b8fe

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: x1mails.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.0
Date: Wed, 07 Sep 2022 18:59:20 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://daaz.com/redirect/x1mails.com

firefox.settings.services.mozilla.com/v1/

143.204.55.27

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 07 Sep 2022 18:04:44 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EOc3GgxCO2i78e-Omuz34uwDOkhVafjWX8UE4dMrKKo8MDcxQF96BQ==
Age: 3276

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7201
Expires: Wed, 07 Sep 2022 20:59:21 GMT
Date: Wed, 07 Sep 2022 18:59:20 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 07 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RSFsYaRjBu3dZucLImjqzCMlEoKSLU3AyE9da-uSn2IixRGBK7ovfg==
age: 54766
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:59:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.27

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 07 Sep 2022 18:38:18 GMT
Expires: Wed, 07 Sep 2022 19:07:22 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -YrQ7wnDReZgcwgcz8VOAnJGUscb-GrJMcyoizyRtEuKyLTW72LMSw==
Age: 1262

daaz.com/make/offer/domains/x1mails.com

104.26.15.116

301 Moved Permanently

0 B

URL HTTP/1.1
daaz.com/make/offer/domains/x1mails.com
IP
104.26.15.116:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /make/offer/domains/x1mails.com HTTP/1.1
Host: daaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Wed, 07 Sep 2022 18:59:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 07 Sep 2022 19:59:21 GMT
Location: https://daaz.com/make/offer/domains/x1mails.com
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=begJ6xzQTJeC339W3Snu7dPe54bHnc%2Bkn%2F%2BCeK0V99QB%2FSjXDpsNJrG6Lh3ERVh1%2FXvjdguHCBSKlVl20IFXTOIBjyc0wwy%2B0d93qyKPHt%2BniW0qsjeS8Bn0"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7471ae583c9e0b45-OSL
alt-svc: h2=":443"; ma=60

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a81b0f5b5d11bf95fc176833b2f6e808
5b194aa5a8bf3a6b0d117ccfd0f487f6db0587b5
8f6ae83f2b85db7174bbbc6553e2921617b5c8a401315e76082682949a0bd9cc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5585
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:59:21 GMT
Last-Modified: Wed, 07 Sep 2022 17:26:16 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

daaz.com/assets/templates/images/transfer1.png

172.67.73.131

200 OK

4.8 kB

URL HTTP/2
daaz.com/assets/templates/images/transfer1.png
IP
172.67.73.131:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 67 x 43, 8-bit/color RGBA, non-interlaced\012- data
Size
4.8 kB (4760 bytes)
Hash
7f70b0fd3fafdf09105061ac36d90bdd
d1e3300ea34a370cdb262bae4bef33d479ffe910
e30f8b0d0f8c3a503b33d47fb48d8c3f6593128fe0299b557fbd4daef020a87e

HTTP Headers

GET /assets/templates/images/transfer1.png HTTP/1.1
Host: daaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daaz.com/make/offer/domains/x1mails.com
Cookie: _ga=GA1.2.1838605579.1654109089; twk_uuid_5ac5c33e4b401e45400e5bda=%7B%22uuid%22%3A%221.3dXZ6hpW8cHbviQ9TSKvjR7ExUjS74FmzZCaFmRJZbH2dLciCGx2o8CxAyyylMHmIuEHFMNqgywowtm0OuL9cqTT4GghnDfPQXG611bkyRKDvSQ4wfn4kIZ0uPkYj031ge8C4dbF3D0%22%2C%22version%22%3A3%2C%22domain%22%3A%22daaz.com%22%2C%22ts%22%3A1654529618876%7D; AWSALB=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; AWSALBCORS=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; XSRF-TOKEN=eyJpdiI6InZCMy9RdjZlNlI0VG1hWFRrOFBSVXc9PSIsInZhbHVlIjoiVnVKYTBlRFNTU0Q4VU9kdE5zeXV5VVcyTzQ2bkRFNEp0bkJrejNmSXBxb0dBbjdranJtTWVpVGM2ajhEaGZoMHJZc21PUlRxS2tBYUJlSW5VR3A4SmUvRC9oRktLSERKc0ozY1U2S0xNMWM2SWhQUjJhZ2NQZ3RiQmFpa3dZaGMiLCJtYWMiOiIwYjkyNTNkY2IyM2RiMTI5YTFkZDY4NTk4ZDNlYTU2OTljMjgzNjU3MjI1ODk2MTQ4NDNmOTkxMTMzZWVhODFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImdiYXlEMkRBbG1jNWVoUUtzSSsvSHc9PSIsInZhbHVlIjoiaSttZ2JWd0JMY3VzQmg2UFA1Nk9jYmc5MEU5N3kxWG1CWmtwTURkbTdTQWFseU8rczc0MFVmWmxLUXE5NXE5K3ByZEluMktKQks4ck1ja1dvYTh4VnRHb2d5VDdrRzAxcDhaZldMNjZJaWRLY21XMXl5dkVMcHk4RFBlVWZIck0iLCJtYWMiOiI3YzI5ZTI1OTFiM2Y5NTU3MjUyNWZkZGQ0ZWZjN2U4YjA1ODllNTNiODlmMzExZjgxYmMxNmY1Y2QyZDc0MmMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:59:21 GMT
content-type: image/png
content-length: 4760
last-modified: Sun, 13 Sep 2020 07:53:23 GMT
etag: "5f5dcff3-1298"
expires: Thu, 08 Sep 2022 18:59:21 GMT
cache-control: max-age=86400, public
pragma: public
cf-cache-status: BYPASS
set-cookie: AWSALB=Qpz/kLxMm84zjhKDG/4rmLUk0tuaAN1js5DW6oYT+VfgmVebIAYI3WiSZFi6eCpJzDAW1DBklZqahQzqiILl8424cf8YiVbgzMp/hwWINMkXde3duXWQyITE/yga; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/
AWSALBCORS=Qpz/kLxMm84zjhKDG/4rmLUk0tuaAN1js5DW6oYT+VfgmVebIAYI3WiSZFi6eCpJzDAW1DBklZqahQzqiILl8424cf8YiVbgzMp/hwWINMkXde3duXWQyITE/yga; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Ajpn8Kb%2FXTomvPfa87YVFFcIk7IiZ1a1q8hU1IK8CsUrODeJnNs%2B8uz2AcIu2Fz7C5geRHX5TPEeklD16DYV7VNCd1NjZpAakiigIVDLnzKODLeWgnJSJ5t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7471ae5b4e24fab4-OSL
X-Firefox-Spdy: h2

daaz.com/assets/templates/images/trust-stamp.png

172.67.73.131

200 OK

33 kB

URL HTTP/2
daaz.com/assets/templates/images/trust-stamp.png
IP
172.67.73.131:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size
33 kB (32862 bytes)
Hash
1929f2d61d6af71be4ada48c038a05fb
67671601fe8a14a65dc999218a2babfa073a6db0
590b03b0b6d321cd76b80ea70acec7e57cc1d28fd84088acb5fd35a4e3c62645

HTTP Headers

GET /assets/templates/images/trust-stamp.png HTTP/1.1
Host: daaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daaz.com/make/offer/domains/x1mails.com
Cookie: _ga=GA1.2.1838605579.1654109089; twk_uuid_5ac5c33e4b401e45400e5bda=%7B%22uuid%22%3A%221.3dXZ6hpW8cHbviQ9TSKvjR7ExUjS74FmzZCaFmRJZbH2dLciCGx2o8CxAyyylMHmIuEHFMNqgywowtm0OuL9cqTT4GghnDfPQXG611bkyRKDvSQ4wfn4kIZ0uPkYj031ge8C4dbF3D0%22%2C%22version%22%3A3%2C%22domain%22%3A%22daaz.com%22%2C%22ts%22%3A1654529618876%7D; AWSALB=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; AWSALBCORS=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; XSRF-TOKEN=eyJpdiI6InZCMy9RdjZlNlI0VG1hWFRrOFBSVXc9PSIsInZhbHVlIjoiVnVKYTBlRFNTU0Q4VU9kdE5zeXV5VVcyTzQ2bkRFNEp0bkJrejNmSXBxb0dBbjdranJtTWVpVGM2ajhEaGZoMHJZc21PUlRxS2tBYUJlSW5VR3A4SmUvRC9oRktLSERKc0ozY1U2S0xNMWM2SWhQUjJhZ2NQZ3RiQmFpa3dZaGMiLCJtYWMiOiIwYjkyNTNkY2IyM2RiMTI5YTFkZDY4NTk4ZDNlYTU2OTljMjgzNjU3MjI1ODk2MTQ4NDNmOTkxMTMzZWVhODFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImdiYXlEMkRBbG1jNWVoUUtzSSsvSHc9PSIsInZhbHVlIjoiaSttZ2JWd0JMY3VzQmg2UFA1Nk9jYmc5MEU5N3kxWG1CWmtwTURkbTdTQWFseU8rczc0MFVmWmxLUXE5NXE5K3ByZEluMktKQks4ck1ja1dvYTh4VnRHb2d5VDdrRzAxcDhaZldMNjZJaWRLY21XMXl5dkVMcHk4RFBlVWZIck0iLCJtYWMiOiI3YzI5ZTI1OTFiM2Y5NTU3MjUyNWZkZGQ0ZWZjN2U4YjA1ODllNTNiODlmMzExZjgxYmMxNmY1Y2QyZDc0MmMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:59:21 GMT
content-type: image/png
content-length: 32862
last-modified: Sat, 09 Jan 2021 13:52:11 GMT
etag: "5ff9b50b-805e"
expires: Thu, 08 Sep 2022 18:59:21 GMT
cache-control: max-age=86400, public
pragma: public
cf-cache-status: BYPASS
set-cookie: AWSALB=V8jmVl5fCOAqJXORS4WlBcPrc6Qzo8mMprirtroBIvzZXmq3QxMmCslh8N8CHrHgXK/e0CP5QVL3tt0bHlZDeYA58WK7HHKC7T/5riieP4MgfSh2Of6jH/bQKAYU; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/
AWSALBCORS=V8jmVl5fCOAqJXORS4WlBcPrc6Qzo8mMprirtroBIvzZXmq3QxMmCslh8N8CHrHgXK/e0CP5QVL3tt0bHlZDeYA58WK7HHKC7T/5riieP4MgfSh2Of6jH/bQKAYU; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJdZhaRl7xhULq2ezuSh1CnH4ekFelVy7m22xFO3A5IklbcFf5k%2BCpparXqs%2FlG414enzqIZMTAIxyEaA4uM%2FrU4crNZArJUo%2Fw6at5aEudULOJa4ZFa3i7%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7471ae5b4e17fab4-OSL
X-Firefox-Spdy: h2

daaz.com/assets/templates/images/money-back1.png

172.67.73.131

200 OK

4.3 kB

URL HTTP/2
daaz.com/assets/templates/images/money-back1.png
IP
172.67.73.131:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 46 x 51, 8-bit/color RGBA, non-interlaced\012- data
Size
4.3 kB (4275 bytes)
Hash
49650a46f5468dd7f47072723c84ea17
d882c3cbbad7943532719933d1283125b3acde67
fe21e6e8d7b278c5bed1b33d1a60fe17f3f3deae64471dadbdd93813f151f928

HTTP Headers

GET /assets/templates/images/money-back1.png HTTP/1.1
Host: daaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daaz.com/make/offer/domains/x1mails.com
Cookie: _ga=GA1.2.1838605579.1654109089; twk_uuid_5ac5c33e4b401e45400e5bda=%7B%22uuid%22%3A%221.3dXZ6hpW8cHbviQ9TSKvjR7ExUjS74FmzZCaFmRJZbH2dLciCGx2o8CxAyyylMHmIuEHFMNqgywowtm0OuL9cqTT4GghnDfPQXG611bkyRKDvSQ4wfn4kIZ0uPkYj031ge8C4dbF3D0%22%2C%22version%22%3A3%2C%22domain%22%3A%22daaz.com%22%2C%22ts%22%3A1654529618876%7D; AWSALB=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; AWSALBCORS=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; XSRF-TOKEN=eyJpdiI6InZCMy9RdjZlNlI0VG1hWFRrOFBSVXc9PSIsInZhbHVlIjoiVnVKYTBlRFNTU0Q4VU9kdE5zeXV5VVcyTzQ2bkRFNEp0bkJrejNmSXBxb0dBbjdranJtTWVpVGM2ajhEaGZoMHJZc21PUlRxS2tBYUJlSW5VR3A4SmUvRC9oRktLSERKc0ozY1U2S0xNMWM2SWhQUjJhZ2NQZ3RiQmFpa3dZaGMiLCJtYWMiOiIwYjkyNTNkY2IyM2RiMTI5YTFkZDY4NTk4ZDNlYTU2OTljMjgzNjU3MjI1ODk2MTQ4NDNmOTkxMTMzZWVhODFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImdiYXlEMkRBbG1jNWVoUUtzSSsvSHc9PSIsInZhbHVlIjoiaSttZ2JWd0JMY3VzQmg2UFA1Nk9jYmc5MEU5N3kxWG1CWmtwTURkbTdTQWFseU8rczc0MFVmWmxLUXE5NXE5K3ByZEluMktKQks4ck1ja1dvYTh4VnRHb2d5VDdrRzAxcDhaZldMNjZJaWRLY21XMXl5dkVMcHk4RFBlVWZIck0iLCJtYWMiOiI3YzI5ZTI1OTFiM2Y5NTU3MjUyNWZkZGQ0ZWZjN2U4YjA1ODllNTNiODlmMzExZjgxYmMxNmY1Y2QyZDc0MmMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:59:21 GMT
content-type: image/png
content-length: 4275
last-modified: Sun, 13 Sep 2020 07:53:23 GMT
etag: "5f5dcff3-10b3"
expires: Thu, 08 Sep 2022 18:59:21 GMT
cache-control: max-age=86400, public
pragma: public
cf-cache-status: BYPASS
set-cookie: AWSALB=lV6u3Y1m7X6VFjX3Vxzn8J0rPwWWXLOreYQcp9s/8KXsLHMlUbV7CDCMvcWTnPnHyRt1aw/RWVphFu85h/hfa6IAkhT0NRT+JVLTtD3oR5Di3zvhmzgKOw3PdCl+; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/
AWSALBCORS=lV6u3Y1m7X6VFjX3Vxzn8J0rPwWWXLOreYQcp9s/8KXsLHMlUbV7CDCMvcWTnPnHyRt1aw/RWVphFu85h/hfa6IAkhT0NRT+JVLTtD3oR5Di3zvhmzgKOw3PdCl+; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tY%2BIzFsuglJGpvxN8TGBHIZS%2F3SrPmDkbai79IUGBzEh8gCrqb%2B65tGwoNnNzd9xM7MAi8LxDAJGtVeMa4KSjeDTv8%2BIqlx%2BvCpUByRXUBSwiXba5T2Xg%2FwX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7471ae5b4e23fab4-OSL
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.161.231.36

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.161.231.36:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CU/Gyad4vP8Qn7DPhjIuEQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VFTzQS4Asf8nsnsnu1+ycNkkXXg=

daaz.com/assets/templates/images/money-back-img3.png

172.67.73.131

200 OK

2.8 kB

URL HTTP/2
daaz.com/assets/templates/images/money-back-img3.png
IP
172.67.73.131:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.8 kB (2767 bytes)
Hash
8ffcf8831710e2e44af3468dbe846886
38d2c0628ad11f13a16a3e8c7d65759c64a3b11b
0416285b9d8503824354d2ddcf2225d2374690b11c8e32017555ce4f6923bec8

HTTP Headers

GET /assets/templates/images/money-back-img3.png HTTP/1.1
Host: daaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daaz.com/make/offer/domains/x1mails.com
Cookie: _ga=GA1.2.1838605579.1654109089; twk_uuid_5ac5c33e4b401e45400e5bda=%7B%22uuid%22%3A%221.3dXZ6hpW8cHbviQ9TSKvjR7ExUjS74FmzZCaFmRJZbH2dLciCGx2o8CxAyyylMHmIuEHFMNqgywowtm0OuL9cqTT4GghnDfPQXG611bkyRKDvSQ4wfn4kIZ0uPkYj031ge8C4dbF3D0%22%2C%22version%22%3A3%2C%22domain%22%3A%22daaz.com%22%2C%22ts%22%3A1654529618876%7D; AWSALB=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; AWSALBCORS=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; XSRF-TOKEN=eyJpdiI6InZCMy9RdjZlNlI0VG1hWFRrOFBSVXc9PSIsInZhbHVlIjoiVnVKYTBlRFNTU0Q4VU9kdE5zeXV5VVcyTzQ2bkRFNEp0bkJrejNmSXBxb0dBbjdranJtTWVpVGM2ajhEaGZoMHJZc21PUlRxS2tBYUJlSW5VR3A4SmUvRC9oRktLSERKc0ozY1U2S0xNMWM2SWhQUjJhZ2NQZ3RiQmFpa3dZaGMiLCJtYWMiOiIwYjkyNTNkY2IyM2RiMTI5YTFkZDY4NTk4ZDNlYTU2OTljMjgzNjU3MjI1ODk2MTQ4NDNmOTkxMTMzZWVhODFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImdiYXlEMkRBbG1jNWVoUUtzSSsvSHc9PSIsInZhbHVlIjoiaSttZ2JWd0JMY3VzQmg2UFA1Nk9jYmc5MEU5N3kxWG1CWmtwTURkbTdTQWFseU8rczc0MFVmWmxLUXE5NXE5K3ByZEluMktKQks4ck1ja1dvYTh4VnRHb2d5VDdrRzAxcDhaZldMNjZJaWRLY21XMXl5dkVMcHk4RFBlVWZIck0iLCJtYWMiOiI3YzI5ZTI1OTFiM2Y5NTU3MjUyNWZkZGQ0ZWZjN2U4YjA1ODllNTNiODlmMzExZjgxYmMxNmY1Y2QyZDc0MmMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:59:21 GMT
content-type: image/png
content-length: 2767
last-modified: Sun, 13 Sep 2020 07:53:23 GMT
etag: "5f5dcff3-acf"
expires: Thu, 08 Sep 2022 18:59:21 GMT
cache-control: max-age=86400, public
pragma: public
cf-cache-status: BYPASS
set-cookie: AWSALB=FP6AGjOZAeCsKESU30EHX5yqe04i5aByJznaO8TGrBNIUQgEmcxYN0cNGxTLZhVYup3IMYnaQil3U0OVTG6vRah6goQY/3v7P/doeMcixNnjlX/0accsdmQs4hBl; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/
AWSALBCORS=FP6AGjOZAeCsKESU30EHX5yqe04i5aByJznaO8TGrBNIUQgEmcxYN0cNGxTLZhVYup3IMYnaQil3U0OVTG6vRah6goQY/3v7P/doeMcixNnjlX/0accsdmQs4hBl; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WSegoSrEZeflPQl3r14eHPZAZ4BhW5%2B3bngkWU0tW%2FYOQ5SaM0hbwZfJsaQ4bw4jU7cT2XBIhomhVB0Y%2BQKOOtcuwY%2F7OcWp85sp1nBGbSJ0doyYEBA2IwaX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7471ae5b4e2efab4-OSL
X-Firefox-Spdy: h2

daaz.com/assets/templates/images/secure-payment-img1.png

172.67.73.131

200 OK

2.4 kB

URL HTTP/2
daaz.com/assets/templates/images/secure-payment-img1.png
IP
172.67.73.131:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.4 kB (2410 bytes)
Hash
64ea0bb2d8c7594227c0a7819cfc50f5
2f4cbc2e932f341df8dd83a2a9efd0fca80da210
ee22a6a1524ef9e5e1f2f58242fdc436b3a466305b15f64a11742ef1893db691

HTTP Headers

GET /assets/templates/images/secure-payment-img1.png HTTP/1.1
Host: daaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daaz.com/make/offer/domains/x1mails.com
Cookie: _ga=GA1.2.1838605579.1654109089; twk_uuid_5ac5c33e4b401e45400e5bda=%7B%22uuid%22%3A%221.3dXZ6hpW8cHbviQ9TSKvjR7ExUjS74FmzZCaFmRJZbH2dLciCGx2o8CxAyyylMHmIuEHFMNqgywowtm0OuL9cqTT4GghnDfPQXG611bkyRKDvSQ4wfn4kIZ0uPkYj031ge8C4dbF3D0%22%2C%22version%22%3A3%2C%22domain%22%3A%22daaz.com%22%2C%22ts%22%3A1654529618876%7D; AWSALB=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; AWSALBCORS=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; XSRF-TOKEN=eyJpdiI6InZCMy9RdjZlNlI0VG1hWFRrOFBSVXc9PSIsInZhbHVlIjoiVnVKYTBlRFNTU0Q4VU9kdE5zeXV5VVcyTzQ2bkRFNEp0bkJrejNmSXBxb0dBbjdranJtTWVpVGM2ajhEaGZoMHJZc21PUlRxS2tBYUJlSW5VR3A4SmUvRC9oRktLSERKc0ozY1U2S0xNMWM2SWhQUjJhZ2NQZ3RiQmFpa3dZaGMiLCJtYWMiOiIwYjkyNTNkY2IyM2RiMTI5YTFkZDY4NTk4ZDNlYTU2OTljMjgzNjU3MjI1ODk2MTQ4NDNmOTkxMTMzZWVhODFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImdiYXlEMkRBbG1jNWVoUUtzSSsvSHc9PSIsInZhbHVlIjoiaSttZ2JWd0JMY3VzQmg2UFA1Nk9jYmc5MEU5N3kxWG1CWmtwTURkbTdTQWFseU8rczc0MFVmWmxLUXE5NXE5K3ByZEluMktKQks4ck1ja1dvYTh4VnRHb2d5VDdrRzAxcDhaZldMNjZJaWRLY21XMXl5dkVMcHk4RFBlVWZIck0iLCJtYWMiOiI3YzI5ZTI1OTFiM2Y5NTU3MjUyNWZkZGQ0ZWZjN2U4YjA1ODllNTNiODlmMzExZjgxYmMxNmY1Y2QyZDc0MmMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:59:21 GMT
content-type: image/png
content-length: 2410
last-modified: Sun, 13 Sep 2020 07:53:23 GMT
etag: "5f5dcff3-96a"
expires: Thu, 08 Sep 2022 18:59:21 GMT
cache-control: max-age=86400, public
pragma: public
cf-cache-status: BYPASS
set-cookie: AWSALB=ivn8yDHIJfo6GPMs6gBAVnV5a8CUUIEKhnrNenuM3EiTUTNckagSNdKd82pKo7S/4BsyeoMUJI/sy/z/MZ1bNMmnssanDL8UaWl2AxFcnrTxfHSFQUIZpvbD3rqt; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/
AWSALBCORS=ivn8yDHIJfo6GPMs6gBAVnV5a8CUUIEKhnrNenuM3EiTUTNckagSNdKd82pKo7S/4BsyeoMUJI/sy/z/MZ1bNMmnssanDL8UaWl2AxFcnrTxfHSFQUIZpvbD3rqt; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zuSCM3i9wHBLYl5YWcqqy%2BgeMG4RyhALETkqUWc1Ii7CB218prA%2FDcnbTln6NkZpTs0B%2B%2FVP%2FIdI3wfNnpQP6tuSFTOzAq1aPBxhgufH9ZjcyY2syPJtLG7N"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7471ae5b5e33fab4-OSL
X-Firefox-Spdy: h2

daaz.com/assets/templates/images/money-back-img2.png

172.67.73.131

200 OK

2.7 kB

URL HTTP/2
daaz.com/assets/templates/images/money-back-img2.png
IP
172.67.73.131:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.7 kB (2653 bytes)
Hash
4fd680287c13a02a18c3c521b1dc0017
f7c2758ba6a9d4eaa27b5687394852fb1e403d35
6fd9f98c045d58d1ccb02e05c3926c5c52c03077267ce0ead5ace5f36a042d63

HTTP Headers

GET /assets/templates/images/money-back-img2.png HTTP/1.1
Host: daaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daaz.com/make/offer/domains/x1mails.com
Cookie: _ga=GA1.2.1838605579.1654109089; twk_uuid_5ac5c33e4b401e45400e5bda=%7B%22uuid%22%3A%221.3dXZ6hpW8cHbviQ9TSKvjR7ExUjS74FmzZCaFmRJZbH2dLciCGx2o8CxAyyylMHmIuEHFMNqgywowtm0OuL9cqTT4GghnDfPQXG611bkyRKDvSQ4wfn4kIZ0uPkYj031ge8C4dbF3D0%22%2C%22version%22%3A3%2C%22domain%22%3A%22daaz.com%22%2C%22ts%22%3A1654529618876%7D; AWSALB=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; AWSALBCORS=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; XSRF-TOKEN=eyJpdiI6InZCMy9RdjZlNlI0VG1hWFRrOFBSVXc9PSIsInZhbHVlIjoiVnVKYTBlRFNTU0Q4VU9kdE5zeXV5VVcyTzQ2bkRFNEp0bkJrejNmSXBxb0dBbjdranJtTWVpVGM2ajhEaGZoMHJZc21PUlRxS2tBYUJlSW5VR3A4SmUvRC9oRktLSERKc0ozY1U2S0xNMWM2SWhQUjJhZ2NQZ3RiQmFpa3dZaGMiLCJtYWMiOiIwYjkyNTNkY2IyM2RiMTI5YTFkZDY4NTk4ZDNlYTU2OTljMjgzNjU3MjI1ODk2MTQ4NDNmOTkxMTMzZWVhODFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImdiYXlEMkRBbG1jNWVoUUtzSSsvSHc9PSIsInZhbHVlIjoiaSttZ2JWd0JMY3VzQmg2UFA1Nk9jYmc5MEU5N3kxWG1CWmtwTURkbTdTQWFseU8rczc0MFVmWmxLUXE5NXE5K3ByZEluMktKQks4ck1ja1dvYTh4VnRHb2d5VDdrRzAxcDhaZldMNjZJaWRLY21XMXl5dkVMcHk4RFBlVWZIck0iLCJtYWMiOiI3YzI5ZTI1OTFiM2Y5NTU3MjUyNWZkZGQ0ZWZjN2U4YjA1ODllNTNiODlmMzExZjgxYmMxNmY1Y2QyZDc0MmMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:59:21 GMT
content-type: image/png
content-length: 2653
last-modified: Sun, 13 Sep 2020 07:53:23 GMT
etag: "5f5dcff3-a5d"
expires: Thu, 08 Sep 2022 18:59:21 GMT
cache-control: max-age=86400, public
pragma: public
cf-cache-status: BYPASS
set-cookie: AWSALB=CcEQkAmdxApHwt/Z39gfmbWiP/rdFc9HvS7UAquw6eZQb/TmKIrBReTBrhg7++f82r3Wjp4UgIBHUE9cnDQ3WW2Lk0YQowsAxwy6RsLYLkd12m50oOQjSStT9VWb; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/
AWSALBCORS=CcEQkAmdxApHwt/Z39gfmbWiP/rdFc9HvS7UAquw6eZQb/TmKIrBReTBrhg7++f82r3Wjp4UgIBHUE9cnDQ3WW2Lk0YQowsAxwy6RsLYLkd12m50oOQjSStT9VWb; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oBQLde6X5YYehUDEh7AoGlWUI%2BwhT%2FYp46jYGNF%2BIqEuC0B0LyDpl3QhhEjghDlBOVTlUVy%2Bz%2BPqYcGpf034lPNvAKjJ4bBHQzZ4i6AN7jXUSWOXjYoIL1Th"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7471ae5b4e2bfab4-OSL
X-Firefox-Spdy: h2

daaz.com/assets/templates/images/money-back-w.png

172.67.73.131

200 OK

4.2 kB

URL HTTP/2
daaz.com/assets/templates/images/money-back-w.png
IP
172.67.73.131:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 46 x 51, 8-bit/color RGBA, non-interlaced\012- data
Size
4.2 kB (4201 bytes)
Hash
f4f93c9ec9752a91367161eaa3f6f4fa
625ca9f104d46b278659e6f79be245f47d80d4fc
6e81ea04cceb7e701d87a336de05acc8f1c4fa624668c42de35ab081a2b78bf9

HTTP Headers

GET /assets/templates/images/money-back-w.png HTTP/1.1
Host: daaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daaz.com/make/offer/domains/x1mails.com
Cookie: _ga=GA1.2.1838605579.1654109089; twk_uuid_5ac5c33e4b401e45400e5bda=%7B%22uuid%22%3A%221.3dXZ6hpW8cHbviQ9TSKvjR7ExUjS74FmzZCaFmRJZbH2dLciCGx2o8CxAyyylMHmIuEHFMNqgywowtm0OuL9cqTT4GghnDfPQXG611bkyRKDvSQ4wfn4kIZ0uPkYj031ge8C4dbF3D0%22%2C%22version%22%3A3%2C%22domain%22%3A%22daaz.com%22%2C%22ts%22%3A1654529618876%7D; AWSALB=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; AWSALBCORS=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; XSRF-TOKEN=eyJpdiI6InZCMy9RdjZlNlI0VG1hWFRrOFBSVXc9PSIsInZhbHVlIjoiVnVKYTBlRFNTU0Q4VU9kdE5zeXV5VVcyTzQ2bkRFNEp0bkJrejNmSXBxb0dBbjdranJtTWVpVGM2ajhEaGZoMHJZc21PUlRxS2tBYUJlSW5VR3A4SmUvRC9oRktLSERKc0ozY1U2S0xNMWM2SWhQUjJhZ2NQZ3RiQmFpa3dZaGMiLCJtYWMiOiIwYjkyNTNkY2IyM2RiMTI5YTFkZDY4NTk4ZDNlYTU2OTljMjgzNjU3MjI1ODk2MTQ4NDNmOTkxMTMzZWVhODFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImdiYXlEMkRBbG1jNWVoUUtzSSsvSHc9PSIsInZhbHVlIjoiaSttZ2JWd0JMY3VzQmg2UFA1Nk9jYmc5MEU5N3kxWG1CWmtwTURkbTdTQWFseU8rczc0MFVmWmxLUXE5NXE5K3ByZEluMktKQks4ck1ja1dvYTh4VnRHb2d5VDdrRzAxcDhaZldMNjZJaWRLY21XMXl5dkVMcHk4RFBlVWZIck0iLCJtYWMiOiI3YzI5ZTI1OTFiM2Y5NTU3MjUyNWZkZGQ0ZWZjN2U4YjA1ODllNTNiODlmMzExZjgxYmMxNmY1Y2QyZDc0MmMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:59:21 GMT
content-type: image/png
content-length: 4201
last-modified: Sun, 13 Sep 2020 07:53:23 GMT
etag: "5f5dcff3-1069"
expires: Thu, 08 Sep 2022 18:59:21 GMT
cache-control: max-age=86400, public
pragma: public
cf-cache-status: BYPASS
set-cookie: AWSALB=OeSoKPfmiYgIbJvFXIxIVh9+CiDzq2OGLDKQRHKG29fHmaYPtq6sFj74/V1F1JAGZRpus12ZdGmYzWsQp4+do3sWi0/yB+47mOWQ1L8NnlJ+MWHEOlqHiOvMT/dB; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/
AWSALBCORS=OeSoKPfmiYgIbJvFXIxIVh9+CiDzq2OGLDKQRHKG29fHmaYPtq6sFj74/V1F1JAGZRpus12ZdGmYzWsQp4+do3sWi0/yB+47mOWQ1L8NnlJ+MWHEOlqHiOvMT/dB; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=emhfUUUsALEwHmqw45dORDxs6IWpG0UE3gLnt6jwK%2FQ5ERPIZtQM64FvERC5yZtQtaXiCGV1WagPjYzzxgkMOiCFfctEEzadS4b6SlY1G5dM4E%2BWi6bSjgpC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7471ae5b4e28fab4-OSL
X-Firefox-Spdy: h2

daaz.com/assets/templates/images/logo.png

172.67.73.131

200 OK

3.4 kB

URL HTTP/2
daaz.com/assets/templates/images/logo.png
IP
172.67.73.131:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 125 x 60, 8-bit colormap, non-interlaced\012- data
Size
3.4 kB (3360 bytes)
Hash
24a7cf271e0cbbec2028e60c1c796373
75bbf0badcd18e56a95fdef8a9e7ac66dc306c5a
69bc751d25af2f600665a56d605491f4ab2797ce1fe4e4ff257e2801ba8330c1

HTTP Headers

GET /assets/templates/images/logo.png HTTP/1.1
Host: daaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daaz.com/make/offer/domains/x1mails.com
Cookie: _ga=GA1.2.1838605579.1654109089; twk_uuid_5ac5c33e4b401e45400e5bda=%7B%22uuid%22%3A%221.3dXZ6hpW8cHbviQ9TSKvjR7ExUjS74FmzZCaFmRJZbH2dLciCGx2o8CxAyyylMHmIuEHFMNqgywowtm0OuL9cqTT4GghnDfPQXG611bkyRKDvSQ4wfn4kIZ0uPkYj031ge8C4dbF3D0%22%2C%22version%22%3A3%2C%22domain%22%3A%22daaz.com%22%2C%22ts%22%3A1654529618876%7D; AWSALB=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; AWSALBCORS=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; XSRF-TOKEN=eyJpdiI6InZCMy9RdjZlNlI0VG1hWFRrOFBSVXc9PSIsInZhbHVlIjoiVnVKYTBlRFNTU0Q4VU9kdE5zeXV5VVcyTzQ2bkRFNEp0bkJrejNmSXBxb0dBbjdranJtTWVpVGM2ajhEaGZoMHJZc21PUlRxS2tBYUJlSW5VR3A4SmUvRC9oRktLSERKc0ozY1U2S0xNMWM2SWhQUjJhZ2NQZ3RiQmFpa3dZaGMiLCJtYWMiOiIwYjkyNTNkY2IyM2RiMTI5YTFkZDY4NTk4ZDNlYTU2OTljMjgzNjU3MjI1ODk2MTQ4NDNmOTkxMTMzZWVhODFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImdiYXlEMkRBbG1jNWVoUUtzSSsvSHc9PSIsInZhbHVlIjoiaSttZ2JWd0JMY3VzQmg2UFA1Nk9jYmc5MEU5N3kxWG1CWmtwTURkbTdTQWFseU8rczc0MFVmWmxLUXE5NXE5K3ByZEluMktKQks4ck1ja1dvYTh4VnRHb2d5VDdrRzAxcDhaZldMNjZJaWRLY21XMXl5dkVMcHk4RFBlVWZIck0iLCJtYWMiOiI3YzI5ZTI1OTFiM2Y5NTU3MjUyNWZkZGQ0ZWZjN2U4YjA1ODllNTNiODlmMzExZjgxYmMxNmY1Y2QyZDc0MmMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:59:21 GMT
content-type: image/png
content-length: 3360
last-modified: Sun, 13 Sep 2020 07:53:23 GMT
etag: "5f5dcff3-d20"
expires: Thu, 08 Sep 2022 18:59:21 GMT
cache-control: max-age=86400, public
pragma: public
cf-cache-status: BYPASS
set-cookie: AWSALB=OvXa9v7x3CTRsnTm3n9o79YmOkS80DvRYc1o9ZKk+JcacJpTpx3bRX7PnqEfEzreZAc4fHUB8Z9Rl2yU8oHnBYCU6L/IK/6IBChi3k7vcuPXWLIhwuP+mRf98Nkb; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/
AWSALBCORS=OvXa9v7x3CTRsnTm3n9o79YmOkS80DvRYc1o9ZKk+JcacJpTpx3bRX7PnqEfEzreZAc4fHUB8Z9Rl2yU8oHnBYCU6L/IK/6IBChi3k7vcuPXWLIhwuP+mRf98Nkb; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K5jR%2F7TWUkfo31yS8SNuVi4afF6VdsX0PIq93%2FftyaLkCc0Q31P7CxiQerbDVjcW8yqxQvj6MZH%2B0%2FLTek6ES40xjgwOFIx9hUBr3SMn2TDtgwMEnyUUB96V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7471ae5b3e16fab4-OSL
X-Firefox-Spdy: h2

daaz.com/assets/templates/images/money-back-img1.png

172.67.73.131

200 OK

2.2 kB

URL HTTP/2
daaz.com/assets/templates/images/money-back-img1.png
IP
172.67.73.131:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2204 bytes)
Hash
f0dc1a544ede83f3ec1258851580b707
f4442f05cee189d5a943640b2fe59dd7abc95db7
5d88c2148dbb325cccd0d992cdc9b2245f535e7299a0548d7b1763586c8580b6

HTTP Headers

GET /assets/templates/images/money-back-img1.png HTTP/1.1
Host: daaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daaz.com/make/offer/domains/x1mails.com
Cookie: _ga=GA1.2.1838605579.1654109089; twk_uuid_5ac5c33e4b401e45400e5bda=%7B%22uuid%22%3A%221.3dXZ6hpW8cHbviQ9TSKvjR7ExUjS74FmzZCaFmRJZbH2dLciCGx2o8CxAyyylMHmIuEHFMNqgywowtm0OuL9cqTT4GghnDfPQXG611bkyRKDvSQ4wfn4kIZ0uPkYj031ge8C4dbF3D0%22%2C%22version%22%3A3%2C%22domain%22%3A%22daaz.com%22%2C%22ts%22%3A1654529618876%7D; AWSALB=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; AWSALBCORS=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; XSRF-TOKEN=eyJpdiI6InZCMy9RdjZlNlI0VG1hWFRrOFBSVXc9PSIsInZhbHVlIjoiVnVKYTBlRFNTU0Q4VU9kdE5zeXV5VVcyTzQ2bkRFNEp0bkJrejNmSXBxb0dBbjdranJtTWVpVGM2ajhEaGZoMHJZc21PUlRxS2tBYUJlSW5VR3A4SmUvRC9oRktLSERKc0ozY1U2S0xNMWM2SWhQUjJhZ2NQZ3RiQmFpa3dZaGMiLCJtYWMiOiIwYjkyNTNkY2IyM2RiMTI5YTFkZDY4NTk4ZDNlYTU2OTljMjgzNjU3MjI1ODk2MTQ4NDNmOTkxMTMzZWVhODFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImdiYXlEMkRBbG1jNWVoUUtzSSsvSHc9PSIsInZhbHVlIjoiaSttZ2JWd0JMY3VzQmg2UFA1Nk9jYmc5MEU5N3kxWG1CWmtwTURkbTdTQWFseU8rczc0MFVmWmxLUXE5NXE5K3ByZEluMktKQks4ck1ja1dvYTh4VnRHb2d5VDdrRzAxcDhaZldMNjZJaWRLY21XMXl5dkVMcHk4RFBlVWZIck0iLCJtYWMiOiI3YzI5ZTI1OTFiM2Y5NTU3MjUyNWZkZGQ0ZWZjN2U4YjA1ODllNTNiODlmMzExZjgxYmMxNmY1Y2QyZDc0MmMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:59:21 GMT
content-type: image/png
content-length: 2204
last-modified: Sun, 13 Sep 2020 07:53:23 GMT
etag: "5f5dcff3-89c"
expires: Thu, 08 Sep 2022 18:59:21 GMT
cache-control: max-age=86400, public
pragma: public
cf-cache-status: BYPASS
set-cookie: AWSALB=GQoumnsHgZK9+m2X34huISHiUt3FNvMFmfcpvAOe9YB76t8T59PLgm+BCrrEDf2rfeXA1KgOhWSsNpcAf1E8vIJ/+qOmvAMKT8EWJvPk/LnSEgwu8eLUE3cbABXW; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/
AWSALBCORS=GQoumnsHgZK9+m2X34huISHiUt3FNvMFmfcpvAOe9YB76t8T59PLgm+BCrrEDf2rfeXA1KgOhWSsNpcAf1E8vIJ/+qOmvAMKT8EWJvPk/LnSEgwu8eLUE3cbABXW; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vFmwxZb8%2FrjdqDLTH1Rw7CtAZ0L0ZJ4qBR80A5eu%2BJY9IRdBLIYaq%2BRytbPxz2ThQ57BTQYVN5E4C2frWlTLPTR8AV3ExvzW3bbYZovvLIVla%2BWJ1iLCxnVB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7471ae5b4e2afab4-OSL
X-Firefox-Spdy: h2

daaz.com/assets/templates/images/transper-img2.png

172.67.73.131

200 OK

2.3 kB

URL HTTP/2
daaz.com/assets/templates/images/transper-img2.png
IP
172.67.73.131:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.3 kB (2257 bytes)
Hash
ec0b965052a91d9dc580bfa99912beb5
c5cc6fefceff456abc53d2ef1e920167415c6e68
47fb5f0f0632a6b4501a00b6009b8517a9edeb0274d203c34b49a5cad257368e

HTTP Headers

GET /assets/templates/images/transper-img2.png HTTP/1.1
Host: daaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daaz.com/make/offer/domains/x1mails.com
Cookie: _ga=GA1.2.1838605579.1654109089; twk_uuid_5ac5c33e4b401e45400e5bda=%7B%22uuid%22%3A%221.3dXZ6hpW8cHbviQ9TSKvjR7ExUjS74FmzZCaFmRJZbH2dLciCGx2o8CxAyyylMHmIuEHFMNqgywowtm0OuL9cqTT4GghnDfPQXG611bkyRKDvSQ4wfn4kIZ0uPkYj031ge8C4dbF3D0%22%2C%22version%22%3A3%2C%22domain%22%3A%22daaz.com%22%2C%22ts%22%3A1654529618876%7D; AWSALB=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; AWSALBCORS=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; XSRF-TOKEN=eyJpdiI6InZCMy9RdjZlNlI0VG1hWFRrOFBSVXc9PSIsInZhbHVlIjoiVnVKYTBlRFNTU0Q4VU9kdE5zeXV5VVcyTzQ2bkRFNEp0bkJrejNmSXBxb0dBbjdranJtTWVpVGM2ajhEaGZoMHJZc21PUlRxS2tBYUJlSW5VR3A4SmUvRC9oRktLSERKc0ozY1U2S0xNMWM2SWhQUjJhZ2NQZ3RiQmFpa3dZaGMiLCJtYWMiOiIwYjkyNTNkY2IyM2RiMTI5YTFkZDY4NTk4ZDNlYTU2OTljMjgzNjU3MjI1ODk2MTQ4NDNmOTkxMTMzZWVhODFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImdiYXlEMkRBbG1jNWVoUUtzSSsvSHc9PSIsInZhbHVlIjoiaSttZ2JWd0JMY3VzQmg2UFA1Nk9jYmc5MEU5N3kxWG1CWmtwTURkbTdTQWFseU8rczc0MFVmWmxLUXE5NXE5K3ByZEluMktKQks4ck1ja1dvYTh4VnRHb2d5VDdrRzAxcDhaZldMNjZJaWRLY21XMXl5dkVMcHk4RFBlVWZIck0iLCJtYWMiOiI3YzI5ZTI1OTFiM2Y5NTU3MjUyNWZkZGQ0ZWZjN2U4YjA1ODllNTNiODlmMzExZjgxYmMxNmY1Y2QyZDc0MmMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:59:21 GMT
content-type: image/png
content-length: 2257
last-modified: Sun, 13 Sep 2020 07:53:23 GMT
etag: "5f5dcff3-8d1"
expires: Thu, 08 Sep 2022 18:59:21 GMT
cache-control: max-age=86400, public
pragma: public
cf-cache-status: BYPASS
set-cookie: AWSALB=psO13vrLRKDlKF3bzuCv3qa2kia50AIlA0bXuEjdyAd/PE2EY3QvfopWDHOpzrOdN4KWFhnDRDXk2kHLxQq++t8IphMBo5AtTDq5Qy2BLsOy1wclMyPTMzm1v77a; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/
AWSALBCORS=psO13vrLRKDlKF3bzuCv3qa2kia50AIlA0bXuEjdyAd/PE2EY3QvfopWDHOpzrOdN4KWFhnDRDXk2kHLxQq++t8IphMBo5AtTDq5Qy2BLsOy1wclMyPTMzm1v77a; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dhfceHLP6EsdbG725oWJm9UhK6K2sYOUr1zUhKu1HcfLRylcRQ0yuoHohpjxmDm%2FKF1JfWcpnmOv3wHZ68yi%2B7g0Hb0bZ55Fby9L%2Fy0C9C7VBEr3MTfA%2Beky"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7471ae5b5e31fab4-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
62c739a1335c5cf0fd4e783db6cdf14b
4f4a2acf32a7b7d8d86f7d0b037cdd16d59704ff
de1d42a2f47b8a7f1fed1880f1b485f63a5e07ede87fee3194cabeab056cf6f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:59:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

daaz.com/assets/templates/images/transper-img1.png

172.67.73.131

200 OK

1.7 kB

URL HTTP/2
daaz.com/assets/templates/images/transper-img1.png
IP
172.67.73.131:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.7 kB (1675 bytes)
Hash
453e73293231b82149c44d91272432ef
1131385a9e3a8c35023b5ca3ec8b047e2110edfa
e82946c45da6204e2187793b9b6a65009b7116dc40dc61cff0b103638e661e0b

HTTP Headers

GET /assets/templates/images/transper-img1.png HTTP/1.1
Host: daaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daaz.com/make/offer/domains/x1mails.com
Cookie: _ga=GA1.2.1838605579.1654109089; twk_uuid_5ac5c33e4b401e45400e5bda=%7B%22uuid%22%3A%221.3dXZ6hpW8cHbviQ9TSKvjR7ExUjS74FmzZCaFmRJZbH2dLciCGx2o8CxAyyylMHmIuEHFMNqgywowtm0OuL9cqTT4GghnDfPQXG611bkyRKDvSQ4wfn4kIZ0uPkYj031ge8C4dbF3D0%22%2C%22version%22%3A3%2C%22domain%22%3A%22daaz.com%22%2C%22ts%22%3A1654529618876%7D; AWSALB=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; AWSALBCORS=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; XSRF-TOKEN=eyJpdiI6InZCMy9RdjZlNlI0VG1hWFRrOFBSVXc9PSIsInZhbHVlIjoiVnVKYTBlRFNTU0Q4VU9kdE5zeXV5VVcyTzQ2bkRFNEp0bkJrejNmSXBxb0dBbjdranJtTWVpVGM2ajhEaGZoMHJZc21PUlRxS2tBYUJlSW5VR3A4SmUvRC9oRktLSERKc0ozY1U2S0xNMWM2SWhQUjJhZ2NQZ3RiQmFpa3dZaGMiLCJtYWMiOiIwYjkyNTNkY2IyM2RiMTI5YTFkZDY4NTk4ZDNlYTU2OTljMjgzNjU3MjI1ODk2MTQ4NDNmOTkxMTMzZWVhODFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImdiYXlEMkRBbG1jNWVoUUtzSSsvSHc9PSIsInZhbHVlIjoiaSttZ2JWd0JMY3VzQmg2UFA1Nk9jYmc5MEU5N3kxWG1CWmtwTURkbTdTQWFseU8rczc0MFVmWmxLUXE5NXE5K3ByZEluMktKQks4ck1ja1dvYTh4VnRHb2d5VDdrRzAxcDhaZldMNjZJaWRLY21XMXl5dkVMcHk4RFBlVWZIck0iLCJtYWMiOiI3YzI5ZTI1OTFiM2Y5NTU3MjUyNWZkZGQ0ZWZjN2U4YjA1ODllNTNiODlmMzExZjgxYmMxNmY1Y2QyZDc0MmMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:59:21 GMT
content-type: image/png
content-length: 1675
last-modified: Sun, 13 Sep 2020 07:53:23 GMT
etag: "5f5dcff3-68b"
expires: Thu, 08 Sep 2022 18:59:21 GMT
cache-control: max-age=86400, public
pragma: public
cf-cache-status: BYPASS
set-cookie: AWSALB=+ie6wMCxSgIOSVEkSHehGk6Hz7KVKgEzwILXErORThehdCslVlMAZDbxch2WYwGNJX6QFG2ggCkmHMYiv/sdnQ7yRP299mFZf2OKO3vqFgwK03zxvDSBLoWo1N4F; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/
AWSALBCORS=+ie6wMCxSgIOSVEkSHehGk6Hz7KVKgEzwILXErORThehdCslVlMAZDbxch2WYwGNJX6QFG2ggCkmHMYiv/sdnQ7yRP299mFZf2OKO3vqFgwK03zxvDSBLoWo1N4F; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rplPN8m0FUgxjIAB2MrFoNa7iYdPspaq%2Fxh%2F2AxKhgMG9%2FKZ1LEtZIQK7TIiKavlZXGBDHkhnxvON0DXMjYCnF73C6zaow7hjiX6uFzWoO%2Fsva17R2GC6bTu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7471ae5b5e30fab4-OSL
X-Firefox-Spdy: h2

daaz.com/assets/templates/images/secure-payment-img2.png

172.67.73.131

200 OK

2.2 kB

URL HTTP/2
daaz.com/assets/templates/images/secure-payment-img2.png
IP
172.67.73.131:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2150 bytes)
Hash
8176e02ce13ddf66f333ab6621c2ba29
f2f73c2664b128a48cfd469f9082652c744727e1
f2f114edf5bf6fb9c45fa8bb2a828ec1add73d8fd3cdfb58492cf38ade8513bf

HTTP Headers

GET /assets/templates/images/secure-payment-img2.png HTTP/1.1
Host: daaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daaz.com/make/offer/domains/x1mails.com
Cookie: _ga=GA1.2.1838605579.1654109089; twk_uuid_5ac5c33e4b401e45400e5bda=%7B%22uuid%22%3A%221.3dXZ6hpW8cHbviQ9TSKvjR7ExUjS74FmzZCaFmRJZbH2dLciCGx2o8CxAyyylMHmIuEHFMNqgywowtm0OuL9cqTT4GghnDfPQXG611bkyRKDvSQ4wfn4kIZ0uPkYj031ge8C4dbF3D0%22%2C%22version%22%3A3%2C%22domain%22%3A%22daaz.com%22%2C%22ts%22%3A1654529618876%7D; AWSALB=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; AWSALBCORS=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; XSRF-TOKEN=eyJpdiI6InZCMy9RdjZlNlI0VG1hWFRrOFBSVXc9PSIsInZhbHVlIjoiVnVKYTBlRFNTU0Q4VU9kdE5zeXV5VVcyTzQ2bkRFNEp0bkJrejNmSXBxb0dBbjdranJtTWVpVGM2ajhEaGZoMHJZc21PUlRxS2tBYUJlSW5VR3A4SmUvRC9oRktLSERKc0ozY1U2S0xNMWM2SWhQUjJhZ2NQZ3RiQmFpa3dZaGMiLCJtYWMiOiIwYjkyNTNkY2IyM2RiMTI5YTFkZDY4NTk4ZDNlYTU2OTljMjgzNjU3MjI1ODk2MTQ4NDNmOTkxMTMzZWVhODFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImdiYXlEMkRBbG1jNWVoUUtzSSsvSHc9PSIsInZhbHVlIjoiaSttZ2JWd0JMY3VzQmg2UFA1Nk9jYmc5MEU5N3kxWG1CWmtwTURkbTdTQWFseU8rczc0MFVmWmxLUXE5NXE5K3ByZEluMktKQks4ck1ja1dvYTh4VnRHb2d5VDdrRzAxcDhaZldMNjZJaWRLY21XMXl5dkVMcHk4RFBlVWZIck0iLCJtYWMiOiI3YzI5ZTI1OTFiM2Y5NTU3MjUyNWZkZGQ0ZWZjN2U4YjA1ODllNTNiODlmMzExZjgxYmMxNmY1Y2QyZDc0MmMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:59:21 GMT
content-type: image/png
content-length: 2150
last-modified: Sun, 13 Sep 2020 07:53:23 GMT
etag: "5f5dcff3-866"
expires: Thu, 08 Sep 2022 18:59:21 GMT
cache-control: max-age=86400, public
pragma: public
cf-cache-status: BYPASS
set-cookie: AWSALB=XJz24dtLF9dkL6OWYeQ9erL+v8EZ6OgU9Vjm47dCo0ILgxwkkKuPQByspdL/vtznfVv8i+CiFsYPjP6+b3IAqqODMzGG7v+rlbkG0FkdkQg27eUU2ER7k+I5qYMb; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/
AWSALBCORS=XJz24dtLF9dkL6OWYeQ9erL+v8EZ6OgU9Vjm47dCo0ILgxwkkKuPQByspdL/vtznfVv8i+CiFsYPjP6+b3IAqqODMzGG7v+rlbkG0FkdkQg27eUU2ER7k+I5qYMb; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TyNK0dBwP0032Q1ybY33ePRQpGNrhqLHDjvc7TeW3%2BQ7GpHeWmFBEU0DUKwIq0bL0%2BdaVuWYR%2BmTu5uSfq1hr3N%2B%2BmaavGG%2FA41vWXZ86lBd5bBikoAnGy4S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7471ae5b5e37fab4-OSL
X-Firefox-Spdy: h2

daaz.com/assets/templates/images/payment.png

172.67.73.131

200 OK

13 kB

URL HTTP/2
daaz.com/assets/templates/images/payment.png
IP
172.67.73.131:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 256 x 35, 8-bit/color RGB, non-interlaced\012- data
Size
13 kB (13134 bytes)
Hash
eec0a777cb026811aaf75e373737020d
46684579a7ea930cd6b4da1f588f3cb7e96e4d28
d8c53c89aee8cd7992d490f7f577f5f4d8e68855ce72c1a19d00b6aed9c0c695

HTTP Headers

GET /assets/templates/images/payment.png HTTP/1.1
Host: daaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daaz.com/make/offer/domains/x1mails.com
Cookie: _ga=GA1.2.1838605579.1654109089; twk_uuid_5ac5c33e4b401e45400e5bda=%7B%22uuid%22%3A%221.3dXZ6hpW8cHbviQ9TSKvjR7ExUjS74FmzZCaFmRJZbH2dLciCGx2o8CxAyyylMHmIuEHFMNqgywowtm0OuL9cqTT4GghnDfPQXG611bkyRKDvSQ4wfn4kIZ0uPkYj031ge8C4dbF3D0%22%2C%22version%22%3A3%2C%22domain%22%3A%22daaz.com%22%2C%22ts%22%3A1654529618876%7D; AWSALB=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; AWSALBCORS=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; XSRF-TOKEN=eyJpdiI6InZCMy9RdjZlNlI0VG1hWFRrOFBSVXc9PSIsInZhbHVlIjoiVnVKYTBlRFNTU0Q4VU9kdE5zeXV5VVcyTzQ2bkRFNEp0bkJrejNmSXBxb0dBbjdranJtTWVpVGM2ajhEaGZoMHJZc21PUlRxS2tBYUJlSW5VR3A4SmUvRC9oRktLSERKc0ozY1U2S0xNMWM2SWhQUjJhZ2NQZ3RiQmFpa3dZaGMiLCJtYWMiOiIwYjkyNTNkY2IyM2RiMTI5YTFkZDY4NTk4ZDNlYTU2OTljMjgzNjU3MjI1ODk2MTQ4NDNmOTkxMTMzZWVhODFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImdiYXlEMkRBbG1jNWVoUUtzSSsvSHc9PSIsInZhbHVlIjoiaSttZ2JWd0JMY3VzQmg2UFA1Nk9jYmc5MEU5N3kxWG1CWmtwTURkbTdTQWFseU8rczc0MFVmWmxLUXE5NXE5K3ByZEluMktKQks4ck1ja1dvYTh4VnRHb2d5VDdrRzAxcDhaZldMNjZJaWRLY21XMXl5dkVMcHk4RFBlVWZIck0iLCJtYWMiOiI3YzI5ZTI1OTFiM2Y5NTU3MjUyNWZkZGQ0ZWZjN2U4YjA1ODllNTNiODlmMzExZjgxYmMxNmY1Y2QyZDc0MmMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:59:21 GMT
content-type: image/png
content-length: 13134
last-modified: Mon, 02 Aug 2021 16:45:14 GMT
etag: "6108211a-334e"
expires: Thu, 08 Sep 2022 18:59:21 GMT
cache-control: max-age=86400, public
pragma: public
cf-cache-status: BYPASS
set-cookie: AWSALB=yH/XBfteNqXAATWGfov7EzywlIuw14xLqypfbqQeJ5DcsEsSNvmSdL1DkTA5s9rMPq+pGPx7/I8d300IGPYVDbDNm+pF6Usng3RV6Oz1v1COY1t2CCbVpuXd2hTg; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/
AWSALBCORS=yH/XBfteNqXAATWGfov7EzywlIuw14xLqypfbqQeJ5DcsEsSNvmSdL1DkTA5s9rMPq+pGPx7/I8d300IGPYVDbDNm+pF6Usng3RV6Oz1v1COY1t2CCbVpuXd2hTg; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BpG43xewCfXFV12KMBuKlF%2BGCIlFDLpzZRHmshBqA1o9NyY5UyqDsqvc0eUffUI4rpV%2BgY1p9O%2FLZYa2tae%2FbCSwH8%2BoayK53TuepcX1zBao%2BePPDH4zL90x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7471ae5b4e18fab4-OSL
X-Firefox-Spdy: h2

daaz.com/assets/templates/images/secure-payment1.png

172.67.73.131

200 OK

3.7 kB

URL HTTP/2
daaz.com/assets/templates/images/secure-payment1.png
IP
172.67.73.131:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 46 x 44, 8-bit/color RGBA, non-interlaced\012- data
Size
3.7 kB (3742 bytes)
Hash
4fadec48aa763f38d0a8d69250d42aaf
a2ce9a489b6ad222ff650f763446b72922ee6033
1a8a9fb746f29174bdfa78c6d6af4c310593d8fb073ce578b1bba5e5496bb2a4

HTTP Headers

GET /assets/templates/images/secure-payment1.png HTTP/1.1
Host: daaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daaz.com/make/offer/domains/x1mails.com
Cookie: _ga=GA1.2.1838605579.1654109089; twk_uuid_5ac5c33e4b401e45400e5bda=%7B%22uuid%22%3A%221.3dXZ6hpW8cHbviQ9TSKvjR7ExUjS74FmzZCaFmRJZbH2dLciCGx2o8CxAyyylMHmIuEHFMNqgywowtm0OuL9cqTT4GghnDfPQXG611bkyRKDvSQ4wfn4kIZ0uPkYj031ge8C4dbF3D0%22%2C%22version%22%3A3%2C%22domain%22%3A%22daaz.com%22%2C%22ts%22%3A1654529618876%7D; AWSALB=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; AWSALBCORS=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; XSRF-TOKEN=eyJpdiI6InZCMy9RdjZlNlI0VG1hWFRrOFBSVXc9PSIsInZhbHVlIjoiVnVKYTBlRFNTU0Q4VU9kdE5zeXV5VVcyTzQ2bkRFNEp0bkJrejNmSXBxb0dBbjdranJtTWVpVGM2ajhEaGZoMHJZc21PUlRxS2tBYUJlSW5VR3A4SmUvRC9oRktLSERKc0ozY1U2S0xNMWM2SWhQUjJhZ2NQZ3RiQmFpa3dZaGMiLCJtYWMiOiIwYjkyNTNkY2IyM2RiMTI5YTFkZDY4NTk4ZDNlYTU2OTljMjgzNjU3MjI1ODk2MTQ4NDNmOTkxMTMzZWVhODFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImdiYXlEMkRBbG1jNWVoUUtzSSsvSHc9PSIsInZhbHVlIjoiaSttZ2JWd0JMY3VzQmg2UFA1Nk9jYmc5MEU5N3kxWG1CWmtwTURkbTdTQWFseU8rczc0MFVmWmxLUXE5NXE5K3ByZEluMktKQks4ck1ja1dvYTh4VnRHb2d5VDdrRzAxcDhaZldMNjZJaWRLY21XMXl5dkVMcHk4RFBlVWZIck0iLCJtYWMiOiI3YzI5ZTI1OTFiM2Y5NTU3MjUyNWZkZGQ0ZWZjN2U4YjA1ODllNTNiODlmMzExZjgxYmMxNmY1Y2QyZDc0MmMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:59:21 GMT
content-type: image/png
content-length: 3742
last-modified: Sun, 13 Sep 2020 07:53:23 GMT
etag: "5f5dcff3-e9e"
expires: Thu, 08 Sep 2022 18:59:21 GMT
cache-control: max-age=86400, public
pragma: public
cf-cache-status: BYPASS
set-cookie: AWSALB=kw3wnAxOgsqMNGc02/Lwjsk+alXyaJXMbLtFgQCxveHlriY9SQ2Oe9m8/I4mYwp9uxCCD5Rw1MROT7aC3qyxl3o2kU4rhXI3US2jLPKVWMKH+pKB15UcSb3hB2ik; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/
AWSALBCORS=kw3wnAxOgsqMNGc02/Lwjsk+alXyaJXMbLtFgQCxveHlriY9SQ2Oe9m8/I4mYwp9uxCCD5Rw1MROT7aC3qyxl3o2kU4rhXI3US2jLPKVWMKH+pKB15UcSb3hB2ik; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q8jVHsiNqYUXo11H35kQWhNfSdyt51ZJnBqbgpYSBRnyJBSRPVTPJPTFVkOSOwJJUkLTcKaXkLFyljDDJ8xIDvI1fOV2Jo%2F4WsA2NiF12tayCY2%2BlTeUqqmv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7471ae5b4e26fab4-OSL
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-123664494-1

142.250.74.72

200 OK

42 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-123664494-1
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1615)
Size
42 kB (41913 bytes)
Hash
bb84cafc55ced9afada6d47f0d408d55
51362fea372368651ea95b5adba02a1470c62770
9b6530941aab584c724d84143021043aebcf7e478dee20aa2a8872624bc802ea

HTTP Headers

GET /gtag/js?id=UA-123664494-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daaz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Sep 2022 18:59:21 GMT
expires: Wed, 07 Sep 2022 18:59:21 GMT
cache-control: private, max-age=900
last-modified: Wed, 07 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41913
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
62c739a1335c5cf0fd4e783db6cdf14b
4f4a2acf32a7b7d8d86f7d0b037cdd16d59704ff
de1d42a2f47b8a7f1fed1880f1b485f63a5e07ede87fee3194cabeab056cf6f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:59:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

daaz.com/assets/templates/fonts/fontello.woff2?44739411

172.67.73.131

200 OK

3.4 kB

URL HTTP/2
daaz.com/assets/templates/fonts/fontello.woff2?44739411
IP
172.67.73.131:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 3384, version 1.0\012- data
Size
3.4 kB (3384 bytes)
Hash
4863ba6ff47cd62a1d5bcbb43c1c8637
01375420b5b3d797117079ccb8ff74e17b5517cf
3824536ed73890bbb9b4a6f365c44f323f31f7f4ffa9ea1383056379eb719469

HTTP Headers

GET /assets/templates/fonts/fontello.woff2?44739411 HTTP/1.1
Host: daaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://daaz.com/assets/templates/css/icon.css
Cookie: _ga=GA1.2.1838605579.1654109089; twk_uuid_5ac5c33e4b401e45400e5bda=%7B%22uuid%22%3A%221.3dXZ6hpW8cHbviQ9TSKvjR7ExUjS74FmzZCaFmRJZbH2dLciCGx2o8CxAyyylMHmIuEHFMNqgywowtm0OuL9cqTT4GghnDfPQXG611bkyRKDvSQ4wfn4kIZ0uPkYj031ge8C4dbF3D0%22%2C%22version%22%3A3%2C%22domain%22%3A%22daaz.com%22%2C%22ts%22%3A1654529618876%7D; AWSALB=JVHFuK5tt8nFv3LkZxg1KcL48i/fF7LIOTdjvdkSFMxKQbj1Re50saZky0n5CM88CkfrUpLJBmxP7SyImYlU9201SM5RXXknwNX+vVIkTLmZIVw9yln8QyRNHkAH; AWSALBCORS=JVHFuK5tt8nFv3LkZxg1KcL48i/fF7LIOTdjvdkSFMxKQbj1Re50saZky0n5CM88CkfrUpLJBmxP7SyImYlU9201SM5RXXknwNX+vVIkTLmZIVw9yln8QyRNHkAH; XSRF-TOKEN=eyJpdiI6InZCMy9RdjZlNlI0VG1hWFRrOFBSVXc9PSIsInZhbHVlIjoiVnVKYTBlRFNTU0Q4VU9kdE5zeXV5VVcyTzQ2bkRFNEp0bkJrejNmSXBxb0dBbjdranJtTWVpVGM2ajhEaGZoMHJZc21PUlRxS2tBYUJlSW5VR3A4SmUvRC9oRktLSERKc0ozY1U2S0xNMWM2SWhQUjJhZ2NQZ3RiQmFpa3dZaGMiLCJtYWMiOiIwYjkyNTNkY2IyM2RiMTI5YTFkZDY4NTk4ZDNlYTU2OTljMjgzNjU3MjI1ODk2MTQ4NDNmOTkxMTMzZWVhODFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImdiYXlEMkRBbG1jNWVoUUtzSSsvSHc9PSIsInZhbHVlIjoiaSttZ2JWd0JMY3VzQmg2UFA1Nk9jYmc5MEU5N3kxWG1CWmtwTURkbTdTQWFseU8rczc0MFVmWmxLUXE5NXE5K3ByZEluMktKQks4ck1ja1dvYTh4VnRHb2d5VDdrRzAxcDhaZldMNjZJaWRLY21XMXl5dkVMcHk4RFBlVWZIck0iLCJtYWMiOiI3YzI5ZTI1OTFiM2Y5NTU3MjUyNWZkZGQ0ZWZjN2U4YjA1ODllNTNiODlmMzExZjgxYmMxNmY1Y2QyZDc0MmMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:59:21 GMT
content-type: font/woff2
content-length: 3384
last-modified: Sun, 13 Sep 2020 07:53:23 GMT
etag: "5f5dcff3-d38"
cf-cache-status: BYPASS
set-cookie: AWSALB=QJjzggFZFEQwQfWMA1veHaOicGjBIqHpH/NPWfGlzNRmGd2+em5sXDXFFbNQDuY9ZNVkr36oU7JTUOo/I4VYN622/D+PaPvZofUA7M+LtYjmOrOWSZT/bBRBgHpb; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/
AWSALBCORS=QJjzggFZFEQwQfWMA1veHaOicGjBIqHpH/NPWfGlzNRmGd2+em5sXDXFFbNQDuY9ZNVkr36oU7JTUOo/I4VYN622/D+PaPvZofUA7M+LtYjmOrOWSZT/bBRBgHpb; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7iA052qpoZJer5uw8yn4AKECsDDqmU4%2FrEHJ3uquIjqUPp3I%2FLqCMW2WpZF4HvIG%2FE0CrhQmDfaXIzZyhzLnVR8HD6auvIgFFOJwz04phyec3OCgcIi3Ag0K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7471ae5c3ed7fab4-OSL
X-Firefox-Spdy: h2

widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=5d61d2f73dd63100018d4d8e

143.204.55.78

200 OK

2.0 kB

URL HTTP/2
widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=5d61d2f73dd63100018d4d8e
IP
143.204.55.78:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6390)
Size
2.0 kB (2028 bytes)
Hash
31a9b5fa35e99cbb958f8facd1967e11
5885c836b1be01370bed43fbb96278e2fc0e40f9
b2a7e35547d699bc046c22f88eadb882a55c67e89408cc7a61cdc0c443384fa4

HTTP Headers

GET /trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=5d61d2f73dd63100018d4d8e HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daaz.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html
content-length: 2028
date: Wed, 07 Sep 2022 02:08:02 GMT
last-modified: Tue, 16 Aug 2022 12:42:13 GMT
etag: "31a9b5fa35e99cbb958f8facd1967e11"
x-amz-server-side-encryption: AES256
cache-control: max-age=86400
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _nIwXiqZDxMzqrlVP160VWqDvOUugz8V7xah5-QRbV7X3LDwzC1npQ==
age: 60680
X-Firefox-Spdy: h2

daaz.com/assets/fb/sdk.js

172.67.73.131

200 OK

20 kB

URL HTTP/2
daaz.com/assets/fb/sdk.js
IP
172.67.73.131:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1961)
Size
20 kB (19483 bytes)
Hash
618c26cb70ef37bb986cb31fc6219fed
9c1e40848aa0d8a45b48a5450c9602a0f60456ec
970143afd2250c9997aa464e8ed28c31213cdc7f3ce1b584e7b909ceb453a549

HTTP Headers

GET /assets/fb/sdk.js HTTP/1.1
Host: daaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daaz.com/make/offer/domains/x1mails.com
Cookie: _ga=GA1.2.1838605579.1654109089; twk_uuid_5ac5c33e4b401e45400e5bda=%7B%22uuid%22%3A%221.3dXZ6hpW8cHbviQ9TSKvjR7ExUjS74FmzZCaFmRJZbH2dLciCGx2o8CxAyyylMHmIuEHFMNqgywowtm0OuL9cqTT4GghnDfPQXG611bkyRKDvSQ4wfn4kIZ0uPkYj031ge8C4dbF3D0%22%2C%22version%22%3A3%2C%22domain%22%3A%22daaz.com%22%2C%22ts%22%3A1654529618876%7D; AWSALB=MFjmDZ3i7kl8F4AvSZyfV8LrpYWgG9LU7V+Tt6Q54oVwYlEEJnWnpg7y4glD1hqjs6nMgVcwL0CndcmBQFvrYmVeEz2hH+g9J80uHycXhRsDLO/QQrIvyere51Q8; AWSALBCORS=MFjmDZ3i7kl8F4AvSZyfV8LrpYWgG9LU7V+Tt6Q54oVwYlEEJnWnpg7y4glD1hqjs6nMgVcwL0CndcmBQFvrYmVeEz2hH+g9J80uHycXhRsDLO/QQrIvyere51Q8; XSRF-TOKEN=eyJpdiI6InZCMy9RdjZlNlI0VG1hWFRrOFBSVXc9PSIsInZhbHVlIjoiVnVKYTBlRFNTU0Q4VU9kdE5zeXV5VVcyTzQ2bkRFNEp0bkJrejNmSXBxb0dBbjdranJtTWVpVGM2ajhEaGZoMHJZc21PUlRxS2tBYUJlSW5VR3A4SmUvRC9oRktLSERKc0ozY1U2S0xNMWM2SWhQUjJhZ2NQZ3RiQmFpa3dZaGMiLCJtYWMiOiIwYjkyNTNkY2IyM2RiMTI5YTFkZDY4NTk4ZDNlYTU2OTljMjgzNjU3MjI1ODk2MTQ4NDNmOTkxMTMzZWVhODFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImdiYXlEMkRBbG1jNWVoUUtzSSsvSHc9PSIsInZhbHVlIjoiaSttZ2JWd0JMY3VzQmg2UFA1Nk9jYmc5MEU5N3kxWG1CWmtwTURkbTdTQWFseU8rczc0MFVmWmxLUXE5NXE5K3ByZEluMktKQks4ck1ja1dvYTh4VnRHb2d5VDdrRzAxcDhaZldMNjZJaWRLY21XMXl5dkVMcHk4RFBlVWZIck0iLCJtYWMiOiI3YzI5ZTI1OTFiM2Y5NTU3MjUyNWZkZGQ0ZWZjN2U4YjA1ODllNTNiODlmMzExZjgxYmMxNmY1Y2QyZDc0MmMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:59:21 GMT
content-type: application/javascript
last-modified: Fri, 08 Apr 2022 19:25:07 GMT
etag: W/"62508c13-c19"
expires: Thu, 08 Sep 2022 18:59:21 GMT
cache-control: max-age=86400, public
pragma: public
cf-cache-status: BYPASS
set-cookie: AWSALB=90wVlry0rp16bfHKBrfiv+bsi96+KXuRAYbxyRUaAMSsH/WnSLcU4EswstHY/DIcifha00AGKGe5OjihfCKIw3otOqKritECJ1jFN5R5y+IUhNUpzBdT+w7bcWSm; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/
AWSALBCORS=90wVlry0rp16bfHKBrfiv+bsi96+KXuRAYbxyRUaAMSsH/WnSLcU4EswstHY/DIcifha00AGKGe5OjihfCKIw3otOqKritECJ1jFN5R5y+IUhNUpzBdT+w7bcWSm; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/; SameSite=None; Secure
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CXFNUzTA1CgQ5OgYgwLHnV%2BmicP%2B2eVyOzEuR3tynZ5PC7poOEUkDfV3lN9fXrau6U1qAIx9HKtQ7aDVj6hT%2BYzV8IoC7iJR8ufUdepRQAagtbwoUVNE45sm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7471ae5c6f14fab4-OSL
content-encoding: br
X-Firefox-Spdy: h2

widget.trustpilot.com/trustbox-data/5419b6a8b0d04a076446a9ad?businessUnitId=5d61d2f73dd63100018d4d8e&locale=en-GB

143.204.55.78

200 OK

549 B

URL HTTP/2
widget.trustpilot.com/trustbox-data/5419b6a8b0d04a076446a9ad?businessUnitId=5d61d2f73dd63100018d4d8e&locale=en-GB
IP
143.204.55.78:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (1216), with no line terminators
Size
549 B (549 bytes)
Hash
db15ae5e48e54433d8f863cd27982bb4
62a51a250234ecd9f9a0b503f75e65ea85f377ca
4af24f3abb4429634a2e449e76e5220aba57f25145c51a37a636910aa70c00b3

HTTP Headers

GET /trustbox-data/5419b6a8b0d04a076446a9ad?businessUnitId=5d61d2f73dd63100018d4d8e&locale=en-GB HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=5d61d2f73dd63100018d4d8e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-length: 549
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-fallback-status: BYPASS
x-skip-cache-cookie: 0
x-xss-protection: 1; mode=block
date: Wed, 07 Sep 2022 18:54:22 GMT
cache-control: public,max-age=1800
etag: "cf8734d9d3470a6aa951078013c958e5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MZRHz9mctV2kVf7mBizo5CKXaOoemOGN26HFHf1AkEZGoi2b6uKnYw==
age: 1107
X-Firefox-Spdy: h2

widget.trustpilot.com/stats/TrustboxImpression?locale=en-GB&styleHeight=24px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fdaaz.com%2Fmake%2Foffer%2Fdomains%2Fx1mails.com&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5d61d2f73dd63100018d4d8e&widgetId=5419b6a8b0d04a076446a9ad

143.204.55.78

204 No Content

0 B

URL HTTP/2
widget.trustpilot.com/stats/TrustboxImpression?locale=en-GB&styleHeight=24px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fdaaz.com%2Fmake%2Foffer%2Fdomains%2Fx1mails.com&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5d61d2f73dd63100018d4d8e&widgetId=5419b6a8b0d04a076446a9ad
IP
143.204.55.78:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /stats/TrustboxImpression?locale=en-GB&styleHeight=24px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fdaaz.com%2Fmake%2Foffer%2Fdomains%2Fx1mails.com&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5d61d2f73dd63100018d4d8e&widgetId=5419b6a8b0d04a076446a9ad HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=5d61d2f73dd63100018d4d8e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Wed, 07 Sep 2022 18:59:21 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Bt8mJeawAbWJS17oUkzSJ89ZD2khUhV-NfTQydxgGYlAhjye48wZYw==
X-Firefox-Spdy: h2

widget.trustpilot.com/stats/TrustboxView?locale=en-GB&styleHeight=24px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fdaaz.com%2Fmake%2Foffer%2Fdomains%2Fx1mails.com&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5d61d2f73dd63100018d4d8e&widgetId=5419b6a8b0d04a076446a9ad

143.204.55.78

204 No Content

0 B

URL HTTP/2
widget.trustpilot.com/stats/TrustboxView?locale=en-GB&styleHeight=24px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fdaaz.com%2Fmake%2Foffer%2Fdomains%2Fx1mails.com&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5d61d2f73dd63100018d4d8e&widgetId=5419b6a8b0d04a076446a9ad
IP
143.204.55.78:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /stats/TrustboxView?locale=en-GB&styleHeight=24px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fdaaz.com%2Fmake%2Foffer%2Fdomains%2Fx1mails.com&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5d61d2f73dd63100018d4d8e&widgetId=5419b6a8b0d04a076446a9ad HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=5d61d2f73dd63100018d4d8e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Wed, 07 Sep 2022 18:59:21 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: d2Furgx5MZW7vyH7XnqRs7kh7JLIQtMMkyAwSwKg-3ovFbWEfWdE1w==
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4049a171741a68f3c780a01a3e82bdd9
77360db35db8479fa2247f9253a76637fad08c9c
5f985355f8cc8ab88d56b7fff6009f1ff330fe39de6d131711be352c44a1c0ca

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4505
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:59:21 GMT
Last-Modified: Wed, 07 Sep 2022 17:44:16 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20006 bytes)
Hash
56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daaz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Wed, 07 Sep 2022 18:41:12 GMT
expires: Wed, 07 Sep 2022 20:41:12 GMT
cache-control: public, max-age=7200
age: 1089
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

daaz.com/assets/templates/css/icon.css

172.67.73.131

200 OK

2.5 kB

URL HTTP/2
daaz.com/assets/templates/css/icon.css
IP
172.67.73.131:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1167), with no line terminators
Size
2.5 kB (2497 bytes)
Hash
5d0f56a50c25b53b53fd4fb0506531e9
8fc0bf59f102233acd137b8378bd8335cfd1f9fa
99a94dfd4ae5d38b8b3d01d72686f961034b91daba8825e70524b1413657f221

HTTP Headers

GET /assets/templates/css/icon.css HTTP/1.1
Host: daaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daaz.com/make/offer/domains/x1mails.com
Cookie: _ga=GA1.2.1838605579.1654109089; twk_uuid_5ac5c33e4b401e45400e5bda=%7B%22uuid%22%3A%221.3dXZ6hpW8cHbviQ9TSKvjR7ExUjS74FmzZCaFmRJZbH2dLciCGx2o8CxAyyylMHmIuEHFMNqgywowtm0OuL9cqTT4GghnDfPQXG611bkyRKDvSQ4wfn4kIZ0uPkYj031ge8C4dbF3D0%22%2C%22version%22%3A3%2C%22domain%22%3A%22daaz.com%22%2C%22ts%22%3A1654529618876%7D; AWSALB=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; AWSALBCORS=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; XSRF-TOKEN=eyJpdiI6InZCMy9RdjZlNlI0VG1hWFRrOFBSVXc9PSIsInZhbHVlIjoiVnVKYTBlRFNTU0Q4VU9kdE5zeXV5VVcyTzQ2bkRFNEp0bkJrejNmSXBxb0dBbjdranJtTWVpVGM2ajhEaGZoMHJZc21PUlRxS2tBYUJlSW5VR3A4SmUvRC9oRktLSERKc0ozY1U2S0xNMWM2SWhQUjJhZ2NQZ3RiQmFpa3dZaGMiLCJtYWMiOiIwYjkyNTNkY2IyM2RiMTI5YTFkZDY4NTk4ZDNlYTU2OTljMjgzNjU3MjI1ODk2MTQ4NDNmOTkxMTMzZWVhODFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImdiYXlEMkRBbG1jNWVoUUtzSSsvSHc9PSIsInZhbHVlIjoiaSttZ2JWd0JMY3VzQmg2UFA1Nk9jYmc5MEU5N3kxWG1CWmtwTURkbTdTQWFseU8rczc0MFVmWmxLUXE5NXE5K3ByZEluMktKQks4ck1ja1dvYTh4VnRHb2d5VDdrRzAxcDhaZldMNjZJaWRLY21XMXl5dkVMcHk4RFBlVWZIck0iLCJtYWMiOiI3YzI5ZTI1OTFiM2Y5NTU3MjUyNWZkZGQ0ZWZjN2U4YjA1ODllNTNiODlmMzExZjgxYmMxNmY1Y2QyZDc0MmMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:59:21 GMT
content-type: text/css
last-modified: Fri, 08 Apr 2022 19:25:07 GMT
etag: W/"62508c13-48f"
expires: Thu, 08 Sep 2022 18:59:21 GMT
cache-control: max-age=86400, public
pragma: public
cf-cache-status: BYPASS
set-cookie: AWSALB=JVHFuK5tt8nFv3LkZxg1KcL48i/fF7LIOTdjvdkSFMxKQbj1Re50saZky0n5CM88CkfrUpLJBmxP7SyImYlU9201SM5RXXknwNX+vVIkTLmZIVw9yln8QyRNHkAH; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/
AWSALBCORS=JVHFuK5tt8nFv3LkZxg1KcL48i/fF7LIOTdjvdkSFMxKQbj1Re50saZky0n5CM88CkfrUpLJBmxP7SyImYlU9201SM5RXXknwNX+vVIkTLmZIVw9yln8QyRNHkAH; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/; SameSite=None; Secure
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kPc9Mk1bthy0zxF%2FxVCcdu3%2FjJ84rx7o9h3rmN%2Fp1TROTiYxBD1FzlUkLGNe1lOIpsTO6xu2jrjSx%2FRUhz6mky6UzrUw%2BPvCJC6%2FaTbx5rQ%2F7ljVtQbLffo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7471ae5b3e11fab4-OSL
content-encoding: br
X-Firefox-Spdy: h2

daaz.com/assets/templates/css/style4.css

172.67.73.131

200 OK

90 kB

URL HTTP/2
daaz.com/assets/templates/css/style4.css
IP
172.67.73.131:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (9194), with no line terminators
Size
90 kB (90391 bytes)
Hash
1947717e9ff5110eb589940743912559
cf7df35db076045ffd95dec2c08e9c4ce94a8a97
17ad721f3c7ff857ae2e7c3d976ef36c23578f97d5fa09b2c10b9b154b0ad24f

HTTP Headers

GET /assets/templates/css/style4.css HTTP/1.1
Host: daaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daaz.com/make/offer/domains/x1mails.com
Cookie: _ga=GA1.2.1838605579.1654109089; twk_uuid_5ac5c33e4b401e45400e5bda=%7B%22uuid%22%3A%221.3dXZ6hpW8cHbviQ9TSKvjR7ExUjS74FmzZCaFmRJZbH2dLciCGx2o8CxAyyylMHmIuEHFMNqgywowtm0OuL9cqTT4GghnDfPQXG611bkyRKDvSQ4wfn4kIZ0uPkYj031ge8C4dbF3D0%22%2C%22version%22%3A3%2C%22domain%22%3A%22daaz.com%22%2C%22ts%22%3A1654529618876%7D; AWSALB=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; AWSALBCORS=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; XSRF-TOKEN=eyJpdiI6InZCMy9RdjZlNlI0VG1hWFRrOFBSVXc9PSIsInZhbHVlIjoiVnVKYTBlRFNTU0Q4VU9kdE5zeXV5VVcyTzQ2bkRFNEp0bkJrejNmSXBxb0dBbjdranJtTWVpVGM2ajhEaGZoMHJZc21PUlRxS2tBYUJlSW5VR3A4SmUvRC9oRktLSERKc0ozY1U2S0xNMWM2SWhQUjJhZ2NQZ3RiQmFpa3dZaGMiLCJtYWMiOiIwYjkyNTNkY2IyM2RiMTI5YTFkZDY4NTk4ZDNlYTU2OTljMjgzNjU3MjI1ODk2MTQ4NDNmOTkxMTMzZWVhODFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImdiYXlEMkRBbG1jNWVoUUtzSSsvSHc9PSIsInZhbHVlIjoiaSttZ2JWd0JMY3VzQmg2UFA1Nk9jYmc5MEU5N3kxWG1CWmtwTURkbTdTQWFseU8rczc0MFVmWmxLUXE5NXE5K3ByZEluMktKQks4ck1ja1dvYTh4VnRHb2d5VDdrRzAxcDhaZldMNjZJaWRLY21XMXl5dkVMcHk4RFBlVWZIck0iLCJtYWMiOiI3YzI5ZTI1OTFiM2Y5NTU3MjUyNWZkZGQ0ZWZjN2U4YjA1ODllNTNiODlmMzExZjgxYmMxNmY1Y2QyZDc0MmMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:59:21 GMT
content-type: text/css
last-modified: Fri, 08 Apr 2022 19:25:07 GMT
etag: W/"62508c13-23ea"
expires: Thu, 08 Sep 2022 18:59:21 GMT
cache-control: max-age=86400, public
pragma: public
cf-cache-status: BYPASS
set-cookie: AWSALB=+W4dCv3bMCTbsK/UlgEsItQT7mG4hujejVnfHigg7jUH8dovclkdnPScN2fXvkG86Gxd2tDPlwLYQnvxZk3CP0rQpjintbTHzRl/2snwv6t6rMUc0tpeHcO+IGD6; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/
AWSALBCORS=+W4dCv3bMCTbsK/UlgEsItQT7mG4hujejVnfHigg7jUH8dovclkdnPScN2fXvkG86Gxd2tDPlwLYQnvxZk3CP0rQpjintbTHzRl/2snwv6t6rMUc0tpeHcO+IGD6; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/; SameSite=None; Secure
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2g9IEvvktM7A2K2U%2FgznLdaIUXiKBGMxsDWKHbE94sd0XfUwIv2%2BJaH%2BiHN5GAf%2By494opZcMaY4PqvXUIvtYPKZYTWN%2BOaTCSrVYizqcfqbdGqN1G8nznAu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7471ae5b3e15fab4-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.google-analytics.com/j/collect?v=1&_v=j96&a=699430183&t=pageview&_s=1&dl=https%3A%2F%2Fdaaz.com%2Fmake%2Foffer%2Fdomains%2Fx1mails.com&ul=en-us&de=UTF-8&dt=x1mails.com%20Domain%20Name%20Is%20Available%20to%20Buy%20-%20Domain%20Name%20Marketplace&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YADAAUABAAAAAC~&jid=268881550&gjid=314135985&cid=1838605579.1654109089&tid=UA-123664494-1&_gid=222166790.1662577155&_r=1&gtm=2ou8v0&z=14587179

142.250.74.174

200 OK

2 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j96&a=699430183&t=pageview&_s=1&dl=https%3A%2F%2Fdaaz.com%2Fmake%2Foffer%2Fdomains%2Fx1mails.com&ul=en-us&de=UTF-8&dt=x1mails.com%20Domain%20Name%20Is%20Available%20to%20Buy%20-%20Domain%20Name%20Marketplace&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YADAAUABAAAAAC~&jid=268881550&gjid=314135985&cid=1838605579.1654109089&tid=UA-123664494-1&_gid=222166790.1662577155&_r=1&gtm=2ou8v0&z=14587179
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

HTTP Headers

POST /j/collect?v=1&_v=j96&a=699430183&t=pageview&_s=1&dl=https%3A%2F%2Fdaaz.com%2Fmake%2Foffer%2Fdomains%2Fx1mails.com&ul=en-us&de=UTF-8&dt=x1mails.com%20Domain%20Name%20Is%20Available%20to%20Buy%20-%20Domain%20Name%20Marketplace&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YADAAUABAAAAAC~&jid=268881550&gjid=314135985&cid=1838605579.1654109089&tid=UA-123664494-1&_gid=222166790.1662577155&_r=1&gtm=2ou8v0&z=14587179 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://daaz.com
Connection: keep-alive
Referer: https://daaz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://daaz.com
date: Wed, 07 Sep 2022 18:59:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=176041976307512&ev=fb_page_view&dl=https%3A%2F%2Fdaaz.com%2Fmake%2Foffer%2Fdomains%2Fx1mails.com&rl=&if=false&ts=1662577155176&sw=1280&sh=1024&at=

31.13.72.36

200 OK

44 B

URL HTTP/2
www.facebook.com/tr/?id=176041976307512&ev=fb_page_view&dl=https%3A%2F%2Fdaaz.com%2Fmake%2Foffer%2Fdomains%2Fx1mails.com&rl=&if=false&ts=1662577155176&sw=1280&sh=1024&at=
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type
GIF image data, version 89a, 1 x 1\012- data
Size
44 B (44 bytes)
Hash
b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

HTTP Headers

GET /tr/?id=176041976307512&ev=fb_page_view&dl=https%3A%2F%2Fdaaz.com%2Fmake%2Foffer%2Fdomains%2Fx1mails.com&rl=&if=false&ts=1662577155176&sw=1280&sh=1024&at= HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daaz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
date: Wed, 07 Sep 2022 18:59:22 GMT
expires: Wed, 07 Sep 2022 18:59:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie: 
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c1437437047f21dec9a10a2ea619f302
2312d50c7870f3fee0f3b837ce466eac9f60d23a
81e03c89f4b0a326ef9784b89eff6bba41bc940a4d7b54957ad1964d01db3a79

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:59:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-123664494-1&cid=1838605579.1654109089&jid=268881550&gjid=314135985&_gid=222166790.1662577155&_u=YADAAUAAAAAAAC~&z=1528956360

142.251.1.154

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-123664494-1&cid=1838605579.1654109089&jid=268881550&gjid=314135985&_gid=222166790.1662577155&_u=YADAAUAAAAAAAC~&z=1528956360
IP
142.251.1.154:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-123664494-1&cid=1838605579.1654109089&jid=268881550&gjid=314135985&_gid=222166790.1662577155&_u=YADAAUAAAAAAAC~&z=1528956360 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://daaz.com
Connection: keep-alive
Referer: https://daaz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://daaz.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 07 Sep 2022 18:59:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c1437437047f21dec9a10a2ea619f302
2312d50c7870f3fee0f3b837ce466eac9f60d23a
81e03c89f4b0a326ef9784b89eff6bba41bc940a4d7b54957ad1964d01db3a79

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:59:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3066
Expires: Wed, 07 Sep 2022 19:50:28 GMT
Date: Wed, 07 Sep 2022 18:59:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3066
Expires: Wed, 07 Sep 2022 19:50:28 GMT
Date: Wed, 07 Sep 2022 18:59:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3066
Expires: Wed, 07 Sep 2022 19:50:28 GMT
Date: Wed, 07 Sep 2022 18:59:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3066
Expires: Wed, 07 Sep 2022 19:50:28 GMT
Date: Wed, 07 Sep 2022 18:59:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3066
Expires: Wed, 07 Sep 2022 19:50:28 GMT
Date: Wed, 07 Sep 2022 18:59:22 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6214 bytes)
Hash
f922505178de0cea92eedcfda85a9f67
50f1459de01174e594e03e7df4dfaa8eb1798672
981cd58768d6ad841673add855ddcc7106fbc85de05db9a1bd2d6bc8928b4c2c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6214
x-amzn-requestid: 46a44af0-e547-49e8-bc39-f6c49d94e375
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj_0HFKbIAMFRbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b134d-0297c83c305422fa51b86dcf;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 07:03:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _ZKcuRO8Z6wBMdm79iDZj5uRYk4YYpYJqOoG8hZqY81O0R7hfbe5bQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 05:12:06 GMT
age: 49636
etag: "50f1459de01174e594e03e7df4dfaa8eb1798672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8462 bytes)
Hash
70c964498818242b742575cfa1769b67
cde85fbe83c9e29618edf4e05002bd623e3ab965
bdb0e76fe216f742789ba5a77645c640fe0c7f207707181e618fa31d4cf58605

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8462
x-amzn-requestid: 1a501a0a-2671-468b-885b-2a2efb73bc2e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDq64HbCIAMFjGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317beab-395f6d1436b027ee60d00abd;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ZWf6CXKcClMXAXmFXNp0sxVCMUFyZqhhh7B83tJMX_jvteLRDzG8QA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:42:04 GMT
etag: "cde85fbe83c9e29618edf4e05002bd623e3ab965"
content-type: image/jpeg
age: 76638
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
14 kB (13799 bytes)
Hash
2b1cb148a96a758cef2ed24d89008446
2cf52882b50dc8694e31bb197b9adaf6ac1ef41a
f2611b7f132494bab7d8994a62e737948907ef7ceeb767c834aa7ed920e6c8b9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12661
x-amzn-requestid: 71ef9e09-ccf1-4930-865d-665ece4bf3a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3hXnFnXIAMFqKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312e296-627daf7c7ad3e23a60b183cd;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 05:13:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xwunW741LulZXvM0har5nqrcCiyYoUwvhCWiPsEvs5P2VKSe476_Cw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 22:14:32 GMT
etag: "dd9cd9b711d7112efa85eff8a798346dbd7d5f5f"
content-type: image/jpeg
age: 74690
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc5baf3-df02-4e98-9312-7ed0ef0b8638.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.6 kB (3604 bytes)
Hash
932f4d99fb1927aae3010e00472b38c3
b95ee99dafca1695d6b86763fce0ceb058f40ef3
da9dbade65f50c1f9ca10956dc863759dd1e0cdf7e28721c79831c288d3ae24e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc5baf3-df02-4e98-9312-7ed0ef0b8638.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3604
x-amzn-requestid: 193380c8-0d3a-4b81-9429-fa4cb4cf136e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDq26FI7oAMFpOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317be92-2f435ce33c4469de425b11a3;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:41:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6MhayVPx_iJ_mgJzUfuOsFeBgAK21RktvWOwrX3Rvk3WIElEek1LFA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:49:33 GMT
etag: "b95ee99dafca1695d6b86763fce0ceb058f40ef3"
content-type: image/jpeg
age: 76189
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4805 bytes)
Hash
4f29d8aaae2d67c27c58001e7553dea7
5200b601017ce86614783b76fd2a775c1c48d4e9
6b55c4d692cf584e0319b07251d9845749fe8954062dab66e003dd2706451504

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4805
x-amzn-requestid: 270858f2-c94d-4047-8e3b-c49a5a603610
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjbiJHuZoAMFpSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630ad940-3ba2164762e4f74227b6a23b;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 02:56:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: do30zKZmrP_j4feGGu8G39ibskE4dXxTL8YzpAR7PCFpQuJalYeJqA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:57:13 GMT
age: 75729
etag: "5200b601017ce86614783b76fd2a775c1c48d4e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0766520-2dbc-4f52-b0e2-1a908af4cd29.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11778 bytes)
Hash
1462b0c8fff091f29c7c5145031c08aa
55154c3878e9650f463805c3829f03a1603f14c1
62f913a6498b21da33451e7cf0e37c5fdef565324bcd35d93cb536527394a3d5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0766520-2dbc-4f52-b0e2-1a908af4cd29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11778
x-amzn-requestid: 0054ce27-72f6-4161-90d0-eeb20d9c9537
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDqcrEczIAMFqlg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bdea-0c3e511533c91b783a458f2b;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:38:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Q4n9f959aCshN6qgQ2LWVSUTmSd4hvjWyF2GNdsR1_asVSdFKxXsqw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:41:08 GMT
age: 76694
etag: "55154c3878e9650f463805c3829f03a1603f14c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b544c4d2427305f830d70cd40f2e5263
f8d3fbf9d368742f894816ea71d8cc9016078d1f
6f5bb81b798a2bb4ba854703b03d71c3cb1b0c0adb437f6ff863f1f7774c3005

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:59:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e4410b7b84c93f14f74d8fef364b840d
37303eaf19049d2ceb48581b9c990da5882dc7ff
d5276336c0a032fe9dfb73c1faff240132cbf073d621981b57c9c2a77d553afd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:59:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-123664494-1&cid=1838605579.1654109089&jid=268881550&_u=YADAAUAAAAAAAC~&z=548523743

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-123664494-1&cid=1838605579.1654109089&jid=268881550&_u=YADAAUAAAAAAAC~&z=548523743
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-123664494-1&cid=1838605579.1654109089&jid=268881550&_u=YADAAUAAAAAAAC~&z=548523743 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daaz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 18:59:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-123664494-1&cid=1838605579.1654109089&jid=268881550&_u=YADAAUAAAAAAAC~&z=548523743

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-123664494-1&cid=1838605579.1654109089&jid=268881550&_u=YADAAUAAAAAAAC~&z=548523743
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-123664494-1&cid=1838605579.1654109089&jid=268881550&_u=YADAAUAAAAAAAC~&z=548523743 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daaz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 18:59:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f53ebd30fa3351f320ca2c8764734ff1
9205e35b1cef1602414af2350ba6205f4129234c
d486cc21bbc47eac5718644e1b280d12a5a4bc92ec97a0e88f184bf6422cb6f0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:59:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8fc7316fab55e89a81536e926eab6f83
7fcab743b176312e76999b39a1b2a3b97dbeb10f
8178b9805611209f5c47dce32da555117870a90648e026d08cc691a4103169a7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:59:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

151.101.85.229

200 OK

54 kB

URL HTTP/2
cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
data
Size
54 kB (54007 bytes)
Hash
55b035fc58a04a33e9d5941687742b88
cea45cc8159d3e7c45ba58067f4fb251a6979417
beb373b2ba34138e0a591bc6f3070326fa6b2d98e867efb2ba09e6a9b110b641

HTTP Headers

GET /emojione/2.2.7/lib/js/emojione.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daaz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 07 Sep 2022 18:59:23 GMT
age: 14723520
x-served-by: cache-fra19156-FRA, cache-bma1639-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 53889
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
51847b4b14059be4def552c85837e12f
ea001a97def52dd72ee29b3bb6d27dacc3a9a56e
c0e821a9c144d584d874629108ca605420d62f2f64769db73eeec7eadd1d0f46

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:59:23 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "8024784C24C14195FB929C6D4BEEA5460C488FCA"
Expires: Thu, 08 Sep 2022 05:00:00 GMT
Last-Modified: Wed, 07 Sep 2022 17:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2538
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7471ae653e31b4fa-OSL

vsa84.tawk.to/s/?k=6318e9f086b61dd69b6b7e87&cver=2&pop=false&asver=48969&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI1YWM1YzMzZTRiNDAxZTQ1NDAwZTViZGEiLCJ2aWQiOiIzM2U4NmU3NWM2NDlhZWU2YTc2NzA4ZmRkNWM4MmYwM2Y2NGNlZmZkMmNjYTk4OWVlMzg2Zjk4ZTAyMWQzNjkxIiwic2lkIjoiNjMxOGU5ZjA4NmI2MWRkNjliNmI3ZTg3IiwiaWF0IjoxNjYyNTc3MTYyLCJleHAiOjE2NjI1Nzg5NjIsImp0aSI6Ild0VzlSTjdvaGRlbU5jeGNrdFctTSJ9.ToAYhoP2ekvWiT2oZxLXJfH6eO49QiDiLJmXbtZ4Y5rxerIB7-jHPVpic7atehHxlbwPkaI5EXE2b8vpnVfJVA&EIO=3&transport=websocket&__t=OCPKX--

104.22.25.131

101 Switching Protocols

0 B

URL HTTP/1.1
vsa84.tawk.to/s/?k=6318e9f086b61dd69b6b7e87&cver=2&pop=false&asver=48969&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI1YWM1YzMzZTRiNDAxZTQ1NDAwZTViZGEiLCJ2aWQiOiIzM2U4NmU3NWM2NDlhZWU2YTc2NzA4ZmRkNWM4MmYwM2Y2NGNlZmZkMmNjYTk4OWVlMzg2Zjk4ZTAyMWQzNjkxIiwic2lkIjoiNjMxOGU5ZjA4NmI2MWRkNjliNmI3ZTg3IiwiaWF0IjoxNjYyNTc3MTYyLCJleHAiOjE2NjI1Nzg5NjIsImp0aSI6Ild0VzlSTjdvaGRlbU5jeGNrdFctTSJ9.ToAYhoP2ekvWiT2oZxLXJfH6eO49QiDiLJmXbtZ4Y5rxerIB7-jHPVpic7atehHxlbwPkaI5EXE2b8vpnVfJVA&EIO=3&transport=websocket&__t=OCPKX--
IP
104.22.25.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/?k=6318e9f086b61dd69b6b7e87&cver=2&pop=false&asver=48969&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI1YWM1YzMzZTRiNDAxZTQ1NDAwZTViZGEiLCJ2aWQiOiIzM2U4NmU3NWM2NDlhZWU2YTc2NzA4ZmRkNWM4MmYwM2Y2NGNlZmZkMmNjYTk4OWVlMzg2Zjk4ZTAyMWQzNjkxIiwic2lkIjoiNjMxOGU5ZjA4NmI2MWRkNjliNmI3ZTg3IiwiaWF0IjoxNjYyNTc3MTYyLCJleHAiOjE2NjI1Nzg5NjIsImp0aSI6Ild0VzlSTjdvaGRlbU5jeGNrdFctTSJ9.ToAYhoP2ekvWiT2oZxLXJfH6eO49QiDiLJmXbtZ4Y5rxerIB7-jHPVpic7atehHxlbwPkaI5EXE2b8vpnVfJVA&EIO=3&transport=websocket&__t=OCPKX-- HTTP/1.1
Host: vsa84.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://daaz.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PDMKaMs5CstxmPfxhEZBWA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Wed, 07 Sep 2022 18:59:23 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: WbGx0mL9QAG2WNAKWNqTXQnY4bc=
sec-websocket-extensions: permessage-deflate
strict-transport-security: max-age=0; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 7471ae643849b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

embed.tawk.to/_s/v4/app/630c16bea60/js/twk-vendor.js

104.22.25.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/630c16bea60/js/twk-vendor.js
IP
104.22.25.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/630c16bea60/js/twk-vendor.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daaz.com
Connection: keep-alive
Referer: https://daaz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:59:22 GMT
content-type: application/javascript
last-modified: Mon, 29 Aug 2022 01:31:16 GMT
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
age: 836648
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7471ae5eab2cb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

daaz.com/assets/themes/js/fittext.js

172.67.73.131

200 OK

0 B

URL HTTP/2
daaz.com/assets/themes/js/fittext.js
IP
172.67.73.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/themes/js/fittext.js HTTP/1.1
Host: daaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daaz.com/make/offer/domains/x1mails.com
Cookie: _ga=GA1.2.1838605579.1654109089; twk_uuid_5ac5c33e4b401e45400e5bda=%7B%22uuid%22%3A%221.3dXZ6hpW8cHbviQ9TSKvjR7ExUjS74FmzZCaFmRJZbH2dLciCGx2o8CxAyyylMHmIuEHFMNqgywowtm0OuL9cqTT4GghnDfPQXG611bkyRKDvSQ4wfn4kIZ0uPkYj031ge8C4dbF3D0%22%2C%22version%22%3A3%2C%22domain%22%3A%22daaz.com%22%2C%22ts%22%3A1654529618876%7D; AWSALB=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; AWSALBCORS=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; XSRF-TOKEN=eyJpdiI6InZCMy9RdjZlNlI0VG1hWFRrOFBSVXc9PSIsInZhbHVlIjoiVnVKYTBlRFNTU0Q4VU9kdE5zeXV5VVcyTzQ2bkRFNEp0bkJrejNmSXBxb0dBbjdranJtTWVpVGM2ajhEaGZoMHJZc21PUlRxS2tBYUJlSW5VR3A4SmUvRC9oRktLSERKc0ozY1U2S0xNMWM2SWhQUjJhZ2NQZ3RiQmFpa3dZaGMiLCJtYWMiOiIwYjkyNTNkY2IyM2RiMTI5YTFkZDY4NTk4ZDNlYTU2OTljMjgzNjU3MjI1ODk2MTQ4NDNmOTkxMTMzZWVhODFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImdiYXlEMkRBbG1jNWVoUUtzSSsvSHc9PSIsInZhbHVlIjoiaSttZ2JWd0JMY3VzQmg2UFA1Nk9jYmc5MEU5N3kxWG1CWmtwTURkbTdTQWFseU8rczc0MFVmWmxLUXE5NXE5K3ByZEluMktKQks4ck1ja1dvYTh4VnRHb2d5VDdrRzAxcDhaZldMNjZJaWRLY21XMXl5dkVMcHk4RFBlVWZIck0iLCJtYWMiOiI3YzI5ZTI1OTFiM2Y5NTU3MjUyNWZkZGQ0ZWZjN2U4YjA1ODllNTNiODlmMzExZjgxYmMxNmY1Y2QyZDc0MmMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:59:21 GMT
content-type: application/javascript
last-modified: Fri, 08 Apr 2022 19:25:07 GMT
etag: W/"62508c13-252"
expires: Thu, 08 Sep 2022 18:59:21 GMT
cache-control: max-age=86400, public
pragma: public
cf-cache-status: BYPASS
set-cookie: AWSALB=OvLLcLEXoxioPxSWccZqtWnWiE8p+lwQ33RaVsCfjPEzhQaK+2piE9OopoYnUXMc4n0cz1avucUvtDdcdPC8c7Wg7mMfEnxd9QL7VSWtZ79OLcLY9eBrhBa/pNdH; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/
AWSALBCORS=OvLLcLEXoxioPxSWccZqtWnWiE8p+lwQ33RaVsCfjPEzhQaK+2piE9OopoYnUXMc4n0cz1avucUvtDdcdPC8c7Wg7mMfEnxd9QL7VSWtZ79OLcLY9eBrhBa/pNdH; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/; SameSite=None; Secure
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h7It4hJ%2FLAI%2Bgd3xZjXARZjviHvhcGWRBlG7kCcI1N%2BxlnG%2BbvXVQZHCFXxqH6V7q01eurbEZz67elBPQZhEfcCeuAvW%2FIJXtFvqC7O0nTJCPVnQXWWOrCs8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7471ae5b5e39fab4-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

172.64.156.26

200 OK

0 B

URL HTTP/2
static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
IP
172.64.156.26:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daaz.com
Connection: keep-alive
Referer: https://daaz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:59:21 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7471ae5b7d7bb4f7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

daaz.com/listing/view

172.67.73.131

200 OK

0 B

URL HTTP/2
daaz.com/listing/view
IP
172.67.73.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /listing/view HTTP/1.1
Host: daaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-CSRF-TOKEN: P4j8fXOAsQMeuzJWWimUvY4LrutUaE6vdzYxq628
X-Requested-With: XMLHttpRequest
Content-Length: 16
Origin: https://daaz.com
Connection: keep-alive
Referer: https://daaz.com/make/offer/domains/x1mails.com
Cookie: _ga=GA1.2.1838605579.1654109089; twk_uuid_5ac5c33e4b401e45400e5bda=%7B%22uuid%22%3A%221.3dXZ6hpW8cHbviQ9TSKvjR7ExUjS74FmzZCaFmRJZbH2dLciCGx2o8CxAyyylMHmIuEHFMNqgywowtm0OuL9cqTT4GghnDfPQXG611bkyRKDvSQ4wfn4kIZ0uPkYj031ge8C4dbF3D0%22%2C%22version%22%3A3%2C%22domain%22%3A%22daaz.com%22%2C%22ts%22%3A1654529618876%7D; AWSALB=MFjmDZ3i7kl8F4AvSZyfV8LrpYWgG9LU7V+Tt6Q54oVwYlEEJnWnpg7y4glD1hqjs6nMgVcwL0CndcmBQFvrYmVeEz2hH+g9J80uHycXhRsDLO/QQrIvyere51Q8; AWSALBCORS=MFjmDZ3i7kl8F4AvSZyfV8LrpYWgG9LU7V+Tt6Q54oVwYlEEJnWnpg7y4glD1hqjs6nMgVcwL0CndcmBQFvrYmVeEz2hH+g9J80uHycXhRsDLO/QQrIvyere51Q8; XSRF-TOKEN=eyJpdiI6InZCMy9RdjZlNlI0VG1hWFRrOFBSVXc9PSIsInZhbHVlIjoiVnVKYTBlRFNTU0Q4VU9kdE5zeXV5VVcyTzQ2bkRFNEp0bkJrejNmSXBxb0dBbjdranJtTWVpVGM2ajhEaGZoMHJZc21PUlRxS2tBYUJlSW5VR3A4SmUvRC9oRktLSERKc0ozY1U2S0xNMWM2SWhQUjJhZ2NQZ3RiQmFpa3dZaGMiLCJtYWMiOiIwYjkyNTNkY2IyM2RiMTI5YTFkZDY4NTk4ZDNlYTU2OTljMjgzNjU3MjI1ODk2MTQ4NDNmOTkxMTMzZWVhODFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImdiYXlEMkRBbG1jNWVoUUtzSSsvSHc9PSIsInZhbHVlIjoiaSttZ2JWd0JMY3VzQmg2UFA1Nk9jYmc5MEU5N3kxWG1CWmtwTURkbTdTQWFseU8rczc0MFVmWmxLUXE5NXE5K3ByZEluMktKQks4ck1ja1dvYTh4VnRHb2d5VDdrRzAxcDhaZldMNjZJaWRLY21XMXl5dkVMcHk4RFBlVWZIck0iLCJtYWMiOiI3YzI5ZTI1OTFiM2Y5NTU3MjUyNWZkZGQ0ZWZjN2U4YjA1ODllNTNiODlmMzExZjgxYmMxNmY1Y2QyZDc0MmMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:59:22 GMT
content-type: text/html; charset=UTF-8
set-cookie: AWSALB=p3wJLQq1Alkrh/YmxUSntvTSRX/So6OajWbLnJeN+u6LlYOLP4UKQ3GcfhRNTnVoAVtnvGfxNatnUWH3K19poRp7ExcUrT719jFyXqhG6a3kCEP6pthNVGjmwatS; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/
AWSALBCORS=p3wJLQq1Alkrh/YmxUSntvTSRX/So6OajWbLnJeN+u6LlYOLP4UKQ3GcfhRNTnVoAVtnvGfxNatnUWH3K19poRp7ExcUrT719jFyXqhG6a3kCEP6pthNVGjmwatS; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/; SameSite=None; Secure
XSRF-TOKEN=eyJpdiI6IjlmQWhZVzMxQ3BDanl0SUdtYS9qWFE9PSIsInZhbHVlIjoiTmkzTktyS3dlQ0tCN1RaWjlmQjJYRWIzV1p5MnZUZ0pmVThYNVV1S3NmcEt0TmEzbjhIQk9WbFpFUXBIazhSZGdYbEtyZDMxQ1ZqcHNNKzAzM3ZQOEsxZU05V3NnbzJHSGZ1aU9DeWNnVmpySTNyN0gweTZwZDNmS1doOXg1Q3MiLCJtYWMiOiI4OWZmOGEzZDIwNzljZTg5N2RlMGQwMmM2ZmM5YWRkNjcwZjRkZjhjNTdiNDRjOGEyNTUyM2JkMWFiZmQ0ODEzIiwidGFnIjoiIn0%3D; expires=Wed, 07-Sep-2022 20:59:22 GMT; Max-Age=7200; path=/
laravel_session=eyJpdiI6IncwZkVnclhXU0VwS0M5dUxXaWIvRUE9PSIsInZhbHVlIjoiT1ZFNUh3MEdwVTFHNWpCUktSWXJyanBFUGVBTkV1RXExS3J0SjVINmVJODY1dWpMZlVXTy9vZjJjV0tXR1A1Ui84cE9WTWFqYUgycFBOaG50MHJ4NktkYmlFVzJ4NXVVTnhVOS9UUFU1Vkd3WFdXclJqdzJyZUVnNzRpT0htclEiLCJtYWMiOiIxNzcxNTFmZjI3YWJmYThlZTkyMzJlYzRiMGY4ZTRlOTMwY2ZjMmJhYzY4Y2YzMDkyZWI4N2E4YzM1NTM5NjU3IiwidGFnIjoiIn0%3D; expires=Wed, 07-Sep-2022 20:59:22 GMT; Max-Age=7200; path=/; httponly
x-powered-by: PHP/8.0.16
cache-control: max-age=0, must-revalidate, no-store, nocache, private
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umpbRUq%2BaaYSoROQRprJBNMYSiHJsHtZb9fgtqznpe8UswnXmHkqy21zl2muGiMxqMeqbnCQJvHEALDWoBLnnOk%2BkJx%2Bfwl2mGTsnhDYgWU8Zrp4e1wTkdPe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7471ae5cbf42fab4-OSL
content-encoding: br
X-Firefox-Spdy: h2

daaz.com/make/offer/domains/x1mails.com

172.67.73.131

200 OK

0 B

URL HTTP/2
daaz.com/make/offer/domains/x1mails.com
IP
172.67.73.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /make/offer/domains/x1mails.com HTTP/1.1
Host: daaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ga=GA1.2.1838605579.1654109089; twk_uuid_5ac5c33e4b401e45400e5bda=%7B%22uuid%22%3A%221.3dXZ6hpW8cHbviQ9TSKvjR7ExUjS74FmzZCaFmRJZbH2dLciCGx2o8CxAyyylMHmIuEHFMNqgywowtm0OuL9cqTT4GghnDfPQXG611bkyRKDvSQ4wfn4kIZ0uPkYj031ge8C4dbF3D0%22%2C%22version%22%3A3%2C%22domain%22%3A%22daaz.com%22%2C%22ts%22%3A1654529618876%7D; AWSALB=t0kllxCcWpPvL73DTJ8EX+gzyx8UuSsSn1sjK4XLuSQqH8S/9g6RMe96viKD815V1S83oERfZ2zFSimA5aE8ArM8VoW9HYNN2NB8/rAUMisK5Et+HNVcHChOdmjD; AWSALBCORS=t0kllxCcWpPvL73DTJ8EX+gzyx8UuSsSn1sjK4XLuSQqH8S/9g6RMe96viKD815V1S83oERfZ2zFSimA5aE8ArM8VoW9HYNN2NB8/rAUMisK5Et+HNVcHChOdmjD; XSRF-TOKEN=eyJpdiI6Imd6Qkh0NWZQazMvTTJsaDdJZDFjTUE9PSIsInZhbHVlIjoiazZwN2tiZjNNTzVkTUpZZmthVndBV2U5UkZqMXJURUdrcXQvd3NZWUhaM2tMcDJGT3R5dXZ0YklPeFU1ZVVNeEQ5Tk82RENMM2pDSUNyem4zUUVFWGhKbUZvY2E5a2k2TFpLU1NKaWdQRHFNY3NwSVphRVVNYTJhbnBzUGVuYUgiLCJtYWMiOiIxZDM5NDI0ZTczMWM1YzRjMWNlYTI5OGJmNDU0NmYyMTg4NDdmY2Y5OTk4YWZhZjdjODY5NzVhM2QzNjY3NjFlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InUyalFGd2UzQ0tZaWJ2N1VUZTBWbmc9PSIsInZhbHVlIjoiYkNBSE9vbkNVZzVhR1g1dThYUE1oUUdUckdlRzdpMldMeGQ4ekxic2xIejFUMDJQWVhyamJyT1I5MXhVcXNjT1V1YmlMVjlkMytLQW1mbGNzRUREWFFhRzk3aEx1aWdHTzBxOGkyQ0xpeW82a0lOQ0tvUnFJLzdobkErS0pkNlIiLCJtYWMiOiJiZWMzYjliMmYwMjAyMzllODkxNGU4Mzg4NGI4Y2U1NmVjNjcwYWExN2QxYmY2NGE2MjRhOWVkNTY2ZTRmMTkwIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:59:21 GMT
content-type: text/html; charset=UTF-8
set-cookie: AWSALB=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/
AWSALBCORS=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/; SameSite=None; Secure
XSRF-TOKEN=eyJpdiI6InZCMy9RdjZlNlI0VG1hWFRrOFBSVXc9PSIsInZhbHVlIjoiVnVKYTBlRFNTU0Q4VU9kdE5zeXV5VVcyTzQ2bkRFNEp0bkJrejNmSXBxb0dBbjdranJtTWVpVGM2ajhEaGZoMHJZc21PUlRxS2tBYUJlSW5VR3A4SmUvRC9oRktLSERKc0ozY1U2S0xNMWM2SWhQUjJhZ2NQZ3RiQmFpa3dZaGMiLCJtYWMiOiIwYjkyNTNkY2IyM2RiMTI5YTFkZDY4NTk4ZDNlYTU2OTljMjgzNjU3MjI1ODk2MTQ4NDNmOTkxMTMzZWVhODFmIiwidGFnIjoiIn0%3D; expires=Wed, 07-Sep-2022 20:59:21 GMT; Max-Age=7200; path=/
laravel_session=eyJpdiI6ImdiYXlEMkRBbG1jNWVoUUtzSSsvSHc9PSIsInZhbHVlIjoiaSttZ2JWd0JMY3VzQmg2UFA1Nk9jYmc5MEU5N3kxWG1CWmtwTURkbTdTQWFseU8rczc0MFVmWmxLUXE5NXE5K3ByZEluMktKQks4ck1ja1dvYTh4VnRHb2d5VDdrRzAxcDhaZldMNjZJaWRLY21XMXl5dkVMcHk4RFBlVWZIck0iLCJtYWMiOiI3YzI5ZTI1OTFiM2Y5NTU3MjUyNWZkZGQ0ZWZjN2U4YjA1ODllNTNiODlmMzExZjgxYmMxNmY1Y2QyZDc0MmMwIiwidGFnIjoiIn0%3D; expires=Wed, 07-Sep-2022 20:59:21 GMT; Max-Age=7200; path=/; httponly
x-powered-by: PHP/8.0.16
cache-control: max-age=0, must-revalidate, no-store, nocache, private
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8pB3E%2B0GYwdK9IRsIFj%2F%2BU7DRmXyK3dKV3d%2FTlf5bpTDu4%2FMaeaENpKyaAK2yIJaxArh4JfQ63he1fFeOm8z4aGCzxkACZd6wQKUnJsgXXuKId1MRpjQs2QC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7471ae585baefab4-OSL
content-encoding: br
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/630c16bea60/js/twk-main.js

104.22.25.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/630c16bea60/js/twk-main.js
IP
104.22.25.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/630c16bea60/js/twk-main.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daaz.com
Connection: keep-alive
Referer: https://daaz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:59:22 GMT
content-type: application/javascript
last-modified: Mon, 29 Aug 2022 01:31:16 GMT
etag: W/"da5bb1dc647470204df0e49f5afac2de"
age: 836648
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7471ae5e9b10b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

daaz.com/cdn-cgi/rum?

172.67.73.131

200 OK

0 B

URL HTTP/2
daaz.com/cdn-cgi/rum?
IP
172.67.73.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: daaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 9045
Origin: https://daaz.com
Connection: keep-alive
Referer: https://daaz.com/make/offer/domains/x1mails.com
Cookie: _ga=GA1.2.1838605579.1654109089; twk_uuid_5ac5c33e4b401e45400e5bda=%7B%22uuid%22%3A%221.3dXZ6hpW8cHbviQ9TSKvjR7ExUjS74FmzZCaFmRJZbH2dLciCGx2o8CxAyyylMHmIuEHFMNqgywowtm0OuL9cqTT4GghnDfPQXG611bkyRKDvSQ4wfn4kIZ0uPkYj031ge8C4dbF3D0%22%2C%22version%22%3A3%2C%22domain%22%3A%22daaz.com%22%2C%22ts%22%3A1654529618876%7D; AWSALB=zl31NDw6LxfbejrtavUt2TdwWdov63yj34zEyV4N8+oRg8zK879ZzhQ/c6OtFd9pTrCGV5rWP7DcAGMGj4KfMoWbxkPsV/Oe8a12jWi3RpKMlasnwmVlLbotmNN1; AWSALBCORS=zl31NDw6LxfbejrtavUt2TdwWdov63yj34zEyV4N8+oRg8zK879ZzhQ/c6OtFd9pTrCGV5rWP7DcAGMGj4KfMoWbxkPsV/Oe8a12jWi3RpKMlasnwmVlLbotmNN1; XSRF-TOKEN=eyJpdiI6InZCMy9RdjZlNlI0VG1hWFRrOFBSVXc9PSIsInZhbHVlIjoiVnVKYTBlRFNTU0Q4VU9kdE5zeXV5VVcyTzQ2bkRFNEp0bkJrejNmSXBxb0dBbjdranJtTWVpVGM2ajhEaGZoMHJZc21PUlRxS2tBYUJlSW5VR3A4SmUvRC9oRktLSERKc0ozY1U2S0xNMWM2SWhQUjJhZ2NQZ3RiQmFpa3dZaGMiLCJtYWMiOiIwYjkyNTNkY2IyM2RiMTI5YTFkZDY4NTk4ZDNlYTU2OTljMjgzNjU3MjI1ODk2MTQ4NDNmOTkxMTMzZWVhODFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImdiYXlEMkRBbG1jNWVoUUtzSSsvSHc9PSIsInZhbHVlIjoiaSttZ2JWd0JMY3VzQmg2UFA1Nk9jYmc5MEU5N3kxWG1CWmtwTURkbTdTQWFseU8rczc0MFVmWmxLUXE5NXE5K3ByZEluMktKQks4ck1ja1dvYTh4VnRHb2d5VDdrRzAxcDhaZldMNjZJaWRLY21XMXl5dkVMcHk4RFBlVWZIck0iLCJtYWMiOiI3YzI5ZTI1OTFiM2Y5NTU3MjUyNWZkZGQ0ZWZjN2U4YjA1ODllNTNiODlmMzExZjgxYmMxNmY1Y2QyZDc0MmMwIiwidGFnIjoiIn0%3D; _gid=GA1.2.222166790.1662577155; _gat_gtag_UA_123664494_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:59:22 GMT
content-type: text/plain
access-control-allow-origin: https://daaz.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7471ae5ed96afab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

daaz.com/assets/themes/js/jquery.js

172.67.73.131

200 OK

0 B

URL HTTP/2
daaz.com/assets/themes/js/jquery.js
IP
172.67.73.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/themes/js/jquery.js HTTP/1.1
Host: daaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daaz.com/make/offer/domains/x1mails.com
Cookie: _ga=GA1.2.1838605579.1654109089; twk_uuid_5ac5c33e4b401e45400e5bda=%7B%22uuid%22%3A%221.3dXZ6hpW8cHbviQ9TSKvjR7ExUjS74FmzZCaFmRJZbH2dLciCGx2o8CxAyyylMHmIuEHFMNqgywowtm0OuL9cqTT4GghnDfPQXG611bkyRKDvSQ4wfn4kIZ0uPkYj031ge8C4dbF3D0%22%2C%22version%22%3A3%2C%22domain%22%3A%22daaz.com%22%2C%22ts%22%3A1654529618876%7D; AWSALB=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; AWSALBCORS=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; XSRF-TOKEN=eyJpdiI6InZCMy9RdjZlNlI0VG1hWFRrOFBSVXc9PSIsInZhbHVlIjoiVnVKYTBlRFNTU0Q4VU9kdE5zeXV5VVcyTzQ2bkRFNEp0bkJrejNmSXBxb0dBbjdranJtTWVpVGM2ajhEaGZoMHJZc21PUlRxS2tBYUJlSW5VR3A4SmUvRC9oRktLSERKc0ozY1U2S0xNMWM2SWhQUjJhZ2NQZ3RiQmFpa3dZaGMiLCJtYWMiOiIwYjkyNTNkY2IyM2RiMTI5YTFkZDY4NTk4ZDNlYTU2OTljMjgzNjU3MjI1ODk2MTQ4NDNmOTkxMTMzZWVhODFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImdiYXlEMkRBbG1jNWVoUUtzSSsvSHc9PSIsInZhbHVlIjoiaSttZ2JWd0JMY3VzQmg2UFA1Nk9jYmc5MEU5N3kxWG1CWmtwTURkbTdTQWFseU8rczc0MFVmWmxLUXE5NXE5K3ByZEluMktKQks4ck1ja1dvYTh4VnRHb2d5VDdrRzAxcDhaZldMNjZJaWRLY21XMXl5dkVMcHk4RFBlVWZIck0iLCJtYWMiOiI3YzI5ZTI1OTFiM2Y5NTU3MjUyNWZkZGQ0ZWZjN2U4YjA1ODllNTNiODlmMzExZjgxYmMxNmY1Y2QyZDc0MmMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:59:21 GMT
content-type: application/javascript
last-modified: Fri, 08 Apr 2022 19:25:07 GMT
etag: W/"62508c13-142eb"
expires: Thu, 08 Sep 2022 18:59:21 GMT
cache-control: max-age=86400, public
pragma: public
cf-cache-status: BYPASS
set-cookie: AWSALB=E8+g1oTe9o2z4mT6ftYBogMXiKAnJoQdHzgCtMWwkEN4sv90LqY7aeJuB12fvk8drgsYLxoHrGkNWGWCVRvwGLSjBR/3aahnP+xvMz+olXNwdzArtbcGcF3oO3J2; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/
AWSALBCORS=E8+g1oTe9o2z4mT6ftYBogMXiKAnJoQdHzgCtMWwkEN4sv90LqY7aeJuB12fvk8drgsYLxoHrGkNWGWCVRvwGLSjBR/3aahnP+xvMz+olXNwdzArtbcGcF3oO3J2; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/; SameSite=None; Secure
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1RK3%2FoHzRKOYjDWPlNQteq%2FuwXe4mI8vMQUyO2UfYBWx9v9wrbHkVdZbu0XXC%2BgsVhF9OwVRDe%2FNSjGcOAqlHrNYgj%2BTDiCQnmNfDw6q1W%2BzUq5%2FfN27PjQx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7471ae5b5e38fab4-OSL
content-encoding: br
X-Firefox-Spdy: h2

daaz.com/assets/templates/js/tp.widget.bootstrap.min.js

172.67.73.131

200 OK

0 B

URL HTTP/2
daaz.com/assets/templates/js/tp.widget.bootstrap.min.js
IP
172.67.73.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/templates/js/tp.widget.bootstrap.min.js HTTP/1.1
Host: daaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daaz.com/make/offer/domains/x1mails.com
Cookie: _ga=GA1.2.1838605579.1654109089; twk_uuid_5ac5c33e4b401e45400e5bda=%7B%22uuid%22%3A%221.3dXZ6hpW8cHbviQ9TSKvjR7ExUjS74FmzZCaFmRJZbH2dLciCGx2o8CxAyyylMHmIuEHFMNqgywowtm0OuL9cqTT4GghnDfPQXG611bkyRKDvSQ4wfn4kIZ0uPkYj031ge8C4dbF3D0%22%2C%22version%22%3A3%2C%22domain%22%3A%22daaz.com%22%2C%22ts%22%3A1654529618876%7D; AWSALB=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; AWSALBCORS=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; XSRF-TOKEN=eyJpdiI6InZCMy9RdjZlNlI0VG1hWFRrOFBSVXc9PSIsInZhbHVlIjoiVnVKYTBlRFNTU0Q4VU9kdE5zeXV5VVcyTzQ2bkRFNEp0bkJrejNmSXBxb0dBbjdranJtTWVpVGM2ajhEaGZoMHJZc21PUlRxS2tBYUJlSW5VR3A4SmUvRC9oRktLSERKc0ozY1U2S0xNMWM2SWhQUjJhZ2NQZ3RiQmFpa3dZaGMiLCJtYWMiOiIwYjkyNTNkY2IyM2RiMTI5YTFkZDY4NTk4ZDNlYTU2OTljMjgzNjU3MjI1ODk2MTQ4NDNmOTkxMTMzZWVhODFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImdiYXlEMkRBbG1jNWVoUUtzSSsvSHc9PSIsInZhbHVlIjoiaSttZ2JWd0JMY3VzQmg2UFA1Nk9jYmc5MEU5N3kxWG1CWmtwTURkbTdTQWFseU8rczc0MFVmWmxLUXE5NXE5K3ByZEluMktKQks4ck1ja1dvYTh4VnRHb2d5VDdrRzAxcDhaZldMNjZJaWRLY21XMXl5dkVMcHk4RFBlVWZIck0iLCJtYWMiOiI3YzI5ZTI1OTFiM2Y5NTU3MjUyNWZkZGQ0ZWZjN2U4YjA1ODllNTNiODlmMzExZjgxYmMxNmY1Y2QyZDc0MmMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:59:21 GMT
content-type: application/javascript
last-modified: Fri, 08 Apr 2022 19:25:07 GMT
etag: W/"62508c13-4ae5"
expires: Thu, 08 Sep 2022 18:59:21 GMT
cache-control: max-age=86400, public
pragma: public
cf-cache-status: BYPASS
set-cookie: AWSALB=55KipRyWD/IOGOE7GV9GZvlgYc9N1D5mkouaYd2NXNy/LjfuYjWilflGD8YQ10ob4m+340+s8MZg+qfbffcLReApIPmDiwMiBvj8p1RPoWC56hXKMeP+u+zpDNIW; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/
AWSALBCORS=55KipRyWD/IOGOE7GV9GZvlgYc9N1D5mkouaYd2NXNy/LjfuYjWilflGD8YQ10ob4m+340+s8MZg+qfbffcLReApIPmDiwMiBvj8p1RPoWC56hXKMeP+u+zpDNIW; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/; SameSite=None; Secure
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XDRGkqEcOuXxeJkzvWdUfBrfuB09B5hG1IbzwRq8XgfMnL9Cq9eXVZa%2BKjBlXRU2EnW%2FaORP%2FOPVjwtihYhMUl3OwrqVABFPrwO6kBeQzr9iGzi%2FoL%2FfulIY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7471ae5b3e0ffab4-OSL
content-encoding: br
X-Firefox-Spdy: h2

embed.tawk.to/5ac5c33e4b401e45400e5bda/default

104.22.25.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/5ac5c33e4b401e45400e5bda/default
IP
104.22.25.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /5ac5c33e4b401e45400e5bda/default HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daaz.com
Connection: keep-alive
Referer: https://daaz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:59:21 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-630c16bea60"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 26
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7471ae5c8fa2b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

daaz.com/cdn-cgi/rum?

172.67.73.131

200 OK

0 B

URL HTTP/2
daaz.com/cdn-cgi/rum?
IP
172.67.73.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: daaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 456
Origin: https://daaz.com
Connection: keep-alive
Referer: https://daaz.com/make/offer/domains/x1mails.com
Cookie: _ga=GA1.2.1838605579.1654109089; twk_uuid_5ac5c33e4b401e45400e5bda=%7B%22uuid%22%3A%221.3dXZ6hpW8cHbviQ9TSKvjR7ExUjS74FmzZCaFmRJZbH2dLciCGx2o8CxAyyylMHmIuEHFMNqgywowtm0OuL9cqTT4GghnDfPQXG611bkyRKDvSQ4wfn4kIZ0uPkYj031ge8C4dbF3D0%22%2C%22version%22%3A3%2C%22domain%22%3A%22daaz.com%22%2C%22ts%22%3A1662577156019%7D; AWSALB=p3wJLQq1Alkrh/YmxUSntvTSRX/So6OajWbLnJeN+u6LlYOLP4UKQ3GcfhRNTnVoAVtnvGfxNatnUWH3K19poRp7ExcUrT719jFyXqhG6a3kCEP6pthNVGjmwatS; AWSALBCORS=p3wJLQq1Alkrh/YmxUSntvTSRX/So6OajWbLnJeN+u6LlYOLP4UKQ3GcfhRNTnVoAVtnvGfxNatnUWH3K19poRp7ExcUrT719jFyXqhG6a3kCEP6pthNVGjmwatS; XSRF-TOKEN=eyJpdiI6IjlmQWhZVzMxQ3BDanl0SUdtYS9qWFE9PSIsInZhbHVlIjoiTmkzTktyS3dlQ0tCN1RaWjlmQjJYRWIzV1p5MnZUZ0pmVThYNVV1S3NmcEt0TmEzbjhIQk9WbFpFUXBIazhSZGdYbEtyZDMxQ1ZqcHNNKzAzM3ZQOEsxZU05V3NnbzJHSGZ1aU9DeWNnVmpySTNyN0gweTZwZDNmS1doOXg1Q3MiLCJtYWMiOiI4OWZmOGEzZDIwNzljZTg5N2RlMGQwMmM2ZmM5YWRkNjcwZjRkZjhjNTdiNDRjOGEyNTUyM2JkMWFiZmQ0ODEzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IncwZkVnclhXU0VwS0M5dUxXaWIvRUE9PSIsInZhbHVlIjoiT1ZFNUh3MEdwVTFHNWpCUktSWXJyanBFUGVBTkV1RXExS3J0SjVINmVJODY1dWpMZlVXTy9vZjJjV0tXR1A1Ui84cE9WTWFqYUgycFBOaG50MHJ4NktkYmlFVzJ4NXVVTnhVOS9UUFU1Vkd3WFdXclJqdzJyZUVnNzRpT0htclEiLCJtYWMiOiIxNzcxNTFmZjI3YWJmYThlZTkyMzJlYzRiMGY4ZTRlOTMwY2ZjMmJhYzY4Y2YzMDkyZWI4N2E4YzM1NTM5NjU3IiwidGFnIjoiIn0%3D; _gid=GA1.2.222166790.1662577155; _gat_gtag_UA_123664494_1=1; TawkConnectionTime=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:59:29 GMT
content-type: text/plain
access-control-allow-origin: https://daaz.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7471ae8ba8b2fab4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

daaz.com/assets/templates/css/googlefonts.css

172.67.73.131

200 OK

0 B

URL HTTP/2
daaz.com/assets/templates/css/googlefonts.css
IP
172.67.73.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/templates/css/googlefonts.css HTTP/1.1
Host: daaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daaz.com/make/offer/domains/x1mails.com
Cookie: _ga=GA1.2.1838605579.1654109089; twk_uuid_5ac5c33e4b401e45400e5bda=%7B%22uuid%22%3A%221.3dXZ6hpW8cHbviQ9TSKvjR7ExUjS74FmzZCaFmRJZbH2dLciCGx2o8CxAyyylMHmIuEHFMNqgywowtm0OuL9cqTT4GghnDfPQXG611bkyRKDvSQ4wfn4kIZ0uPkYj031ge8C4dbF3D0%22%2C%22version%22%3A3%2C%22domain%22%3A%22daaz.com%22%2C%22ts%22%3A1654529618876%7D; AWSALB=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; AWSALBCORS=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; XSRF-TOKEN=eyJpdiI6InZCMy9RdjZlNlI0VG1hWFRrOFBSVXc9PSIsInZhbHVlIjoiVnVKYTBlRFNTU0Q4VU9kdE5zeXV5VVcyTzQ2bkRFNEp0bkJrejNmSXBxb0dBbjdranJtTWVpVGM2ajhEaGZoMHJZc21PUlRxS2tBYUJlSW5VR3A4SmUvRC9oRktLSERKc0ozY1U2S0xNMWM2SWhQUjJhZ2NQZ3RiQmFpa3dZaGMiLCJtYWMiOiIwYjkyNTNkY2IyM2RiMTI5YTFkZDY4NTk4ZDNlYTU2OTljMjgzNjU3MjI1ODk2MTQ4NDNmOTkxMTMzZWVhODFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImdiYXlEMkRBbG1jNWVoUUtzSSsvSHc9PSIsInZhbHVlIjoiaSttZ2JWd0JMY3VzQmg2UFA1Nk9jYmc5MEU5N3kxWG1CWmtwTURkbTdTQWFseU8rczc0MFVmWmxLUXE5NXE5K3ByZEluMktKQks4ck1ja1dvYTh4VnRHb2d5VDdrRzAxcDhaZldMNjZJaWRLY21XMXl5dkVMcHk4RFBlVWZIck0iLCJtYWMiOiI3YzI5ZTI1OTFiM2Y5NTU3MjUyNWZkZGQ0ZWZjN2U4YjA1ODllNTNiODlmMzExZjgxYmMxNmY1Y2QyZDc0MmMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:59:21 GMT
content-type: text/css
last-modified: Fri, 08 Apr 2022 19:25:07 GMT
etag: W/"62508c13-2a71"
expires: Thu, 08 Sep 2022 18:59:21 GMT
cache-control: max-age=86400, public
pragma: public
cf-cache-status: BYPASS
set-cookie: AWSALB=mMD8esBlrHnIRJoko/3L3qFVEPX0C9aKYDtsq30yb1bNLjcA9enw7Mpkp1sFOmQnff3WQEspcnTiHiFh9jodrSvWe46/5AZwAHtYP4nyXRdrBiLvJzKwGoZhuVCU; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/
AWSALBCORS=mMD8esBlrHnIRJoko/3L3qFVEPX0C9aKYDtsq30yb1bNLjcA9enw7Mpkp1sFOmQnff3WQEspcnTiHiFh9jodrSvWe46/5AZwAHtYP4nyXRdrBiLvJzKwGoZhuVCU; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/; SameSite=None; Secure
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GEhjqqf%2FANpb2NagaPWP93F1DOrIYseUS52u6to6j3Df%2F09pEmMvSY55JQgrHOyca2r3sHPKhqLoj%2BTkhH5InTcxUrp1Be8Xz8ttzW5B%2BMxP3yFKL98uydsP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7471ae5b3e0cfab4-OSL
content-encoding: br
X-Firefox-Spdy: h2

daaz.com/assets/templates/js/platform.js

172.67.73.131

200 OK

0 B

URL HTTP/2
daaz.com/assets/templates/js/platform.js
IP
172.67.73.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/templates/js/platform.js HTTP/1.1
Host: daaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daaz.com/make/offer/domains/x1mails.com
Cookie: _ga=GA1.2.1838605579.1654109089; twk_uuid_5ac5c33e4b401e45400e5bda=%7B%22uuid%22%3A%221.3dXZ6hpW8cHbviQ9TSKvjR7ExUjS74FmzZCaFmRJZbH2dLciCGx2o8CxAyyylMHmIuEHFMNqgywowtm0OuL9cqTT4GghnDfPQXG611bkyRKDvSQ4wfn4kIZ0uPkYj031ge8C4dbF3D0%22%2C%22version%22%3A3%2C%22domain%22%3A%22daaz.com%22%2C%22ts%22%3A1654529618876%7D; AWSALB=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; AWSALBCORS=23xSSZ3B2m6PrDrqIDczjO7dcHYdsH5ngmE6aOwhpV7IQj9KCMj75W3/JMKp+0wxJg8AJkolDZhNIRDHZ7j8hQw7YhROM4Pmi5+VVlJTNeVafku1CkkAvkQNBLDG; XSRF-TOKEN=eyJpdiI6InZCMy9RdjZlNlI0VG1hWFRrOFBSVXc9PSIsInZhbHVlIjoiVnVKYTBlRFNTU0Q4VU9kdE5zeXV5VVcyTzQ2bkRFNEp0bkJrejNmSXBxb0dBbjdranJtTWVpVGM2ajhEaGZoMHJZc21PUlRxS2tBYUJlSW5VR3A4SmUvRC9oRktLSERKc0ozY1U2S0xNMWM2SWhQUjJhZ2NQZ3RiQmFpa3dZaGMiLCJtYWMiOiIwYjkyNTNkY2IyM2RiMTI5YTFkZDY4NTk4ZDNlYTU2OTljMjgzNjU3MjI1ODk2MTQ4NDNmOTkxMTMzZWVhODFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImdiYXlEMkRBbG1jNWVoUUtzSSsvSHc9PSIsInZhbHVlIjoiaSttZ2JWd0JMY3VzQmg2UFA1Nk9jYmc5MEU5N3kxWG1CWmtwTURkbTdTQWFseU8rczc0MFVmWmxLUXE5NXE5K3ByZEluMktKQks4ck1ja1dvYTh4VnRHb2d5VDdrRzAxcDhaZldMNjZJaWRLY21XMXl5dkVMcHk4RFBlVWZIck0iLCJtYWMiOiI3YzI5ZTI1OTFiM2Y5NTU3MjUyNWZkZGQ0ZWZjN2U4YjA1ODllNTNiODlmMzExZjgxYmMxNmY1Y2QyZDc0MmMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Sep 2022 18:59:21 GMT
content-type: application/javascript
last-modified: Fri, 08 Apr 2022 19:25:07 GMT
etag: W/"62508c13-d2c0"
expires: Thu, 08 Sep 2022 18:59:21 GMT
cache-control: max-age=86400, public
pragma: public
cf-cache-status: BYPASS
set-cookie: AWSALB=MFjmDZ3i7kl8F4AvSZyfV8LrpYWgG9LU7V+Tt6Q54oVwYlEEJnWnpg7y4glD1hqjs6nMgVcwL0CndcmBQFvrYmVeEz2hH+g9J80uHycXhRsDLO/QQrIvyere51Q8; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/
AWSALBCORS=MFjmDZ3i7kl8F4AvSZyfV8LrpYWgG9LU7V+Tt6Q54oVwYlEEJnWnpg7y4glD1hqjs6nMgVcwL0CndcmBQFvrYmVeEz2hH+g9J80uHycXhRsDLO/QQrIvyere51Q8; Expires=Wed, 14 Sep 2022 18:59:21 GMT; Path=/; SameSite=None; Secure
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8FuU71GOsauHnaQbshdEYfk8%2BE%2FFoD0wgq85LeXhdJ31yJc6ABgJJyOBWNolZG%2FRGikwqfjkPa0Pp5%2BMpEWc7B0Dzy2aspntmivk5BibsU9ImqWi857wZDjd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7471ae5b5e3efab4-OSL
content-encoding: br
X-Firefox-Spdy: h2

daaz.com/redirect/x1mails.com

172.67.73.131

302 Found

0 B

URL HTTP/2
daaz.com/redirect/x1mails.com
IP
172.67.73.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /redirect/x1mails.com HTTP/1.1
Host: daaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ga=GA1.2.1838605579.1654109089; twk_uuid_5ac5c33e4b401e45400e5bda=%7B%22uuid%22%3A%221.3dXZ6hpW8cHbviQ9TSKvjR7ExUjS74FmzZCaFmRJZbH2dLciCGx2o8CxAyyylMHmIuEHFMNqgywowtm0OuL9cqTT4GghnDfPQXG611bkyRKDvSQ4wfn4kIZ0uPkYj031ge8C4dbF3D0%22%2C%22version%22%3A3%2C%22domain%22%3A%22daaz.com%22%2C%22ts%22%3A1654529618876%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Wed, 07 Sep 2022 18:59:20 GMT
content-type: text/html; charset=UTF-8
location: http://daaz.com/make/offer/domains/x1mails.com
set-cookie: AWSALB=t0kllxCcWpPvL73DTJ8EX+gzyx8UuSsSn1sjK4XLuSQqH8S/9g6RMe96viKD815V1S83oERfZ2zFSimA5aE8ArM8VoW9HYNN2NB8/rAUMisK5Et+HNVcHChOdmjD; Expires=Wed, 14 Sep 2022 18:59:20 GMT; Path=/
AWSALBCORS=t0kllxCcWpPvL73DTJ8EX+gzyx8UuSsSn1sjK4XLuSQqH8S/9g6RMe96viKD815V1S83oERfZ2zFSimA5aE8ArM8VoW9HYNN2NB8/rAUMisK5Et+HNVcHChOdmjD; Expires=Wed, 14 Sep 2022 18:59:20 GMT; Path=/; SameSite=None; Secure
XSRF-TOKEN=eyJpdiI6Imd6Qkh0NWZQazMvTTJsaDdJZDFjTUE9PSIsInZhbHVlIjoiazZwN2tiZjNNTzVkTUpZZmthVndBV2U5UkZqMXJURUdrcXQvd3NZWUhaM2tMcDJGT3R5dXZ0YklPeFU1ZVVNeEQ5Tk82RENMM2pDSUNyem4zUUVFWGhKbUZvY2E5a2k2TFpLU1NKaWdQRHFNY3NwSVphRVVNYTJhbnBzUGVuYUgiLCJtYWMiOiIxZDM5NDI0ZTczMWM1YzRjMWNlYTI5OGJmNDU0NmYyMTg4NDdmY2Y5OTk4YWZhZjdjODY5NzVhM2QzNjY3NjFlIiwidGFnIjoiIn0%3D; expires=Wed, 07-Sep-2022 20:59:20 GMT; Max-Age=7200; path=/
laravel_session=eyJpdiI6InUyalFGd2UzQ0tZaWJ2N1VUZTBWbmc9PSIsInZhbHVlIjoiYkNBSE9vbkNVZzVhR1g1dThYUE1oUUdUckdlRzdpMldMeGQ4ekxic2xIejFUMDJQWVhyamJyT1I5MXhVcXNjT1V1YmlMVjlkMytLQW1mbGNzRUREWFFhRzk3aEx1aWdHTzBxOGkyQ0xpeW82a0lOQ0tvUnFJLzdobkErS0pkNlIiLCJtYWMiOiJiZWMzYjliMmYwMjAyMzllODkxNGU4Mzg4NGI4Y2U1NmVjNjcwYWExN2QxYmY2NGE2MjRhOWVkNTY2ZTRmMTkwIiwidGFnIjoiIn0%3D; expires=Wed, 07-Sep-2022 20:59:20 GMT; Max-Age=7200; path=/; httponly
x-powered-by: PHP/8.0.16
cache-control: max-age=0, must-revalidate, no-store, nocache, private
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3GD1Y%2B%2BBVlrj9GZdm9R4fdGpTYuqBRrJJHtNhPgxCimglRyfpoHU8%2B3%2Fo20jxDgFN0tWVoWprVVGo6KQdBmrW6VpN4tfhvSDoCNTfx3%2F%2FkcQaPutkG0l4z6F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7471ae55092bfab4-OSL
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (29)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP